Dominique Leuenberger
e6e8c978db
- Remove deprecated warning that breaks minion execution when "server_id_use_crc" opts is missing - Added: * remove-deprecated-warning-that-breaks-miniion-execut.patch - Revert wrong zypper patch to support vendorchanges flags on pkg.install - Added: * revert-add-patch-support-for-allow-vendor-change-opt.patch - Force zyppnotify to prefer Packages.db than Packages if it exists - Allow vendor change option with zypper - Add pkg.services_need_restart - Fix for file.check_perms to work with numeric uid/gid - Added: * force-zyppnotify-to-prefer-packages.db-than-packages.patch * fix-salt.utils.stringutils.to_str-calls-to-make-it-w.patch * add-patch-support-for-allow-vendor-change-option-wit.patch * add-pkg.services_need_restart-302.patch - virt: more network support Add more network and PCI/USB host devices passthrough support to virt module and states - Added: * open-suse-3002.2-virt-network-311.patch - Bigvm backports virt consoles, CPU tuning and topology, and memory tuning. - Added: * open-suse-3002.2-bigvm-310.patch - Fix pkg states when DEB package has "all" arch OBS-URL: https://build.opensuse.org/request/show/862930 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/salt?expand=0&rev=113
Salt-master as non-root user ============================ With this version of salt the salt-master will run as salt user. Why an extra user ================= While the current setup runs the master as root user, this is considered a security issue and not in line with the other configuration management tools (eg. puppet) which runs as a dedicated user. How can I undo the change ========================= If you would like to make the change before you can do the following steps manually: 1. change the user parameter in the master configuration user: root 2. update the file permissions: as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt 3. restart the salt-master daemon: as root: rcsalt-master restart or systemctl restart salt-master NOTE ==== Running the salt-master daemon as a root user is considers by some a security risk, but running as root, enables the pam external auth system, as this system needs root access to check authentication. For more information: http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html