-
-
Notifications
You must be signed in to change notification settings - Fork 7.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
the zulip user should be created as a system user #6911
Comments
@kneufeld thanks for the report! I certainly agree However, it's actually somewhat common to directly ssh in as the Can you explain a bit more about the details of how this wreaks havok with FreeIPA? I'm not super familiar with FreeIPA and that context would be helpful for anyone working on this issue. |
It's entirely possible something else happened and I'm mis-remembering events, but when the I was able to install zulip by manually creating the zulip user with uid/guid of 800 and then running the puppet scripts. After that finished then I joined the machine to the domain. You can still ssh into machine as a system user, just look at |
It sounds like the user ID reuse bug is the main problem here. That feels likely to be a bug in either FreeIPA or puppet; in theory, Puppet's adduser shouldn't clobber a user ID that already exists on the system when you don't explicitly declare the user ID you want. And we intentionally don't set a user ID in our configuration so If that were correct, you should be able to install happily on a system using FreeIPA by tagging the "zulip" user as a system user, without any of the other changes. Would you be up for testing that hypothesis? Probably the fastest method is to just close zulip.git, make the change, and run |
Hello @zulip/server-production members, this issue was labeled with the area: production label, so you may want to check it out! |
Hello @zulip/server-production members, this issue was labeled with the "area: production installer" label, so you may want to check it out! |
Daemon accounts should not be created as human user accounts. Also, the
zulip
user should not have it's home in/home
. This wrecks havoc when you have managed users like in a FreeIPA system. I just picked uid/guid of800
to get on with my life.All scripts use hard coded paths to
/home/zulip
but should probably use a variable.Fix all scripts with
The text was updated successfully, but these errors were encountered: