pool/salt
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
182 Commits 2 Branches 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Victor Zhestkov 4093dfc994 Accepting request 1105250 from home:PSuarezHernandez:branches:systemsmanagement:saltstack 
- Make sure configured user is properly set by Salt (bsc#1210994)
- Do not fail on bad message pack message (bsc#1213441, CVE-2023-20897)
- Fix broken tests to make them running in the testsuite
- Prevent possible exceptions on salt.utils.user.get_group_dict (bsc#1212794)
- Added:
  * do-not-fail-on-bad-message-pack-message-bsc-1213441-.patch
  * fix-tests-to-make-them-running-with-salt-testsuite.patch
  * prevent-possible-exceptions-on-salt.utils.user.get_g.patch
  * make-sure-configured-user-is-properly-set-by-salt-bs.patch

OBS-URL: https://build.opensuse.org/request/show/1105250
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=213
2023-08-22 12:20:45 +00:00
_lastrevision
Accepting request 1105250 from home:PSuarezHernandez:branches:systemsmanagement:saltstack
2023-08-22 12:20:45 +00:00
_service
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
.gitattributes
Accepting request 541865 from systemsmanagement:saltstack:products:unstable.py3
2017-11-16 09:11:11 +00:00
.gitignore
Accepting request 175205 from devel:languages:python
2013-05-16 09:38:22 +00:00
3005.1-implement-zypper-removeptf-573.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
3006.0-prevent-_pygit2.giterror-error-loading-known_.patch
Accepting request 1103185 from home:agraul:branches:systemsmanagement:saltstack
2023-08-10 11:32:54 +00:00
activate-all-beacons-sources-config-pillar-grains.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
add-custom-suse-capabilities-as-grains.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
add-environment-variable-to-know-if-yum-is-invoked-f.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
add-migrated-state-and-gpg-key-management-functions-.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
add-publish_batch-to-clearfuncs-exposed-methods.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
add-salt-ssh-support-with-venv-salt-minion-3004-493.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
add-sleep-on-exception-handling-on-minion-connection.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
add-standalone-configuration-file-for-enabling-packa.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
add-support-for-gpgautoimport-539.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
allow-vendor-change-option-with-zypper.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
async-batch-implementation.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
avoid-conflicts-with-dependencies-versions-bsc-12116.patch
Accepting request 1103185 from home:agraul:branches:systemsmanagement:saltstack
2023-08-10 11:32:54 +00:00
avoid-excessive-syslogging-by-watchdog-cronjob-58.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
bsc-1176024-fix-file-directory-user-and-group-owners.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
change-the-delimeters-to-prevent-possible-tracebacks.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
control-the-collection-of-lvm-grains-via-config.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
debian-info_installed-compatibility-50453.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
define-__virtualname__-for-transactional_update-modu.patch
Accepting request 1103185 from home:agraul:branches:systemsmanagement:saltstack
2023-08-10 11:32:54 +00:00
dnfnotify-pkgset-plugin-implementation-3002.2-450.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
do-not-fail-on-bad-message-pack-message-bsc-1213441-.patch
Accepting request 1105250 from home:PSuarezHernandez:branches:systemsmanagement:saltstack
2023-08-22 12:20:45 +00:00
do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
don-t-use-shell-sbin-nologin-in-requisites.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
drop-serial-from-event.unpack-in-cli.batch_async.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
early-feature-support-config.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
enable-passing-a-unix_socket-for-mysql-returners-bsc.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
enhance-openscap-module-add-xccdf_eval-call-386.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
fix-bsc-1065792.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
fix-for-suse-expanded-support-detection.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
fix-issue-2068-test.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
fix-missing-minion-returns-in-batch-mode-360.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
fix-ownership-of-salt-thin-directory-when-using-the-.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
fix-regression-multiple-values-for-keyword-argument-.patch
Accepting request 1103185 from home:agraul:branches:systemsmanagement:saltstack
2023-08-10 11:32:54 +00:00
fix-regression-with-depending-client.ssh-on-psutil-b.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
fix-salt-ssh-opts-poisoning-bsc-1197637-3004-501.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
fix-salt.utils.stringutils.to_str-calls-to-make-it-w.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
fix-some-issues-detected-in-salt-support-cli-module-.patch
Accepting request 1103185 from home:agraul:branches:systemsmanagement:saltstack
2023-08-10 11:32:54 +00:00
fix-tests-to-make-them-running-with-salt-testsuite.patch
Accepting request 1105250 from home:PSuarezHernandez:branches:systemsmanagement:saltstack
2023-08-22 12:20:45 +00:00
fix-the-regression-for-yumnotify-plugin-456.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
fix-the-regression-of-user.present-state-when-group-.patch
Accepting request 1103185 from home:agraul:branches:systemsmanagement:saltstack
2023-08-10 11:32:54 +00:00
fix-traceback.print_exc-calls-for-test_pip_state-432.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
fix-utf8-handling-in-pass-renderer-and-make-it-more-.patch
