Search code examples
salt-project

Installing Java/Tomcat via SaltStack using non-root user on Ubuntu

I am able to do following

  • install salt master, minion (using root user)
  • login in master machine and execute salt command to install java / tomcat into minion server
  • result : java/tomcat is installed via root user

What i want to do is

  • install java / tomcat in minion server by user name 'tomcatuser'

As per my understanding only way of doing this is if i install my minion via tomcatuser.

  1. Is my understanding correct ?
  2. Any other way ?
Solution

  • I think you mix up the saltstack controller and how it control the application configuration.

    For salt master and minion to communicate, you need to start both services as root, to control most of the configuration process. Then from there on, you can specify the user and group for application deployment inside your sls configuration.

    Now come to your Tomcat/java/whatever package, you can refer to the salt stack configuration, to specify your own user group of the configuration and even startup(with other modification). e.g.

    Deploy foo configuration:
  file.managed:
    - name: /etc/foo.conf
    - source:
      - salt://foo.conf
    - user: foo
    - group: users
    - mode: 644

    Then to startup your tomcat, you can do the similar by using a crontab and specify the user you want (as long as it is not load under service port smaller than 1024) . Or you can check whether salt.states.tomcat is helpful to start the services : https://docs.saltstack.com/en/latest/ref/states/all/salt.states.tomcat.html