You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A user locked that isn't in access lists wouldn't include errors or much information.
Current behavior:
If a user is locked the log can spam on access lists checking. This repeats for multiple lines. In this case the instance only has two access lists and didn't have this user.
This repeats at least 4 times:
Nov 15 14:44:34 teleporthost teleport[286293]: 2024-11-15T14:44:34Z WARN [AUTH] checking access list membership error:[
Nov 15 14:44:34 teleporthost teleport[286293]: ERROR REPORT:
Nov 15 14:44:34 teleporthost teleport[286293]: Original Error: *trace.AccessDeniedError User 'dev-derek' is currently locked
Nov 15 14:44:34 teleporthost teleport[286293]: Stack Trace:
Nov 15 14:44:34 teleporthost teleport[286293]: github.com/gravitational/teleport/lib/accesslists/hierarchy.go:530 github.com/gravitational/teleport/lib/accesslists.IsAccessListMember
Nov 15 14:44:34 teleporthost teleport[286293]: github.com/gravitational/teleport/lib/auth/userloginstate/generator.go:185 github.com/gravitational/teleport/lib/auth/userloginstate.(*Generator).addAccessListsToState
Nov 15 14:44:34 teleporthost teleport[286293]: github.com/gravitational/teleport/lib/auth/userloginstate/generator.go:152 github.com/gravitational/teleport/lib/auth/userloginstate.(*Generator).Generate
Nov 15 14:44:34 teleporthost teleport[286293]: github.com/gravitational/teleport/lib/auth/userloginstate/generator.go:314 github.com/gravitational/teleport/lib/auth/userloginstate.(*Generator).Refresh
Nov 15 14:44:34 teleporthost teleport[286293]: github.com/gravitational/teleport/lib/auth/userloginstate/generator.go:326 github.com/gravitational/teleport/lib/auth.NewServer.(*Generator).LoginHook.func7
Nov 15 14:44:34 teleporthost teleport[286293]: github.com/gravitational/teleport/lib/auth/auth.go:1150 github.com/gravitational/teleport/lib/auth.(*Server).CallLoginHooks
Nov 15 14:44:34 teleporthost teleport[286293]: github.com/gravitational/teleport/e/lib/auth/usermonitor.go:310 github.com/gravitational/teleport/e/lib/auth.(*UserMonitor).processUserChange
Nov 15 14:44:34 teleporthost teleport[286293]: github.com/gravitational/teleport/e/lib/auth/usermonitor.go:195 github.com/gravitational/teleport/e/lib/auth.(*UserMonitor).reconcile
Nov 15 14:44:34 teleporthost teleport[286293]: github.com/gravitational/teleport/e/lib/auth/usermonitor.go:125 github.com/gravitational/teleport/e/lib/auth.(*UserMonitor).reconciler
Bug details:
Teleport version: 17.0.0 beta 2
Recreation steps
Register a couple access lists
Register a user
Lock the user
REstart and monitor the Teleport auth service log.
The text was updated successfully, but these errors were encountered:
Expected behavior:
A user locked that isn't in access lists wouldn't include errors or much information.
Current behavior:
If a user is locked the log can spam on access lists checking. This repeats for multiple lines. In this case the instance only has two access lists and didn't have this user.
This repeats at least 4 times:
Bug details:
The text was updated successfully, but these errors were encountered: