2014-06-30 15:04:53 -06:00
|
|
|
.\" Man page generated from reStructuredText.
|
|
|
|
|
.
|
Merge 3003.3 into master (#60924)
* Merge 3002.6 bugfix changes (#59822)
* Pass `CI_RUN` as an environment variable to the test run.
This allows us to know if we're running the test suite under a CI
environment or not and adapt/adjust if needed
* Migrate `unit.setup` to PyTest
* Backport ae36b15 just for test_install.py
* Only skip tests on CI runs
* Always store git sha in _version.py during installation
* Fix PEP440 compliance.
The wheel metadata version 1.2 states that the package version MUST be
PEP440 compliant.
This means that instead of `3002.2-511-g033c53eccb`, the salt version
string should look like `3002.2+511.g033c53eccb`, a post release of
`3002.2` ahead by 511 commits with the git sha `033c53eccb`
* Fix and migrate `tests/unit/test_version.py` to PyTest
* Skip test if `easy_install` is not available
* We also need to be PEP440 compliant when there's no git history
* Allow extra_filerefs as sanitized kwargs for SSH client
* Fix regression on cmd.run when passing tuples as cmd
Co-authored-by: Alexander Graul <agraul@suse.com>
* Add unit tests to ensure cmd.run accepts tuples
* Add unit test to check for extra_filerefs on SSH opts
* Add changelog file
* Fix comment for test case
* Fix unit test to avoid failing on Windows
* Skip failing test on windows
* Fix test to work on Windows
* Add all ssh kwargs to sanitize_kwargs method
* Run pre-commit
* Fix pylint
* Fix cmdmod loglevel and module_names tests
* Fix pre-commit
* Skip ssh tests if binary does not exist
* Use setup_loader for cmdmod test
* Prevent argument injection in restartcheck
* Add changelog for restartcheck fix
* docs_3002.6
* Add back tests removed in merge
Co-authored-by: Pedro Algarvio <pedro@algarvio.me>
Co-authored-by: Megan Wilhite <megan.wilhite@gmail.com>
Co-authored-by: Bryce Larson <brycel@vmware.com>
Co-authored-by: Pablo Suárez Hernández <psuarezhernandez@suse.com>
Co-authored-by: Alexander Graul <agraul@suse.com>
Co-authored-by: Frode Gundersen <fgundersen@saltstack.com>
* Remove glance state module in favor of glance_image
* update wording in changelog
* bump deprecation warning to Silicon.
* Updating warnutil version to Phosphorous.
* Update salt/modules/keystone.py
Co-authored-by: Megan Wilhite <megan.wilhite@gmail.com>
* Check $HOMEBREW_PREFIX when linking against libcrypto
When loading `libcrypto`, Salt checks for a Homebrew installation of `openssl`
at Homebrew's default prefix of `/usr/local`. However, on Apple Silicon Macs,
Homebrew's default installation prefix is `/opt/homebrew`. On all platforms,
the prefix is configurable. If Salt doesn't find one of those `libcrypto`s,
it will fall back on the un-versioned `/usr/lib/libcrypto.dylib`, which will
cause the following crash:
Application Specific Information:
/usr/lib/libcrypto.dylib
abort() called
Invalid dylib load. Clients should not load the unversioned libcrypto dylib as it does not have a stable ABI.
This commit checks $HOMEBREW_PREFIX instead of hard-coding `/usr/local`.
* Add test case
* Add changelog for 59808
* Add changelog entry
* Make _find_libcrypto fail on Big Sur if it can't find a library
Right now, if `_find_libcrypto` can't find any externally-managed versions of
libcrypto, it will fall back on the pre-Catalina un-versioned system libcrypto.
This does not exist on Big Sur and it would be better to raise an exception
here rather than crashing later when trying to open it.
* Update _find_libcrypto tests
This commit simplifies the unit tests for _find_libcrypto by mocking out the
host's filesystem and testing the common libcrypto installations (brew, ports,
etc.) on Big Sur. It simplifies the tests for falling back on system versions
of libcrypto on previous versions of macOS.
* Fix description of test_find_libcrypto_with_system_before_catalina
* Patch sys.platform for test_rsax931 tests
* modules/match: add missing "minion_id" in Pillar example
The documented Pillar example for `match.filter_by` lacks the `minion_id` parameter. Without it, the assignment won't work as expected.
- fix documentation
- add tests:
- to prove the misbehavior of the documented example
- to prove the proper behaviour when supplying `minion_id`
- to ensure some misbehaviour observed with compound matchers doesn't occur
* Fix for issue #59773
- When instantiating the loader grab values of grains and pillars if
they are NamedLoaderContext instances.
- The loader uses a copy of opts.
- Impliment deepcopy on NamedLoaderContext instances.
