salt-syndic breaks salt-master in 18.04

Bug #1763165 reported by Michael Lustfield on 2018-04-11
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
salt (Ubuntu)
High
Unassigned
Bionic
Undecided
Unassigned

Bug Description

It's nice that salt-master is now (in 18.04) using a non-root account, but salt-syndic has yet to reflect this change. The salt-syndic service is currently set to run as root:root, which causes salt-syndic to make files unreadable by salt-master, which breaks many things.

Setting salt-syndic to run as salt:salt and flushing cache resolved this problem, except that it left salt-syndic unable to write to it's own log file.

Update...

After looking into this further, salt-syndic needs to access files that salt-minion owns, which is a process that much run as root. It takes a bit of screwing around with to get the permissions to work correct in this scenario.

I believe the best solution is to keep salt-master and salt-syndic running as root.

description: updated
Thomas Ward (teward) on 2018-04-11
Changed in salt (Ubuntu):
importance: Undecided → Critical
Thomas Ward (teward) on 2018-04-11
Changed in salt (Ubuntu):
importance: Critical → High
description: updated
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers