diff -Nru salt-2015.5.2+ds/AUTHORS salt-2015.5.3+ds/AUTHORS
--- salt-2015.5.2+ds/AUTHORS	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/AUTHORS	2015-07-07 20:42:37.000000000 +0000
@@ -39,11 +39,13 @@
 Clint Savage <herlo1@gmail.com>
 Colton Myers <cmyers@saltstack.com>
 Corey Quinn <corey@sequestered.net>
+Corin Kochenower <ckochenower@saltstack.com>
 Dan Garthwaite <dan@garthwaite.org>
 Daniel Wallace <danielwallace at gtmanfred dot com>
 David Boucha <boucha@gmail.com>
 David Pravec <alekibango@pravec.tk>
 deutsche
+Dmitry Kuzmenko <dkuzmenko@saltstack.com>
 Doug Renn <renn@nestegg.com>
 Eivind Uggedal <eivind@uggedal.com>
 epoelke@gmail.com <epoelke@heartflow.com>
@@ -76,6 +78,7 @@
 Matthias Teege <matthias-git@mteege.de>
 Maxim Burgerhout <maxim@wzzrd.com>
 Mickey Malone <mickey.malone@gmail.com>
+Michael Steed <msteed@saltstack.com>
 Mike Place <mp@saltstack.com>
 Mitch Anderson <mitch@metauser.net>
 Nathaniel Whiteinge <seth@eseth.com>
diff -Nru salt-2015.5.2+ds/cloud-requirements.txt salt-2015.5.3+ds/cloud-requirements.txt
--- salt-2015.5.2+ds/cloud-requirements.txt	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/cloud-requirements.txt	1970-01-01 00:00:00.000000000 +0000
@@ -1 +0,0 @@
-apache-libcloud >= 0.14.0
diff -Nru salt-2015.5.2+ds/conf/master salt-2015.5.3+ds/conf/master
--- salt-2015.5.2+ds/conf/master	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/conf/master	2015-07-07 20:42:37.000000000 +0000
@@ -48,7 +48,8 @@
 
 # The number of worker threads to start. These threads are used to manage
 # return calls made from minions to the master. If the master seems to be
-# running slowly, increase the number of threads.
+# running slowly, increase the number of threads. This setting can not be
+# set lower than 3.
 #worker_threads: 5
 
 # The port used by the communication interface. The ret (return) port is the
diff -Nru salt-2015.5.2+ds/conf/minion salt-2015.5.3+ds/conf/minion
--- salt-2015.5.2+ds/conf/minion	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/conf/minion	2015-07-07 20:42:37.000000000 +0000
@@ -22,6 +22,18 @@
 # If only one master is listed, this setting is ignored and a warning will be logged.
 #random_master: False
 
+# Minions can connect to multiple masters simultaneously (all masters
+# are "hot"), or can be configured to failover if a master becomes
+# unavailable.  Multiple hot masters are configured by setting this
+# value to "standard".  Failover masters can be requested by setting
+# to "failover".  MAKE SURE TO SET master_alive_interval if you are
+# using failover.
+# master_type: standard
+
+# Poll interval in seconds for checking if the master is still there.  Only
+# respected if master_type above is "failover".
+# master_alive_interval: 30
+
 # Set whether the minion should connect to the master via IPv6:
 #ipv6: False
 
@@ -36,6 +48,12 @@
 # The user to run salt.
 #user: root
 
+# Setting sudo_user will cause salt to run all execution modules under an sudo
+# to the user given in sudo_user.  The user under which the salt minion process
+# itself runs will still be that provided in the user config above, but all
+# execution modules run by the minion will be rerouted through sudo.
+#sudo_user: saltdev
+
 # Specify the location of the daemon process ID file.
 #pidfile: /var/run/salt-minion.pid
 
@@ -603,7 +621,7 @@
 #tcp_keepalive_intvl: -1
 
 
-######      Windows Software settings ######
+######   Windows Software settings    ######
 ############################################
 # Location of the repository cache file on the master:
 #win_repo_cachefile: 'salt://win/repo/winrepo.p'
diff -Nru salt-2015.5.2+ds/debian/changelog salt-2015.5.3+ds/debian/changelog
--- salt-2015.5.2+ds/debian/changelog	2015-07-01 14:16:22.000000000 +0000
+++ salt-2015.5.3+ds/debian/changelog	2015-07-30 12:43:31.000000000 +0000
@@ -1,4 +1,4 @@
-salt (2015.5.2+ds-1trusty1) trusty; urgency=medium
+salt (2015.5.3+ds-1trusty1) trusty; urgency=medium
 
   * [2c9238e] Updated dependencies and build for trusty
   * [59a9c88] Update of ubuntu packaging files from upstream
@@ -8,13 +8,24 @@
   * [fe659dc] Removed "su -c" from minion upstart script
   * [35372f7] Fixed stale pyc issue for trusty as well (Upstream issue: 13305)
   * [7b29019] Also remove pyc files from /usr/lib/pymodules/python2.7/salt/
+  * [1f4ecc3] Fixed version
   * [6c99950] Fix to version in preinst script
   * [a46e0e0] Removed libcloud as explicit dependency until libcloud is backported
   * [b29a1f3] Fix for build-deps
   * [00fb7f9] Removed requirement for particular version of sphinx
   * [a5f6e2e] Added python-debian as dependency
+  * [563cda4] Updated patches for trusty
 
- -- Joe Healy <joehealy@gmail.com>  Thu, 02 Jul 2015 00:15:39 +1000
+ -- Joe Healy <joehealy@gmail.com>  Thu, 30 Jul 2015 22:42:32 +1000
+
+salt (2015.5.3+ds-1) unstable; urgency=medium
+
+  * [e481db1] Imported Upstream version 2015.5.3+ds
+  * [16f6801] Added salt-minion dependency on bsdmainutils. Closes: 790758
+  * [761f735] Added dependency on python-croniter. Closes: 771015
+  * [5b957bb] Weakened dependency on python-mako to suggests.
+
+ -- Joe Healy <joehealy@gmail.com>  Tue, 28 Jul 2015 22:37:05 +1000
 
 salt (2015.5.2+ds-1) unstable; urgency=medium
 
diff -Nru salt-2015.5.2+ds/debian/control salt-2015.5.3+ds/debian/control
--- salt-2015.5.2+ds/debian/control	2015-07-01 14:14:55.000000000 +0000
+++ salt-2015.5.3+ds/debian/control	2015-07-29 14:59:31.000000000 +0000
@@ -26,10 +26,11 @@
          python-apt,
          python-yaml,
          python-pkg-resources,
-         python-requests (>= 1.0.0)
-Recommends: lsb-release,
-            python-mako
-Suggests: salt-doc (= ${source:Version})
+         python-requests (>= 1.0.0),
+         python-croniter
+Recommends: lsb-release
+Suggests: salt-doc (= ${source:Version}),
+          python-mako
 Breaks: python-mako (<< 0.7.0)
 Description: shared libraries that salt requires for all packages
  salt is a powerful remote execution manager that can be used to
@@ -89,7 +90,8 @@
          python-crypto,
          python-msgpack,
          python-zmq (>= 13.1.0),
-         dctrl-tools
+         dctrl-tools,
+         bsdmainutils
 Recommends: dmidecode,
             debconf-utils
 Suggests: python-augeas
diff -Nru salt-2015.5.2+ds/debian/patches/doc_fixes salt-2015.5.3+ds/debian/patches/doc_fixes
--- salt-2015.5.2+ds/debian/patches/doc_fixes	2015-07-01 14:15:00.000000000 +0000
+++ salt-2015.5.3+ds/debian/patches/doc_fixes	2015-07-30 12:40:49.000000000 +0000
@@ -4,7 +4,7 @@
 
