Add support for fixing old pkg perms

Adds support for fixing old package (3006.0/3006.1) perms that used the
salt user too widely.
Without doing this, tests don't pass for upgrades.

pkg/debian/salt-master.preinst

@@ -0,0 +1,14 @@
+case "$1" in
+  install|upgrade)
+    [ -z "$SALT_HOME" ] && SALT_HOME=/opt/saltstack/salt
+    [ -z "$SALT_USER" ] && SALT_USER=salt
+    [ -z "$SALT_NAME" ] && SALT_NAME="Salt"
+    [ -z "$SALT_GROUP" ] && SALT_GROUP=salt
+    PY_VER=$(/opt/saltstack/salt/bin/python3 -c "import sys; sys.stdout.write('{}.{}'.format(*sys.version_info)); sys.stdout.flush;")
+
+    # Reset permissions to fix previous installs
+    find ${SALT_HOME} /etc/salt /var/log/salt /var/cache/salt /var/run/salt \
+        \! \( -path /etc/salt/cloud.deploy.d\* -o -path /var/log/salt/cloud -o -path /opt/saltstack/salt/lib/python${PY_VER}/site-packages/salt/cloud/deploy\* \) -a \
+        \( -user ${SALT_USER} -o -group ${SALT_GROUP} \) -exec chown root:root \{\} \;
+  ;;
+esac

pkg/rpm/salt.spec

@@ -409,6 +409,14 @@ usermod -c "%{_SALT_NAME}" \
         -g %{_SALT_GROUP}  \
          %{_SALT_USER}
 
+%pre master
+# Reset permissions to fix previous installs
+PY_VER=$(/opt/saltstack/salt/bin/python3 -c "import sys; sys.stdout.write('{}.{}'.format(*sys.version_info)); sys.stdout.flush;")
+find /etc/salt /opt/saltstack/salt /var/log/salt /var/cache/salt /var/run/salt \
+  \! \( -path /etc/salt/cloud.deploy.d\* -o -path /var/log/salt/cloud -o -path /opt/saltstack/salt/lib/python${PY_VER}/site-packages/salt/cloud/deploy\* \) -a \
+  \( -user salt -o -group salt \) -exec chown root:root \{\} \;
+
+
 # assumes systemd for RHEL 7 & 8 & 9
 %preun master
 # RHEL 9 is giving warning msg if syndic is not installed, supress it