SHA256
1
0
forked from pool/salt
Go to file
Dominique Leuenberger 7e02b5c50e Accepting request 984677 from systemsmanagement:saltstack
- Fix PAM auth issue due missing check for PAM_ACCT_MGM return value (CVE-2022-22967) (bsc#1200566)
- Added:
  * fix-for-cve-2022-22967-bsc-1200566.patch

- Make sure SaltCacheLoader use correct fileclient (bsc#1199149)
- Added:
  * make-sure-saltcacheloader-use-correct-fileclient-519.patch

OBS-URL: https://build.opensuse.org/request/show/984677
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/salt?expand=0&rev=129
2022-06-24 06:45:04 +00:00
_lastrevision osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:442 2022-06-23 07:43:41 +00:00
_service osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
.gitattributes Accepting request 175205 from devel:languages:python 2013-05-16 09:38:22 +00:00
.gitignore Accepting request 175205 from devel:languages:python 2013-05-16 09:38:22 +00:00
3003.3-do-not-consider-skipped-targets-as-failed-for.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
3003.3-postgresql-json-support-in-pillar-423.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
activate-all-beacons-sources-config-pillar-grains.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:374 2021-01-08 12:41:50 +00:00
add-custom-suse-capabilities-as-grains.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
add-environment-variable-to-know-if-yum-is-invoked-f.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
add-migrated-state-and-gpg-key-management-functions-.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
add-missing-ansible-module-functions-to-whitelist-in.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:432 2022-02-08 14:02:38 +00:00
add-publish_batch-to-clearfuncs-exposed-methods.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:374 2021-01-08 12:41:50 +00:00
add-rpm_vercmp-python-library-for-version-comparison.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
add-salt-ssh-support-with-venv-salt-minion-3004-493.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:435 2022-02-28 15:31:11 +00:00
add-sleep-on-exception-handling-on-minion-connection.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:384 2021-03-01 13:55:56 +00:00
add-standalone-configuration-file-for-enabling-packa.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:374 2021-01-08 12:41:50 +00:00
adds-explicit-type-cast-for-port.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:419 2021-09-27 10:08:32 +00:00
allow-vendor-change-option-with-zypper.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:419 2021-09-27 10:08:32 +00:00
async-batch-implementation.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:419 2021-09-27 10:08:32 +00:00
avoid-excessive-syslogging-by-watchdog-cronjob-58.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:374 2021-01-08 12:41:50 +00:00
batch.py-avoid-exception-when-minion-does-not-respon.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:374 2021-01-08 12:41:50 +00:00
bsc-1176024-fix-file-directory-user-and-group-owners.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:374 2021-01-08 12:41:50 +00:00
check-if-dpkgnotify-is-executable-bsc-1186674-376.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:418 2021-09-16 07:59:31 +00:00
debian-info_installed-compatibility-50453.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
dnfnotify-pkgset-plugin-implementation-3002.2-450.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:427 2021-11-16 11:00:40 +00:00
do-not-crash-when-unexpected-cmd-output-at-listing-p.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:419 2021-09-27 10:08:32 +00:00
don-t-use-shell-sbin-nologin-in-requisites.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:418 2021-09-16 07:59:31 +00:00
drop-serial-from-event.unpack-in-cli.batch_async.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:430 2022-02-01 09:50:25 +00:00
early-feature-support-config.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
enable-passing-a-unix_socket-for-mysql-returners-bsc.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
enhance-logging-when-inotify-beacon-is-missing-pyino.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:418 2021-09-16 07:59:31 +00:00
enhance-openscap-module-add-xccdf_eval-call-386.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
fix-bsc-1065792.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:419 2021-09-27 10:08:32 +00:00
fix-crash-when-calling-manage.not_alive-runners.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:423 2021-10-13 15:24:29 +00:00
fix-exception-in-yumpkg.remove-for-not-installed-pac.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
fix-for-cve-2022-22967-bsc-1200566.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:442 2022-06-23 07:43:41 +00:00
fix-for-suse-expanded-support-detection.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:374 2021-01-08 12:41:50 +00:00
fix-inspector-module-export-function-bsc-1097531-481.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:430 2022-02-01 09:50:25 +00:00
fix-ip6_interface-grain-to-not-leak-secondary-ipv4-a.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:427 2021-11-16 11:00:40 +00:00
fix-issue-2068-test.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:374 2021-01-08 12:41:50 +00:00
fix-issues-with-salt-ssh-s-extra-filerefs.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
fix-missing-minion-returns-in-batch-mode-360.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:418 2021-09-16 07:59:31 +00:00
fix-multiple-security-issues-bsc-1197417.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:436 2022-03-31 08:43:42 +00:00
fix-regression-with-depending-client.ssh-on-psutil-b.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:439 2022-04-12 12:13:31 +00:00
fix-salt-call-event.send-call-with-grains-and-pillar.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:432 2022-02-08 14:02:38 +00:00
fix-salt-ssh-opts-poisoning-bsc-1197637-3004-501.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:437 2022-03-31 14:45:34 +00:00
fix-salt.utils.stringutils.to_str-calls-to-make-it-w.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:377 2021-01-12 12:57:50 +00:00
fix-the-regression-for-yumnotify-plugin-456.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:427 2021-11-16 11:00:40 +00:00
fix-traceback.print_exc-calls-for-test_pip_state-432.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
fix-wrong-test_mod_del_repo_multiline_values-test-af.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:419 2021-09-27 10:08:32 +00:00
fixes-56144-to-enable-hotadd-profile-support.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:419 2021-09-27 10:08:32 +00:00
fixes-for-python-3.10-502.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:439 2022-04-12 12:13:31 +00:00
force-zyppnotify-to-prefer-packages.db-than-packages.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:377 2021-01-12 12:57:50 +00:00
html.tar.bz2 osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:432 2022-02-08 14:02:38 +00:00
implementation-of-held-unheld-functions-for-state-pk.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
implementation-of-suse_ip-execution-module-bsc-10999.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:419 2021-09-27 10:08:32 +00:00
improvements-on-ansiblegate-module-354.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
include-aliases-in-the-fqdns-grains.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
info_installed-works-without-status-attr-now.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
let-salt-ssh-use-platform-python-binary-in-rhel8-191.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:374 2021-01-08 12:41:50 +00:00
make-aptpkg.list_repos-compatible-on-enabled-disable.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:419 2021-09-27 10:08:32 +00:00
make-setup.py-script-to-not-require-setuptools-9.1.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:374 2021-01-08 12:41:50 +00:00
make-sure-saltcacheloader-use-correct-fileclient-519.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:442 2022-06-23 07:43:41 +00:00
mock-ip_addrs-in-utils-minions.py-unit-test-443.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
notify-beacon-for-debian-ubuntu-systems-347.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:393 2021-04-13 15:36:55 +00:00
prevent-affection-of-ssh.opts-with-lazyloader-bsc-11.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:439 2022-04-12 12:13:31 +00:00
prevent-pkg-plugins-errors-on-missing-cookie-path-bs.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
prevent-shell-injection-via-pre_flight_script_args-4.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:435 2022-02-28 15:31:11 +00:00
read-repo-info-without-using-interpolation-bsc-11356.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:374 2021-01-08 12:41:50 +00:00
README.SUSE Accepting request 339485 from devel:languages:python 2015-10-19 20:52:40 +00:00
refactor-and-improvements-for-transactional-updates-.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
restore-default-behaviour-of-pkg-list-return.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:419 2021-09-27 10:08:32 +00:00
return-the-expected-powerpc-os-arch-bsc-1117995.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:419 2021-09-27 10:08:32 +00:00
revert-fixing-a-use-case-when-multiple-inotify-beaco.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
run-salt-api-as-user-salt-bsc-1064520.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:374 2021-01-08 12:41:50 +00:00
run-salt-master-as-dedicated-salt-user.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
salt-tmpfiles.d osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:418 2021-09-16 07:59:31 +00:00
salt.changes osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:442 2022-06-23 07:43:41 +00:00
salt.spec osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:442 2022-06-23 07:43:41 +00:00
state.apply-don-t-check-for-cached-pillar-errors.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
state.orchestrate_single-does-not-pass-pillar-none-4.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:435 2022-02-28 15:31:11 +00:00
support-transactional-systems-microos.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
switch-firewalld-state-to-use-change_interface.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
temporary-fix-extend-the-whitelist-of-allowed-comman.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:419 2021-09-27 10:08:32 +00:00
transactional_update.conf osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:418 2021-09-16 07:59:31 +00:00
travis.yml Accepting request 438684 from systemsmanagement:saltstack:testing 2016-11-06 11:48:16 +00:00
update-documentation.sh osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:374 2021-01-08 12:41:50 +00:00
update-target-fix-for-salt-ssh-to-process-targets-li.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
use-adler32-algorithm-to-compute-string-checksums.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
v3004.tar.gz osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
wipe-notify_socket-from-env-in-cmdmod-bsc-1193357-30.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:430 2022-02-01 09:50:25 +00:00
x509-fixes-111.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00
zypperpkg-ignore-retcode-104-for-search-bsc-1176697-.patch osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:428 2022-01-27 15:38:33 +00:00

Salt-master as non-root user
============================

With this version of salt the salt-master will run as salt user.

Why an extra user
=================

While the current setup runs the master as root user, this is considered a security issue
and not in line with the other configuration management tools (eg. puppet) which runs as a
dedicated user. 

How can I undo the change
=========================

If you would like to make the change before you can do the following steps manually:
1. change the user parameter in the master configuration
   user: root
2. update the file permissions:
   as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt
3. restart the salt-master daemon:
   as root: rcsalt-master restart or systemctl restart salt-master

NOTE
====

Running the salt-master daemon as a root user is considers by some a security risk, but
running as root, enables the pam external auth system, as this system needs root access to check authentication.

For more information:
http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html