Configure the saltstack module for normal users.
Use client_acl
1. Overview: enable special modules on the master for non-root system users. These module names can be expressed using regular expressions and cannot be specified for which minion commands are executed. To execute a command, you only need to switch to a specific user without authentication. 2. Enable Configuration:
Vim/etc/salt/masterclient_acl: test:-test. ping-cmd .*
Configuration explanation: the test user can only execute commands in the test. ping and cmd modules.
3. Restart the salt-master service.
Service salt-mater restart
4. Verify
[Test @ localhost salt] $ salt '*' test. ping192.168.138.128: True
Error Summary
1. [WARNING] Failed to open log file, do you have permission to write to/var/log/salt/master?
Solution:
Chmod 777/var/log/salt/master
2. Salt request timed out. The master is not responding. If this error persists after verifying the master is up, worker_threads may need to be increased.
This is because the master interface address is not 0.0.0.0. Changing to 0.0.0.0 to restart the service will not report an error. This seems to be a bug.