Dominique Leuenberger
f53aa00c3e
- Update to Salt release version 3000.2 See release notes: https://docs.saltstack.com/en/latest/topics/releases/3000.2.html - Fix typo in 'minion_runner' for AESFuncs exposed methods - Added: * fix-typo-in-minion_runner-for-aesfuncs-exposed-metho.patch - Removed: * fix-cve-2020-11651-and-fix-cve-2020-11652.patch - Update to Salt release version 3000.1 See release notes: https://docs.saltstack.com/en/latest/topics/releases/3000.1.html - Fix CVE-2020-11651 and CVE-2020-11652 (bsc#1170595) - Do not require vendored backports-abc (bsc#1170288) - Fix partition.mkpart to work without fstype (bsc#1169800) - Added: * fixed-bug-lvm-has-no-parttion-type.-the-scipt-later-.patch * remove-vendored-backports-abc-from-requirements.patch * fix-cve-2020-11651-and-fix-cve-2020-11652.patch - Modified: * fix-a-wrong-rebase-in-test_core.py-180.patch * make-setup.py-script-to-not-require-setuptools-9.1.patch * do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch * accumulated-changes-from-yomi-167.patch - Removed: * fix-for-unless-requisite-when-pip-is-not-installed.patch * fix-regression-in-service-states-with-reload-argumen.patch OBS-URL: https://build.opensuse.org/request/show/799271 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/salt?expand=0&rev=103
Salt-master as non-root user ============================ With this version of salt the salt-master will run as salt user. Why an extra user ================= While the current setup runs the master as root user, this is considered a security issue and not in line with the other configuration management tools (eg. puppet) which runs as a dedicated user. How can I undo the change ========================= If you would like to make the change before you can do the following steps manually: 1. change the user parameter in the master configuration user: root 2. update the file permissions: as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt 3. restart the salt-master daemon: as root: rcsalt-master restart or systemctl restart salt-master NOTE ==== Running the salt-master daemon as a root user is considers by some a security risk, but running as root, enables the pam external auth system, as this system needs root access to check authentication. For more information: http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html