New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
client_acl users no longer able to run commands after upgrading to v0.17 #7706
Comments
Thanks for the report. We will look into this asap and get it fixed. |
@thatch45 ping |
This issue hosed my overnight deployments. |
Yeah, serious issue for my Jenkins deployments. I'm using an insecure workaround for now but this needs resolved ASAP. |
And what do you suggest happens to logging?
|
@s0undt3ch How did it work before 0.17? |
Yes, we're on this. One of our top priorities right now. |
@s0undt3ch, logging is your domain, please lake a look and see if you can make this any better |
…o logs directory. Fixes saltstack#7706.
This fixes saltstack#7706 @s0undt3ch, please take a look for a more elegant solution here, but we should be safe turning off logging for the salt command in this case
…o logs directory. Fixes saltstack#7706.
I use
client_acl
on the salt-master to give my normal user account access to run all salt commands:However, after upgrading from 0.16.4 to 0.17.0 (via Ubuntu packages) I am now unable to run commands as the
cwright
user, and I receive this error:Users listed in
client_acl
should be able to run salt commands without requiring filesystem level permission to write to/var/log/salt/master
.The text was updated successfully, but these errors were encountered: