mirror of
https://github.com/gravitational/teleport
synced 2024-10-22 18:23:25 +00:00
83d0f7e7bb
This commit fixes #3252 Security patches 4.2 introduced a regression - leaf clusters ignore role mapping and attempt to use role names coming from identity of the root cluster whenever GetNodes method was used. This commit reverts back the logic, however it ensures that the original fix is preserved - traits and groups are updated on the user object. Integration test has been extended to avoid the regression in the future.
26 lines
434 B
YAML
26 lines
434 B
YAML
# Dumb SSH node for cluster "two"
|
|
teleport:
|
|
nodename: node-on-second-cluster
|
|
auth_servers: ["two-auth"]
|
|
auth_token: foo
|
|
advertise_ip: 172.10.1.4
|
|
log:
|
|
output: stdout
|
|
severity: DEBUG
|
|
data_dir: /var/lib/teleport
|
|
storage:
|
|
path: /var/lib/teleport/backend
|
|
type: dir
|
|
|
|
ssh_service:
|
|
enabled: yes
|
|
labels:
|
|
cluster: two
|
|
role: dumb_node
|
|
|
|
proxy_service:
|
|
enabled: no
|
|
|
|
auth_service:
|
|
enabled: no
|