Skip to content

Fixes support for syslog when salt is running as non-root user#68801

Closed
shadow38 wants to merge 3 commits intosaltstack:masterfrom
shadow38:syslog-support
Closed

Fixes support for syslog when salt is running as non-root user#68801
shadow38 wants to merge 3 commits intosaltstack:masterfrom
shadow38:syslog-support

Conversation

@shadow38
Copy link
Copy Markdown

@shadow38 shadow38 commented Mar 13, 2026

What does this PR do?

Same as #62263

The documented way to write to syslog is to use the config: log_file: file:///dev/log.

This breaks in some circumstances when running as non-root, for example, when log_level: info is set. In that case, /dev/log is not "writeable", so the code falls back to writing to /root/.salt/master.log, which is definitely not writeable by the non-root user salt is configured to run as.

This is an improved version of the original PR #62263. This PR uses an improved syslog path parser to manage all variant of syslog path supported by salt (file and tcp / udp connection). This function is mainly based on the salt source code. (see salt._logging.impl#setup_logfile_handler)

This version should work on any os.

What issues does this PR fix or reference?

Likely also fixes: #61286

Previous Behavior

Salt will try and write logs to /root/.salt/master.log, which is inaccessible when running as non-root, which means salt-master crashes out with a permissions error.

New Behavior

salt-master starts correctly.

Merge requirements satisfied?

[NOTICE] Bug fixes or features added to Salt require tests.

Commits signed with GPG?

No

@shadow38 shadow38 requested a review from a team as a code owner March 13, 2026 15:10
@dwoz dwoz added the test:full Run the full test suite label Mar 18, 2026
@dwoz
Copy link
Copy Markdown
Contributor

dwoz commented Mar 18, 2026

@shadow38 I think this PR should be made against 3006.x

@shadow38 shadow38 mentioned this pull request Apr 3, 2026
Open
@shadow38 shadow38 closed this Apr 3, 2026
@shadow38
Copy link
Copy Markdown
Author

shadow38 commented Apr 3, 2026

Closing this PR as requested by @dwoz.
Reopening with target branch 3006.x instead of master: #68890

@bdrx312
Copy link
Copy Markdown
Contributor

bdrx312 commented Apr 8, 2026

What happens if /dev/log is used instead of file:///dev/log?

@shadow38
Copy link
Copy Markdown
Author

shadow38 commented Apr 14, 2026

This is not working because writing to a syslog endpoint ( through a unix socket file or a tcp / udp channel) should be done by a syslog handler. If you define the log path as /dev/log, salt tries to write to it as a normal file and crashes. This PR reuse some syslog path parsing from salt source code to fix a bug which is present since a very long time.

If you read the manual, you'll see that we can also define a factory in the syslog path.

In my job, we try to use journald for almost everything and try to not rely on the rsyslog / logrotate packages (we are deploying saltstack in a debian environment) because we don't need to have log in clear and in a separated log file. We are sending all the logs using otelcol to a centralized logging system and the easiest way to do this job is to rely on a journald receiver provided by otelcol-contrib and not building a custom file log parser

(I also have a native implementation through a custom log_handler for journald; this is maybe the way to follow but this PR is still relevant)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

test:full Run the full test suite

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[BUG] salt-syndic fail to properly switch to different user with log file:///dev/log

4 participants

@shadow38 @dwoz @bdrx312 @mathieu-gueurce-eloquant