Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend Host User Creation to support a static set of users #42712

Closed
rosstimothy opened this issue Jun 10, 2024 · 2 comments
Closed

Extend Host User Creation to support a static set of users #42712

rosstimothy opened this issue Jun 10, 2024 · 2 comments
Assignees
@atburke
Labels
feature-request Used for new features in Teleport, improvements to current should be #enhancements server-access

Comments

@rosstimothy
Copy link
Contributor

What would you like Teleport to do?

Support creating out of band users with pre-set UID, GID and sudo entitlements.

What problem does this solve?

Host user creation is lazy and only creates users at time of login. There are some use cases which require that a static set of predefined users always exist.
@rosstimothy rosstimothy added feature-request Used for new features in Teleport, improvements to current should be #enhancements server-access labels Jun 10, 2024
@atburke atburke mentioned this issue Jun 28, 2024
Merged
This was referenced Jul 25, 2024
Merged
Merged
@rosstimothy
Copy link
Contributor Author

rosstimothy commented Jul 31, 2024
edited
Loading

@atburke atburke mentioned this issue Aug 8, 2024
Merged
@atburke atburke mentioned this issue Aug 16, 2024
Merged
@rosstimothy
Copy link
Contributor Author

rosstimothy commented Aug 20, 2024
edited by atburke
Loading

Test Plan

  • Creating user from resource
    • login doesn't exist on host -> create the user
    • login exists on host, not managed by Teleport -> do nothing
    • login exists on host, insecure-drop -> do nothing
    • login exists on host, keep -> do nothing
  • More than one matcher in an SHU matches a node -> log a warning and do nothing
  • Deleting SHU resource doesn't remove the user/home directory/sudo entitlements
  • Automatic Host User Creation
    • keep mode doesn't update/overwrite a static user
    • drop mode doesn't update/overwrite/delete a static user

This was referenced Aug 27, 2024
Closed
Merged
@atburke atburke mentioned this issue Sep 3, 2024
Merged
rosstimothy added a commit that referenced this issue Sep 4, 2024
@rosstimothy
Add audit events for static host users
14b5398 
Emits audit events in response to users modifying or creating
StaticHostUser resources.

Updates #42712
rosstimothy added a commit that referenced this issue Sep 4, 2024
@rosstimothy
Add audit events for static host users
988561e 
Emits audit events in response to users modifying or creating
StaticHostUser resources.

Updates #42712
rosstimothy added a commit that referenced this issue Sep 4, 2024
@rosstimothy
Add audit events for static host users
d44cd7d 
Emits audit events in response to users modifying or creating
StaticHostUser resources.

Updates #42712
rosstimothy added a commit that referenced this issue Sep 4, 2024
@rosstimothy
Add audit events for static host users
e9b205a 
Emits audit events in response to users modifying or creating
StaticHostUser resources.

Updates #42712
@rosstimothy rosstimothy mentioned this issue Sep 4, 2024
Merged
rosstimothy added a commit that referenced this issue Sep 4, 2024
@rosstimothy
Add audit events for static host users
5aedf53 
Emits audit events in response to users modifying or creating
StaticHostUser resources.

Updates #42712
rosstimothy added a commit that referenced this issue Sep 4, 2024
@rosstimothy
Add audit events for static host users
5ac5cb1 
Emits audit events in response to users modifying or creating
StaticHostUser resources.

Updates #42712
rosstimothy added a commit that referenced this issue Sep 4, 2024
@rosstimothy
Add audit events for static host users
20174b6 
Emits audit events in response to users modifying or creating
StaticHostUser resources.

Updates #42712
rosstimothy added a commit that referenced this issue Sep 4, 2024
@rosstimothy
Add audit events for static host users
0fd442f 
Emits audit events in response to users modifying or creating
StaticHostUser resources.

Updates #42712
rosstimothy added a commit that referenced this issue Sep 6, 2024
@rosstimothy
Add audit events for static host users
05fdb2f 
Emits audit events in response to users modifying or creating
StaticHostUser resources.

Updates #42712
github-merge-queue bot pushed a commit that referenced this issue Sep 6, 2024
@rosstimothy
Add audit events for static host users (#46246)
b2f517f 
Emits audit events in response to users modifying or creating
StaticHostUser resources.

Updates #42712
github-merge-queue bot pushed a commit that referenced this issue Sep 6, 2024
@rosstimothy
Add audit events for static host users (#46246)
bc0e41b 
Emits audit events in response to users modifying or creating
StaticHostUser resources.

Updates #42712
@atburke atburke mentioned this issue Sep 7, 2024
Merged
atburke pushed a commit that referenced this issue Sep 11, 2024
@rosstimothy @atburke
Add audit events for static host users (#46246)
de9cab0 
Emits audit events in response to users modifying or creating
StaticHostUser resources.

Updates #42712
atburke pushed a commit that referenced this issue Sep 11, 2024
@rosstimothy @atburke
Add audit events for static host users (#46246)
727ce15 
Emits audit events in response to users modifying or creating
StaticHostUser resources.

Updates #42712
This was referenced Sep 16, 2024
Merged
Merged
This was referenced Oct 1, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@atburke atburke

Labels
feature-request Used for new features in Teleport, improvements to current should be #enhancements server-access
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@atburke @rosstimothy