rpm/salt - salt - openSUSE Gitea

rpm/salt

SHA256

Go to file

Klaus Kämpf 47fccf7d16 Accepting request 394859 from systemsmanagement:saltstack:testing OBS-URL: https://build.opensuse.org/request/show/394859 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=68		2016-05-12 06:02:59 +00:00
.gitattributes	Accepting request 175205 from devel:languages:python	2013-05-16 09:38:22 +00:00
.gitignore	Accepting request 175205 from devel:languages:python	2013-05-16 09:38:22 +00:00
0001-tserong-suse.com-We-don-t-have-python-systemd-so-not.patch	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
0002-Run-salt-master-as-dedicated-salt-user.patch	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
0003-Check-if-byte-strings-are-properly-encoded-in-UTF-8.patch	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
0004-do-not-generate-a-date-in-a-comment-to-prevent-rebui.patch	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
0005-Use-SHA256-hash-type-by-default.patch	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
0006-Update-to-2015.8.8.2.patch	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
0007-Force-sort-the-RPM-output-to-ensure-latest-version-o.patch	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
0008-Cleaner-deprecation-process-with-decorators.patch	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
0009-fix-sorting-by-latest-version-when-called-with-an-at.patch	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
0010-Prevent-metadata-download-when-getting-installed-pro.patch	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
0011-Check-if-EOL-is-available-in-a-particular-product-bs.patch	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
0012-Bugfix-salt-key-crashes-if-tries-to-generate-keys-to.patch	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
0013-Prevent-crash-if-pygit2-package-is-requesting-re-com.patch	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
0014-align-OS-grains-from-older-SLES-with-current-one-326.patch	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
0015-Unblock-Zypper.-Modify-environment.patch	Accepting request 394859 from systemsmanagement:saltstack:testing	2016-05-12 06:02:59 +00:00
0016-Bugfix-Restore-boolean-values-from-the-repo-configur.patch	Accepting request 394859 from systemsmanagement:saltstack:testing	2016-05-12 06:02:59 +00:00
0017-Add-SUSE-Manager-plugin.patch	Accepting request 394859 from systemsmanagement:saltstack:testing	2016-05-12 06:02:59 +00:00
README.SUSE	Accepting request 339485 from devel:languages:python	2015-10-19 20:52:40 +00:00
salt-2015.8.8.tar.gz	Accepting request 391560 from systemsmanagement:saltstack:testing	2016-04-28 07:26:14 +00:00
salt-tmpfiles.d	Accepting request 339485 from devel:languages:python	2015-10-19 20:52:40 +00:00
salt.changes	Accepting request 394859 from systemsmanagement:saltstack:testing	2016-05-12 06:02:59 +00:00
salt.spec	Accepting request 394859 from systemsmanagement:saltstack:testing	2016-05-12 06:02:59 +00:00

README.SUSE

Salt-master as non-root user
============================

With this version of salt the salt-master will run as salt user.

Why an extra user
=================

While the current setup runs the master as root user, this is considered a security issue
and not in line with the other configuration management tools (eg. puppet) which runs as a
dedicated user. 

How can I undo the change
=========================

If you would like to make the change before you can do the following steps manually:
1. change the user parameter in the master configuration
   user: root
2. update the file permissions:
   as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt
3. restart the salt-master daemon:
   as root: rcsalt-master restart or systemctl restart salt-master

NOTE
====

Running the salt-master daemon as a root user is considers by some a security risk, but
running as root, enables the pam external auth system, as this system needs root access to check authentication.

For more information:
http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html