f635624f70
- No more AWS EC2 rate limitations in salt-cloud (bsc#1088888)
- MySQL returner now also allows to use Unix sockets (bsc#1091371)
- Added:
* fix-for-ec2-rate-limit-failures.patch
* enable-passing-a-unix_socket-for-mysql-returners-bsc.patch
- Do not override jid on returners, only sending back to master (bsc#1092373)
- Fixes for salt-ssh:
- Option --extra-filerefs doesn't add all files to the state
archive
- Pillar completely overwritten (not merged) when doing
module.run + state.apply with pillar in kwargs
- Remove minion/thin/version if exists to force thin regeneration (bsc#1092161)
- Added:
* extra-filerefs-include-files-even-if-no-refs-in-stat.patch
* do-not-override-jid-on-returners-only-sending-back-t.patch
* option-to-merge-current-pillar-with-opts-pillar-duri.patch
OBS-URL: https://build.opensuse.org/request/show/609093
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=123
|
||
|---|---|---|
| _lastrevision | ||
| _service | ||
| .gitattributes | ||
| .gitignore | ||
| activate-all-beacons-sources-config-pillar-grains.patch | ||
| add-saltssh-multi-version-support-across-python-inte.patch | ||
| avoid-excessive-syslogging-by-watchdog-cronjob-58.patch | ||
| do-not-override-jid-on-returners-only-sending-back-t.patch | ||
| enable-passing-a-unix_socket-for-mysql-returners-bsc.patch | ||
| explore-module.run-response-to-catch-the-result-in-d.patch | ||
| extra-filerefs-include-files-even-if-no-refs-in-stat.patch | ||
| fall-back-to-pymysql.patch | ||
| feat-add-grain-for-all-fqdns.patch | ||
| fix-bsc-1065792.patch | ||
| fix-cp.push-empty-file.patch | ||
| fix-decrease-loglevel-when-unable-to-resolve-addr.patch | ||
| fix-for-ec2-rate-limit-failures.patch | ||
| fix-for-errno-0-resolver-error-0-no-error-bsc-108758.patch | ||
| fix-openscap-push.patch | ||
| fixed-usage-of-ipaddress.patch | ||
| html.tar.bz2 | ||
| initialize-__context__-retcode-for-functions-handled.patch | ||
| make-it-possible-to-use-login-pull-and-push-from-mod.patch | ||
| move-log_file-option-to-changeable-defaults.patch | ||
| option-to-merge-current-pillar-with-opts-pillar-duri.patch | ||
| provide-kwargs-to-pkg_resource.parse_targets-require.patch | ||
| README.SUSE | ||
| remove-obsolete-unicode-handling-in-pkg.info_install.patch | ||
| run-salt-api-as-user-salt-bsc-1064520.patch | ||
| run-salt-master-as-dedicated-salt-user.patch | ||
| salt-tmpfiles.d | ||
| salt.changes | ||
| salt.spec | ||
| strip-trailing-commas-on-linux-user-gecos-fields.patch | ||
| travis.yml | ||
| update-documentation.sh | ||
| v2018.3.0.tar.gz | ||
Salt-master as non-root user ============================ With this version of salt the salt-master will run as salt user. Why an extra user ================= While the current setup runs the master as root user, this is considered a security issue and not in line with the other configuration management tools (eg. puppet) which runs as a dedicated user. How can I undo the change ========================= If you would like to make the change before you can do the following steps manually: 1. change the user parameter in the master configuration user: root 2. update the file permissions: as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt 3. restart the salt-master daemon: as root: rcsalt-master restart or systemctl restart salt-master NOTE ==== Running the salt-master daemon as a root user is considers by some a security risk, but running as root, enables the pam external auth system, as this system needs root access to check authentication. For more information: http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html