running minion with non root user

[sumhuang]

Description of Issue/Question

When I set minion with non root user,master can not connect to minion.
I followed the guide of the [Running the Salt Master/Minion as an Unprivileged User] and setting the config of minion as below.And restart minion,it looks like the minion not being started correctlly.
1:change the minion file as [user: test]
2:change the owership of the file as below
chown -R test /etc/salt /var/cache/salt /var/log/salt /var/run/salt

Setup

(Please provide relevant configs and/or SLS files (Be sure to remove sensitive info).)

Steps to Reproduce Issue

(Include debug logs if possible and relevant.)
2016-05-13 13:06:15,275 [salt.cli.daemons ][INFO ][7925] Setting up the Salt Minion "232"
2016-05-13 13:06:15,363 [salt.utils.process][DEBUG ][7925] Created pidfile: /var/run/salt-minion.pid
2016-05-13 13:06:15,363 [salt.utils.process][DEBUG ][7925] Chowned pidfile: /var/run/salt-minion.pid to user: cdnhn
2016-05-13 13:06:15,363 [salt.config ][DEBUG ][7925] Reading configuration from /etc/salt/minion
2016-05-13 13:06:15,394 [salt.config ][DEBUG ][7925] Including configuration from '/etc/salt/minion.d/_schedule.conf'
2016-05-13 13:06:15,394 [salt.config ][DEBUG ][7925] Reading configuration from /etc/salt/minion.d/_schedule.conf
2016-05-13 13:06:15,540 [salt.minion ][DEBUG ][7925] Attempting to authenticate with the Salt Master at 192.168.1.71
2016-05-13 13:06:15,541 [salt.crypt ][DEBUG ][7925] Initializing new SAuth for ('/etc/salt/pki/minion', '232', 'tcp://192.168.1.71:4506')
2016-05-13 13:06:15,560 [salt.crypt ][DEBUG ][7925] Decrypting the current master AES key
2016-05-13 13:06:15,560 [salt.crypt ][DEBUG ][7925] Loaded minion key: /etc/salt/pki/minion/minion.pem
2016-05-13 13:06:15,589 [salt.crypt ][DEBUG ][7925] Decrypting the current master AES key
2016-05-13 13:06:15,589 [salt.crypt ][DEBUG ][7925] Loaded minion key: /etc/salt/pki/minion/minion.pem
2016-05-13 13:06:15,600 [salt.crypt ][DEBUG ][7925] Loaded minion key: /etc/salt/pki/minion/minion.pem
2016-05-13 13:06:15,606 [salt.crypt ][DEBUG ][7925] Re-using SAuth for ('/etc/salt/pki/minion', '232', 'tcp://192.168.1.71:4506')
2016-05-13 13:06:15,654 [salt.crypt ][DEBUG ][7925] Loaded minion key: /etc/salt/pki/minion/minion.pem
2016-05-13 13:06:15,665 [salt.config ][DEBUG ][7925] Reading configuration from /etc/salt/minion
2016-05-13 13:06:15,709 [salt.config ][DEBUG ][7925] Including configuration from '/etc/salt/minion.d/_schedule.conf'
2016-05-13 13:06:15,709 [salt.config ][DEBUG ][7925] Reading configuration from /etc/salt/minion.d/_schedule.conf
2016-05-13 13:06:15,879 [salt.utils.lazy ][DEBUG ][7925] LazyLoaded timezone.get_offset
2016-05-13 13:06:15,879 [salt.utils.lazy ][DEBUG ][7925] LazyLoaded cmd.run
2016-05-13 13:06:15,880 [salt.loaded.int.module.cmdmod][INFO ][7925] Executing command 'date +%z' in directory '/root'
2016-05-13 13:06:15,886 [salt.loaded.int.module.cmdmod][DEBUG ][7925] output: +0800
2016-05-13 13:06:15,890 [salt.utils.lazy ][DEBUG ][7925] LazyLoaded config.merge
2016-05-13 13:06:15,890 [salt.utils.lazy ][DEBUG ][7925] LazyLoaded mine.update
2016-05-13 13:06:15,890 [salt.minion ][INFO ][7925] Added mine.update to scheduler
2016-05-13 13:06:15,891 [salt.utils.schedule][INFO ][7925] Updating job settings for scheduled job: __mine_interval
2016-05-13 13:06:15,892 [salt.minion ][DEBUG ][7925] I am 232 and I am not supposed to start any proxies. (Likely not a problem)
2016-05-13 13:07:16,034 [salt.cli.daemons ][INFO ][7979] Setting up the Salt Minion "232"
2016-05-13 13:07:16,139 [salt.utils.process][DEBUG ][7979] Created pidfile: /var/run/salt-minion.pid
2016-05-13 13:07:16,139 [salt.utils.process][DEBUG ][7979] Chowned pidfile: /var/run/salt-minion.pid to user: cdnhn
2016-05-13 13:07:16,139 [salt.config ][DEBUG ][7979] Reading configuration from /etc/salt/minion
2016-05-13 13:07:16,198 [salt.config ][DEBUG ][7979] Including configuration from '/etc/salt/minion.d/_schedule.conf'
2016-05-13 13:07:16,198 [salt.config ][DEBUG ][7979] Reading configuration from /etc/salt/minion.d/_schedule.conf
2016-05-13 13:07:16,403 [salt.minion ][DEBUG ][7979] Attempting to authenticate with the Salt Master at 192.168.1.71
2016-05-13 13:07:16,403 [salt.crypt ][DEBUG ][7979] Initializing new SAuth for ('/etc/salt/pki/minion', '232', 'tcp://192.168.1.71:4506')
2016-05-13 13:07:16,423 [salt.crypt ][DEBUG ][7979] Decrypting the current master AES key
2016-05-13 13:07:16,424 [salt.crypt ][DEBUG ][7979] Loaded minion key: /etc/salt/pki/minion/minion.pem
2016-05-13 13:07:16,460 [salt.crypt ][DEBUG ][7979] Decrypting the current master AES key
2016-05-13 13:07:16,461 [salt.crypt ][DEBUG ][7979] Loaded minion key: /etc/salt/pki/minion/minion.pem
2016-05-13 13:07:16,477 [salt.crypt ][DEBUG ][7979] Loaded minion key: /etc/salt/pki/minion/minion.pem
2016-05-13 13:07:16,484 [salt.crypt ][DEBUG ][7979] Re-using SAuth for ('/etc/salt/pki/minion', '232', 'tcp://192.168.1.71:4506')
2016-05-13 13:07:16,507 [salt.crypt ][DEBUG ][7979] Loaded minion key: /etc/salt/pki/minion/minion.pem
2016-05-13 13:07:16,513 [salt.config ][DEBUG ][7979] Reading configuration from /etc/salt/minion
2016-05-13 13:07:16,548 [salt.config ][DEBUG ][7979] Including configuration from '/etc/salt/minion.d/_schedule.conf'
2016-05-13 13:07:16,548 [salt.config ][DEBUG ][7979] Reading configuration from /etc/salt/minion.d/_schedule.conf
2016-05-13 13:07:16,745 [salt.utils.lazy ][DEBUG ][7979] LazyLoaded timezone.get_offset
2016-05-13 13:07:16,746 [salt.utils.lazy ][DEBUG ][7979] LazyLoaded cmd.run
2016-05-13 13:07:16,748 [salt.loaded.int.module.cmdmod][INFO ][7979] Executing command 'date +%z' in directory '/root'
2016-05-13 13:07:16,780 [salt.loaded.int.module.cmdmod][DEBUG ][7979] output: +0800
2016-05-13 13:07:16,784 [salt.utils.lazy ][DEBUG ][7979] LazyLoaded config.merge
2016-05-13 13:07:16,785 [salt.utils.lazy ][DEBUG ][7979] LazyLoaded mine.update
2016-05-13 13:07:16,785 [salt.minion ][INFO ][7979] Added mine.update to scheduler
2016-05-13 13:07:16,785 [salt.utils.schedule][INFO ][7979] Updating job settings for scheduled job: __mine_interval
2016-05-13 13:07:16,787 [salt.minion ][DEBUG ][7979] I am 232 and I am not supposed to start any proxies. (Likely not a problem)

Versions Report

(Provided by running salt --versions-report. Please also mention any differences in master/minion versions.)

[rallytime]

Hi @sumhuang - we just pushed a fix for this in pull request #33211, which should now be available at the HEAD of all branches (except develop - that is still pending a merge-forward, which will go in today). This fix will be available in all of the upcoming point releases (2015.5.11, 2015.8.9, and 2016.3.0), which we are working on releasing right now.

[sumhuang]

Thanks for your replay.
So this problem will be solved by upgrading the minnion version after you release the new version?
Also,I want to confirm a question below.
When I setted the minion as excuting with non root user(eg: [user: test]),whether I should start the minion with root user or non root user(test)?
The minion in my system is 2015.5.0 now,I really can solve this problem by startting the minion with the non root user by excuting the commond [salt-minion restart],not service salt-minion restart.
The ploblem is looks like about a authorization ploblem of some file in pki,is that all right?

[cachedout]

@sumhuang When setting this option, you should start the minion as root and it will change the requested user on start. The issue was in Salt's internal process management and not in anything to do with PKI.