From 74a1edc4e7acf7d87543adeca4f13ef66eac4dab Mon Sep 17 00:00:00 2001
From: Frank Brehm <frank@brehm-online.com>
Date: Sun, 4 Dec 2016 21:47:10 +0100
Subject: [PATCH] committing changes in /etc after apt run

Package changes:
-salt-common 2016.3.4+ds-1
-salt-minion 2016.3.4+ds-1
+salt-common 2016.11.0+ds-1
+salt-minion 2016.11.0+ds-1
-tzdata 2016i-0+deb8u1
+tzdata 2016j-0+deb8u1
---
 .etckeeper  |  2 ++
 salt/minion | 43 ++++++++++++++++++++++++++++++++-----------
 salt/proxy  |  7 +++++--
 3 files changed, 39 insertions(+), 13 deletions(-)

diff --git a/.etckeeper b/.etckeeper
index fa3b997..00d687d 100755
--- a/.etckeeper
+++ b/.etckeeper
@@ -36,6 +36,7 @@ mkdir -p './opt'
 mkdir -p './perl/CPAN'
 mkdir -p './phpmyadmin/conf.d'
 mkdir -p './postfix/sasl'
+mkdir -p './salt/proxy.d'
 mkdir -p './security/limits.d'
 mkdir -p './security/namespace.d'
 mkdir -p './systemd/network'
@@ -999,6 +1000,7 @@ maybe chmod 0400 'salt/pki/minion/minion.pem'
 maybe chmod 0644 'salt/pki/minion/minion.pub'
 maybe chmod 0644 'salt/pki/minion/minion_master.pub'
 maybe chmod 0644 'salt/proxy'
+maybe chmod 0755 'salt/proxy.d'
 maybe chmod 0644 'securetty'
 maybe chmod 0755 'security'
 maybe chmod 0644 'security/access.conf'
diff --git a/salt/minion b/salt/minion
index 9bc9408..ad7a374 100644
--- a/salt/minion
+++ b/salt/minion
@@ -38,6 +38,8 @@
 # value to "str".  Failover masters can be requested by setting
 # to "failover".  MAKE SURE TO SET master_alive_interval if you are
 # using failover.
+# Setting master_type to 'disable' let's you have a running minion (with engines and
+# beacons) without a master connection
 # master_type: str
 
 # Poll interval in seconds for checking if the master is still there.  Only
@@ -294,10 +296,17 @@
 #
 #
 # The loop_interval sets how long in seconds the minion will wait between
-# evaluating the scheduler and running cleanup tasks. This defaults to a
-# sane 60 seconds, but if the minion scheduler needs to be evaluated more
-# often lower this value
-#loop_interval: 60
+# evaluating the scheduler and running cleanup tasks.  This defaults to 1
+# second on the minion scheduler.
+#loop_interval: 1
+
+# Some installations choose to start all job returns in a cache or a returner
+# and forgo sending the results back to a master. In this workflow, jobs
+# are most often executed with --async from the Salt CLI and then results
+# are evaluated by examining job caches on the minions or any configured returners.
+# WARNING: Setting this to False will **disable** returns back to the master.
+#pub_ret: True
+
 
 # The grains can be merged, instead of overridden, using this option.
 # This allows custom grains to defined different subvalues of a dictionary
@@ -327,7 +336,7 @@
 
 # Grains cache expiration, in seconds. If the cache file is older than this
 # number of seconds then the grains cache will be dumped and fully re-populated
-# with fresh data. Defaults to 5 minutes. Will have no effect if 'grains_cache' 
+# with fresh data. Defaults to 5 minutes. Will have no effect if 'grains_cache'
 # is not enabled.
 # grains_cache_expiration: 300
 
