[Bug 199167] sysutils/py-salt: Run master as non root user

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sat Apr 4 23:33:26 UTC 2015


https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=199167

            Bug ID: 199167
           Summary: sysutils/py-salt: Run master as non root user
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: freebsd-ports-bugs at FreeBSD.org
          Reporter: luca.corti at infinito.it
                CC: christer.edwards at gmail.com
             Flags: maintainer-feedback?(christer.edwards at gmail.com)
                CC: christer.edwards at gmail.com

Hi,

This is more of a feature request, but...

Salt does no privilege separation and runs as root.

For the minion root privileges are needed to perform most of its duties, so
this is probably not solvable unless some form of privilege separation is
applied upstream.

For the master on the other hand, which is a network daemon makes this look
quite bad. Fortunately the master supports non-root operation and is probably
easy to make it run like that.

So, it would be cool to have an option in rc.conf for enabling execution of the
master. Ideally, this should be the default.

See:
https://github.com/saltstack/salt/issues/5249
https://github.com/saltstack/salt/issues/6746

-- 
You are receiving this mail because:
You are the assignee for the bug.


More information about the freebsd-ports-bugs mailing list