mirror of
https://github.com/valitydev/salt.git
synced 2024-11-07 08:58:59 +00:00
31 lines
1.3 KiB
ReStructuredText
31 lines
1.3 KiB
ReStructuredText
===========================
|
|
Salt 2016.3.9 Release Notes
|
|
===========================
|
|
|
|
Version 2016.3.9 is a bugfix release for :ref:`2016.3.0 <release-2016-3-0>`.
|
|
|
|
Master Changes
|
|
==============
|
|
|
|
The following options have been added to the master config file:
|
|
|
|
- :conf_master:`allow_minion_key_revoke` - This option controls whether a
|
|
minion can request that the master revoke its key. When ``True``, a minion
|
|
can request a key revocation and the master will comply. If it is ``False``,
|
|
the key will not be revoked by the msater.
|
|
|
|
- :conf_master:`require_minion_sign_messages` - This requires that minions
|
|
cryptographically sign the messages they publish to the master. If minions
|
|
are not signing, then log this information at loglevel ``INFO`` and drop the
|
|
message without acting on it.
|
|
|
|
- :conf_master:`drop_messages_signature_fail` - Drop messages from minions when
|
|
their signatures do not validate. Note that when this option is ``False`` but
|
|
`require_minion_sign_messages` is ``True``, minions *MUST* sign their
|
|
messages, but the validity of their signatures is ignored.
|
|
|
|
- :conf_master:`minion_sign_messages` - Causes the minion to cryptographically
|
|
sign the payload of messages it places on the event bus for the master. The
|
|
payloads are signed with the minion's private key so the master can verify
|
|
the signature with its public key.
|