search

nats-io / natscli

The NATS Command Line Interface
Apache License 2.0
480 stars 95 forks source link

nats: error: user: unknown userid 929600006 #1069

Closed metacoma closed 2 months ago

metacoma commented 4 months ago

Observed behavior

alice@mcmp8:~/src/projects/poc-mindwm-dev$ nats -s nats://root@r00tpass@172.25.255.216:31456 --trace stream ls
nats: error: setup failed: user: unknown userid 929600006
alice@mcmp8:~/src/projects/poc-mindwm-dev$ nats context save nats --server nats://root:r00tpass@172.25.255.216:31456
nats: error: user: unknown userid 929600006
alice@mcmp8:~/src/projects/poc-mindwm-dev$ id
uid=929600006(alice) gid=929600006(alice) groups=929600006(alice),987(nix-users),988(docker)

Expected behavior

Run the same command on the same machine, but under a different user ubuntu with ID 1000.

ubuntu@mcmp8:~/src/projects/poc-mindwm-dev$ nats -s nats://root:r00tpass@172.25.255.216:31456 --trace stream ls
13:37:31 >>> $JS.API.STREAM.LIST
{"offset":0}

13:37:31 <<< $JS.API.STREAM.LIST
{"type":"io.nats.jetstream.api.v1.stream_list_response","total":1,"offset":0,"limit":256,"streams":[{"config":{"name":"KN_USER_UGULAEV__MCMP8_BROKER_KNE_TRIGGER","subjects":["user-ugulaev.mcmp8-broker-kne-trigger._knative","mindwm.ugulaev.mcmp8.\u003e"],"retention":"limits","max_consumers":-1,"max_msgs":-1,"max_bytes":-1,"max_age":0,"max_msgs_per_subject":-1,"max_msg_size":-1,"discard":"old","storage":"file","num_replicas":1,"duplicate_window":120000000000,"compression":"none","allow_direct":false,"mirror_direct":false,"sealed":false,"deny_delete":false,"deny_purge":false,"allow_rollup_hdrs":false,"consumer_limits":{}},"created":"2024-06-09T13:20:14.309754391Z","state":{"messages":0,"bytes":0,"first_seq":0,"first_ts":"0001-01-01T00:00:00Z","last_seq":0,"last_ts":"0001-01-01T00:00:00Z","consumer_count":1},"ts":"2024-06-09T13:37:31.86509004Z"}]}

╭────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│                                                     Streams                                                    │
├───────────────────────────────────────────┬─────────────┬─────────────────────┬──────────┬──────┬──────────────┤
│ Name                                      │ Description │ Created             │ Messages │ Size │ Last Message │
├───────────────────────────────────────────┼─────────────┼─────────────────────┼──────────┼──────┼──────────────┤
│ KN_USER_ALICE__MCMP8_BROKER_KNE_TRIGGER │             │ 2024-06-09 13:20:14 │ 0        │ 0 B  │ never        │
╰───────────────────────────────────────────┴─────────────┴─────────────────────┴──────────┴──────┴──────────────╯

Server and client version

nats-server

[48] 2024/06/09 13:35:05.430532 [INF]   Version:  2.10.14
[48] 2024/06/09 13:35:05.430535 [INF]   Git:      [31af767]

nats client

$ nats --version
0.1.1

Host environment

client environment

arch: amd64
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 24.04 LTS
Release:        24.04
Codename:       noble

server environment: arch: amd64 nats deployed using helm chart version 1.1.11

Steps to reproduce

  1. Install the freeIPA client on the client system.
  2. Configure the freeIPA client with the freeIPA server.
  3. SSH into the client system using credentials stored in the freeIPA server.
  4. Run the NATS CLI. 
    $ nats context save nats --server nats://url

Please note, there is no entry in the /etc/passwd file for user alice (authentication and authorization processes are handled by sssd).

User ubuntu is a standard POSIX user with entries in the /etc/passwd and /etc/shadow files.

metacoma commented 4 months ago

With the latest nats cli (0.1.14), everything works as expected, so it seems like the issue can be closed?

ripienaar commented 2 months ago

Thanks @metacoma