| 1234567891011121314151617181920212223242526272829303132 |
- Salt-master as non-root user
- ============================
- With this version of salt the salt-master will run as salt user.
- Why an extra user
- =================
- While the current setup runs the master as root user, this is considered a security issue
- and not in line with the other configuration management tools (eg. puppet) which runs as a
- dedicated user.
- How can I undo the change
- =========================
- If you would like to make the change before you can do the following steps manually:
- 1. change the user parameter in the master configuration
- user: root
- 2. update the file permissions:
- as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt
- 3. restart the salt-master daemon:
- as root: rcsalt-master restart or systemctl restart salt-master
- NOTE
- ====
- Running the salt-master daemon as a root user is considers by some a security risk, but
- running as root, enables the pam external auth system, as this system needs root access to check authentication.
- For more information:
- http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html
|
