-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Non-root user on master cannot issue salt commands "Failed to connect to the Master, is the Salt Master running?" #15557
Comments
I assume |
Also, are the directories listed in this doc readable by the |
Yes
They are. |
Thanks for the update, I've learned to never assume. We will investigate this, see if we can reproduce it. |
I have been seeing the same problem since I upgraded my Salt Master to Ubuntu 14.04. I can't swear to it, but I did believe I saw the problem before I upgraded salt-master from 2014.1.7 to 2014.1.10. Certainly the problem is happening for me on 2014.1.10 and Ubuntu 14.04 right now. |
Can you please double-check that the user in question can access files in |
Ah, that was the cause. I had done
Thank you @cachedout 💯 |
The chmod didn't help me either. And I do not have a salt group on my master to which to chgrp files under /var/run/salt. Is that necessary? I was hoping that setting client_acl in the master config is enough to make non-root users configured in client_acl work again as they used to, until very recently. If this is caused by an oversight on my part, I'll be happy to learn what it was. Otherwise, it seems to me this should be reopened. |
@ocdavid "salt" is the user that I've granted access in the client_acl. I think if you created a group, with any name, and added users to it as well as to the client_acl then that would get things working. I closed the issues as @cachedout 's answer solved my problem, and since I had opened the issue. It does seem like further action should probably be taken, perhaps updating the documentation would be a good idea. I will re-open the issue. I cannot test at the moment, but if memory servers, when I used chmod to change the permissions like so |
Creating a group and adding the users who need salt to the new group, then |
Back where I can test. It appears that salt-master modifies the permissions on the files under /var/run/salt upon startup.
Then and
However non-root users continue to be able to send commands via the salt master. So something odd seems to be up, but I can no longer reproduce the bug. Let me know if I can be of any further help. |
Thanks @shofetim, glad it's no longer in existence. If it re-appears let us know. |
I have this exact issue on Ubuntu 16.4 and Salt 2016.3.2 (on Google Cloud) and no solution worked for me yet.OMG. An hour of head bashing against the wall and it was only issue with interface in config. |
Setup:
Minions running: salt-minion 2014.1.10 (Hydrogen)
Master running: salt-master 2014.1.10 (Hydrogen)
OS: Debian Jessie
Master config:
The master is running as root, and root can send commands:
The salt user cannot use salt to send commands, and reports:
"Failed to connect to the Master, is the Salt Master running?"
Salt version says:
Full debug output from running
salt-master -l debug
It was working with a previous salt version, but not sure which one.
The text was updated successfully, but these errors were encountered: