- As mentionned in issue #28706, state user.present no longer remove
user from groups if the keyword 'groups' with empty value '[]' is not
explicitly set, salt will assume current groups are still wanted.
Updates 0edd532, 8f558a5.
When logging in as root over `ssh root@host`, `$TMPDIR` and
`tempfile.gettempdir()` are both set to a variation of:
```
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/
```
When logging in as root over `sudo -i`, `$TMPDIR` is unset and
`tempfile.gettempdir()` is set to `/tmp`.
My guess is that the second case is an unintended or uncorrected omision
by Apple as they have introduced the longer, randomized temp path in a
recent version of MacOS.
On BSD-like systems (including MacOS) files created in /tmp (or any dir
with mod 1777) do not have the user's group. Therefore the st_gid for
files created in /tmp will usually be wheel. Easiest thing to do is to
skip this test.
* Unbreak cron.file
An extra argument (skip_verify) was recently added to get_managed(),
resulting in this error:
Unable to manage file: get_managed() takes exactly 11 arguments (10 given)
Also eliminate a variable that can remain uninitialized when running
`salt-call`
* Correct pylint error
* Ignore Raspbian in service.py __virtual__
This prevents more than one execution module from trying to load as the
service virtual module.
Refs: #32413
* pack __salt__ before loading provider overrides
We can (and should) pack here since we're just packing a reference to the
object. __salt__ needs to be available when we're loading our provider
overrides
* Fix broken __salt__ dict in provider override
Using ret.items() here sets ``__salt__`` to its items (tuple containing
function name and reference), breaking usage of ``__salt__`` inside
overridden functions.
* Discard duplicate YAML nodes when merging anchors to avoid duplicate node errors. Add yamlloader unit tests.
Fixed#14550 Using YAML anchors/references in Pillars causes conflicting IDs
* Fix lint errors. Make external function a static method.
* Fix remaining lint errors in unit test file.
salt/utils/dicttrim.py:
- Changed `salt.utils.dicttrim.trim_dict` to take an extra parameter
`use_bin_type`. Hence, when handling this data, it will decode
using `encoding='utf-8'` and encode using `use_bin_type=True`.
salt/utils/event.py:
- Since events use `use_bin_type=True` for Python 3, when calling
`salt.utils.dicttrim.trim_dict` set `use_bin_type=six.PY3`
salt/minion.py:
- Minion._process_beacons also uses `salt.utils.dicttrim.trim_dict`.
However, it doesn't seem to be referenced anywhere, so it has been
removed entirely. It wasn't PY3 compliant for other reasons anyway.
Surprisingly, `salt.utils.dicttrim` wasn't even imported in
minion.py to begin with.
Signed-off-by: Sergey Kizunov <sergey.kizunov@ni.com>
This will add load balancer functionality to the salt-master
when running on Windows Python 3. Unfortunately, on Python 2, the
limit for `worker_threads` remains 1 due to a lack of needed
functionality in Python 2. See issue #27367 for details.
salt/master.py:
- Modified the `tcp_only` check to only issue the warning if we are
using Windows Python 2 and `worker_threads` is not already set to 1.
salt/transport/tcp.py:
- Added global `USE_LOAD_BALANCER` to tell if we need to add the
extra load balancer functionality. Currently, it will be set if
we are using Windows and Python 3.
- Added `LoadBalancerServer`. This runs in its own process and will
listen for incoming connections. Each incoming connection will be
sent via multiprocessing queue to the workers. Since the queue is shared
amongst workers, only one worker will handle a given connection.
- Added `LoadBalancerWorker`. This inherits from `SaltMessageServer`
and is used in its place for `TCPReqServerChannel.req_server` when
`USE_LOAD_BALANCER` is True. It adds the additional functionality of
getting connections from the shared multiprocessing queue that
`LoadBalancerServer` sends connections to and processes those
connections.
Signed-off-by: Sergey Kizunov <sergey.kizunov@ni.com>
* Allow passing extra keyword arguments to tweak the key generation
process through the API without requiring special options to be
present in the minion configuration options.
* Default the key generation directory to pki_dir when gen_keys_dir
is not provided rather than failing with a KeyError exception.
* Default the keyname to 'minion' if no gen_keys option was provided.
* Return the fingerprint of the generated pub key.
Generating keys for a minion programatically with the default minion
configuration can now be done simply doing:
from salt.config import minion_config
from salt.key import Key
Key(minion_config(None)).gen_keys()
This will return the generated key fingerprint.
Note that the implementation for RaetKey has a significantly different
interface despite its inherited behavior from the Key class. An effort
was made to make the interface as close as possible, but, it does
not generate a PKI key pair for example, and no fingerprint is
returned when calling gen_keys().
