Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSH fails with unknown group teleport-system for existing users #13662

Closed
jakule opened this issue Jun 20, 2022 · 1 comment
Closed

SSH fails with unknown group teleport-system for existing users #13662

jakule opened this issue Jun 20, 2022 · 1 comment
Assignees
@lxea
Labels
bug test-plan A list of tasks required to ship a successful product release. test-plan-problem Issues which have been surfaced by running the manual release test plan

Comments

@jakule
Copy link
Contributor

jakule commented Jun 20, 2022

Teleport fails to login ssh for existing users when create_host_user is set to true

Example:

ubuntu@teleport1:~$ tsh ssh ubuntu@localhost
group: unknown group teleport-system
ERROR: ssh: could not start shell

Group added to the user:

kind: role
version: v5
metadata:
  name: auto-users
spec:
  options:
    # Allow automatic creation of users.
    create_host_user: true
  allow:
    logins: [ "ubuntu1", "ubuntu" ]
    host_groups: ["ubuntu-teleport-group"]
    host_sudoers: [
      "{{internal.logins}} ALL = (root) NOPASSWD: ALL"
    ]
    node_labels:
      '*': '*'

Login success when a group is created (it can be created by Teleport when login into an auto-created account) example:

ubuntu@teleport1:~$ tsh ssh ubuntu@localhost
group: unknown group teleport-system
ERROR: ssh: could not start shell

ubuntu@teleport1:~$ tsh ssh ubuntu1@localhost
$
the connection was closed on the remote side on  20 Jun 22 07:11 EDT
ubuntu@teleport1:~$ tsh ssh ubuntu@localhost
ubuntu@teleport1:~$ whoami
ubuntu
ubuntu@teleport1:~$ groups # group is not added which is correct
ubuntu adm dialout cdrom floppy sudo audio dip video plugdev netdev lxd

Expected behavior:

Teleport should not fail to log in for existing accounts when teleport-system doesn't exist.

Bug details:

  • Teleport version: v10-alpha
  • Debug logs
2022-06-20T07:10:56-04:00 ERRO             Error during temporary user cleanup: group: unknown group teleport-system srv/usermgmt.go:341
@jakule jakule added bug test-plan-problem Issues which have been surfaced by running the manual release test plan test-plan A list of tasks required to ship a successful product release. labels Jun 20, 2022
@jakule jakule changed the title unknown group teleport-system for existing users SSH fails with unknown group teleport-system for existing users Jun 20, 2022
@jakule jakule mentioned this issue Jun 20, 2022
Closed
This was referenced Jun 20, 2022
Merged
Merged
@lxea
Copy link
Contributor

lxea commented Sep 1, 2022

closed by #13743 and #13666

@lxea lxea closed this as completed Sep 1, 2022
@rosstimothy rosstimothy mentioned this issue Aug 13, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lxea lxea

Labels
bug test-plan A list of tasks required to ship a successful product release. test-plan-problem Issues which have been surfaced by running the manual release test plan
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lxea @jakule