* Add changelog for #59773
* _get_initial_pillar function returns pillar
* Fix linter issues
* Clean up test
* Bump deprecation release for neutron
* Uncomment Sulfur release name
* Removing the _ext_nodes deprecation warning and alias.
* Adding changelog.
* Renaming changelog file.
* Update 59804.removed
* Initial pass at fips_mode config option
* Fix pre-commit
* Fix tests and add changelog
* update docs 3003
* update docs 3003 - newline
* Fix warts in changelog
* update releasenotes 3003
* add ubuntu-2004-amd64 m2crypto pycryptodome and tcp tests
* add distro_arch
* changing the cloud platforms file missed in 1a9b7be0e2f300d87924731dc5816fd1000cd22b
* Update __utils__ calls to import utils in azure
* Add changelog for 59744
* Fix azure unit tests and move to pytest
* Use contextvars from site-packages for thin
If a contextvars package exists one of the site-packages locations use
it for the generated thin tarball. This overrides python's builtin
contextvars and allows salt-ssh to work with python <=3.6 even when the
master's python is >3.6 (Fixes #59942)
* Add regression test for #59942
* Add changelog for #59942
* Update filemap to include test_py_versions
* Fix broken thin tests
* Always install the `contextvars` backport, even on Py3.7+
Without this change, salt-ssh cannot target systems with Python <= 3.6
* Use salt-factories to handle the container. Don't override default roster
* Fix thin tests on windows
* No need to use warn log level here
* Fix getsitepackages for old virtualenv versions
* Add explicit pyobjc reqs
* Add back the passthrough stuff
* Remove a line so pre-commit will run
* Bugfix release docs
* Bugfix release docs
* Removing pip-compile log files
* Bump requirements to address a few security issues
* Address traceback on macOS
```
Traceback (most recent call last):
File "setup.py", line 1448, in <module>
setup(distclass=SaltDistribution)
File "/Users/jenkins/setup-tests/.venv/lib/python3.7/site-packages/setuptools/__init__.py", line 153, in setup
return distutils.core.setup(**attrs)
File "/opt/salt/lib/python3.7/distutils/core.py", line 108, in setup
_setup_distribution = dist = klass(attrs)
File "setup.py", line 1068, in __init__
self.update_metadata()
File "setup.py", line 1074, in update_metadata
attrvalue = getattr(self, attrname, None)
File "setup.py", line 1182, in _property_install_requires
install_requires += _parse_requirements_file(reqfile)
File "setup.py", line 270, in _parse_requirements_file
platform.python_version(), _parse_op(op), _parse_ver(ver)
File "setup.py", line 247, in _check_ver
return getattr(operator, "__{}__".format(op))(pyver, wanted)
File "/opt/salt/lib/python3.7/distutils/version.py", line 46, in __eq__
c = self._cmp(other)
File "/opt/salt/lib/python3.7/distutils/version.py", line 337, in _cmp
if self.version < other.version:
TypeError: '<' not supported between instances of 'str' and 'int'
```
* Replace `saltstack.com` with `saltproject.io` on URLs being tested
* Add back support to load old entrypoints by iterating instead of type checking
Fixes #59961
* Fix issue #59975
* Fix pillar serialization for jinja #60083
* Fix test
* Add changelog for #60083
* Update changelog and release for 3003.1
* Remove the changelog source refs
* Add connect to IPCMessageSubscriber's async_methods
Fixes #60049 by making sure an IPCMessageSubscriber that is wrapped by
SyncWrapper has a connect method that runs the coroutine rather than
returns a fugure.
* Add changelog for #60049
* Update 60049.fixed
* Fix coroutine spelling error
Co-authored-by: Wayne Werner <waynejwerner@gmail.com>
* IPC on windows cannot use socket paths
Fixes #60298
* Update Jinja2 and lxml due to security related bugfix releases
Jinja2
------
CVE-2020-28493
moderate severity
Vulnerable versions: < 2.11.3
Patched version: 2.11.3
This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDOS vulnerability of the regex is mainly due to the sub-pattern [a-zA-Z0-9.-]+.[a-zA-Z0-9.-]+ This issue can be mitigated by Markdown to format user content instead of the urlize filter, or by implementing request timeouts and limiting process memory.
lxml
----
CVE-2021-28957
moderate severity
Vulnerable versions: < 4.6.3
Patched version: 4.6.3
An XSS vulnerability was discovered in the python lxml clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.
* fix github actions jobs on branch until bullseye comes out
* Upgrade to `six==1.16.0` to avoid problems on CI runs
```
13:59:02 nox > Session invoke-pre-commit was successful.
13:59:02 nox > Running session invoke-pre-commit
13:59:02 nox > pip install --progress-bar=off -r requirements/static/ci/py3.7/invoke.txt
13:59:02 Collecting blessings==1.7
13:59:02 Using cached blessings-1.7-py3-none-any.whl (18 kB)
13:59:02 Collecting invoke==1.4.1
13:59:02 Using cached invoke-1.4.1-py3-none-any.whl (210 kB)
13:59:02 Collecting pyyaml==5.3.1
13:59:02 Using cached PyYAML-5.3.1.tar.gz (269 kB)
13:59:02 Collecting six==1.15.0
13:59:02 Using cached six-1.15.0-py2.py3-none-any.whl (10 kB)
13:59:02 Building wheels for collected packages: pyyaml
13:59:02 Building wheel for pyyaml (setup.py) ... -� �\� �|� �/� �-� �\� �|� �done
13:59:02 Created wheel for pyyaml: filename=PyYAML-5.3.1-cp37-cp37m-linux_x86_64.whl size=546391 sha256=e42e1d66cc32087f4d33ceb81268c86b59f1a97029b19459f91b8d6ad1430167
13:59:02 Stored in directory: /var/jenkins/.cache/pip/wheels/5e/03/1e/e1e954795d6f35dfc7b637fe2277bff021303bd9570ecea653
13:59:02 Successfully built pyyaml
13:59:02 Installing collected packages: six, pyyaml, invoke, blessings
13:59:02 Attempting uninstall: six
13:59:02 Found existing installation: six 1.16.0
13:59:02 Uninstalling six-1.16.0:
13:59:02 ERROR: Could not install packages due to an OSError: [Errno 2] No such file or directory: '/var/jenkins/.cache/pre-commit/repomw8oee1s/py_env-python3/lib/python3.7/site-packages/__pycache__/six.cpython-37.pyc'
13:59:02
13:59:02 nox > Command pip install --progress-bar=off -r requirements/static/ci/py3.7/invoke.txt failed with exit code 1
13:59:02 nox > Session invoke-pre-commit failed.
```
* add changelog for https://github.com/saltstack/salt/issues/59982
* Regression test for #56273
* Fix race condition in batch. #56273
* Add changelog for #56273
* Update salt/client/__init__.py
Co-authored-by: Pedro Algarvio <pedro@algarvio.me>
* Update doc for salt/client
* Update changelog/56273.fixed
Thoreau said, "Simplify, Simplify"
* Update docs
* Update docs
* Update CHANGELOG.md
* Update 3003.1.rst
* Ignore configuration for 'enable_fqdns_grains' for AIX, Solaris and Juniper
* Added changelog
* Let Mac OS Mojave run for 8 hours to avoid timeout
* Remove FreeBSD-12.2
* Use Popen for VT
* Still allow shell True
* Drop shlex split
* Add crypto re-init
* Fix pre-commit
* Do not call close in isalive
* Skip tests not valid on windows
* Cleanup things that are not really needed
* We do not support irix
* Fix pre-commit
* Remove commented out lines
* Add changelog for #60504
* Fix pre-commit issues
* pyupgrade does not remove six imports
* Fix OSErrors in some test cases
* Remove un-needed args processing
* Make state_running test more reliable
* Removing tmpfs from Fedora 33.
* Address leaks in fileserver caused by git backends
At this time we do not have the ability to fix the upstream memory leaks
in the gitfs backend providers. Work around their limitations by
periodically restarting the file server update proccess. This will at
least partially address #50313
* Remove un-used import
* Fix warts caused by black version
* Add changelog
* We don't need two changelogs
* Also pin the ``pip`` upgrade to be ``<21.2``
* Update the external ipaddress to the latest 3.9.5 version which has some security fixes. Updating the compat.p to use the vendored version if the python version is below 3.9.5 and only run the test_ipaddress.py tests if below 3.9.5.
* Adding changelog
* Requested changes.
* Add shh_timeout to ssh_kwargs
* move to with blocks
* one with block
* reight crypto
* add back test file
* add changelog
* change log file number
* add m2crypt support
* only check m2crpto
* Delete 60571.fixed
* add back log
* add newline
* add newline for log file
* Work around https://github.com/pypa/pip/pull/9450
See https://github.com/pypa/pip/issues/10212
* Drop six and Py2
* [3003.2] Add server alive (#60573)
* add server alive
* rename log
* change default alive time
* add requested changes
* format string
* reformat string again
* run pre
* customize
* space
* remove EOF dead space
* fix pre-commit
* run pre
Co-authored-by: Megan Wilhite <megan.wilhite@gmail.com>
* Changelog for 3003.2
* Man pages update for 3003.2
* Allow CVE entries in `changelog/`
* Add security type for towncrier changelog
* Add security type for changelog entries pre-commit check
* Pin to ``pip>=20.2.4,<21.2``
Refs https://github.com/pypa/pip/pull/9450
* Drop six and Py2
* Fix bug introduced in https://github.com/saltstack/salt/pull/59648
Fixes #60046
* Add changelog
* Fix doc builds
* fix release notes about dropping ubuntu 16.04
* update file client
* add changelog file
* update changelog
* Check permissions of minion config directory
* Fix some wording in the messagebox and in comments
* Add changelog
* Fix extension for changelog
* Add missing commas. It also worked, but now is better
* docs_3003.3
* fixing version numbers in man pages.
