2018-04-11 20:16:30 |
Michael Lustfield |
bug |
|
|
added bug |
2018-04-11 20:35:37 |
Michael Lustfield |
description |
It's nice that salt-master is now (in 18.04) using a non-root account, but salt-syndic has yet to reflect this change. The salt-syndic service is currently set to run as root:root, which causes salt-syndic to make files unreadable by salt-master, which breaks many things.
Setting salt-syndic to run as salt:salt and flushing cache resolved this problem. |
It's nice that salt-master is now (in 18.04) using a non-root account, but salt-syndic has yet to reflect this change. The salt-syndic service is currently set to run as root:root, which causes salt-syndic to make files unreadable by salt-master, which breaks many things.
Setting salt-syndic to run as salt:salt and flushing cache resolved this problem, except that it left salt-syndic unable to write to it's own log file. |
|
2018-04-11 21:05:57 |
Thomas Ward |
salt (Ubuntu): importance |
Undecided |
Critical |
|
2018-04-11 21:10:16 |
Thomas Ward |
nominated for series |
|
Ubuntu Bionic |
|
2018-04-11 21:13:49 |
Thomas Ward |
salt (Ubuntu): importance |
Critical |
High |
|
2018-04-25 15:20:08 |
Michael Lustfield |
description |
It's nice that salt-master is now (in 18.04) using a non-root account, but salt-syndic has yet to reflect this change. The salt-syndic service is currently set to run as root:root, which causes salt-syndic to make files unreadable by salt-master, which breaks many things.
Setting salt-syndic to run as salt:salt and flushing cache resolved this problem, except that it left salt-syndic unable to write to it's own log file. |
It's nice that salt-master is now (in 18.04) using a non-root account, but salt-syndic has yet to reflect this change. The salt-syndic service is currently set to run as root:root, which causes salt-syndic to make files unreadable by salt-master, which breaks many things.
Setting salt-syndic to run as salt:salt and flushing cache resolved this problem, except that it left salt-syndic unable to write to it's own log file.
Update...
After looking into this further, salt-syndic needs to access files that salt-minion owns, which is a process that much run as root. It takes a bit of screwing around with to get the permissions to work correct in this scenario.
I believe the best solution is to keep salt-master and salt-syndic running as root. |
|
2018-07-18 12:21:45 |
Mantas Kriaučiūnas |
bug |
|
|
added subscriber Unishop |
2018-07-18 12:21:49 |
Mantas Kriaučiūnas |
bug |
|
|
added subscriber Mantas Kriaučiūnas |
2018-07-18 12:22:00 |
Mantas Kriaučiūnas |
bug |
|
|
added subscriber Baltix GNU/Linux system developers |
2019-04-05 15:21:59 |
Dimitri John Ledkov |
bug task added |
|
salt (Ubuntu Bionic) |
|