salt icon indicating copy to clipboard operation
salt copied to clipboard

Published 20 hours ago verified publisher icon saltstack

[FEATURE REQUEST] Allow `salt-run` as non-root/salt user

Open tacerus opened this issue 2 years ago • 5 comments

Is your feature request related to a problem? Please describe. Using the publisher_acl feature it is possible to grant non-root users access to the salt command. This is really useful. However such users have no way of looking up job history or job results from the salt commands they initiated using the salt-run jobs.lookup_jid ... command, because salt-run does not follow the publisher_acl setting.

Describe the solution you'd like salt-run should be delegatable to non-root users similar to how it is possible with salt.

Describe alternatives you've considered It is possible to use tools like sudo to grant access to commands as a workaround, however it should not be necessary just for salt-run, especially if the user already has access to salt and the respective directories.

Additional context

georg@spice ~> salt-run jobs.lookup_jid 20230122191311953513
[CRITICAL] Salt configured to run as user "salt" but unable to switch.

tacerus avatar Jan 24 '23 16:01 tacerus

Been over a year, any update on this?

mdschmitt avatar Feb 19 '24 11:02 mdschmitt