valitydev/salt
14
0
Fork 0
mirror of https://github.com/valitydev/salt.git synced 2024-11-08 01:18:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
df10355ac9
salt/pkg/suse
History
Colton Myers 076b49a4ca Merge remote-tracking branch 'upstream/2015.8' into merge-forward-2016.3 
Conflicts:
    README.rst
    doc/conf.py
    doc/ref/index.rst
    doc/ref/proxy/all/salt.proxy.ssh_sample.rst
    doc/topics/installation/rhel.rst
    doc/topics/releases/2015.8.4.rst
    doc/topics/tutorials/states_pt5.rst
    salt/cloud/clouds/ec2.py
    salt/cloud/clouds/opennebula.py
    salt/config/__init__.py
    salt/modules/boto_dynamodb.py
    salt/modules/boto_ec2.py
    salt/modules/boto_elasticache.py
    salt/modules/boto_elb.py
    salt/modules/boto_iam.py
    salt/modules/boto_rds.py
    salt/modules/boto_sns.py
    salt/modules/boto_sqs.py
    salt/modules/dracr.py
    salt/modules/git.py
    salt/modules/mine.py
    salt/modules/systemd.py
    salt/modules/win_pkg.py
    salt/modules/yumpkg.py
    salt/pillar/__init__.py
    salt/states/git.py
    salt/states/rabbitmq_vhost.py
    salt/states/saltmod.py
    salt/utils/pkg/rpm.py
    setup.py
    tests/unit/modules/systemd_test.py
    tests/unit/states/rabbitmq_vhost_test.py
2016-02-11 22:33:49 -07:00
..
allow-systemd-parameterized-services.patch This fixes two issues #14337 and #13788 2014-07-29 20:34:12 +02:00
allow-systemd-units-no-unit-files.patch Fix the wrong "allow to do" phrase 2015-11-04 12:15:41 +01:00
disable-service-py-for-suse-family.patch updated salt.spec file for suse: 2014-10-11 20:29:52 +02:00
fix-service-py-version-parsing-sles.patch updated salt.spec file for suse: 2014-10-11 20:29:52 +02:00
pass-all-systemd-list-units.patch This fixes two issues #14337 and #13788 2014-07-29 20:34:12 +02:00
README.suse update suse spec file to 2015.8.1 2015-10-18 12:24:09 +02:00
salt-api updated suse spec file 2013-08-09 22:56:36 +02:00
salt-api.changes updated suse spec file for salt-api 0.8.3 2013-11-04 23:00:20 +01:00
salt-api.service updated suse spec file 2013-08-09 22:56:36 +02:00
salt-api.spec updated suse spec file for salt-api 0.8.3 2013-11-04 23:00:20 +01:00
salt-master Extra suse init script fix for $? after an echo 2015-10-23 09:58:34 -06:00
salt-minion Removing $? after "echo" for other startup scripts 2015-10-23 09:57:53 -06:00
salt-syndic updated suse spec to salt 0.17.1 2013-10-23 07:50:21 +02:00
salt-tmpfiles.d update suse spec file to 2015.8.1 2015-10-18 12:24:09 +02:00
salt.changes Merge remote-tracking branch 'upstream/2015.8' into merge-forward-2016.3 2016-02-11 22:33:49 -07:00
salt.spec update suse spec file to 2015.8.1 2015-10-18 12:24:09 +02:00
salt.SuSEfirewall2 Fixed occurances of "Salt Stack" to SaltStack 2013-11-07 10:46:41 -07:00
use-forking-daemon.patch update suse spec file to 2015.8.1 2015-10-18 12:24:09 +02:00
use-salt-user-for-master.patch update suse spec file to 2015.8.1 2015-10-18 12:24:09 +02:00

README.suse 

Salt-master as non-root user
============================

With this version of salt the salt-master will run as salt user.

Why an extra user
=================

While the current setup runs the master as root user, this is considered a security issue
and not in line with the other configuration management tools (eg. puppet) which runs as a
dedicated user. 

How can I undo the change
=========================

If you would like to make the change before you can do the following steps manually:
1. change the user parameter in the master configuration
   user: root
2. update the file permissions:
   as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt
3. restart the salt-master daemon:
   as root: rcsalt-master restart or systemctl restart salt-master

NOTE
====

Running the salt-master daemon as a root user is considers by some a security risk, but
running as root, enables the pam external auth system, as this system needs root access to check authentication.

For more information:
http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html