pool/salt
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
b17d3e3575
salt/run-salt-master-as-dedicated-salt-user.patch
Pablo Suárez Hernández b17d3e3575 Accepting request 569868 from systemsmanagement:saltstack:testing 
- Fix the usage of custom macros on the spec file.

- Fix RES7: different dependency names for python-PyYAML
  and python-MarkupSafe

- Build both python2 and python3 binaries together.

- Bugfix: errors in external pillar causes crash instead of report
  of them (bsc#1068446)
- Fix 'user.present' when 'gid_from_name' is set but group does
  not exist.
- Added:
 * bugfix-the-logic-according-to-the-exact-described-pu.patch
 * return-error-when-gid_from_name-and-group-does-not-e.patch

- Fix "No service execution module loaded" issue (bsc#1065792)
- Set SHELL environment variable
  Added:
  * fix-bsc-1065792.patch
  * set-shell-environment-variable-64.patch

- Removed unnecessary logging on shutdown (bsc#1050003)
- Renamed patch that adds grain fqdns
  Changed:
  * catching-error-when-pidfile-cannot-be-deleted
  Removed:
  * fix-for-pidfile-removal-logging
  Renamed:
  * add-fqdns-grains -> feat-add-grain-for-all-fqdns

OBS-URL: https://build.opensuse.org/request/show/569868
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=107
2018-01-26 13:46:21 +00:00

48 lines
1.2 KiB
Diff
Raw Blame History

From 3902fe4183d169808b9d248b9b963926035ba954 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkaempf@suse.de>
Date: Wed, 20 Jan 2016 11:01:06 +0100
Subject: [PATCH] Run salt master as dedicated salt user
* Minion runs always as a root
---
conf/master | 3 ++-
pkg/salt-common.logrotate | 2 ++
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/conf/master b/conf/master
index abfc1fa808..bd28f6d406 100644
--- a/conf/master
+++ b/conf/master
@@ -25,7 +25,8 @@
# permissions to allow the specified user to run the master. The exception is
# the job cache, which must be deleted if this user is changed. If the
# modified files cause conflicts, set verify_env to False.
-#user: root
+user: salt
+syndic_user: salt
# The port used by the communication interface. The ret (return) port is the
# interface used for the file server, authentication, job returns, etc.
diff --git a/pkg/salt-common.logrotate b/pkg/salt-common.logrotate
index 3cd002308e..0d99d1b801 100644
--- a/pkg/salt-common.logrotate
+++ b/pkg/salt-common.logrotate
@@ -1,4 +1,5 @@
/var/log/salt/master {
+ su salt salt
weekly
missingok
rotate 7
@@ -15,6 +16,7 @@
}
/var/log/salt/key {
+ su salt salt
weekly
missingok
rotate 7
--
2.15.1
Reference in New Issue View Git Blame Copy Permalink