search

saltstack / salt

Software to automate the management and configuration of any infrastructure or application at scale. Install Salt from the Salt package repositories here:
https://docs.saltproject.io/salt/install-guide/en/latest/
Apache License 2.0
14.2k stars 5.48k forks source link

Authentication error occurred: Publisher_acl #54815

Open nkrishnakishor opened 5 years ago

nkrishnakishor commented 5 years ago

Description of Issue

Unable to execute commands as non-root, throwing error as Authentication error occurred.

Setup

I have run chown -R user1 /etc/salt /var/cache/salt /var/log/salt /var/run/salt and chown -R :group_name /etc/salt /var/cache/salt /var/log/salt /var/run/salt.

cat /etc/salt/master

 publisher_acl:
     user1:
       - test.ping

Steps to Reproduce Issue

$ salt user1 '*' test.ping

Authentication error occurred.

Versions Report

salt --versions-report

salt --versions-report
Salt Version:
           Salt: 2019.2.0

Dependency Versions:
           cffi: Not Installed
       cherrypy: Not Installed
       dateutil: Not Installed
      docker-py: Not Installed
          gitdb: Not Installed
      gitpython: Not Installed
          ioflo: Not Installed
         Jinja2: 2.8.1
        libgit2: Not Installed
        libnacl: Not Installed
       M2Crypto: Not Installed
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.4.6
   mysql-python: Not Installed
      pycparser: Not Installed
       pycrypto: 2.6.1
   pycryptodome: Not Installed
         pygit2: Not Installed
         Python: 2.7.13 (default, Feb 20 2019, 09:59:36)
   python-gnupg: Not Installed
         PyYAML: 3.11
          PyZMQ: 14.5.0
           RAET: Not Installed
          smmap: Not Installed
        timelib: Not Installed
        Tornado: 4.2.1
            ZMQ: 4.0.5

System Versions:
           dist: centos 6.10 Final
         locale: UTF-8
        machine: x86_64
        release: 2.6.32-754.18.2.el6.x86_64
         system: Linux
        version: CentOS 6.10 Final
dwoz commented 5 years ago

@Akm0d Can you please try to reproduce this?

Akm0d commented 5 years ago

Yes, I can reproduce the issue on master. i followed the instructions here and still got the Authentication error

H20-17 commented 4 years ago

Could this be elevated in importance because of the recent security issue?

nkrishnakishor commented 4 years ago

Hi,

Hope you guys are safe and doing great.

Do we have any update on this please ?

sagetherage commented 3 years ago

@nkrishnakishor can you confirm this is still an issue in a supported Salt version? >v3000.9?

ssbn commented 3 years ago

This appears to be happening because salt updates the permissions on it's directories on salt-master boot.

Update your systemd unit with these lines:

ExecStartPost=/usr/bin/chown -R root:salt /var/run/salt/master
ExecStartPost=/usr/bin/chmod 755 /var/cache/salt /var/cache/salt/master /var/cache/salt/master/jobs /var/run/salt /var/run/salt/master

In my case, the group 'salt' contains users who are allowed to access these directories.

Additionally, don't forget to give users permission to write to /var/log/salt files.

cmcmarrow commented 1 year ago

NOTE; Authentication error occurred. can happen if you have two masters trying to run at once.