* removing newlines.
* removing newlines.
* Fixing release notes.
* Fix changelog file for 3003.2 release
* Fix test_state test using loader.context
* Re-add test_context test
* Allow Local System account, add timestamp
* swaping the git-source for vsphere-automation-sdk-python
* Remove destroy, handled in context manager
Co-authored-by: Daniel Wozniak <dwozniak@saltstack.com>
Co-authored-by: Pedro Algarvio <pedro@algarvio.me>
Co-authored-by: Bryce Larson <brycel@vmware.com>
Co-authored-by: Pablo Suárez Hernández <psuarezhernandez@suse.com>
Co-authored-by: Alexander Graul <agraul@suse.com>
Co-authored-by: Frode Gundersen <fgundersen@saltstack.com>
Co-authored-by: Gareth J. Greenaway <gareth@saltstack.com>
Co-authored-by: Gareth J. Greenaway <gareth@wiked.org>
Co-authored-by: Hoa-Long Tam <hoalong@apple.com>
Co-authored-by: krionbsd <krion@freebsd.org>
Co-authored-by: Elias Probst <e.probst@ssc-services.de>
Co-authored-by: Daniel A. Wozniak <dwozniak@vmware.com>
Co-authored-by: Frode Gundersen <frogunder@gmail.com>
Co-authored-by: twangboy <slee@saltstack.com>
Co-authored-by: twangboy <leesh@vmware.com>
Co-authored-by: ScriptAutomate <derek@icanteven.io>
Co-authored-by: Wayne Werner <waynejwerner@gmail.com>
Co-authored-by: David Murphy < dmurphy@saltstack.com>
Co-authored-by: Joe Eacott <jeacott@vmware.com>
Co-authored-by: cmcmarrow <charles.mcmarrow.4@gmail.com>
Co-authored-by: Twangboy <shane.d.lee@gmail.com>
2021-09-22 20:42:38 -04:00
|
|
|
.TH "SALT" "1" "Aug 20, 2021" "3003.3" "Salt"
|
2011-04-01 21:47:31 -06:00
|
|
|
.SH NAME
|
2011-05-30 16:24:23 -06:00
|
|
|
salt \- salt
|
|
|
|
|
.
|
|
|
|
|
.nr rst2man-indent-level 0
|
|
|
|
|
.
|
|
|
|
|
.de1 rstReportMargin
|
|
|
|
|
\\$1 \\n[an-margin]
|
|
|
|
|
level \\n[rst2man-indent-level]
|
|
|
|
|
level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
|
|
|
|
|
-
|
|
|
|
|
\\n[rst2man-indent0]
|
|
|
|
|
\\n[rst2man-indent1]
|
|
|
|
|
\\n[rst2man-indent2]
|
|
|
|
|
..
|
|
|
|
|
.de1 INDENT
|
|
|
|
|
.\" .rstReportMargin pre:
|
|
|
|
|
. RS \\$1
|
|
|
|
|
. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
|
|
|
|
|
. nr rst2man-indent-level +1
|
|
|
|
|
.\" .rstReportMargin post:
|
|
|
|
|
..
|
|
|
|
|
.de UNINDENT
|
|
|
|
|
. RE
|
|
|
|
|
.\" indent \\n[an-margin]
|
|
|
|
|
.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
|
|
|
|
|
.nr rst2man-indent-level -1
|
|
|
|
|
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
|
|
|
|
|
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
|
|
|
|
|
..
|
2011-04-01 21:47:31 -06:00
|
|
|
.SH SYNOPSIS
|
2011-05-30 16:24:23 -06:00
|
|
|
.INDENT 0.0
|
|
|
|
|
.INDENT 3.5
|
|
|
|
|
salt \(aq*\(aq [ options ] sys.doc
|
|
|
|
|
.sp
|
|
|
|
|
salt \-E \(aq.*\(aq [ options ] sys.doc cmd
|
|
|
|
|
.sp
|
2019-09-05 19:45:24 +00:00
|
|
|
salt \-G \(aqos:Arch.*\(aq [ options ] test.version
|
2011-05-30 16:24:23 -06:00
|
|
|
.sp
|
2019-09-05 19:45:24 +00:00
|
|
|
salt \-C \fI\%\(aqG@os\fP:Arch.* and webserv* or \fI\%G@kernel\fP:FreeBSD\(aq [ options ] test.version
|
2011-05-30 16:24:23 -06:00
|
|
|
.UNINDENT
|
|
|
|
|
.UNINDENT
|
2011-04-01 21:47:31 -06:00
|
|
|
.SH DESCRIPTION
|
2011-05-30 16:24:23 -06:00
|
|
|
.sp
|
|
|
|
|
Salt allows for commands to be executed across a swath of remote systems in
|
|
|
|
|
parallel. This means that remote systems can be both controlled and queried
|
|
|
|
|
with ease.
