starred/the-bastion
1
0
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2026-05-10 00:09:09 +02:00
Code Issues 46 Projects Packages Wiki Activity

[GH-ISSUE #575] Bastion users dont align with UID_MAX and GID_MAX #148

New issue
Closed
opened 2026-05-07 00:19:25 +02:00 by BreizhHardware · 1 comment
BreizhHardware commented 2026-05-07 00:19:25 +02:00
Owner
Copy link

Originally created by @jon4hz on GitHub (Aug 27, 2025).
Original GitHub issue: https://github.com/ovh/the-bastion/issues/575

Hi there,

When installing the bastion (v3.21.00) I noticed that the install script tries to create a few users, which don't align with the default UID_MAX and GID_MAX.

Both those options are set to 60000 by default, but the bastion creates a healthcheck user with the UID 99999.

As a result, some commands like chown don't work because they require a valid UID/GID.

chown: changing ownership of '/home/healthcheck/.ssh/id_healthcheck': Invalid argument
chown: changing ownership of '/home/healthcheck/.ssh/id_healthcheck.pub': Invalid argument

The same goes for the lastoshuser. That one gets the uid 10000 but SYS_UID_MAX usually is 999.

I'd expect that the bastion either adjust /etc/login.defs or at least a hint about this in the documentation.

Originally created by @jon4hz on GitHub (Aug 27, 2025). Original GitHub issue: https://github.com/ovh/the-bastion/issues/575 Hi there, When installing the bastion (v3.21.00) I noticed that the install script tries to create a few users, which don't align with the default UID_MAX and GID_MAX. Both those options are set to `60000` by default, but the bastion creates a `healthcheck` user with the UID `99999`. As a result, some commands like `chown` don't work because they require a valid UID/GID. ``` chown: changing ownership of '/home/healthcheck/.ssh/id_healthcheck': Invalid argument chown: changing ownership of '/home/healthcheck/.ssh/id_healthcheck.pub': Invalid argument ``` The same goes for the `lastoshuser`. That one gets the uid `10000` but `SYS_UID_MAX` usually is `999`. I'd expect that the bastion either adjust `/etc/login.defs` or at least a hint about this in the documentation.
BreizhHardware commented 2026-05-07 00:19:26 +02:00
Author
Owner
Copy link

@jon4hz commented on GitHub (Aug 27, 2025):

okay nevermind, the actual issue is that I'm testing the installation in a podman container. So podman is the culprit...

<!-- gh-comment-id:3227507620 --> @jon4hz commented on GitHub (Aug 27, 2025): okay nevermind, the actual issue is that I'm testing the installation in a podman container. So podman is the culprit...
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
expifix
groupcreate_fix_uid
fix_group_gid_fast
gh-pages
clush
expiration
jsonvalidator
v3.23.01
v3.23.00
v3.22.00
v3.21.00
v3.20.00
v3.19.01
v3.19.00
v3.18.99-rc1
v3.18.00
v3.17.01
v3.17.00
v3.16.99-rc3
v3.16.99-rc2
v3.16.99-rc1
v3.16.01
v3.16.00
v3.15.00
v3.14.16
v3.14.15
v3.14.00
v3.13.01
v3.13.00
v3.12.00
v3.11.02
v3.11.01
v3.11.00
v3.10.00
v3.09.02
v3.09.00-really
v3.09.00
v3.09.00-rc3
v3.09.00-rc2
v3.09.00-rc1
v3.08.01
v3.08.00
v3.07.00
v3.06.00
v3.05.01
v3.05.00
v3.04.00
v3.03.99-rc2
v3.03.99-rc1
v3.03.01
v3.03.00
v3.02.00
v3.01.99-rc4
v3.01.99-rc3
v3.01.99-rc2
v3.01.99-rc1
v3.01.03
v3.01.02
v3.01.01
v3.01.00
v3.00.02
v3.00.01
v3.00.00
Labels
Clear labels   
answered

   
bug

   
documentation

   
enhancement

   
enhancement

   
feature

   
feature

   
kept-open-for-info

   
pull-request
Mirrored from GitHub Pull Request

  
question
No labels
answered
bug
documentation
enhancement
enhancement
feature
feature
kept-open-for-info
pull-request
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/the-bastion#148
No description provided.