[pmg-devel] [PATCH pmg-api] oidc: realm: only autocreate users on primary cluster-node
Mira Limbeck
m.limbeck at proxmox.com
Thu Feb 27 12:06:15 CET 2025
On 2/27/25 12:04, Stoiko Ivanov wrote:
> PMG::RESTEnvironment->check_node_is_master() dies if called on a
> secondary node.
> It is called in an eval that results in a sensible error-message being
> presented to the user.
>
> Reported-by: Lukas Wagner <l.wagner at proxmox.com>
> Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
> ---
> src/PMG/API2/OIDC.pm | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/src/PMG/API2/OIDC.pm b/src/PMG/API2/OIDC.pm
> index 2d016f6..c256014 100644
> --- a/src/PMG/API2/OIDC.pm
> +++ b/src/PMG/API2/OIDC.pm
> @@ -192,6 +192,7 @@ __PACKAGE__->register_method ({
> # first, check if $username respects our naming conventions
> PMG::Utils::verify_username($username);
> if ($config->{'autocreate'} && !$rpcenv->check_user_exist($username, 1)) {
> + $rpcenv->check_node_is_master();
> my $code = sub {
> my $usercfg = PMG::UserConfig->new();
>
Gave the patch a quick try. Secondary node login no longer works.
Login on primary gives the error that no such user exists on the
secondary node until it has synced.
Tested-by: Mira Limbeck <m.limbeck at proxmox.com>
More information about the pmg-devel
mailing list