 --- a/salt/netapi/rest_cherrypy/app.py
 +++ b/salt/netapi/rest_cherrypy/app.py
-@@ -719,7 +719,7 @@
+@@ -721,7 +721,7 @@
  
              curl -i localhost:8000
  
@@ -13,7 +13,7 @@
  
              GET / HTTP/1.1
              Host: localhost:8000
-@@ -727,7 +727,7 @@
+@@ -729,7 +729,7 @@
  
          **Example response:**
  
@@ -22,7 +22,7 @@
  
              HTTP/1.1 200 OK
              Content-Type: application/json
-@@ -776,7 +776,7 @@
+@@ -778,7 +778,7 @@
                      -d tgt='*' \\
                      -d fun='test.ping' \\
  
@@ -31,7 +31,7 @@
  
              POST / HTTP/1.1
              Host: localhost:8000
-@@ -789,7 +789,7 @@
+@@ -791,7 +791,7 @@
  
          **Example response:**
  
@@ -40,7 +40,7 @@
  
              HTTP/1.1 200 OK
              Content-Length: 200
-@@ -883,7 +883,7 @@
+@@ -885,7 +885,7 @@
  
              curl -i localhost:8000/minions/ms-3
  
@@ -49,7 +49,7 @@
  
              GET /minions/ms-3 HTTP/1.1
              Host: localhost:8000
-@@ -891,7 +891,7 @@
+@@ -893,7 +893,7 @@
  
          **Example response:**
  
@@ -58,7 +58,7 @@
  
              HTTP/1.1 200 OK
              Content-Length: 129005
-@@ -939,7 +939,7 @@
+@@ -941,7 +941,7 @@
                  -d tgt='*' \\
                  -d fun='status.diskusage'
  
@@ -67,7 +67,7 @@
  
              POST /minions HTTP/1.1
              Host: localhost:8000
-@@ -951,7 +951,7 @@
+@@ -953,7 +953,7 @@
  
          **Example response:**
  
@@ -76,7 +76,7 @@
  
              HTTP/1.1 202 Accepted
              Content-Length: 86
-@@ -1002,7 +1002,7 @@
+@@ -1004,7 +1004,7 @@
  
              curl -i localhost:8000/jobs
  
@@ -85,7 +85,7 @@
  
              GET /jobs HTTP/1.1
              Host: localhost:8000
-@@ -1010,7 +1010,7 @@
+@@ -1012,7 +1012,7 @@
  
          **Example response:**
  
@@ -94,7 +94,7 @@
  
              HTTP/1.1 200 OK
              Content-Length: 165
-@@ -1031,7 +1031,7 @@
+@@ -1033,7 +1033,7 @@
  
              curl -i localhost:8000/jobs/20121130104633606931
  
@@ -103,7 +103,7 @@
  
              GET /jobs/20121130104633606931 HTTP/1.1
              Host: localhost:8000
-@@ -1039,7 +1039,7 @@
+@@ -1041,7 +1041,7 @@
  
          **Example response:**
  
@@ -112,7 +112,7 @@
  
              HTTP/1.1 200 OK
              Content-Length: 73
-@@ -1122,7 +1122,7 @@
+@@ -1124,7 +1124,7 @@
  
              curl -i localhost:8000/keys
  
@@ -121,7 +121,7 @@
  
              GET /keys HTTP/1.1
              Host: localhost:8000
-@@ -1130,7 +1130,7 @@
+@@ -1132,7 +1132,7 @@
  
          **Example response:**
  
@@ -130,7 +130,7 @@
  
              HTTP/1.1 200 OK
              Content-Length: 165
-@@ -1151,7 +1151,7 @@
+@@ -1153,7 +1153,7 @@
  
              curl -i localhost:8000/keys/jerry
  
@@ -139,7 +139,7 @@
  
              GET /keys/jerry HTTP/1.1
              Host: localhost:8000
-@@ -1159,7 +1159,7 @@
+@@ -1161,7 +1161,7 @@
  
          **Example response:**
  
@@ -148,7 +148,7 @@
  
              HTTP/1.1 200 OK
              Content-Length: 73
-@@ -1232,14 +1232,14 @@
+@@ -1234,14 +1234,14 @@
                      -d eauth=pam \
                      -o jerry-salt-keys.tar
  
@@ -165,7 +165,7 @@
  
              HTTP/1.1 200 OK
              Content-Length: 10240
-@@ -1323,7 +1323,7 @@
+@@ -1325,7 +1325,7 @@
  
              curl -i localhost:8000/login
  
@@ -174,7 +174,7 @@
  
              GET /login HTTP/1.1
              Host: localhost:8000
-@@ -1331,7 +1331,7 @@
+@@ -1333,7 +1333,7 @@
  
          **Example response:**
  
@@ -183,7 +183,7 @@
  
              HTTP/1.1 200 OK
              Content-Type: text/html
-@@ -1371,7 +1371,7 @@
+@@ -1373,7 +1373,7 @@
                      -d password='saltpass' \\
                      -d eauth='pam'
  
@@ -192,7 +192,7 @@
  
              POST / HTTP/1.1
              Host: localhost:8000
-@@ -1383,7 +1383,7 @@
+@@ -1385,7 +1385,7 @@
  
          **Example response:**
  
@@ -201,7 +201,7 @@
  
              HTTP/1.1 200 OK
              Content-Type: application/json
-@@ -1519,7 +1519,7 @@
+@@ -1521,7 +1521,7 @@
                  -d password='saltdev' \\
                  -d eauth='pam'
  
@@ -210,7 +210,7 @@
  
              POST /run HTTP/1.1
              Host: localhost:8000
-@@ -1531,7 +1531,7 @@
+@@ -1533,7 +1533,7 @@
  
          **Example response:**
  
@@ -219,7 +219,7 @@
  
              HTTP/1.1 200 OK
              Content-Length: 73
-@@ -1675,7 +1675,7 @@
+@@ -1677,7 +1677,7 @@
  
              curl -NsS localhost:8000/events
  
@@ -228,7 +228,7 @@
  
              GET /events HTTP/1.1
              Host: localhost:8000
-@@ -1687,7 +1687,7 @@
+@@ -1689,7 +1689,7 @@
          clients to only watch for certain tags without having to deserialze the
          JSON object each time.
  
@@ -237,7 +237,7 @@
  
              HTTP/1.1 200 OK
              Connection: keep-alive
-@@ -1852,7 +1852,7 @@
+@@ -1854,7 +1854,7 @@
                  -H 'Sec-WebSocket-Key: '"$(echo -n $RANDOM | base64)" \\
                  localhost:8000/ws
  
@@ -246,7 +246,7 @@
  
              GET /ws HTTP/1.1
              Connection: Upgrade
-@@ -1865,7 +1865,7 @@
+@@ -1867,7 +1867,7 @@
  
          **Example response**:
  
@@ -255,7 +255,7 @@
  
              HTTP/1.1 101 Switching Protocols
              Upgrade: websocket
-@@ -2060,7 +2060,7 @@
+@@ -2062,7 +2062,7 @@
  
              curl -sS localhost:8000/hook -d foo='Foo!' -d bar='Bar!'
  
@@ -264,7 +264,7 @@
  
              POST /hook HTTP/1.1
              Host: localhost:8000
-@@ -2071,7 +2071,7 @@
+@@ -2073,7 +2073,7 @@
  
          **Example response**:
  
diff -Nru salt-2015.5.2+ds/debian/patches/reproducible_builds salt-2015.5.3+ds/debian/patches/reproducible_builds
--- salt-2015.5.2+ds/debian/patches/reproducible_builds	2015-07-01 14:12:41.000000000 +0000
+++ salt-2015.5.3+ds/debian/patches/reproducible_builds	2015-07-30 12:40:43.000000000 +0000
@@ -18,7 +18,7 @@
  
  try:
      import zmq
-@@ -154,7 +159,7 @@
+@@ -153,7 +158,7 @@
              # pylint: disable=E0602
              open(self.distribution.salt_version_hardcoded_path, 'w').write(
                  INSTALL_VERSION_TEMPLATE.format(
@@ -27,7 +27,7 @@
                      full_version_info=__saltstack_version__.full_info
                  )
              )
-@@ -351,7 +356,7 @@
+@@ -350,7 +355,7 @@
  
  INSTALL_VERSION_TEMPLATE = '''\
  # This file was auto-generated by salt's setup on \
@@ -36,7 +36,7 @@
  
  from salt.version import SaltStackVersion
  
-@@ -361,7 +366,7 @@
+@@ -360,7 +365,7 @@
  
  INSTALL_SYSPATHS_TEMPLATE = '''\
  # This file was auto-generated by salt's setup on \
@@ -45,7 +45,7 @@
  
  ROOT_DIR = {root_dir!r}
  CONFIG_DIR = {config_dir!r}
-@@ -373,6 +378,7 @@
+@@ -372,6 +377,7 @@
  BASE_MASTER_ROOTS_DIR = {base_master_roots_dir!r}
  LOGS_DIR = {logs_dir!r}
  PIDFILE_DIR = {pidfile_dir!r}
@@ -53,7 +53,7 @@
  '''
  
  
-@@ -393,7 +399,7 @@
+@@ -392,7 +398,7 @@
              )
              open(system_paths_file_path, 'w').write(
                  INSTALL_SYSPATHS_TEMPLATE.format(
@@ -62,7 +62,7 @@
                      root_dir=self.distribution.salt_root_dir,
                      config_dir=self.distribution.salt_config_dir,
                      cache_dir=self.distribution.salt_cache_dir,
-@@ -404,6 +410,7 @@
+@@ -403,6 +409,7 @@
                      base_master_roots_dir=self.distribution.salt_base_master_roots_dir,
                      logs_dir=self.distribution.salt_logs_dir,
                      pidfile_dir=self.distribution.salt_pidfile_dir,
@@ -72,7 +72,7 @@
  
 --- a/salt/version.py
 +++ b/salt/version.py
-@@ -571,6 +571,9 @@
+@@ -572,6 +572,9 @@
      '''
      libs = list(versions_information(include_salt_cloud=include_salt_cloud))
  
diff -Nru salt-2015.5.2+ds/doc/conf.py salt-2015.5.3+ds/doc/conf.py
--- salt-2015.5.2+ds/doc/conf.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/conf.py	2015-07-07 20:42:37.000000000 +0000
@@ -155,7 +155,7 @@
 copyright = '2015 SaltStack, Inc.'
 
 version = salt.version.__version__
-latest_release = '2015.5.1'  # latest release
+latest_release = '2015.5.2'  # latest release
 previous_release = '2014.7.6'  # latest release from previous branch
 previous_release_dir = '2014.7'  # path on web server for previous branch
 build_type = 'latest'  # latest, previous, develop
@@ -217,7 +217,7 @@
 .. _`salt-users`: https://groups.google.com/forum/#!forum/salt-users
 .. _`salt-announce`: https://groups.google.com/forum/#!forum/salt-announce
 .. _`salt-packagers`: https://groups.google.com/forum/#!forum/salt-packagers
-""".format(release=latest_release)
+""".format(release=release)
 
 # A shortcut for linking to tickets on the GitHub issue tracker
 extlinks = {
diff -Nru salt-2015.5.2+ds/doc/contents-2.rst salt-2015.5.3+ds/doc/contents-2.rst
--- salt-2015.5.2+ds/doc/contents-2.rst	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/contents-2.rst	2015-07-01 21:33:42.000000000 +0000
@@ -9,6 +9,7 @@
     topics/jobs/index
     topics/event/index
     topics/topology/index
+    topics/highavailability/index
     topics/windows/index
     topics/cloud/index
     topics/netapi/index
diff -Nru salt-2015.5.2+ds/doc/contents.rst salt-2015.5.3+ds/doc/contents.rst
--- salt-2015.5.2+ds/doc/contents.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/contents.rst	2015-07-01 21:33:42.000000000 +0000
@@ -21,6 +21,7 @@
     topics/event/index
     topics/beacons/index
     topics/ext_processes/index
+    topics/highavailability/index
     topics/topology/index
     topics/transports/raet/index
     topics/windows/index
diff -Nru salt-2015.5.2+ds/doc/man/salt.1 salt-2015.5.3+ds/doc/man/salt.1
--- salt-2015.5.2+ds/doc/man/salt.1	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/man/salt.1	2015-07-07 20:42:37.000000000 +0000
@@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "SALT" "1" "May 06, 2015" "2015.5.0" "Salt"
+.TH "SALT" "1" "June 26, 2015" "2015.5.2" "Salt"
 .SH NAME
 salt \- salt
 .
diff -Nru salt-2015.5.2+ds/doc/man/salt.7 salt-2015.5.3+ds/doc/man/salt.7
--- salt-2015.5.2+ds/doc/man/salt.7	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/man/salt.7	2015-07-07 20:42:37.000000000 +0000
@@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "SALT" "7" "May 06, 2015" "2015.5.0" "Salt"
+.TH "SALT" "7" "June 26, 2015" "2015.5.2" "Salt"
 .SH NAME
 salt \- Salt Documentation
 .
@@ -126,6 +126,11 @@
 is hosted by Google Groups. It is open to new members.
 .sp
 \fI\%https://groups.google.com/forum/#!forum/salt\-users\fP
+.sp
+There is also a low\-traffic list used to announce new releases
+called \fI\%salt\-announce\fP
+.sp
+\fI\%https://groups.google.com/forum/#!forum/salt\-announce\fP
 .SS IRC
 .sp
 The \fB#salt\fP IRC channel is hosted on the popular \fI\%Freenode\fP network. You
@@ -845,7 +850,7 @@
 advised that the \fByum\-utils\fP package is needed for Salt to manage
 packages. Also, if the Python dependencies are not already installed, then
 you will need additional libraries/tools installed to build some of them.
-More information on this can be found here\&.
+More information on this can be found \fIhere\fP\&.
 .UNINDENT
 .UNINDENT
 .SS Installation from Repository
@@ -1354,11 +1359,17 @@
 .IP "Download here"
 .INDENT 0.0
 .IP \(bu 2
-2014.7.5
+2015.5.0\-2
+.IP \(bu 2
+\fI\%Salt\-Minion\-2015.5.0\-2\-x86\-Setup.exe\fP | \fI\%md5\fP
+.IP \(bu 2
+\fI\%Salt\-Minion\-2015.5.0\-2\-AMD64\-Setup.exe\fP | \fI\%md5\fP
 .IP \(bu 2
-\fI\%Salt\-Minion\-2014.7.5\-x86\-Setup.exe\fP | \fI\%md5\fP
+2014.7.5\-2
 .IP \(bu 2
-\fI\%Salt\-Minion\-2014.7.5\-AMD64\-Setup.exe\fP | \fI\%md5\fP
+\fI\%Salt\-Minion\-2014.7.5\-2\-x86\-Setup.exe\fP | \fI\%md5\fP
+.IP \(bu 2
+\fI\%Salt\-Minion\-2014.7.5\-2\-AMD64\-Setup.exe\fP | \fI\%md5\fP
 .IP \(bu 2
 2014.7.4
 .IP \(bu 2
@@ -1382,16 +1393,17 @@
 .IP \(bu 2
 Salt\-Minion\-2014.7.0\-1\-win32\-Setup.exe | md5
 .IP \(bu 2
-Salt\-Minion\-2014.7.0\-AMD64\-Setup.exe | md5
-.UNINDENT
-.sp
+.INDENT 2.0
+.TP
+.B Salt\-Minion\-2014.7.0\-AMD64\-Setup.exe | md5
+.
 \fBNOTE:\fP
-.INDENT 0.0
+.INDENT 7.0
 .INDENT 3.5
 The 2014.7.0 installers have been removed because of a regression. Please use the 2014.7.1 release instead.
 .UNINDENT
 .UNINDENT
-.INDENT 0.0
+.UNINDENT
 .IP \(bu 2
 2014.1.13
 .IP \(bu 2
@@ -1627,7 +1639,7 @@
 Right\-click on the file named \fBdev_env_salt.ps1\fP and select \fBRun with
 Powershell\fP
 .sp
-This will clone salt into \fBC:\eSalt\-Dev\esalt\fP and set it to the 2015.2
+This will clone salt into \fBC:\eSalt\-Dev\esalt\fP and set it to the 2015.5
 branch. You could optionally run the command from a powershell window with a
 \fB\-Version\fP switch to pull a different version. For example:
 .INDENT 3.0
@@ -2306,6 +2318,20 @@
 .UNINDENT
 .SS Suse Linux Enterprise
 .sp
+For SLE 12 run the following as root:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+zypper addrepo http://download.opensuse.org/repositories/devel:languages:python/SLE_12/devel:languages:python.repo
+zypper refresh
+zypper install salt salt\-minion salt\-master
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
 For SLE 11 SP3 run the following as root:
 .INDENT 0.0
 .INDENT 3.5
@@ -2464,14 +2490,14 @@
 .UNINDENT
 .sp
 See the \fI\%salt\-bootstrap\fP documentation for other one liners. When using \fI\%Vagrant\fP
-to test out salt, the \fI\%salty\-vagrant\fP tool will  provision the VM for you.
+to test out salt, the \fI\%Vagrant salt provisioner\fP will provision the VM for you.
 .SS Telling Salt to Run Masterless
 .sp
-To instruct the minion to not look for a master when running
-the \fBfile_client\fP configuration option needs to be set.
+To instruct the minion to not look for a master, the \fBfile_client\fP
+configuration option needs to be set in the minion configuration file.
 By default the \fBfile_client\fP is set to \fBremote\fP so that the
-minion knows that file server and pillar data are to be gathered from the
-master. When setting the \fBfile_client\fP option to \fBlocal\fP the
+minion gathers file server and pillar data from the salt master.
+When setting the \fBfile_client\fP option to \fBlocal\fP the
 minion is configured to not gather this data from the master.
 .INDENT 0.0
 .INDENT 3.5
@@ -2703,6 +2729,9 @@
 .fi
 .UNINDENT
 .UNINDENT
+.SS External Pillars
+.sp
+\fIExternal pillars\fP are supported when running in masterless mode.
 .SS Opening the Firewall up for Salt
 .sp
 The Salt master communicates with the minions using an AES\-encrypted ZeroMQ
@@ -3008,14 +3037,14 @@
 .INDENT 3.5
 .IP "Stuck?"
 .sp
-There are many ways to get help from the Salt community including our
+There are many ways to \fIget help from the Salt community\fP including our
 \fI\%mailing list\fP
 and our \fI\%IRC channel\fP #salt.
 .UNINDENT
 .UNINDENT
 .SS Order your minions around
 .sp
-Now that you have a master and at least one minion
+Now that you have a \fImaster\fP and at least one \fIminion\fP
 communicating with each other you can perform commands on the minion via the
 \fBsalt\fP command. Salt calls are comprised of three main components:
 .INDENT 0.0
@@ -3224,9 +3253,9 @@
 and template files.
 .TP
 .B Arbitrary Data:
-Pillar can contain any basic data structure, so a list of values, or a
-key/value store can be defined making it easy to iterate over a group
-of values in sls formulas
+Pillar can contain any basic data structure in dictionary format,
+so a key/value store can be defined making it easy to iterate over a group
+of values in sls formulas.
 .UNINDENT
 .sp
 Pillar is therefore one of the most important systems when using Salt. This
@@ -3367,8 +3396,8 @@
 .INDENT 0.0
 .INDENT 3.5
 The same directory lookups that exist in states exist in pillar, so the
-file \fBusers/init.sls\fP can be referenced with \fBusers\fP in the top
-file\&.
+file \fBusers/init.sls\fP can be referenced with \fBusers\fP in the \fItop
+file\fP\&.
 .UNINDENT
 .UNINDENT
 .sp
@@ -3614,18 +3643,6 @@
 .UNINDENT
 .UNINDENT
 .sp
-Lists can be passed in pillar as well:
-.INDENT 0.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq state.highstate pillar=\(aq["foo", "bar", "baz"]\(aq
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.sp
 \fBNOTE:\fP
 .INDENT 0.0
 .INDENT 3.5
@@ -3928,7 +3945,7 @@
 the included SLS files.
 .sp
 Note that some of the SLS files are called init.sls, while others are not. More
-info on what this means can be found in the States Tutorial\&.
+info on what this means can be found in the \fIStates Tutorial\fP\&.
 .SS Extending Included SLS Data
 .sp
 Sometimes SLS data needs to be extended. Perhaps the apache service needs to
@@ -4271,7 +4288,7 @@
 .INDENT 3.5
 .IP "Stuck?"
 .sp
-There are many ways to get help from the Salt community including our
+There are many ways to \fIget help from the Salt community\fP including our
 \fI\%mailing list\fP
 and our \fI\%IRC channel\fP #salt.
 .UNINDENT
@@ -4336,7 +4353,7 @@
 .UNINDENT
 .UNINDENT
 .sp
-The top file is separated into environments (discussed
+The \fItop file\fP is separated into environments (discussed
 later). The default environment is \fBbase\fP\&. Under the \fBbase\fP environment a
 collection of minion matches is defined; for now simply specify all hosts
 (\fB*\fP).
@@ -4363,7 +4380,7 @@
 .UNINDENT
 .SS Create an \fBsls\fP file
 .sp
-In the same directory as the top file, create a file
+In the same directory as the \fItop file\fP, create a file
 named \fBwebserver.sls\fP, containing the following:
 .INDENT 0.0
 .INDENT 3.5
@@ -4378,7 +4395,7 @@
 .UNINDENT
 .UNINDENT
 .sp
-The first line, called the id\-declaration, is an arbitrary identifier.
+The first line, called the \fIid\-declaration\fP, is an arbitrary identifier.
 In this case it defines the name of the package to be installed.
 .sp
 \fBNOTE:\fP
@@ -4390,10 +4407,10 @@
 .UNINDENT
 .UNINDENT
 .sp
-The second line, called the state\-declaration, defines which of the Salt
+The second line, called the \fIstate\-declaration\fP, defines which of the Salt
 States we are using. In this example, we are using the \fBpkg state\fP to ensure that a given package is installed.
 .sp
-The third line, called the function\-declaration, defines which function
+The third line, called the \fIfunction\-declaration\fP, defines which function
 in the \fBpkg state\fP module to call.
 .INDENT 0.0
 .INDENT 3.5
@@ -4426,7 +4443,7 @@
 .UNINDENT
 .sp
 Our master is instructing all targeted minions to run \fBstate.highstate\fP\&. When a minion executes a highstate call it
-will download the top file and attempt to match the
+will download the \fItop file\fP and attempt to match the
 expressions. When it does match an expression the modules listed for it will be
 downloaded, compiled, and executed.
 .sp
@@ -4436,9 +4453,9 @@
 \fBWARNING:\fP
 .INDENT 0.0
 .INDENT 3.5
-If you have created custom grain modules, they will
+If you have created \fIcustom grain modules\fP, they will
 not be available in the top file until after the first \fI\%highstate\fP\&. To make custom grains available on a minion\(aqs first
-highstate, it is recommended to use this example to ensure that the custom grains are synced when
+highstate, it is recommended to use \fIthis example\fP to ensure that the custom grains are synced when
 the minion starts.
 .UNINDENT
 .UNINDENT
@@ -4498,7 +4515,8 @@
 .UNINDENT
 .TP
 .B Run the minion in the foreground
-By not starting the minion in daemon mode (\fB\-d\fP) one can view any output from the minion as it works:
+By not starting the minion in daemon mode (\fB\-d\fP)
+one can view any output from the minion as it works:
 .INDENT 7.0
 .INDENT 3.5
 .sp
@@ -4558,8 +4576,8 @@
 to have requirements, and use even more Salt States.
 .SS Call multiple States
 .sp
-You can specify multiple state\-declaration under an
-id\-declaration\&. For example, a quick modification to our
+You can specify multiple \fIstate\-declaration\fP under an
+\fIid\-declaration\fP\&. For example, a quick modification to our
 \fBwebserver.sls\fP to also start Apache if it is not running:
 .INDENT 0.0
 .INDENT 3.5
@@ -4607,23 +4625,23 @@
 .UNINDENT
 .UNINDENT
 .sp
-\fBline 9\fP is the id\-declaration\&. In this example it is the location we
+\fBline 9\fP is the \fIid\-declaration\fP\&. In this example it is the location we
 want to install our custom HTML file. (\fBNote:\fP the default location that
 Apache serves may differ from the above on your OS or distro. \fB/srv/www\fP
 could also be a likely place to look.)
 .sp
-\fBLine 10\fP the state\-declaration\&. This example uses the Salt \fBfile
+\fBLine 10\fP the \fIstate\-declaration\fP\&. This example uses the Salt \fBfile
 state\fP\&.
 .sp
-\fBLine 11\fP is the function\-declaration\&. The \fBmanaged function\fP will download a file from the master and install it
+\fBLine 11\fP is the \fIfunction\-declaration\fP\&. The \fBmanaged function\fP will download a file from the master and install it
 in the location specified.
 .sp
-\fBLine 12\fP is a function\-arg\-declaration which, in this example, passes
+\fBLine 12\fP is a \fIfunction\-arg\-declaration\fP which, in this example, passes
 the \fBsource\fP argument to the \fBmanaged function\fP\&.
 .sp
-\fBLine 13\fP is a requisite\-declaration\&.
+\fBLine 13\fP is a \fIrequisite\-declaration\fP\&.
 .sp
-\fBLine 14\fP is a requisite\-reference which refers to a state and an ID.
+\fBLine 14\fP is a \fIrequisite\-reference\fP which refers to a state and an ID.
 In this example, it is referring to the \fBID declaration\fP from our example in
 \fBpart 1\fP\&. This declaration tells Salt not to install the HTML
 file until Apache is installed.
@@ -4665,7 +4683,7 @@
 .INDENT 3.5
 .IP "\fBrequire\fP vs. \fBwatch\fP"
 .sp
-There are two requisite\-declaration, “require”, and “watch”. Not
+There are two \fIrequisite\-declaration\fP, “require”, and “watch”. Not
 every state supports “watch”. The \fBservice state\fP does support “watch” and will restart a service
 based on the watch condition.
 .sp
@@ -4694,7 +4712,7 @@
 .UNINDENT
 .sp
 If the pkg and service names differ on your OS or distro of choice you can
-specify each one separately using a name\-declaration which explained
+specify each one separately using a \fIname\-declaration\fP which explained
 in \fBPart 3\fP\&.
 .UNINDENT
 .UNINDENT
@@ -4761,6 +4779,13 @@
 .sp
 .nf
 .ft C
+# Comments in yaml start with a hash symbol.
+# Since jinja rendering occurs before yaml parsing, if you want to include jinja
+# in the comments you may need to escape them using \(aqjinja\(aq comments to prevent
+# jinja from trying to render something which is not well\-defined jinja.
+# e.g.
+# {# iterate over the Three Stooges using a {% for %}..{% endfor %} loop
+# with the iterator variable {{ usr }} becoming the state ID. #}
 {% for usr in \(aqmoe\(aq,\(aqlarry\(aq,\(aqcurly\(aq %}
 {{ usr }}:
   group:
@@ -4841,7 +4866,7 @@
 .sp
 A previous example showed how to spread a Salt tree across several files.
 Similarly, \fBrequisites\fP span multiple files by
-using an include\-declaration\&. For example:
+using an \fIinclude\-declaration\fP\&. For example:
 .sp
 \fBpython/python\-libs.sls:\fP
 .INDENT 0.0
@@ -4875,7 +4900,7 @@
 .UNINDENT
 .SS Extend declaration
 .sp
-You can modify previous declarations by using an extend\-declaration\&. For
+You can modify previous declarations by using an \fIextend\-declaration\fP\&. For
 example the following modifies the Apache tree to also restart Apache when the
 vhosts file is changed:
 .sp
@@ -4925,7 +4950,7 @@
 .UNINDENT
 .SS Name declaration
 .sp
-You can override the id\-declaration by using a name\-declaration\&.
+You can override the \fIid\-declaration\fP by using a \fIname\-declaration\fP\&.
 For example, the previous example is a bit more maintainable if rewritten as
 follows:
 .sp
@@ -4955,8 +4980,8 @@
 .UNINDENT
 .SS Names declaration
 .sp
-Even more powerful is using a names\-declaration to override the
-id\-declaration for multiple states at once. This often can remove the
+Even more powerful is using a \fInames\-declaration\fP to override the
+\fIid\-declaration\fP for multiple states at once. This often can remove the
 need for looping in a template. For example, the first example in this tutorial
 can be rewritten without the loop:
 .INDENT 0.0
@@ -5030,7 +5055,7 @@
 "win", and the file in gitfs will be ignored.
 .sp
 A more thorough explanation of how Salt\(aqs modular fileserver works can be
-found here\&. We recommend reading this.
+found \fIhere\fP\&. We recommend reading this.
 .UNINDENT
 .UNINDENT
 .SS Environment configuration
@@ -5243,7 +5268,7 @@
 can be found on Github in the \fI\%saltstack\-formulas\fP collection of repositories.
 .sp
 If you have any questions, suggestions, or just want to chat with other people
-who are using Salt, we have a very active community
+who are using Salt, we have a very \fIactive community\fP
 and we\(aqd love to hear from you.
 .sp
 In addition, by continuing to \fBpart 5\fP, you can learn about
@@ -5471,7 +5496,7 @@
 \fBNOTE:\fP
 .INDENT 0.0
 .INDENT 3.5
-The \fBmatch\fP argument uses compound matching
+The \fBmatch\fP argument uses \fIcompound matching\fP
 .UNINDENT
 .UNINDENT
 .sp
@@ -6157,9 +6182,9 @@
 configuration management system called \fBSalt States\fP\&.
 .SS Installing Salt
 .sp
-SaltStack has been made to be very easy to install and get started. Setting up