@@ -394,8 +403,11 @@
 #####   Minion module management     #####
 ##########################################
 # Disable specific modules. This allows the admin to limit the level of
-# access the master has to the minion.
-#disable_modules: [cmd,test]
+# access the master has to the minion.  The default here is the empty list,
+# below is an example of how this needs to be formatted in the config file
+#disable_modules:
+#  - cmdmod
+#  - test
 #disable_returners: []
 
 # This is the reverse of disable_modules.  The default, like disable_modules, is the empty list,
@@ -472,6 +484,11 @@
 # as the environment setting, but for pillar instead of states.
 #pillarenv: None
 #
+# Set this option to 'True' to force a 'KeyError' to be raised whenever an
+# attempt to retrieve a named value from pillar fails. When this option is set
+# to 'False', the failed attempt returns an empty string. Default is 'False'.
+#pillar_raise_on_missing: False
+#
 # If using the local file directory, then the state top file name needs to be
 # defined, by default this is top.sls.
 #state_top: top.sls
@@ -551,12 +568,16 @@
 # is False.
 #fileserver_limit_traversal: False
 
-# The hash_type is the hash to use when discovering the hash of a file in
-# the local fileserver. The default is sha256, sha224, sha384 and sha512 are also supported.
+# The hash_type is the hash to use when discovering the hash of a file on
+# the local fileserver. The default is md5, but sha1, sha224, sha256, sha384
+# and sha512 are also supported.
 #
 # WARNING: While md5 and sha1 are also supported, do not use it due to the high chance
 # of possible collisions and thus security breach.
 #
+# WARNING: While md5 is also supported, do not use it due to the high chance
+# of possible collisions and thus security breach.
+#
 # Warning: Prior to changing this value, the minion should be stopped and all
 # Salt caches should be cleared.
 #hash_type: sha256
@@ -609,7 +630,7 @@
 
 # Fingerprint of the master public key to validate the identity of your Salt master
 # before the initial key exchange. The master fingerprint can be found by running
-# "salt-key -F master" on the Salt master.
+# "salt-key -f master.pub" on the Salt master.
 #master_finger: ''
 
 
@@ -671,7 +692,7 @@
 #log_fmt_console: '%(colorlevel)s %(colormsg)s'
 #log_fmt_console: '[%(levelname)-8s] %(message)s'
 #
-#log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'
+#log_fmt_logfile: '%(asctime)s,%(msecs)03d [%(name)-17s][%(levelname)-8s] %(message)s'
 
 # This can be used to control logging levels more specificically.  This
 # example sets the main salt library at the 'warning' level, but sets
diff --git a/salt/proxy b/salt/proxy
index 4e5cc34..bfd4358 100644
--- a/salt/proxy
+++ b/salt/proxy
@@ -28,7 +28,7 @@
 # dictionary.  Otherwise it is assumed that the module calls the grains
 # function in a custom way and returns the data elsewhere
 #
-# Default to False for 2016.3 and Carbon.  Switch to True for Nitrogen.
+# Default to False for 2016.3 and 2016.11.  Switch to True for Nitrogen.
 # proxy_merge_grains_in_module: False
 
 # If multiple masters are specified in the 'master' setting, the default behavior
@@ -443,6 +443,9 @@
 # WARNING: While md5 and sha1 are also supported, do not use it due to the high chance
 # of possible collisions and thus security breach.
 #
+# WARNING: While md5 is also supported, do not use it due to the high chance
+# of possible collisions and thus security breach.
+#
 # Warning: Prior to changing this value, the minion should be stopped and all
 # Salt caches should be cleared.
 #hash_type: sha256
@@ -553,7 +556,7 @@
 #log_fmt_console: '%(colorlevel)s %(colormsg)s'
 #log_fmt_console: '[%(levelname)-8s] %(message)s'
 #
-#log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'
+#log_fmt_logfile: '%(asctime)s,%(msecs)03d [%(name)-17s][%(levelname)-8s] %(message)s'
 
 # This can be used to control logging levels more specificically.  This
 # example sets the main salt library at the 'warning' level, but sets
-- 
2.39.5