|
2011-04-01 21:47:31 -06:00
|
|
|
.SH OPTIONS
|
2011-05-30 16:24:23 -06:00
|
|
|
.INDENT 0.0
|
2011-04-01 21:47:31 -06:00
|
|
|
.TP
|
2013-09-17 17:58:01 -06:00
|
|
|
.B \-\-version
|
|
|
|
|
Print the version of Salt that is running.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
|
|
|
|
.B \-\-versions\-report
|
|
|
|
|
Show program\(aqs dependencies and version number, and then exit
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2011-05-30 16:24:23 -06:00
|
|
|
.B \-h, \-\-help
|
2013-09-17 17:58:01 -06:00
|
|
|
Show the help message and exit
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
|
|
|
|
.B \-c CONFIG_DIR, \-\-config\-dir=CONFIG_dir
|
|
|
|
|
The location of the Salt configuration directory. This directory contains
|
|
|
|
|
the configuration files for Salt master and minions. The default location
|
2014-06-30 15:04:53 -06:00
|
|
|
on most systems is \fB/etc/salt\fP\&.
|
2011-05-30 16:24:23 -06:00
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
2011-04-01 21:47:31 -06:00
|
|
|
.TP
|
2011-05-30 16:24:23 -06:00
|
|
|
.B \-t TIMEOUT, \-\-timeout=TIMEOUT
|
2013-02-12 12:02:51 -07:00
|
|
|
The timeout in seconds to wait for replies from the Salt minions. The
|
2013-05-03 14:45:26 -06:00
|
|
|
timeout number specifies how long the command line client will wait to
|
2013-09-17 17:58:01 -06:00
|
|
|
query the minions and check on running jobs. Default: 5
|
2011-05-30 16:24:23 -06:00
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
2011-04-01 21:47:31 -06:00
|
|
|
.TP
|
2013-05-03 14:45:26 -06:00
|
|
|
.B \-s, \-\-static
|
2012-03-19 13:02:36 -06:00
|
|
|
By default as of version 0.9.8 the salt command returns data to the
|
|
|
|
|
console as it is received from minions, but previous releases would return
|
2015-07-25 23:39:50 +08:00
|
|
|
data only after all data was received. Use the static option to only return
|
|
|
|
|
the data with a hard timeout and after all minions have returned.
|
|
|
|
|
Without the static option, you will get a separate JSON string per minion
|
|
|
|
|
which makes JSON output invalid as a whole.
|
2012-03-19 13:02:36 -06:00
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2013-05-03 14:45:26 -06:00
|
|
|
.B \-\-async
|
2015-03-09 18:36:38 -06:00
|
|
|
Instead of waiting for the job to run on minions only print the job id of
|
2013-05-03 14:45:26 -06:00
|
|
|
the started execution and complete.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2013-09-17 17:58:01 -06:00
|
|
|
.B \-\-subset=SUBSET
|
|
|
|
|
Execute the routine on a random subset of the targeted minions. The
|
|
|
|
|
minions will be verified that they have the named function before
|
2016-10-26 13:32:38 -06:00
|
|
|
executing. The SUBSET argument is the count of the minions to target.
|
2013-09-17 17:58:01 -06:00
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
|
|
|
|
.B \-v VERBOSE, \-\-verbose
|
|
|
|
|
Turn on verbosity for the salt call, this will cause the salt command to
|
|
|
|
|
print out extra data like the job id.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2015-03-09 18:36:38 -06:00
|
|
|
.B \-\-hide\-timeout
|
|
|
|
|
Instead of showing the return data for all minions. This option
|
|
|
|
|
prints only the online minions which could be reached.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2012-03-19 13:02:36 -06:00
|
|
|
.B \-b BATCH, \-\-batch\-size=BATCH
|
|
|
|
|
Instead of executing on all targeted minions at once, execute on a
|
|
|
|
|
progressive set of minions. This option takes an argument in the form of
|
|
|
|
|
an explicit number of minions to execute at once, or a percentage of
|
|
|
|
|
minions to execute on.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2012-10-23 14:36:13 -06:00
|
|
|
.B \-a EAUTH, \-\-auth=EAUTH
|
|
|
|
|
Pass in an external authentication medium to validate against. The
|
2015-03-09 18:36:38 -06:00
|
|
|
credentials will be prompted for. The options are \fIauto\fP,
|
2018-02-23 12:15:13 -05:00
|
|
|
\fIkeystone\fP, \fIldap\fP, and \fIpam\fP\&. Can be used with the \-T
|
2015-03-09 18:36:38 -06:00
|
|
|
option.
