• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..01-Mar-2022-

README.suseH A D01-Mar-20221.1 KiB3323

allow-systemd-parameterized-services.patchH A D01-Mar-20222.2 KiB7558

allow-systemd-units-no-unit-files.patchH A D01-Mar-20222.3 KiB8066

disable-service-py-for-suse-family.patchH A D01-Mar-2022929 2723

fix-service-py-version-parsing-sles.patchH A D01-Mar-20221.4 KiB3228

pass-all-systemd-list-units.patchH A D01-Mar-2022937 2923

salt-apiH A D01-Mar-20223.6 KiB155114

salt-api.changesH A D01-Mar-20223.4 KiB9669

salt-api.serviceH A D01-Mar-2022342 1613

salt-api.specH A D01-Mar-20222.9 KiB11983

salt-common.logrotateH A D01-Mar-2022545 5448

salt-masterH A D01-Mar-20223.2 KiB13897

salt-master.serviceH A D01-Mar-2022323 1411

salt-minionH A D01-Mar-20224 KiB164119

salt-minion.serviceH A D01-Mar-2022252 1613

salt-minion.service.rhel7H A D01-Mar-2022215 1512

salt-syndicH A D01-Mar-20223.3 KiB13997

salt-tmpfiles.dH A D01-Mar-2022201 64

salt.SuSEfirewall2H A D01-Mar-2022121 64

salt.changesH A D01-Mar-202256.9 KiB1,3451,127

salt.specH A D01-Mar-202224.3 KiB822691

use-forking-daemon.patchH A D01-Mar-2022379 1412

use-salt-user-for-master.patchH A D01-Mar-2022921 4036

README.suse

1Salt-master as non-root user
2============================
3
4With this version of salt the salt-master will run as salt user.
5
6Why an extra user
7=================
8
9While the current setup runs the master as root user, this is considered a security issue
10and not in line with the other configuration management tools (eg. puppet) which runs as a
11dedicated user.
12
13How can I undo the change
14=========================
15
16If you would like to make the change before you can do the following steps manually:
171. change the user parameter in the master configuration
18   user: root
192. update the file permissions:
20   as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt
213. restart the salt-master daemon:
22   as root: rcsalt-master restart or systemctl restart salt-master
23
24NOTE
25====
26
27Running the salt-master daemon as a root user is considers by some a security risk, but
28running as root, enables the pam external auth system, as this system needs root access to check authentication.
29
30For more information:
31https://docs.saltproject.io/en/latest/ref/configuration/nonroot.html
32
33