Accepting request 1103185 from home:agraul:branches:systemsmanagement:saltstack
2023-08-10 11:32:54 +00:00
fix-version-detection-and-avoid-building-and-testing.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
fixes-for-python-3.10-502.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
html.tar.bz2
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
include-aliases-in-the-fqdns-grains.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
info_installed-works-without-status-attr-now.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
let-salt-ssh-use-platform-python-binary-in-rhel8-191.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
make-aptpkg.list_repos-compatible-on-enabled-disable.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
make-master_tops-compatible-with-salt-3000-and-older.patch
Accepting request 1103185 from home:agraul:branches:systemsmanagement:saltstack
2023-08-10 11:32:54 +00:00
make-setup.py-script-to-not-require-setuptools-9.1.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
make-sure-configured-user-is-properly-set-by-salt-bs.patch
Accepting request 1105250 from home:PSuarezHernandez:branches:systemsmanagement:saltstack
2023-08-22 12:20:45 +00:00
make-sure-the-file-client-is-destroyed-upon-used.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
mark-salt-3006-as-released-586.patch
Accepting request 1103185 from home:agraul:branches:systemsmanagement:saltstack
2023-08-10 11:32:54 +00:00
pass-the-context-to-pillar-ext-modules.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
prevent-affection-of-ssh.opts-with-lazyloader-bsc-11.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
prevent-pkg-plugins-errors-on-missing-cookie-path-bs.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
prevent-possible-exceptions-on-salt.utils.user.get_g.patch
Accepting request 1105250 from home:PSuarezHernandez:branches:systemsmanagement:saltstack
2023-08-22 12:20:45 +00:00
prevent-shell-injection-via-pre_flight_script_args-4.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
read-repo-info-without-using-interpolation-bsc-11356.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
README.SUSE
Accepting request 541865 from systemsmanagement:saltstack:products:unstable.py3
2017-11-16 09:11:11 +00:00
restore-default-behaviour-of-pkg-list-return.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
return-the-expected-powerpc-os-arch-bsc-1117995.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
revert-fixing-a-use-case-when-multiple-inotify-beaco.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
run-salt-api-as-user-salt-bsc-1064520.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
run-salt-master-as-dedicated-salt-user.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
salt-tmpfiles.d
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:418
2021-09-16 07:59:31 +00:00
salt.changes
Accepting request 1105250 from home:PSuarezHernandez:branches:systemsmanagement:saltstack
2023-08-22 12:20:45 +00:00
salt.spec
Accepting request 1105250 from home:PSuarezHernandez:branches:systemsmanagement:saltstack
2023-08-22 12:20:45 +00:00
save-log-to-logfile-with-docker.build.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
skip-package-names-without-colon-bsc-1208691-578.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
switch-firewalld-state-to-use-change_interface.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
temporary-fix-extend-the-whitelist-of-allowed-comman.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
tornado-fix-an-open-redirect-in-staticfilehandler-cv.patch
Accepting request 1103185 from home:agraul:branches:systemsmanagement:saltstack
2023-08-10 11:32:54 +00:00
transactional_update.conf
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:418
2021-09-16 07:59:31 +00:00
travis.yml
Accepting request 541865 from systemsmanagement:saltstack:products:unstable.py3
2017-11-16 09:11:11 +00:00
update-documentation.sh
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:374
2021-01-08 12:41:50 +00:00
update-target-fix-for-salt-ssh-to-process-targets-li.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
use-adler32-algorithm-to-compute-string-checksums.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
use-rlock-to-avoid-deadlocks-in-salt-ssh.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
use-salt-bundle-in-dockermod.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
v3006.0.tar.gz
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
x509-fixes-111.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00
zypper-pkgrepo-alreadyconfigured-585.patch
Accepting request 1103185 from home:agraul:branches:systemsmanagement:saltstack
2023-08-10 11:32:54 +00:00
zypperpkg-ignore-retcode-104-for-search-bsc-1176697-.patch
Accepting request 1084999 from home:agraul:branches:systemsmanagement:saltstack
2023-05-05 09:15:58 +00:00

README.SUSE 

Salt-master as non-root user
============================

With this version of salt the salt-master will run as salt user.

Why an extra user
=================

While the current setup runs the master as root user, this is considered a security issue
and not in line with the other configuration management tools (eg. puppet) which runs as a
dedicated user. 

How can I undo the change
=========================

If you would like to make the change before you can do the following steps manually:
1. change the user parameter in the master configuration
   user: root
2. update the file permissions:
   as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt
3. restart the salt-master daemon:
   as root: rcsalt-master restart or systemctl restart salt-master

NOTE
====

Running the salt-master daemon as a root user is considers by some a security risk, but
running as root, enables the pam external auth system, as this system needs root access to check authentication.

For more information:
http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html
Description
No description provided
Readme 40 MiB
Languages
Shell 91.3%
Makefile 8.7%