|
2012-10-23 14:36:13 -06:00
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
|
|
|
|
.B \-T, \-\-make\-token
|
|
|
|
|
Used in conjunction with the \-a option. This creates a token that allows
|
|
|
|
|
for the authenticated user to send commands without needing to
|
|
|
|
|
re\-authenticate.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2013-09-17 17:58:01 -06:00
|
|
|
.B \-\-return=RETURNER
|
2015-03-09 18:36:38 -06:00
|
|
|
Choose an alternative returner to call on the minion, if an
|
|
|
|
|
alternative returner is used then the return will not come back to
|
|
|
|
|
the command line but will be sent to the specified return system.
|
|
|
|
|
The options are \fIcarbon\fP, \fIcassandra\fP, \fIcouchbase\fP, \fIcouchdb\fP,
|
|
|
|
|
\fIelasticsearch\fP, \fIetcd\fP, \fIhipchat\fP, \fIlocal\fP, \fIlocal_cache\fP,
|
|
|
|
|
\fImemcache\fP, \fImongo\fP, \fImysql\fP, \fIodbc\fP, \fIpostgres\fP, \fIredis\fP,
|
|
|
|
|
\fIsentry\fP, \fIslack\fP, \fIsms\fP, \fIsmtp\fP, \fIsqlite3\fP, \fIsyslog\fP, and \fIxmpp\fP\&.
|
2012-01-14 20:23:12 -07:00
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2013-09-17 17:58:01 -06:00
|
|
|
.B \-d, \-\-doc, \-\-documentation
|
|
|
|
|
Return the documentation for the module functions available on the minions
|
2012-12-14 06:50:47 -07:00
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2013-09-17 17:58:01 -06:00
|
|
|
.B \-\-args\-separator=ARGS_SEPARATOR
|
|
|
|
|
Set the special argument used as a delimiter between command arguments of
|
|
|
|
|
compound commands. This is useful when one wants to pass commas as
|
|
|
|
|
arguments to some of the commands in a compound command.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.SS Logging Options
|
|
|
|
|
.sp
|
|
|
|
|
Logging options which override any settings defined on the configuration files.
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
|
|
|
|
.B \-l LOG_LEVEL, \-\-log\-level=LOG_LEVEL
|
|
|
|
|
Console logging log level. One of \fBall\fP, \fBgarbage\fP, \fBtrace\fP,
|
2014-06-30 15:04:53 -06:00
|
|
|
\fBdebug\fP, \fBinfo\fP, \fBwarning\fP, \fBerror\fP, \fBquiet\fP\&. Default:
|
|
|
|
|
\fBwarning\fP\&.
|
2013-09-17 17:58:01 -06:00
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
|
|
|
|
.B \-\-log\-file=LOG_FILE
|
2014-06-30 15:04:53 -06:00
|
|
|
Log file path. Default: /var/log/salt/master\&.
|
2013-09-17 17:58:01 -06:00
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
|
|
|
|
.B \-\-log\-file\-level=LOG_LEVEL_LOGFILE
|
|
|
|
|
Logfile logging log level. One of \fBall\fP, \fBgarbage\fP, \fBtrace\fP,
|
2014-06-30 15:04:53 -06:00
|
|
|
\fBdebug\fP, \fBinfo\fP, \fBwarning\fP, \fBerror\fP, \fBquiet\fP\&. Default:
|
|
|
|
|
\fBwarning\fP\&.
|
2013-09-17 17:58:01 -06:00
|
|
|
.UNINDENT
|
|
|
|
|
.SS Target Selection
|
2016-05-17 10:24:44 -06:00
|
|
|
.sp
|
|
|
|
|
The default matching that Salt utilizes is shell\-style globbing around the
|
2021-02-23 11:50:35 -07:00
|
|
|
minion id. See \fI\%https://docs.python.org/3/library/fnmatch.html#module\-fnmatch\fP\&.
