Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP4
salt.19538
grains-master-can-read-grains.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File grains-master-can-read-grains.patch of Package salt.19538
From d9618fed8ff241c6f127f08ec59fea9c8b8e12a6 Mon Sep 17 00:00:00 2001 From: Alberto Planas <aplanas@suse.com> Date: Tue, 27 Oct 2020 13:16:37 +0100 Subject: [PATCH] grains: master can read grains --- salt/grains/extra.py | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/salt/grains/extra.py b/salt/grains/extra.py index d25faac3b7..7729a5c0a5 100644 --- a/salt/grains/extra.py +++ b/salt/grains/extra.py @@ -76,8 +76,14 @@ def __secure_boot(): enabled = False sboot = glob.glob("/sys/firmware/efi/vars/SecureBoot-*/data") if len(sboot) == 1: - with salt.utils.files.fopen(sboot[0], "rb") as fd: - enabled = fd.read()[-1:] == b"\x01" + # The minion is usually running as a privileged user, but is + # not the case for the master. Seems that the master can also + # pick the grains, and this file can only be readed by "root" + try: + with salt.utils.files.fopen(sboot[0], "rb") as fd: + enabled = fd.read()[-1:] == b"\x01" + except PermissionError: + pass return enabled -- 2.29.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor