Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Example Saltstack at getstarted/ssh/connect.html is incomplete #53664

Open
non7top opened this issue Jun 29, 2019 · 9 comments
Open

Example Saltstack at getstarted/ssh/connect.html is incomplete #53664

non7top opened this issue Jun 29, 2019 · 9 comments
Labels
doc-rework confusing, misleading, or wrong Documentation Relates to Salt documentation Linux Salt-SSH severity-medium 3rd level, incorrect or bad functionality, confusing and lacks a work around time-estimate-sprint
Milestone
Approved

Comments

@non7top
Copy link

non7top commented Jun 29, 2019

https://docs.saltstack.com/en/getstarted/ssh/connect.html

If using Saltfile as suggested on the page, salt-ssh will not function because of numerous permissions issues. There are a lot of suggestions in the guide and in error messages to fix those with sudo, but sudo is not an option when running as non-root.

I had to check these additional sources to at least make that example work
#8062
https://docs.saltstack.com/en/latest/ref/configuration/nonroot.html

Saltfile

salt-ssh:
  config_dir: ./etc
  roster_file: ./roster
  ssh_log_file: /tmp/salt-ssh.txt

./etc/master (not sure about file_roots though)

file_roots:
  base:
      - .
state_verbose: False
cachedir: /home/non7top/sls/cache
pki_dir: /home/non7top/sls/pki

Most troublesome part was to identify where to put cachedir after I found out about it, I tried cachedir and ssh_cachedir in Saltfile without any effect.

There is also a discrepancy where Saltfile accepts relative paths with ./, while ./etc/master converts ./ to /. Not sure if that is a bug worth submitting.

Setup

python3 -m venv salt
. salt/bin/activate
pip install --upgrade pip wheel
pip install salt-ssh

Steps to Reproduce Issue

Follow the guide

Versions Report

$ salt-ssh --versions-report
Salt Version:
           Salt: 2019.2.0

Dependency Versions:
           cffi: Not Installed
       cherrypy: Not Installed
       dateutil: Not Installed
      docker-py: Not Installed
          gitdb: Not Installed
      gitpython: Not Installed
          ioflo: Not Installed
         Jinja2: 2.10.1
        libgit2: Not Installed
        libnacl: Not Installed
       M2Crypto: Not Installed
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.6.1
   mysql-python: Not Installed
      pycparser: Not Installed
       pycrypto: Not Installed
   pycryptodome: Not Installed
         pygit2: Not Installed
         Python: 3.6.8 (default, Jan 14 2019, 11:02:34)
   python-gnupg: Not Installed
         PyYAML: 5.1.1
          PyZMQ: Not Installed
           RAET: Not Installed
          smmap: Not Installed
        timelib: Not Installed
        Tornado: 4.5.3
            ZMQ: Not Installed

System Versions:
           dist: Ubuntu 18.04 bionic
         locale: UTF-8
        machine: x86_64
        release: 4.15.0-54-generic
         system: Linux
        version: Ubuntu 18.04 bionic
@max-arnold
Copy link
Contributor

I filed similar issue in the past: #32578

@Akm0d Akm0d added v2019.2.0 unsupported version Linux Salt-SSH labels Jul 2, 2019
@Akm0d Akm0d added this to the Approved milestone Jul 2, 2019
@stale
Copy link

stale bot commented Jan 8, 2020

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

If this issue is closed prematurely, please leave a comment and we will gladly reopen the issue.

@stale stale bot added the stale label Jan 8, 2020
@max-arnold
Copy link
Contributor

Bump

@stale
Copy link

stale bot commented Jan 8, 2020

Thank you for updating this issue. It is no longer marked as stale.

@stale stale bot removed the stale label Jan 8, 2020
@max-arnold max-arnold mentioned this issue Jan 10, 2020
Open
@stale
Copy link

stale bot commented Feb 7, 2020

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

If this issue is closed prematurely, please leave a comment and we will gladly reopen the issue.

@stale stale bot added the stale label Feb 7, 2020
@sagetherage sagetherage added the Confirmed Salt engineer has confirmed bug/feature - often including a MCVE label Feb 11, 2020
@stale
Copy link

stale bot commented Feb 11, 2020

Thank you for updating this issue. It is no longer marked as stale.

@stale stale bot removed the stale label Feb 11, 2020
@sagetherage
Copy link
Contributor

@saltstack/team-ssh can you help with some follow up here, please?

@sagetherage sagetherage added the doc-rework confusing, misleading, or wrong label Feb 11, 2020
@baby-gnu baby-gnu mentioned this issue Mar 4, 2020
Closed
@sagetherage sagetherage removed v2019.2.0 unsupported version Confirmed Salt engineer has confirmed bug/feature - often including a MCVE labels May 18, 2020
@ScriptAutomate ScriptAutomate added the Documentation Relates to Salt documentation label Sep 23, 2020
@hartwork hartwork mentioned this issue Oct 10, 2020
Closed
@hartwork
Copy link

hartwork commented Oct 10, 2020
edited
Loading

It's been over a year now and https://docs.saltstack.com/en/getstarted/ssh/connect.html is still nowhere near working out of the box. Why?

Not only is it incomplete, but also key log_file would need to be ssh_log_file to have an effect, as demonstrated by @non7top's Saltfile above.

This minimal setup helped me getting salt-ssh -i '*' test.ping to work as an unprivileged user, eventually:

# cat Saltfile 
salt-ssh:
  roster_file: ./roster
  config_dir: .
  ssh_log_file: ./log.txt

# cat master 
root_dir: .
cachedir: ./cachedir

What does it take to get this fixed for the masses?

@barbaricyawps barbaricyawps added time-estimate-sprint severity-medium 3rd level, incorrect or bad functionality, confusing and lacks a work around labels May 16, 2022
@skoenig
Copy link

skoenig commented May 31, 2024
edited
Loading

Had the same issues with salt-ssh 9000. Ended up with this setup to execute masterless Saltstack configuration:

$ cat Saltfile
salt-ssh:
  roster_file: roster.yml
  config_dir: .

$ cat master 
root_dir: salt-ssh
ssh_log_file: var/logs/salt-ssh.log
cachedir: var/cache
file_roots:
    base:
        - .

This puts everything salt-ssh related under salt-ssh/ which I can then add to .gitignore.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
doc-rework confusing, misleading, or wrong Documentation Relates to Salt documentation Linux Salt-SSH severity-medium 3rd level, incorrect or bad functionality, confusing and lacks a work around time-estimate-sprint
Projects
None yet
Milestone
Approved
Development

No branches or pull requests
8 participants
@non7top @max-arnold @skoenig @hartwork @ScriptAutomate @Akm0d @sagetherage @barbaricyawps