mirror of
https://github.com/valitydev/salt.git
synced 2024-11-06 16:45:27 +00:00
|
|
||
|---|---|---|
| .. | ||
| allow-systemd-parameterized-services.patch | ||
| allow-systemd-units-no-unit-files.patch | ||
| disable-service-py-for-suse-family.patch | ||
| fix-service-py-version-parsing-sles.patch | ||
| pass-all-systemd-list-units.patch | ||
| README.suse | ||
| salt-api | ||
| salt-api.changes | ||
| salt-api.service | ||
| salt-api.spec | ||
| salt-master | ||
| salt-minion | ||
| salt-syndic | ||
| salt-tmpfiles.d | ||
| salt.changes | ||
| salt.spec | ||
| salt.SuSEfirewall2 | ||
| use-forking-daemon.patch | ||
| use-salt-user-for-master.patch | ||
Salt-master as non-root user ============================ With this version of salt the salt-master will run as salt user. Why an extra user ================= While the current setup runs the master as root user, this is considered a security issue and not in line with the other configuration management tools (eg. puppet) which runs as a dedicated user. How can I undo the change ========================= If you would like to make the change before you can do the following steps manually: 1. change the user parameter in the master configuration user: root 2. update the file permissions: as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt 3. restart the salt-master daemon: as root: rcsalt-master restart or systemctl restart salt-master NOTE ==== Running the salt-master daemon as a root user is considers by some a security risk, but running as root, enables the pam external auth system, as this system needs root access to check authentication. For more information: http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html