|
2013-09-17 17:58:01 -06:00
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2011-05-30 16:24:23 -06:00
|
|
|
.B \-E, \-\-pcre
|
2013-09-17 17:58:01 -06:00
|
|
|
The target expression will be interpreted as a PCRE regular expression
|
2011-05-30 16:24:23 -06:00
|
|
|
rather than a shell glob.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
2011-04-01 21:47:31 -06:00
|
|
|
.TP
|
2011-05-30 16:24:23 -06:00
|
|
|
.B \-L, \-\-list
|
2013-09-17 17:58:01 -06:00
|
|
|
The target expression will be interpreted as a comma\-delimited list;
|
2011-05-26 12:17:02 +01:00
|
|
|
example: server1.foo.bar,server2.foo.bar,example7.quo.qux
|
2011-05-30 16:24:23 -06:00
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
2011-04-01 21:47:31 -06:00
|
|
|
.TP
|
2011-05-30 16:24:23 -06:00
|
|
|
.B \-G, \-\-grain
|
2012-06-16 16:25:22 -06:00
|
|
|
The target expression matches values returned by the Salt grains system on
|
2012-03-19 13:02:36 -06:00
|
|
|
the minions. The target expression is in the format of \(aq<grain value>:<glob
|
|
|
|
|
expression>\(aq; example: \(aqos:Arch*\(aq
|
|
|
|
|
.sp
|
|
|
|
|
This was changed in version 0.9.8 to accept glob expressions instead of
|
2013-09-17 17:58:01 -06:00
|
|
|
regular expression. To use regular expression matching with grains, use
|
2012-03-19 13:02:36 -06:00
|
|
|
the \-\-grain\-pcre option.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
|
|
|
|
.B \-\-grain\-pcre
|
2012-06-16 16:25:22 -06:00
|
|
|
The target expression matches values returned by the Salt grains system on
|
2012-03-19 13:02:36 -06:00
|
|
|
the minions. The target expression is in the format of \(aq<grain value>:<
|
2011-05-30 16:24:23 -06:00
|
|
|
regular expression>\(aq; example: \(aqos:Arch.*\(aq
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
2011-04-01 21:47:31 -06:00
|
|
|
.TP
|
2012-01-14 20:23:12 -07:00
|
|
|
.B \-N, \-\-nodegroup
|
2012-06-16 16:25:22 -06:00
|
|
|
Use a predefined compound target defined in the Salt master configuration
|
2012-10-23 14:36:13 -06:00
|
|
|
file.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2012-03-19 13:02:36 -06:00
|
|
|
.B \-R, \-\-range
|
2013-09-17 17:58:01 -06:00
|
|
|
Instead of using shell globs to evaluate the target, use a range expression
|
2012-03-19 13:02:36 -06:00
|
|
|
to identify targets. Range expressions look like %cluster.
|
|
|
|
|
.sp
|
|
|
|
|
Using the Range option requires that a range server is set up and the
|
|
|
|
|
location of the range server is referenced in the master configuration
|
|
|
|
|
file.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2013-09-17 17:58:01 -06:00
|
|
|
.B \-C, \-\-compound
|
|
|
|
|
Utilize many target definitions to make the call very granular. This option
|
2014-06-30 15:04:53 -06:00
|
|
|
takes a group of targets separated by \fBand\fP or \fBor\fP\&. The default matcher is a
|
2013-09-17 17:58:01 -06:00
|
|
|
glob as usual. If something other than a glob is used, preface it with the
|
|
|
|
|
letter denoting the type; example: \(aqwebserv* and \fI\%G@os\fP:Debian or \fI\%E@db*\fP\(aq
|
|
|
|
|
Make sure that the compound target is encapsulated in quotes.
|
2012-01-14 20:23:12 -07:00
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2013-09-17 17:58:01 -06:00
|
|
|
.B \-I, \-\-pillar
|
|
|
|
|
Instead of using shell globs to evaluate the target, use a pillar value to
|
|
|
|
|
identify targets. The syntax for the target is the pillar key followed by
|
|
|
|
|
a glob expression: "role:production*"
|
2012-07-27 18:04:56 -06:00
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2013-09-17 17:58:01 -06:00
|
|
|
.B \-S, \-\-ipcidr
|
|
|
|
|
Match based on Subnet (CIDR notation) or IPv4 address.
|
2012-01-14 20:23:12 -07:00
|
|
|
.UNINDENT
|
2013-09-17 17:58:01 -06:00
|
|
|
.SS Output Options
|
2012-01-14 20:23:12 -07:00
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2012-12-14 06:50:47 -07:00
|
|
|
.B \-\-out
|
|
|
|
|
Pass in an alternative outputter to display the return of data. This
|
|
|
|
|
outputter can be any of the available outputters:
|
2013-09-17 17:58:01 -06:00
|
|
|
.INDENT 7.0
|
|
|
|
|
.INDENT 3.5
|
2019-09-05 19:45:24 +00:00
|
|
|
\fBhighstate\fP, \fBjson\fP, \fBkey\fP, \fBoverstatestage\fP, \fBpprint\fP, \fBraw\fP, \fBtxt\fP, \fByaml\fP, and many others\&.
|
2013-09-17 17:58:01 -06:00
|
|
|
.UNINDENT
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.sp
|
2019-09-05 19:45:24 +00:00
|
|
|
Some outputters are formatted only for data returned from specific functions.
|
2012-12-14 06:50:47 -07:00
|
|
|
If an outputter is used that does not support the data passed into it, then
|
2013-09-17 17:58:01 -06:00
|
|
|
Salt will fall back on the \fBpprint\fP outputter and display the return data
|
|
|
|
|
using the Python \fBpprint\fP standard library module.
|
2012-01-14 20:23:12 -07:00
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2012-12-14 06:50:47 -07:00
|
|
|
.B \-\-out\-indent OUTPUT_INDENT, \-\-output\-indent OUTPUT_INDENT
|
|
|
|
|
Print the output indented by the provided value in spaces. Negative values
|
2013-09-17 17:58:01 -06:00
|
|
|
disable indentation. Only applicable in outputters that support
|
|
|
|
|
indentation.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
|
|
|
|
.B \-\-out\-file=OUTPUT_FILE, \-\-output\-file=OUTPUT_FILE
|
|
|
|
|
Write the output to the specified file.
|
2012-01-14 20:23:12 -07:00
|
|
|
.UNINDENT
|
2012-03-19 13:02:36 -06:00
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2018-01-24 13:46:43 -05:00
|
|
|
.B \-\-out\-file\-append, \-\-output\-file\-append
|
|
|
|
|
Append the output to the specified file.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
2012-03-19 13:02:36 -06:00
|
|
|
.B \-\-no\-color
|
|
|
|
|
Disable all colored output
|
|
|
|
|
.UNINDENT
|
2013-09-17 17:58:01 -06:00
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
|
|
|
|
.B \-\-force\-color
|
|
|
|
|
Force colored output
|
2015-03-09 18:36:38 -06:00
|
|
|
.sp
|
|
|
|
|
\fBNOTE:\fP
|
|
|
|
|
.INDENT 7.0
|
|
|
|
|
.INDENT 3.5
|
|
|
|
|
When using colored output the color codes are as follows:
|
|
|
|
|
.sp
|
|
|
|
|
\fBgreen\fP denotes success, \fBred\fP denotes failure, \fBblue\fP denotes
|
|
|
|
|
changes and success and \fByellow\fP denotes a expected future change in configuration.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.UNINDENT
|
2013-09-17 17:58:01 -06:00
|
|
|
.UNINDENT
|
2018-01-24 13:46:43 -05:00
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
|
|
|
|
.B \-\-state\-output=STATE_OUTPUT, \-\-state_output=STATE_OUTPUT
|
|
|
|
|
Override the configured state_output value for minion
|
|
|
|
|
output. One of \(aqfull\(aq, \(aqterse\(aq, \(aqmixed\(aq, \(aqchanges\(aq or
|
|
|
|
|
\(aqfilter\(aq. Default: \(aqnone\(aq.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.TP
|
|
|
|
|
.B \-\-state\-verbose=STATE_VERBOSE, \-\-state_verbose=STATE_VERBOSE
|
|
|
|
|
Override the configured state_verbose value for minion
|
|
|
|
|
output. Set to True or False. Default: none.
|
|
|
|
|
.UNINDENT
|
2020-03-10 17:25:39 +00:00
|
|
|
.sp
|
|
|
|
|
\fBNOTE:\fP
|
|
|
|
|
.INDENT 0.0
|
|
|
|
|
.INDENT 3.5
|
|
|
|
|
If using \fB\-\-out=json\fP, you will probably want \fB\-\-static\fP as well.
|
|
|
|
|
Without the static option, you will get a separate JSON string per minion
|
|
|
|
|
which makes JSON output invalid as a whole.
|
|
|
|
|
This is due to using an iterative outputter. So if you want to feed it
|
|
|
|
|
to a JSON parser, use \fB\-\-static\fP as well.
|
|
|
|
|
.UNINDENT
|
|
|
|
|
.UNINDENT
|
2011-05-30 16:24:23 -06:00
|
|
|
.SH SEE ALSO
|
|
|
|
|
.sp
|
2018-09-21 16:18:36 -04:00
|
|
|
\fBsalt(7)\fP
|
|
|
|
|
\fBsalt\-master(1)\fP
|
|
|
|
|
\fBsalt\-minion(1)\fP
|
2011-05-30 16:24:23 -06:00
|
|
|
.SH AUTHOR
|
2012-07-27 18:04:56 -06:00
|
|
|
Thomas S. Hatch <thatch45@gmail.com> and many others, please see the Authors file
|
2011-05-30 16:24:23 -06:00
|
|
|
.\" Generated by docutils manpage writer.
|
|
|
|
|
.
|