Skip to content

[v16] Add static host users#46498

Merged
atburke merged 1 commit intobranch/v16from
atburke/v16/static-user-backport
Sep 11, 2024
Merged

[v16] Add static host users#46498
atburke merged 1 commit intobranch/v16from
atburke/v16/static-user-backport

Conversation

@atburke
Copy link
Copy Markdown
Contributor

@atburke atburke commented Sep 11, 2024
edited
Loading

Backport #45292, #45573, #46093, and #46365 to branch/v16

Changelog: Added host users that are created out-of-band, independently of an SSH session

@github-actions github-actions Bot added backport size/xl tctl tctl - Teleport admin tool labels Sep 11, 2024
@github-actions github-actions Bot requested a review from greedy52 September 11, 2024 18:58
@public-teleport-github-review-bot
Copy link
Copy Markdown

public-teleport-github-review-bot Bot commented Sep 11, 2024

@atburke - this PR will require admin approval to merge due to its size. Consider breaking it up into a series smaller changes.

@rosstimothy rosstimothy requested a review from zmb3 September 11, 2024 19:00
@rosstimothy
Copy link
Copy Markdown
Contributor

rosstimothy commented Sep 11, 2024
edited
Loading

Let's not forget to include #46246.

Could you also update the changelog to provide a bit more detail about what static host users are? Maybe something along the lines of what is noted in the upcoming releases?

@atburke atburke force-pushed the atburke/v16/static-user-backport branch from d10ff94 to 769cbae Compare September 11, 2024 22:18
@rosstimothy
Copy link
Copy Markdown
Contributor

rosstimothy commented Sep 11, 2024
edited by atburke
Loading

Test Plan

  • Creating user from resource
    • login doesn't exist on host -> create the user
    • login exists on host, not managed by Teleport -> do nothing
    • login exists on host, insecure-drop -> do nothing
    • login exists on host, keep -> do nothing
  • More than one matcher in an SHU matches a node -> log a warning and do nothing
  • Deleting SHU resource doesn't remove the user/home directory/sudo entitlements
  • Automatic Host User Creation
    • keep mode doesn't update/overwrite a static user
    • drop mode doesn't update/overwrite/delete a static user

@rosstimothy rosstimothy requested a review from r0mant September 11, 2024 22:53
r0mant
r0mant approved these changes Sep 11, 2024
View reviewed changes
Copy link
Copy Markdown
Collaborator

@r0mant r0mant left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bot.

@atburke atburke force-pushed the atburke/v16/static-user-backport branch from a4a7bee to 587f078 Compare September 11, 2024 23:06
@atburke atburke enabled auto-merge September 11, 2024 23:06
@atburke atburke added this pull request to the merge queue Sep 11, 2024
Merged via the queue into branch/v16 with commit 84da755 Sep 11, 2024
@atburke atburke deleted the atburke/v16/static-user-backport branch September 11, 2024 23:41
@camscale camscale mentioned this pull request Sep 12, 2024
Merged
@fheinecke fheinecke mentioned this pull request Apr 9, 2025
Merged
@fheinecke fheinecke mentioned this pull request Jan 8, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@r0mant r0mant r0mant approved these changes

@rosstimothy rosstimothy rosstimothy approved these changes

Assignees

No one assigned

Labels

backport size/xl tctl tctl - Teleport admin tool

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@atburke @rosstimothy @r0mant