[Bug 939831] New: Salt Master running as root
http://bugzilla.opensuse.org/show_bug.cgi?id=939831 Bug ID: 939831 Summary: Salt Master running as root Classification: openSUSE Product: openSUSE Factory Version: 201505* Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: aboe76@gmail.com Reporter: mrueckert@suse.com QA Contact: qa-bugs@suse.de CC: kkaempf@suse.com, security-team@suse.de, tserong@suse.com Found By: --- Blocker: --- This seems unneeded to me. Puppet master e.g. runs fine as non root as well and so could the salt master: http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html my migration plan would be 1. add salt user/group to the package but leave it running as root by default for now. 2. add README.SUSE that we plan to move to salt user/group as default at some point and that people can change to it already if they want. 3. do the switch in e.g. 6 months or the next release of a product using/shipping salt. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=939831
http://bugzilla.opensuse.org/show_bug.cgi?id=939831#c1
--- Comment #1 from Klaus Kämpf
http://bugzilla.opensuse.org/show_bug.cgi?id=939831
Theo Chatzimichos
http://bugzilla.opensuse.org/show_bug.cgi?id=939831
http://bugzilla.opensuse.org/show_bug.cgi?id=939831#c2
--- Comment #2 from Niels Abspoel
http://bugzilla.opensuse.org/show_bug.cgi?id=939831
http://bugzilla.opensuse.org/show_bug.cgi?id=939831#c3
--- Comment #3 from Klaus Kämpf
Otherwise I'm all for it, I like the migration plan, and I think 2015.8 is a good target for running salt-master with non-root user.
Great, thanks !
For the minions, I don't think it's such a good Idea.
It's a different topic, but we'll need to look into this for SUSE Manager 3. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=939831
http://bugzilla.opensuse.org/show_bug.cgi?id=939831#c7
--- Comment #7 from Niels Abspoel
http://bugzilla.opensuse.org/show_bug.cgi?id=939831
http://bugzilla.opensuse.org/show_bug.cgi?id=939831#c8
Klaus Kämpf
http://bugzilla.opensuse.org/show_bug.cgi?id=939831
http://bugzilla.opensuse.org/show_bug.cgi?id=939831#c9
--- Comment #9 from Niels Abspoel
http://bugzilla.opensuse.org/show_bug.cgi?id=939831
Niels Abspoel
http://bugzilla.opensuse.org/show_bug.cgi?id=939831
http://bugzilla.opensuse.org/show_bug.cgi?id=939831#c11
--- Comment #11 from Niels Abspoel
http://bugzilla.opensuse.org/show_bug.cgi?id=939831
http://bugzilla.opensuse.org/show_bug.cgi?id=939831#c12
--- Comment #12 from Marcus Rückert
http://bugzilla.opensuse.org/show_bug.cgi?id=939831
http://bugzilla.opensuse.org/show_bug.cgi?id=939831#c13
--- Comment #13 from Niels Abspoel
http://bugzilla.opensuse.org/show_bug.cgi?id=939831
http://bugzilla.opensuse.org/show_bug.cgi?id=939831#c14
--- Comment #14 from Niels Abspoel
http://bugzilla.opensuse.org/show_bug.cgi?id=939831
http://bugzilla.opensuse.org/show_bug.cgi?id=939831#c15
Niels Abspoel
participants (1)
-
bugzilla_noreply@novell.com