rpm/salt
SHA256
1
0
Fork 0
forked from pool/salt
Code Pull Requests Activity
ff3dbe1ea9
salt/run-salt-master-as-dedicated-salt-user.patch
Bo Maryniuk 7966fde1ef Accepting request 626472 from home:mdinca:branches:systemsmanagement:saltstack 
- Update to 2018.3.2
  See https://docs.saltstack.com/en/latest/topics/releases/2018.3.2.html
  for full changelog
- Added:
  * accounting-for-when-files-in-an-archive-contain-non-.patch
  * add-all_versions-parameter-to-include-all-installed-.patch
  * add-custom-suse-capabilities-as-grains.patch
  * add-engine-relaying-libvirt-events.patch
  * add-environment-variable-to-know-if-yum-is-invoked-f.patch
  * add-other-attribute-to-gecos-fields-to-avoid-inconsi.patch
  * align-suse-salt-master.service-limitnofiles-limit-wi.patch
  * avoid-incomprehensive-message-if-crashes.patch
  * fix-deprecation-warning-bsc-1095507.patch
  * fix-diffing-binary-files-in-file.get_diff-bsc-109839.patch
  * fix-unboundlocalerror-in-file.get_diff.patch
  * fix-zypper.list_pkgs-to-be-aligned-with-pkg-state.patch
  * prevent-zypper-from-parsing-repo-configuration-from-.patch
  * remove-old-hack-when-reporting-multiversion-packages.patch
  * show-recommendations-for-salt-ssh-cross-version-pyth.patch
- Modified:
  * activate-all-beacons-sources-config-pillar-grains.patch
  * add-saltssh-multi-version-support-across-python-inte.patch
  * avoid-excessive-syslogging-by-watchdog-cronjob-58.patch
  * do-not-override-jid-on-returners-only-sending-back-t.patch
  * enable-passing-a-unix_socket-for-mysql-returners-bsc.patch
  * fall-back-to-pymysql.patch
  * feat-add-grain-for-all-fqdns.patch
  * fix-bsc-1065792.patch
  * fix-decrease-loglevel-when-unable-to-resolve-addr.patch
  * fix-for-ec2-rate-limit-failures.patch

OBS-URL: https://build.opensuse.org/request/show/626472
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=127
2018-07-30 11:52:13 +00:00

48 lines
1.2 KiB
Diff
Raw Blame History

From 3d4be53c265dffdbfaf1d7d4764c361a640fd5ff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkaempf@suse.de>
Date: Wed, 20 Jan 2016 11:01:06 +0100
Subject: [PATCH] Run salt master as dedicated salt user
* Minion runs always as a root
---
conf/master | 3 ++-
pkg/salt-common.logrotate | 2 ++
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/conf/master b/conf/master
index 149fe8812f..d492aef6df 100644
--- a/conf/master
+++ b/conf/master
@@ -25,7 +25,8 @@
# permissions to allow the specified user to run the master. The exception is
# the job cache, which must be deleted if this user is changed. If the
# modified files cause conflicts, set verify_env to False.
-#user: root
+user: salt
+syndic_user: salt
# The port used by the communication interface. The ret (return) port is the
# interface used for the file server, authentication, job returns, etc.
diff --git a/pkg/salt-common.logrotate b/pkg/salt-common.logrotate
index 3cd002308e..0d99d1b801 100644
--- a/pkg/salt-common.logrotate
+++ b/pkg/salt-common.logrotate
@@ -1,4 +1,5 @@
/var/log/salt/master {
+ su salt salt
weekly
missingok
rotate 7
@@ -15,6 +16,7 @@
}
/var/log/salt/key {
+ su salt salt
weekly
missingok
rotate 7
--
2.13.7
View Git Blame Copy Permalink