Salt 0.16.2 Release Notes¶

Only allow Administrator's group and SYSTEM user access to C:\salt. This eliminates a race condition where a non-admin user could modify a template or managed file before it is executed by the minion (which is running as an elevated user), thus avoiding a potential escalation of privileges. (issue 6361)

Fixed detection of virtual grain on OpenVZ hardware nodes

Gracefully handle lsb_release data when it is enclosed in quotes

LSB grains are now prefixed with lsb_distrib_ instead of simply lsb_. The old naming is not preserved, so SLS may be affected.

Improved grains detection on MacOS

Don't try to load git_pillar if not enabled in master config (issue 6052)

Functions pillar.item and pillar.items added for parity with grains.item/grains.items. The old function pillar.data is preserved for backwards compatibility.

Fixed minion traceback when Pillar SLS is malformed (issue 5910)

More gracefully handle improperly quoted publish commands (issue 5958)

Fixed traceback when timeout specified via the CLI fo publish.publish, publish.full_data (issue 5959)

Fixed unintended change in output of publish.publish (issue 5928)

Fixed salt-key usage in minionswarm script

Quieted warning about SALT_MINION_CONFIG environment variable on minion startup and for CLI commands run via salt-call (issue 5956)

Added minion config parameter random_reauth_delay to stagger re-auth attempts when the minion is waiting for the master to approve its public key. This helps prevent SYN flooding in larger environments.

Implement previously-ignored unique option for user.present states in FreeBSD

Report in state output when a group.present state attempts to use a gid in use by another group

Fixed regression that prevents a user.present state to set the password hash to the system default (i.e. an unset password)

Fixed multiple group.present states with the same group (issue 6439)

Fixed file.mkdir setting incorrect permissions (issue 6033)

Fixed cleanup of source files for templates when /tmp is in file_roots (issue 6118)

Fixed caching of zero-byte files when a non-empty file was previously cached at the same path

Added HTTP authentication support to the cp module (issue 5641)

Diffs are now suppressed when binary files are changed

Fixed traceback when there is only one target for pkg.latest states

Fixed regression in detection of virtual packages (apt)

Limit number of pkg database refreshes to once per state.sls/state.highstate

YUM: Allow 32-bit packages with arches other than i686 to be managed on 64-bit systems (issue 6299)

Fixed incorrect reporting in pkgrepo.managed states (issue 5517)

Fixed 32-bit binary package installs on 64-bit RHEL-based distros, and added proper support for 32-bit packages on 64-bit Debian-based distros (issue 6303)

Fixed issue where requisites were inadvertently being put into YUM repo files (issue 6471)

Fixed inaccurate reporting of results in service.running states when the service fails to start (issue 5894)

Fixed handling of custom initscripts in RHEL-based distros so that they are immediately available, negating the need for a second state run to manage the service that the initscript controls

Function network.hwaddr renamed to network.hw_addr to match network.ip_addrs and network.ip_addrs6. All three functions also now work without the underscore in the name, as well.

Fixed traceback in bridge.show when interface is not present (issue 6326)

Fixed incorrect result reporting for some ssh_known_hosts.present states

Fixed inaccurate reporting when ssh_auth.present states are run with test=True, when rsa/dss is used for the enc param instead of ssh-rsa/ssh-dss (issue 5374)

Properly handle -f lines in pip freeze output

Fixed regression in pip.installed states with specifying a requirements file (issue 6003)

Fixed use of editable argument in pip.installed states (issue 6025)

Deprecated runas parameter in execution function calls, in favor of user

Allow specification of MySQL connection arguments via the CLI, overriding/bypassing minion config params

Allow mysql_user.present states to set a passwordless login (issue 5550)

Fixed endless loop when mysql.processlist is run (issue 6297)

Fixed traceback in postgres.user_list (issue 6352)

Don't allow npm states to be used if npm module is not available

Fixed alternatives.install states for which the target is a symlink (issue 6162)

Fixed traceback in sysbench module (issue 6175)

Fixed traceback in job cache

Fixed tempfile cleanup for windows

Fixed issue where SLS files using the pydsl renderer were not being run

Fixed issue where returners were being passed incorrect information (issue 5518)

Fixed traceback when numeric args are passed to cmd.script states

Fixed bug causing cp.get_dir to return more directories than expected (issue 6048)

Fixed traceback when supervisord.running states are run with test=True (issue 6053)

Fixed tracebacks when Salt encounters problems running rbenv (issue 5888)

Only make the monit module available if monit binary is present (issue 5871)

Fixed incorrect behavior of img.mount_image

Fixed traceback in tomcat.deploy_war in Windows

Don't re-write /etc/fstab if mount fails

Fixed tracebacks when Salt encounters problems running gem (issue 5886)

Fixed incorrect behavior of selinux.boolean states (issue 5912)

RabbitMQ: Quote passwords to avoid symbols being interpolated by the shell (issue 6338)

Fixed tracebacks in extfs.mkfs and extfs.tune (issue 6462)

Fixed a regression with the module.run state where the m_name and m_fun arguments were being ignored (issue 6464)