rpm/salt - salt - openSUSE Gitea

rpm/salt

SHA256

Go to file

Bo Maryniuk 7966fde1ef Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack - Update to 2018.3.2 See https://docs.saltstack.com/en/latest/topics/releases/2018.3.2.html for full changelog - Added: * accounting-for-when-files-in-an-archive-contain-non-.patch * add-all_versions-parameter-to-include-all-installed-.patch * add-custom-suse-capabilities-as-grains.patch * add-engine-relaying-libvirt-events.patch * add-environment-variable-to-know-if-yum-is-invoked-f.patch * add-other-attribute-to-gecos-fields-to-avoid-inconsi.patch * align-suse-salt-master.service-limitnofiles-limit-wi.patch * avoid-incomprehensive-message-if-crashes.patch * fix-deprecation-warning-bsc-1095507.patch * fix-diffing-binary-files-in-file.get_diff-bsc-109839.patch * fix-unboundlocalerror-in-file.get_diff.patch * fix-zypper.list_pkgs-to-be-aligned-with-pkg-state.patch * prevent-zypper-from-parsing-repo-configuration-from-.patch * remove-old-hack-when-reporting-multiversion-packages.patch * show-recommendations-for-salt-ssh-cross-version-pyth.patch - Modified: * activate-all-beacons-sources-config-pillar-grains.patch * add-saltssh-multi-version-support-across-python-inte.patch * avoid-excessive-syslogging-by-watchdog-cronjob-58.patch * do-not-override-jid-on-returners-only-sending-back-t.patch * enable-passing-a-unix_socket-for-mysql-returners-bsc.patch * fall-back-to-pymysql.patch * feat-add-grain-for-all-fqdns.patch * fix-bsc-1065792.patch * fix-decrease-loglevel-when-unable-to-resolve-addr.patch * fix-for-ec2-rate-limit-failures.patch OBS-URL: https://build.opensuse.org/request/show/626472 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=127		2018-07-30 11:52:13 +00:00
_lastrevision	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
_service	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
.gitattributes	Accepting request 541865 from systemsmanagement:saltstack:products:unstable.py3	2017-11-16 09:11:11 +00:00
.gitignore	Accepting request 175205 from devel:languages:python	2013-05-16 09:38:22 +00:00
accounting-for-when-files-in-an-archive-contain-non-.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
activate-all-beacons-sources-config-pillar-grains.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
add-all_versions-parameter-to-include-all-installed-.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
add-custom-suse-capabilities-as-grains.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
add-engine-relaying-libvirt-events.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
add-environment-variable-to-know-if-yum-is-invoked-f.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
add-other-attribute-to-gecos-fields-to-avoid-inconsi.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
add-saltssh-multi-version-support-across-python-inte.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
align-suse-salt-master.service-limitnofiles-limit-wi.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
avoid-excessive-syslogging-by-watchdog-cronjob-58.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
avoid-incomprehensive-message-if-crashes.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
do-not-override-jid-on-returners-only-sending-back-t.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
enable-passing-a-unix_socket-for-mysql-returners-bsc.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
fall-back-to-pymysql.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
feat-add-grain-for-all-fqdns.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
fix-bsc-1065792.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
fix-decrease-loglevel-when-unable-to-resolve-addr.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
fix-deprecation-warning-bsc-1095507.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
fix-diffing-binary-files-in-file.get_diff-bsc-109839.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
fix-for-ec2-rate-limit-failures.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
fix-for-errno-0-resolver-error-0-no-error-bsc-108758.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
fix-unboundlocalerror-in-file.get_diff.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
fix-zypper.list_pkgs-to-be-aligned-with-pkg-state.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
fixed-usage-of-ipaddress.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
html.tar.bz2	Accepting request 610079 from systemsmanagement:saltstack:testing	2018-05-17 13:21:47 +00:00
option-to-merge-current-pillar-with-opts-pillar-duri.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
prevent-zypper-from-parsing-repo-configuration-from-.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
README.SUSE	Accepting request 541865 from systemsmanagement:saltstack:products:unstable.py3	2017-11-16 09:11:11 +00:00
remove-old-hack-when-reporting-multiversion-packages.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
run-salt-api-as-user-salt-bsc-1064520.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
run-salt-master-as-dedicated-salt-user.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
salt-tmpfiles.d	Accepting request 541865 from systemsmanagement:saltstack:products:unstable.py3	2017-11-16 09:11:11 +00:00
salt.changes	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
salt.spec	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
show-recommendations-for-salt-ssh-cross-version-pyth.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
strip-trailing-commas-on-linux-user-gecos-fields.patch	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00
travis.yml	Accepting request 541865 from systemsmanagement:saltstack:products:unstable.py3	2017-11-16 09:11:11 +00:00
update-documentation.sh	Accepting request 569868 from systemsmanagement:saltstack:testing	2018-01-26 13:46:21 +00:00
v2018.3.2.tar.gz	Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack	2018-07-30 11:52:13 +00:00

README.SUSE

Salt-master as non-root user
============================

With this version of salt the salt-master will run as salt user.

Why an extra user
=================

While the current setup runs the master as root user, this is considered a security issue
and not in line with the other configuration management tools (eg. puppet) which runs as a
dedicated user. 

How can I undo the change
=========================

If you would like to make the change before you can do the following steps manually:
1. change the user parameter in the master configuration
   user: root
2. update the file permissions:
   as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt
3. restart the salt-master daemon:
   as root: rcsalt-master restart or systemctl restart salt-master

NOTE
====

Running the salt-master daemon as a root user is considers by some a security risk, but
running as root, enables the pam external auth system, as this system needs root access to check authentication.

For more information:
http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html