pool/salt - salt - openSUSE Gitea

pool/salt

SHA256

Go to file

Pablo Suárez Hernández b17d3e3575 Accepting request 569868 from systemsmanagement:saltstack:testing - Fix the usage of custom macros on the spec file. - Fix RES7: different dependency names for python-PyYAML and python-MarkupSafe - Build both python2 and python3 binaries together. - Bugfix: errors in external pillar causes crash instead of report of them (bsc#1068446) - Fix 'user.present' when 'gid_from_name' is set but group does not exist. - Added: * bugfix-the-logic-according-to-the-exact-described-pu.patch * return-error-when-gid_from_name-and-group-does-not-e.patch - Fix "No service execution module loaded" issue (bsc#1065792) - Set SHELL environment variable Added: * fix-bsc-1065792.patch * set-shell-environment-variable-64.patch - Removed unnecessary logging on shutdown (bsc#1050003) - Renamed patch that adds grain fqdns Changed: * catching-error-when-pidfile-cannot-be-deleted Removed: * fix-for-pidfile-removal-logging Renamed: * add-fqdns-grains -> feat-add-grain-for-all-fqdns OBS-URL: https://build.opensuse.org/request/show/569868 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=107		2018-01-26 13:46:21 +00:00
.gitattributes	Accepting request 541865 from systemsmanagement:saltstack:products:unstable.py3	2017-11-16 09:11:11 +00:00
.gitignore	Accepting request 175205 from devel:languages:python	2013-05-16 09:38:22 +00:00
activate-all-beacons-sources-config-pillar-grains.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
avoid-excessive-syslogging-by-watchdog-cronjob-58.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
bugfix-always-return-a-string-list-on-unknown-job-ta.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
bugfix-the-logic-according-to-the-exact-described-pu.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
catching-error-when-pidfile-cannot-be-deleted.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
cherrypy-read-reads-bytes-from-the-wire-and-write-th.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
enable-with-salt-version-parameter-for-setup.py-scri.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
fake-fix.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
feat-add-grain-for-all-fqdns.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
fix-bsc-1065792.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
fix-for-delete_deployment-in-kubernetes-module.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
fix-for-wrong-version-processing.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
fix-salt-master-for-old-psutil.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
html.tar.bz2	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
introduce-process_count_max-minion-configuration-par.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
list_pkgs-add-parameter-for-returned-attribute-selec.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
multiprocessing-minion-option-documentation-fixes.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
older-logrotate-need-su-directive.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
python3-compatibility-fix-got-bytes-instead-of-strin.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
README.SUSE	Accepting request 541865 from systemsmanagement:saltstack:products:unstable.py3	2017-11-16 09:11:11 +00:00
return-error-when-gid_from_name-and-group-does-not-e.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
run-salt-api-as-user-salt-bsc-1064520.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
run-salt-master-as-dedicated-salt-user.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
salt-tmpfiles.d	Accepting request 541865 from systemsmanagement:saltstack:products:unstable.py3	2017-11-16 09:11:11 +00:00
salt.changes	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
salt.spec	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
set-shell-environment-variable-64.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
split-only-strings-if-they-are-such.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
travis.yml	Accepting request 541865 from systemsmanagement:saltstack:products:unstable.py3	2017-11-16 09:11:11 +00:00
update-documentation.sh	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
use-home-to-get-the-user-home-directory-instead-usin.patch	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
v2017.7.2.tar.gz	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00

README.SUSE

Salt-master as non-root user
============================

With this version of salt the salt-master will run as salt user.

Why an extra user
=================

While the current setup runs the master as root user, this is considered a security issue
and not in line with the other configuration management tools (eg. puppet) which runs as a
dedicated user. 

How can I undo the change
=========================

If you would like to make the change before you can do the following steps manually:
1. change the user parameter in the master configuration
   user: root
2. update the file permissions:
   as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt
3. restart the salt-master daemon:
   as root: rcsalt-master restart or systemctl restart salt-master

NOTE
====

Running the salt-master daemon as a root user is considers by some a security risk, but
running as root, enables the pam external auth system, as this system needs root access to check authentication.

For more information:
http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html