[英]Salt-minion as non-root user to execute sudo commands always returns error "The function 'state.highstate' is running as PID.."
[英]Salt minion how to elevate non-root user with sudo?
嘗試以非root用戶身份運行minion時出現權限拒絕錯誤。 我創建了一個名為'salt-master'的特殊用戶,並給予了sudo特權。 但是我仍然看到權限被拒絕的錯誤。 我在同一台服務器上使用salt master和minion進行測試,否則用戶名將被命名為salt-minion。 如何獲得鹽以將sudo用於所有內容?
/ etc / sudoers
# salt-master user allowed root with no password
salt-master ALL=(ALL) NOPASSWD:ALL
/ etc / salt / minion
# The user to run salt
#user: root
user: salt-master
/srv/salt/gedit/init.sls
gedit:
pkg:
- installed
命令
salt 'SaltStack-01' state.sls gedit
命令結果
SaltStack-01:
----------
ID: gedit
Function: pkg.installed
Result: False
Comment: The following packages failed to install/update: gedit.
Changes:
Summary
------------
Succeeded: 0
Failed: 1
------------
Total: 1
奴才日志/ var / log / salt / minion
2014-09-17 13:35:05,199 [salt.loaded.int.module.cmdmod][ERROR] Command 'zypper refresh' failed with return code: 5
2014-09-17 13:35:05,200 [salt.loaded.int.module.cmdmod][ERROR] output: Root privileges are required for refreshing system repositories.
2014-09-17 13:35:05,243 [salt.loaded.int.module.cmdmod][ERROR] Command 'zypper --non-interactive install --name --auto-agree-with-licenses "gedit"' failed with return code: 5
2014-09-17 13:35:05,244 [salt.loaded.int.module.cmdmod][ERROR] output: Root privileges are required for installing or uninstalling packages.
http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html
Quote the minion也有它自己的用戶參數,但是以無特權的用戶身份運行minion將阻止它對用戶,已安裝的軟件包等進行更改,除非在minion上設置了訪問控制(sudo等),允許非root用戶進行所需的更改。
為了使Salt以非root用戶身份成功運行,需要設置所有權和權限,以便所需的用戶可以讀取和寫入以下目錄(及其子目錄,如果適用):
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.