[master] Add MAINTAIN (m) privilege to postgres module lookup tables #66963
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add validation for the way RemotePillar and AsyncRemotePillar handle pillar result validation.
If the master returns a bad pillar data response the pillar client should raise an exception. This changes RemotePillar and AsyncRemotePillar classes to use the same logic for validating pillar data from the master. Fixes CVE-2024-37088 by causing salt-call to fail with a non zero exit code rather than continuing to execute a state when pillar data rendering fails on the master.
[3007.x] Merge forward 3006.x into 3007.x
The error seen was:
Exception ignored in atexit callback: <bound method DeferredStreamHandler.flush of <DeferredStreamHandler <_io.FileIO [closed]> (WARNING)>>
Traceback (most recent call last):
File "/home/dan/src/salt/salt/_logging/handlers.py", line 68, in flush
super().flush()
File "/usr/local/lib/python3.10/logging/__init__.py", line 1084, in flush
self.stream.flush()
ValueError: I/O operation on closed file.
Adding a sleep between merging and downloading artifacts on windows.
This reverts commit f5c332b.
The Master Config example's `file_roots` and `pillar_roots` properties need the `base` property followed by a list of the directory. Otherwise, the Salt master shows an error in the logs.
[3007.x] Merge forward 3006.x into 3007.x
While `{{ salt.foo.bar() }}` often works, it can introduce some edge
cases which are avoided by `{{ salt['foo.bar']() }}`.
When using zmq.asyncio.Context, the socket's poll method is a coroutine.
salt-project-bot-prod-environment
bot
changed the title
|
accidentally submitted this PR to the wrong base branch. Apologies for the spam. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR do?
Adds
MAINTAIN(m) to the supported privileges in salt.modules.postgres.What issues does this PR fix or reference?
Fixes #66962
Merge requirements satisfied?
[NOTICE] Bug fixes or features added to Salt require tests.
Commits signed with GPG?
Yes