I am trying to configure the salt-minion to run as a non-root user but run all its commands via a sudo user which seems possible with the latest salt release
I created the my-minion user, gave it sudo privileges and made sure that no password is required for command execution and configured the minion accordingly.
/etc/sudoers
# sudo privileges and permission to execute cmds with no password
my-minion ALL=(ALL) NOPASSWD:ALL
/etc/salt/minion
# The user to run salt.
user: my-minion
sudo_user: root
However after executing salt '*' state.highstate, the minion always returns the following error -
/var/log/salt/minion
The function "state.highstate" is running as PID 17121 and was started at 2015, Jul 28 15:58:08.625398 with jid 20150728155808625398
There's not anything particularly helpful in the debug logs apart from the fact that the state.highstate is getting LazyLoaded twice. I do have the logs with me. Let me know if those are required.
I am pretty sure I configured everything properly according to the following docs-
The salt version I am using is 2015.5.3 (Lithium) and the operating system is CentOS 6.6
NOTE:
The error goes away when I simply comment the sudo_user property in the minion config file but obviously I don't get the functionality that I was looking for. So pretty sure that this is a problem because of that attribute only and not anything else.
I would appreciate if anyone can point me in the right direction OR clarify if this is a bug in salt's implementation.
sudo suor whatever to become root and then do what you want?or is that against your whole purpose? – tudoricc