bbe3fe8f72
- Update patches
- Modified:
* run-salt-master-as-dedicated-salt-user.patch
* run-salt-api-as-user-salt-bsc-1064520.patch
* fix-openscap-push.patch
* fix-cp.push-empty-file.patch
* avoid-excessive-syslogging-by-watchdog-cronjob-58.patch
* feat-add-grain-for-all-fqdns.patch
* fix-bsc-1065792.patch
* move-log_file-option-to-changeable-defaults.patch
* activate-all-beacons-sources-config-pillar-grains.patch
* remove-obsolete-unicode-handling-in-pkg.info_install.patch
- Removed:
* salt-ssh-fix-json-load-of-return-data-when-it-contai.patch
-------------------------------------------------------------------
- Update cp.push patch
- Modified:
* fix-cp.push-empty-file.patch
* salt-ssh-fix-json-load-of-return-data-when-it-contai.patch
- force re-generate a new thin.tgz when an update gets installed
- fix salt-ssh with a different patch
- remove: dumps-should-return-unicode-also-with-py2-to-prevent.patch
- added: salt-ssh-fix-json-load-of-return-data-when-it-contai.patch
- Added:
OBS-URL: https://build.opensuse.org/request/show/586784
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=115
|
||
|---|---|---|
| _lastrevision | ||
| _service | ||
| .gitattributes | ||
| .gitignore | ||
| 2018.3.0rc1.tar.gz | ||
| activate-all-beacons-sources-config-pillar-grains.patch | ||
| avoid-excessive-syslogging-by-watchdog-cronjob-58.patch | ||
| feat-add-grain-for-all-fqdns.patch | ||
| fix-bsc-1065792.patch | ||
| fix-cp.push-empty-file.patch | ||
| fix-openscap-push.patch | ||
| html.tar.bz2 | ||
| move-log_file-option-to-changeable-defaults.patch | ||
| README.SUSE | ||
| remove-obsolete-unicode-handling-in-pkg.info_install.patch | ||
| run-salt-api-as-user-salt-bsc-1064520.patch | ||
| run-salt-master-as-dedicated-salt-user.patch | ||
| salt-tmpfiles.d | ||
| salt.changes | ||
| salt.spec | ||
| travis.yml | ||
| update-documentation.sh | ||
Salt-master as non-root user ============================ With this version of salt the salt-master will run as salt user. Why an extra user ================= While the current setup runs the master as root user, this is considered a security issue and not in line with the other configuration management tools (eg. puppet) which runs as a dedicated user. How can I undo the change ========================= If you would like to make the change before you can do the following steps manually: 1. change the user parameter in the master configuration user: root 2. update the file permissions: as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt 3. restart the salt-master daemon: as root: rcsalt-master restart or systemctl restart salt-master NOTE ==== Running the salt-master daemon as a root user is considers by some a security risk, but running as root, enables the pam external auth system, as this system needs root access to check authentication. For more information: http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html