Skip to content

[BUG] salt-cloud --update-bootstrap fails to update bootstrap script on 3006.0 due to lack of permissions #64204

New issue
New issue
Closed
#64218
Closed
[BUG] salt-cloud --update-bootstrap fails to update bootstrap script on 3006.0 due to lack of permissions#64204
#64218
Assignees
dwoz
Labels
Bugbroken, incorrect, or confusing behaviorPackagingRelated to packaging of Salt, not Salt's support for package management.RegressionThe issue is a bug that breaks functionality known to work in previous releases.Sulfur v3006.0release code name and versionSulfur v3006.1
Milestone
 
Sulfur v3006.1
@ggiesen

Description

@ggiesen
ggiesen
opened on May 2, 2023

Description
salt-cloud --update-bootstrap fails to update bootstrap script on 3006.0 as it runs as the salt user which doesn't have permissions to write to /etc/salt/cloud.deploy.d or /opt/saltstack/salt/lib/python3.10/site-packages/salt/cloud/deploy

The latest release of bootstrap-salt.sh is v2023.04.26, however Salt 3006.0 ships with 2022.10.04. Running salt-cloud --update-bootstrap has no effect.

Setup
(Please provide relevant configs and/or SLS files (be sure to remove sensitive info. There is no general set-up of Salt.)

Please be as specific as possible and give set-up details.

  • on-prem machine
  • VM (Virtualbox, KVM, etc. please specify)
  • VM running on a cloud service, please be explicit and add details
  • container (Kubernetes, Docker, containerd, etc. please specify)
  • or a combination, please be explicit
  • jails if it is FreeBSD
  • classic packaging
  • onedir packaging
  • used bootstrap to install

Steps to Reproduce the behavior

# salt-cloud --update-bootstrap -l debug
[DEBUG   ] Reading configuration from /etc/salt/cloud
[DEBUG   ] Reading configuration from /etc/salt/master
[DEBUG   ] Missing configuration file: /etc/salt/cloud.providers
[DEBUG   ] Including configuration from '/etc/salt/cloud.providers.d/vultr.conf'
[DEBUG   ] Reading configuration from /etc/salt/cloud.providers.d/vultr.conf
[DEBUG   ] Missing configuration file: /etc/salt/cloud.profiles
[WARNING ] Insecure logging configuration detected! Sensitive data may be logged.
[DEBUG   ] Configuration file path: /etc/salt/cloud
[DEBUG   ] Updating the bootstrap-salt.sh script to latest stable
[DEBUG   ] Starting new HTTPS connection (1): bootstrap.saltstack.com:443
[DEBUG   ] https://bootstrap.saltstack.com:443 "GET / HTTP/1.1" 301 0
[DEBUG   ] Starting new HTTPS connection (1): bootstrap.saltproject.io:443
[DEBUG   ] https://bootstrap.saltproject.io:443 "GET / HTTP/1.1" 200 352107
[DEBUG   ] The '/etc/salt/cloud.deploy.d' is not writeable. Continuing...
[DEBUG   ] The '/opt/saltstack/salt/lib/python3.10/site-packages/salt/cloud/deploy' is not writeable. Continuing...
[DEBUG   ] The functions from module 'nested' are being loaded by dir() on the loaded module
[DEBUG   ] LazyLoaded nested.output
Success:
    ----------
    Files updated:

# ls -alh /etc/salt/cloud.deploy.d
total 4.0K
drwx------.  2 root root    6 Apr 18 17:31 .
drwxr-xr-x. 11 root root 4.0K Apr 30 22:25 ..

# ls -alh /opt/saltstack/salt/lib/python3.10/site-packages/salt/cloud/deploy
total 412K
drwxr-xr-x. 2 root root 4.0K Apr 30 16:16 .
drwxr-xr-x. 5 root root  131 Apr 30 16:16 ..
-rw-r--r--. 1 root root  864 Apr 18 17:31 Arch-git.sh
-rw-r--r--. 1 root root  677 Apr 18 17:31 Arch.sh
-rw-r--r--. 1 root root 321K Apr 18 17:31 bootstrap-salt.sh
-rw-r--r--. 1 root root  736 Apr 18 17:31 curl-bootstrap-git.sh
-rw-r--r--. 1 root root  709 Apr 18 17:31 curl-bootstrap.sh
-rw-r--r--. 1 root root 1.3K Apr 18 17:31 Debian-git.sh
-rw-r--r--. 1 root root 1.1K Apr 18 17:31 Debian.sh
-rw-r--r--. 1 root root 1.2K Apr 18 17:31 Fedora-git.sh
-rw-r--r--. 1 root root  982 Apr 18 17:31 Fedora.sh
-rw-r--r--. 1 root root 1000 Apr 18 17:31 FreeBSD-git.sh
-rw-r--r--. 1 root root  937 Apr 18 17:31 FreeBSD.sh
-rw-r--r--. 1 root root  407 Apr 18 17:31 None.sh
-rw-r--r--. 1 root root  808 Apr 18 17:31 python-bootstrap.sh
-rw-r--r--. 1 root root  913 Apr 18 17:31 RHEL5-git.sh
-rw-r--r--. 1 root root  725 Apr 18 17:31 RHEL5.sh
-rw-r--r--. 1 root root  934 Apr 18 17:31 RHEL6-git.sh
-rw-r--r--. 1 root root  751 Apr 18 17:31 RHEL6.sh
-rw-r--r--. 1 root root 1.1K Apr 18 17:31 SmartOS.sh
-rw-r--r--. 1 root root 1.5K Apr 18 17:31 Ubuntu-git.sh
-rw-r--r--. 1 root root 1.2K Apr 18 17:31 Ubuntu.sh
-rw-r--r--. 1 root root  758 Apr 18 17:31 wget-bootstrap-nocert.sh
-rw-r--r--. 1 root root  712 Apr 18 17:31 wget-bootstrap.sh

# chown root:salt /etc/salt/cloud.deploy.d
# chmod 0770 /etc/salt/cloud.deploy.d

# salt-cloud --update-bootstrap -l debug
[DEBUG   ] Reading configuration from /etc/salt/cloud
[DEBUG   ] Reading configuration from /etc/salt/master
[DEBUG   ] Missing configuration file: /etc/salt/cloud.providers
[DEBUG   ] Including configuration from '/etc/salt/cloud.providers.d/vultr.conf'
[DEBUG   ] Reading configuration from /etc/salt/cloud.providers.d/vultr.conf
[DEBUG   ] Missing configuration file: /etc/salt/cloud.profiles
[WARNING ] Insecure logging configuration detected! Sensitive data may be logged.
[DEBUG   ] Configuration file path: /etc/salt/cloud
[DEBUG   ] Updating the bootstrap-salt.sh script to latest stable
[DEBUG   ] Starting new HTTPS connection (1): bootstrap.saltstack.com:443
[DEBUG   ] https://bootstrap.saltstack.com:443 "GET / HTTP/1.1" 301 0
[DEBUG   ] Starting new HTTPS connection (1): bootstrap.saltproject.io:443
[DEBUG   ] https://bootstrap.saltproject.io:443 "GET / HTTP/1.1" 200 352107
[DEBUG   ] The '/opt/saltstack/salt/lib/python3.10/site-packages/salt/cloud/deploy' is not writeable. Continuing...
[DEBUG   ] The functions from module 'nested' are being loaded by dir() on the loaded module
[DEBUG   ] LazyLoaded nested.output
Success:
    ----------
    Files updated:
        - /etc/salt/cloud.deploy.d/bootstrap-salt.sh

Expected behavior
Bootstrap script to be installed in /etc/salt/cloud.deploy.d/

Versions Report

salt --versions-report (Provided by running salt --versions-report. Please also mention any differences in master/minion versions.) 
Salt Version:
              Salt: 3006.0

Python Version:
            Python: 3.10.11 (main, Apr 14 2023, 05:57:16) [GCC 11.2.0]

Dependency Versions:
              cffi: 1.14.6
          cherrypy: unknown
          dateutil: 2.8.1
         docker-py: Not Installed
             gitdb: Not Installed
         gitpython: Not Installed
            Jinja2: 3.1.2
           libgit2: Not Installed
      looseversion: 1.1.2
          M2Crypto: Not Installed
              Mako: Not Installed
           msgpack: 1.0.5
      msgpack-pure: Not Installed
      mysql-python: Not Installed
         packaging: 22.0
         pycparser: 2.21
          pycrypto: Not Installed
      pycryptodome: 3.17
            pygit2: Not Installed
      python-gnupg: 0.4.8
            PyYAML: 6.0
             PyZMQ: 25.0.2
            relenv: 0.11.2
             smmap: Not Installed
           timelib: 0.2.4
           Tornado: 4.5.3
               ZMQ: 4.3.4

Salt Extensions:
 saltext.bitwarden: 0.0.1b12

System Versions:
              dist: almalinux 9.1 Lime Lynx
            locale: utf-8
           machine: x86_64
           release: 5.14.0-162.6.1.el9_1.x86_64
            system: Linux
           version: AlmaLinux 9.1 Lime Lynx

Additional context
Running salt-cloud in a masterless setup.

Metadata

Assignees

Labels

Bugbroken, incorrect, or confusing behaviorPackagingRelated to packaging of Salt, not Salt's support for package management.RegressionThe issue is a bug that breaks functionality known to work in previous releases.Sulfur v3006.0release code name and versionSulfur v3006.1

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions