David Murphy 0ab763c42d Added 'su salt salt' for SUSE log rotation 4 éve
..
README.suse 031a75ca33 Merge branch '2015.8' into '2016.3' 8 éve
allow-systemd-parameterized-services.patch d9bfda2dcd This fixes two issues #14337 and #13788 10 éve
allow-systemd-units-no-unit-files.patch 89dcb66310 Fix the wrong "allow to do" phrase 9 éve
disable-service-py-for-suse-family.patch bcd6a1cd77 fix osfamily from Suse to SUSE 8 éve
fix-service-py-version-parsing-sles.patch bcd6a1cd77 fix osfamily from Suse to SUSE 8 éve
pass-all-systemd-list-units.patch d9bfda2dcd This fixes two issues #14337 and #13788 10 éve
salt-api 8da9e9a116 updated suse spec file 11 éve
salt-api.changes bcd6a1cd77 fix osfamily from Suse to SUSE 8 éve
salt-api.service 530ddd2d29 Set SHELL environment variable 7 éve
salt-api.spec a4e2da99a8 updated suse spec file for salt-api 0.8.3 11 éve
salt-common.logrotate 0ab763c42d Added 'su salt salt' for SUSE log rotation 4 éve
salt-master de6ec05ec0 add try-restart to fix autorestarting on SUSE systems 8 éve
salt-master.service efe308013a Align SUSE salt-master.service 'LimitNOFILES' limit with upstream Salt 6 éve
salt-minion 30b12da58b Enables salt-minion watchdog on init.d script for sysV 7 éve
salt-minion.service a177d7f0a1 salt-minion.service: Start after salt-master.service 7 éve
salt-minion.service.rhel7 db295f6f06 special salt-minion.service file for rhel7 7 éve
salt-syndic de6ec05ec0 add try-restart to fix autorestarting on SUSE systems 8 éve
salt-tmpfiles.d 8d796e6732 update suse spec file to 2015.8.1 9 éve
salt.SuSEfirewall2 4f00fa256b Fixed occurances of "Salt Stack" to SaltStack 11 éve
salt.changes 8d1e1e7f94 Merge branch '2017.7' into '2018.3' 6 éve
salt.spec a24f6fe7e7 Default crypto library to `pycryptodomex` 4 éve
use-forking-daemon.patch f6d9cdc633 Merge branch '2015.8' into '2016.3' 8 éve
use-salt-user-for-master.patch 8d796e6732 update suse spec file to 2015.8.1 9 éve

README.suse

Salt-master as non-root user
============================

With this version of salt the salt-master will run as salt user.

Why an extra user
=================

While the current setup runs the master as root user, this is considered a security issue
and not in line with the other configuration management tools (eg. puppet) which runs as a
dedicated user.

How can I undo the change
=========================

If you would like to make the change before you can do the following steps manually:
1. change the user parameter in the master configuration
user: root
2. update the file permissions:
as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt
3. restart the salt-master daemon:
as root: rcsalt-master restart or systemctl restart salt-master

NOTE
====

Running the salt-master daemon as a root user is considers by some a security risk, but
running as root, enables the pam external auth system, as this system needs root access to check authentication.

For more information:
http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html