* Evaluate %h and %u before deciding if the ssh config path is absolute
Since %h is the user's home directory, it's not very useful unless it
appears at the beginning of the path. However, putting it at the
beginning of the path does not have the expected effect: %h/.ssh
will become /home/someuser/home/someuser/.ssh, since "%h/.ssh" is
identified by Python as a non-absolute path, causing the user's
home directory to be tacked on the front.
* Improved ssh_auth path expansion test
* auth.pam int test: use unhashed pw for MacOS
* shell tests: strip whitespace from shell return
Similar to 2f1c0cf.
* modules.mac_user.delete: update example for int test
integration.shell.call.CallTest.test_user_delete_kw_output expects this
exact string to be in the doc for user.delete:
```
salt '*' user.delete name remove=True force=True
```
* modules.mac_keychain: remove unnecessary space in docstrings
* modules.mac_keychain.get_hash: add example to docstring
* modules.mac_user: protect sdecode from loader as _sdecode
* modules.proxy: add missing examples to docstrings
* json encode arguments passed to an execution module function call
this fixes problems where you could pass a string to a module function,
which thanks to the yaml decoder which is used when parsing command line
arguments could change its type entirely. for example:
__salt__['test.echo')('{foo: bar}')
the test.echo function just returns the argument it's given. however,
because it's being called through a salt-call process like this:
salt-call --local test.echo {foo: bar}
salt thinks it's yaml and therefore yaml decodes it. the return value
from the test.echo call above is therefore a dict, not a string.
* Prevent crash if pygit2 package is requesting re-compilation of the e… (#32652)
* Prevent crash if pygit2 package is requesting re-compilation of the entire library on production systems (no *devel packages)
* Fix PEP8: move imports to the top of the file
* Move logger up
* Add log error message in case if exception is not an ImportError
* align OS grains from older SLES with current one (#32649)
* Fixing critical bug to remove only the specified Host instead of the entire Host cluster (#32640)
* yumpkg: Ignore epoch in version comparison for explict versions without an epoch (#32563)
* yumpkg: Ignore epoch in version comparison for explict versions without an epoch
Also properly handle comparisions for packages with multiple versions.
Resolves#32229
* Don't attempt downgrade for kernel and its subpackages
Multiple versions are supported since their paths do not conflict.
* Lower log level for pillar cache (#32655)
This shouldn't show up on salt-call runs
* Don't access deprecated Exception.message attribute. (#32556)
* Don't access deprecated Exception.message attribute.
To avoid a deprecation warning message in logs.
There is a new function salt.exceptions.get_error_message(e) instead.
* Fixed module docs test.
* Fix for issue 32523 (#32672)
* Fix routes for redhat < 6
* Handle a couple of arguments better (Azure) (#32683)
* backporting a fix from develop where the use of splay would result in seconds=0 in the schedule.list when there was no seconds specified in the origina schedule
* Handle when beacon not configured and we try to enable/disable them (#32692)
* Handle the situation when the beacon is not configured and we try to disable it
* a couple more missing returns in the enable & disable
* Check dependencies type before appling str operations (#32693)
* Update external auth documentation to list supported matcher. (#32733)
Thanks to #31598, all matchers are supported for eauth configuration.
But we still have no way to use compound matchers in eauth configuration.
Update the documentation to explicitly express this limitation.
* modules.win_dacl: consistent case of dacl constants (#32720)
* Document pillar cache options (#32643)
* Add note about Pillar data cache requirement for Pillar targeting method
* Add `saltutil.refresh_pillar` function to the scheduled Minion jobs
* Minor fixes in docs
* Add note about relations between `pillar_cache` option and Pillar Targeting
to Master config comments with small reformatting
* Document Pillar Cache Options for Salt Master
* Document Minions Targeting with Mine
* Remove `saltutil.refresh_pillar` scheduled persistent job
* Properly handle minion failback failure. (#32749)
* Properly handle minion failback failure.
Initiate minion restart if all masters down on __master_disconnect like
minion does on the initial master connect on start.
* Fixed unit test
* Improve documentation on pygit2 versions (#32779)
This adds an explanation of the python-cffi dep added in pygit2 0.21.0,
and recommends 0.20.3 for LTS distros. It also links to the salt-pack
issue which tracks the progress of adding pygit2 to our Debian and
Ubuntu repositories.
* Pylint fix
Replaced a stack error with a well formatted message when virtualenv
binary is not present.
Also in pip module the was a mix of references to the logging object.
Changed all to logger since long is a variable that refers to pip log.
dummy
* add http proxy support for tornado
* add proxy_username/password and doc for the minion
* add pycurl deps for tornado
* fix lint issues
* remove hard coded requirements for pycurl, change curl_httpclient to be optional unless proxy_host/port is set
* fix lint
Currently the example top file under "Matching Grains in the Top File" has
node_type grains whose values do not match the names of the states which
they specify. (e.g. the `webserver` node_type specifies the `web` state).
Later these values are templated using jinja templates as if they are identical.
This commit adjusts the values in the example to be identical, so that the
template example follows naturally.
This adds an explanation of the python-cffi dep added in pygit2 0.21.0,
and recommends 0.20.3 for LTS distros. It also links to the salt-pack
issue which tracks the progress of adding pygit2 to our Debian and
Ubuntu repositories.
* Revert "Verify auth in saltnado run (#32552)"
This reverts commit b19c5a5ce7.
* Call runner.cmd_async instead to enforce eauth
* Check for both token or user/pass before giving to Salt
* Remove comment as we're now enforcing auth here
* Lint and functionality fix courtesy of Mike P.
* Don't fail the whole request if there's an eauth problem
As described in #32753 archived.extracted chnages more permissions that they
should. Since if_missing is None, name is assigned to this variable, this
chnage will help not updating files/dirs permissions outside the actual extracted file.
* Properly handle minion failback failure.
Initiate minion restart if all masters down on __master_disconnect like
minion does on the initial master connect on start.
* Fixed unit test
The Random module can lead to non alpha numeric characters in the
password. Since we also use this for creating the salt, some devices
cannot have these extra characters in their salts, so allow to turn this
feature off as needed.