-Salt should be as easy as installing Salt via distribution packages on Linux or
-via the Windows installer. The \fBinstallation documents\fP cover platform\-specific installation in depth.
+SaltStack has been made to be very easy to install and get started. The
+\fBinstallation documents\fP contain instructions
+for all supported platforms.
 .SS Starting Salt
 .sp
 Salt functions on a master/minion topology. A master server acts as a
@@ -6599,7 +6624,7 @@
 .UNINDENT
 .sp
 The full list of Salt outputters, as well as example output, can be found
-here\&.
+\fIhere\fP\&.
 .SS \fBsalt\-call\fP
 .sp
 The examples so far have described running commands from the Master using the
@@ -6610,7 +6635,7 @@
 are running (which are \fInot\fP part of the return data you see when running the
 command from the Master using \fBsalt\fP), making it unnecessary to tail the
 minion log. More information on \fBsalt\-call\fP and how to use it can be found
-here\&.
+\fIhere\fP\&.
 .SS Grains
 .sp
 Salt uses a system called \fBGrains\fP to build up
@@ -6918,9 +6943,8 @@
 functionality.
 .INDENT 0.0
 .IP 1. 3
-Thomas\(aq original states tutorial, \fBHow Do I Use Salt
-States?\fP, covers much more to get off the
-ground with States.
+\fBHow Do I Use Salt States?\fP, covers much
+more to get off the ground with States.
 .IP 2. 3
 The \fBStates Tutorial\fP also provides a
 fantastic introduction.
@@ -9291,8 +9315,8 @@
 .SS Refreshing gitfs Upon Push
 .sp
 By default, Salt updates the remote fileserver backends every 60 seconds.
-However, if it is desirable to refresh quicker than that, the Reactor
-System can be used to signal the master to update the fileserver on
+However, if it is desirable to refresh quicker than that, the \fIReactor
+System\fP can be used to signal the master to update the fileserver on
 each push, provided that the git server is also a Salt minion. There are three
 steps to this process:
 .INDENT 0.0
@@ -10119,6 +10143,1525 @@
 create fresh virtual machines for each test run, then execute the destructive
 tests on the new clean virtual machine. This allows for the execution of tests
 across supported platforms.
+.SS HTTP Modules
+.sp
+This tutorial demonstrates using the various HTTP modules available in Salt.
+These modules wrap the Python \fBurllib2\fP and \fBrequests\fP libraries, extending
+them in a manner that is more consistent with Salt workflows.
+.SS The \fBsalt.utils.http\fP Library
+.sp
+This library forms the core of the HTTP modules. Since it is designed to be used
+from the minion as an execution module, in addition to the master as a runner,
+it was abstracted into this multi\-use library. This library can also be imported
+by 3rd\-party programs wishing to take advantage of its extended functionality.
+.sp
+Core functionality of the execution, state, and runner modules is derived from
+this library, so common usages between them are described here. Documentation
+specific to each module is described below.
+.sp
+This library can be imported with:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+import salt.utils.http
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Configuring Libraries
+.sp
+This library can make use of either \fBurllib2\fP, which ships with Python, or
+\fBrequests\fP, which can be installed separately. By default, \fBurllib2\fP will
+be used. In order to switch to \fBrequests\fP, set the following variable:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+requests_lib: True
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+This can be set in the master or minion configuration file, or passed as an
+option directly to any \fBhttp.query()\fP functions.
+.SS \fBsalt.utils.http.query()\fP
+.sp
+This function forms a basic query, but with some add\-ons not present in the
+\fBurllib2\fP and \fBrequests\fP libraries. Not all functionality currently
+available in these libraries has been added, but can be in future iterations.
+.sp
+A basic query can be performed by calling this function with no more than a
+single URL:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(\(aqhttp://example.com\(aq)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+By default the query will be performed with a \fBGET\fP method. The method can
+be overridden with the \fBmethod\fP argument:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(\(aqhttp://example.com/delete/url\(aq, \(aqDELETE\(aq)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+When using the \fBPOST\fP method (and others, such \fBPUT\fP), extra data is usually
+sent as well. This data can be either sent directly, in whatever format is
+required by the remote server (XML, JSON, plain text, etc).
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com/delete/url\(aq,
+    method=\(aqPOST\(aq,
+    data=json.loads(mydict)
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Bear in mind that this data must be sent pre\-formatted; this function will not
+format it for you. However, a templated file stored on the local system may be
+passed through, along with variables to populate it with. To pass through only
+the file (untemplated):
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com/post/url\(aq,
+    method=\(aqPOST\(aq,
+    data_file=\(aq/srv/salt/somefile.xml\(aq
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To pass through a file that contains jinja + yaml templating (the default):
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com/post/url\(aq,
+    method=\(aqPOST\(aq,
+    data_file=\(aq/srv/salt/somefile.jinja\(aq,
+    data_render=True,
+    template_data={\(aqkey1\(aq: \(aqvalue1\(aq, \(aqkey2\(aq: \(aqvalue2\(aq}
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To pass through a file that contains mako templating:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com/post/url\(aq,
+    method=\(aqPOST\(aq,
+    data_file=\(aq/srv/salt/somefile.mako\(aq,
+    data_render=True,
+    data_renderer=\(aqmako\(aq,
+    template_data={\(aqkey1\(aq: \(aqvalue1\(aq, \(aqkey2\(aq: \(aqvalue2\(aq}
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Because this function uses Salt\(aqs own rendering system, any Salt renderer can
+be used. Because Salt\(aqs renderer requires \fB__opts__\fP to be set, an \fBopts\fP
+dictionary should be passed in. If it is not, then the default \fB__opts__\fP
+values for the node type (master or minion) will be used. Because this library
+is intended primarily for use by minions, the default node type is \fBminion\fP\&.
+However, this can be changed to \fBmaster\fP if necessary.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com/post/url\(aq,
+    method=\(aqPOST\(aq,
+    data_file=\(aq/srv/salt/somefile.jinja\(aq,
+    data_render=True,
+    template_data={\(aqkey1\(aq: \(aqvalue1\(aq, \(aqkey2\(aq: \(aqvalue2\(aq},
+    opts=__opts__
+)
+
+salt.utils.http.query(
+    \(aqhttp://example.com/post/url\(aq,
+    method=\(aqPOST\(aq,
+    data_file=\(aq/srv/salt/somefile.jinja\(aq,
+    data_render=True,
+    template_data={\(aqkey1\(aq: \(aqvalue1\(aq, \(aqkey2\(aq: \(aqvalue2\(aq},
+    node=\(aqmaster\(aq
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Headers may also be passed through, either as a \fBheader_list\fP, a
+\fBheader_dict\fP or as a \fBheader_file\fP\&. As with the \fBdata_file\fP, the
+\fBheader_file\fP may also  be templated. Take note that because HTTP headers are
+normally syntactically\-correct YAML, they will automatically be imported as an
+a Python dict.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com/delete/url\(aq,
+    method=\(aqPOST\(aq,
+    header_file=\(aq/srv/salt/headers.jinja\(aq,
+    header_render=True,
+    header_renderer=\(aqjinja\(aq,
+    template_data={\(aqkey1\(aq: \(aqvalue1\(aq, \(aqkey2\(aq: \(aqvalue2\(aq}
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Because much of the data that would be templated between headers and data may be
+the same, the \fBtemplate_data\fP is the same for both. Correcting possible
+variable name collisions is up to the user.
+.sp
+The \fBquery()\fP function supports basic HTTP authentication. A username and
+password may be passed in as \fBusername\fP and \fBpassword\fP, respectively.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com\(aq,
+    username=\(aqlarry\(aq,
+    password=\(ga5700g3543v4r\(ga,
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Cookies are also supported, using Python\(aqs built\-in \fBcookielib\fP\&. However, they
+are turned off by default. To turn cookies on, set \fBcookies\fP to True.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com\(aq,
+    cookies=True
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+By default cookies are stored in Salt\(aqs cache directory, normally
+\fB/var/cache/salt\fP, as a file called \fBcookies.txt\fP\&. However, this location
+may be changed with the \fBcookie_jar\fP argument:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com\(aq,
+    cookies=True,
+    cookie_jar=\(aq/path/to/cookie_jar.txt\(aq
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+By default, the format of the cookie jar is LWP (aka, lib\-www\-perl). This
+default was chosen because it is a human\-readable text file. If desired, the
+format of the cookie jar can be set to Mozilla:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com\(aq,
+    cookies=True,
+    cookie_jar=\(aq/path/to/cookie_jar.txt\(aq,
+    cookie_format=\(aqmozilla\(aq
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Because Salt commands are normally one\-off commands that are piped together,
+this library cannot normally behave as a normal browser, with session cookies
+that persist across multiple HTTP requests. However, the session can be
+persisted in a separate cookie jar. The default filename for this file, inside
+Salt\(aqs cache directory, is \fBcookies.session.p\fP\&. This can also be changed.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com\(aq,
+    persist_session=True,
+    session_cookie_jar=\(aq/path/to/jar.p\(aq
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+The format of this file is msgpack, which is consistent with much of the rest
+of Salt\(aqs internal structure. Historically, the extension for this file is
+\fB\&.p\fP\&. There are no current plans to make this configurable.
+.SS Return Data
+.sp
+By default, \fBquery()\fP will attempt to decode the return data. Because it was
+designed to be used with REST interfaces, it will attempt to decode the data
+received from the remote server. First it will check the \fBContent\-type\fP header
+to try and find references to XML. If it does not find any, it will look for
+references to JSON. If it does not find any, it will fall back to plain text,
+which will not be decoded.
+.sp
+JSON data is translated into a dict using Python\(aqs built\-in \fBjson\fP library.
+XML is translated using \fBsalt.utils.xml_util\fP, which will use Python\(aqs
+built\-in XML libraries to attempt to convert the XML into a dict. In order to
+force either JSON or XML decoding, the \fBdecode_type\fP may be set:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com\(aq,
+    decode_type=\(aqxml\(aq
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Once translated, the return dict from \fBquery()\fP will include a dict called
+\fBdict\fP\&.
+.sp
+If the data is not to be translated using one of these methods, decoding may be
+turned off.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com\(aq,
+    decode=False
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+If decoding is turned on, and references to JSON or XML cannot be found, then
+this module will default to plain text, and return the undecoded data as
+\fBtext\fP (even if text is set to \fBFalse\fP; see below).
+.sp
+The \fBquery()\fP function can return the HTTP status code, headers, and/or text
+as required. However, each must individually be turned on.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com\(aq,
+    status=True,
+    headers=True,
+    text=True
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+The return from these will be found in the return dict as \fBstatus\fP,
+\fBheaders\fP and \fBtext\fP, respectively.
+.SS Writing Return Data to Files
+.sp
+It is possible to write either the return data or headers to files, as soon as
+the response is received from the server, but specifying file locations via the
+\fBtext_out\fP or \fBheaders_out\fP arguments. \fBtext\fP and \fBheaders\fP do not need
+to be returned to the user in order to do this.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttp://example.com\(aq,
+    text=False,
+    headers=False,
+    text_out=\(aq/path/to/url_download.txt\(aq,
+    headers_out=\(aq/path/to/headers_download.txt\(aq,
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS SSL Verification
+.sp
+By default, this function will verify SSL certificates. However, for testing or
+debugging purposes, SSL verification can be turned off.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttps://example.com\(aq,
+    ssl_verify=False,
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS CA Bundles
+.sp
+The \fBrequests\fP library has its own method of detecting which CA (certficate
+authority) bundle file to use. Usually this is implemented by the packager for
+the specific operating system distribution that you are using. However,
+\fBurllib2\fP requires a little more work under the hood. By default, Salt will
+try to auto\-detect the location of this file. However, if it is not in an
+expected location, or a different path needs to be specified, it may be done so
+using the \fBca_bundle\fP variable.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.query(
+    \(aqhttps://example.com\(aq,
+    ca_bundle=\(aq/path/to/ca_bundle.pem\(aq,
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Updating CA Bundles
+.sp
+The \fBupdate_ca_bundle()\fP function can be used to update the bundle file at a
+specified location. If the target location is not specified, then it will
+attempt to auto\-detect the location of the bundle file. If the URL to download
+the bundle from does not exist, a bundle will be downloaded from the cURL
+website.
+.sp
+CAUTION: The \fBtarget\fP and the \fBsource\fP should always be specified! Failure
+to specify the \fBtarget\fP may result in the file being written to the wrong
+location on the local system. Failure to specify the \fBsource\fP may cause the
+upstream URL to receive excess unnecessary traffic, and may cause a file to be
+download which is hazardous or does not meet the needs of the user.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.update_ca_bundle(
+    target=\(aq/path/to/ca\-bundle.crt\(aq,
+    source=\(aqhttps://example.com/path/to/ca\-bundle.crt\(aq,
+    opts=__opts__,
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+The \fBopts\fP parameter should also always be specified. If it is, then the
+\fBtarget\fP and the \fBsource\fP may be specified in the relevant configuration
+file (master or minion) as \fBca_bundle\fP and \fBca_bundle_url\fP, respectively.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+ca_bundle: /path/to/ca\-bundle.crt
+ca_bundle_url: https://example.com/path/to/ca\-bundle.crt
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+If Salt is unable to auto\-detect the location of the CA bundle, it will raise
+an error.
+.sp
+The \fBupdate_ca_bundle()\fP function can also be passed a string or a list of
+strings which represent files on the local system, which should be appended (in
+the specified order) to the end of the CA bundle file. This is useful in
+environments where private certs need to be made available, and are not
+otherwise reasonable to add to the bundle file.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt.utils.http.update_ca_bundle(
+    opts=__opts__,
+    merge_files=[
+        \(aq/etc/ssl/private_cert_1.pem\(aq,
+        \(aq/etc/ssl/private_cert_2.pem\(aq,
+        \(aq/etc/ssl/private_cert_3.pem\(aq,
+    ]
+)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Test Mode
+.sp
+This function may be run in test mode. This mode will perform all work up until
+the actual HTTP request. By default, instead of performing the request, an empty
+dict will be returned. Using this function with \fBTRACE\fP logging turned on will
+reveal the contents of the headers and POST data to be sent.
+.sp
+Rather than returning an empty dict, an alternate \fBtest_url\fP may be passed in.
+If this is detected, then test mode will replace the \fBurl\fP with the
+\fBtest_url\fP, set \fBtest\fP to \fBTrue\fP in the return data, and perform the rest
+of the requested operations as usual. This allows a custom, non\-destructive URL
+to be used for testing when necessary.
+.SS Execution Module
+.sp
+The \fBhttp\fP execution module is a very thin wrapper around the
+\fBsalt.utils.http\fP library. The \fBopts\fP can be passed through as well, but if
+they are not specified, the minion defaults will be used as necessary.
+.sp
+Because passing complete data structures from the command line can be tricky at
+best and dangerous (in terms of execution injection attacks) at worse, the
+\fBdata_file\fP, and \fBheader_file\fP are likely to see more use here.
+.sp
+All methods for the library are available in the execution module, as kwargs.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion http.query http://example.com/restapi method=POST \e
+    username=\(aqlarry\(aq password=\(aq5700g3543v4r\(aq headers=True text=True \e
+    status=True decode_type=xml data_render=True \e
+    header_file=/tmp/headers.txt data_file=/tmp/data.txt \e
+    header_render=True cookies=True persist_session=True
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Runner Module
+.sp
+Like the execution module, the \fBhttp\fP runner module is a very thin wrapper
+around the \fBsalt.utils.http\fP library. The only significant difference is that
+because runners execute on the master instead of a minion, a target is not
+required, and default opts will be derived from the master config, rather than
+the minion config.
+.sp
+All methods for the library are available in the runner module, as kwargs.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-run http.query http://example.com/restapi method=POST \e
+    username=\(aqlarry\(aq password=\(aq5700g3543v4r\(aq headers=True text=True \e
+    status=True decode_type=xml data_render=True \e
+    header_file=/tmp/headers.txt data_file=/tmp/data.txt \e
+    header_render=True cookies=True persist_session=True
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS State Module
+.sp
+The state module is a wrapper around the runner module, which applies stateful
+logic to a query. All kwargs as listed above are specified as usual in state
+files, but two more kwargs are available to apply stateful logic. A required
+parameter is \fBmatch\fP, which specifies a pattern to look for in the return
+text. By default, this will perform a string comparison of looking for the
+value of match in the return text. In Python terms this looks like:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+if match in html_text:
+    return True
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+If more complex pattern matching is required, a regular expression can be used
+by specifying a \fBmatch_type\fP\&. By default this is set to \fBstring\fP, but it
+can be manually set to \fBpcre\fP instead. Please note that despite the name, this
+will use Python\(aqs \fBre.search()\fP rather than \fBre.match()\fP\&.
+.sp
+Therefore, the following states are valid:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+http://example.com/restapi:
+  http.query:
+    \- match: \(aqSUCCESS\(aq
+    \- username: \(aqlarry\(aq
+    \- password: \(aq5700g3543v4r\(aq
+    \- data_render: True
+    \- header_file: /tmp/headers.txt
+    \- data_file: /tmp/data.txt
+    \- header_render: True
+    \- cookies: True
+    \- persist_session: True
+
+http://example.com/restapi:
+  http.query:
+    \- match_type: pcre
+    \- match: \(aq(?i)succe[ss|ed]\(aq
+    \- username: \(aqlarry\(aq
+    \- password: \(aq5700g3543v4r\(aq
+    \- data_render: True
+    \- header_file: /tmp/headers.txt
+    \- data_file: /tmp/data.txt
+    \- header_render: True
+    \- cookies: True
+    \- persist_session: True
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+In addition to, or instead of a match pattern, the status code for a URL can be
+checked. This is done using the \fBstatus\fP argument:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+http://example.com/:
+  http.query:
+    \- status: \(aq200\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+If both are specified, both will be checked, but if only one is \fBTrue\fP and the
+other is \fBFalse\fP, then \fBFalse\fP will be returned. In this case, the comments
+in the return data will contain information for troubleshooting.
+.sp
+Because this is a monitoring state, it will return extra data to code that
+expects it. This data will always include \fBtext\fP and \fBstatus\fP\&. Optionally,
+\fBheaders\fP and \fBdict\fP may also be requested by setting the \fBheaders\fP and
+\fBdecode\fP arguments to True, respectively.
+.SS LXC Management with Salt
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+This walkthrough assumes basic knowledge of Salt. To get up to speed, check
+out the \fBSalt Walkthrough\fP\&.
+.UNINDENT
+.UNINDENT
+.sp
+\fBWARNING:\fP
+.INDENT 0.0
+.INDENT 3.5
+Some features are only currently available in the \fBdevelop\fP branch, and
+are new in the upcoming 2015.5.0 release. These new features will be
+clearly labeled.
+Even in 2015.5 release, you will need up to the last changeset of this
+stable branch for the salt\-cloud stuff to work correctly.
+.UNINDENT
+.UNINDENT
+.SS Dependencies
+.sp
+Manipulation of LXC containers in Salt requires the minion to have an LXC
+version of at least 1.0 (an alpha or beta release of LXC 1.0 is acceptable).
+The following distributions are known to have new enough versions of LXC
+packaged:
+.INDENT 0.0
+.IP \(bu 2
+RHEL/CentOS 6 and later (via \fI\%EPEL\fP)
+.IP \(bu 2
+Fedora (All non\-EOL releases)
+.IP \(bu 2
+Debian 8.0 (Jessie)
+.IP \(bu 2
+Ubuntu 14.04 LTS and later (LXC templates are packaged separately as
+\fBlxc\-templates\fP, it is recommended to also install this package)
+.IP \(bu 2
+openSUSE 13.2 and later
+.UNINDENT
+.SS Profiles
+.sp
+Profiles allow for a sort of shorthand for commonly\-used
+configurations to be defined in the minion config file, \fIgrains\fP, \fIpillar\fP, or the master config file. The
+profile is retrieved by Salt using the \fBconfig.get\fP function, which looks in those locations, in that
+order. This allows for profiles to be defined centrally in the master config
+file, with several options for overriding them (if necessary) on groups of
+minions or individual minions.
+.sp
+There are two types of profiles:
+.INDENT 0.0
+.INDENT 3.5
+.INDENT 0.0
+.IP \(bu 2
+One for defining the parameters used in container creation/clone.
+.IP \(bu 2
+One for defining the container\(aqs network interface(s) settings.
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.SS Container Profiles
+.sp
+LXC container profiles are defined defined underneath the
+\fBlxc.container_profile\fP config option:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.container_profile:
+  centos:
+    template: centos
+    backing: lvm
+    vgname: vg1
+    lvname: lxclv
+    size: 10G
+  centos_big:
+    template: centos
+    backing: lvm
+    vgname: vg1
+    lvname: lxclv
+    size: 20G
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Profiles are retrieved using the \fBconfig.get\fP
+function, with the \fBrecurse\fP merge strategy. This means that a profile can be
+defined at a lower level (for example, the master config file) and then parts
+of it can be overridden at a higher level (for example, in pillar data).
+Consider the following container profile data:
+.sp
+\fBIn the Master config file:\fP
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.container_profile:
+  centos:
+    template: centos
+    backing: lvm
+    vgname: vg1
+    lvname: lxclv
+    size: 10G
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+\fBIn the Pillar data\fP
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.container_profile:
+  centos:
+    size: 20G
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Any minion with the above Pillar data would have the \fBsize\fP parameter in the
+\fBcentos\fP profile overriden to 20G, while those minions without the above
+Pillar data would have the 10G \fBsize\fP value. This is another way of achieving
+the same result as the \fBcentos_big\fP profile above, without having to define
+another whole profile that differs in just one value.
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+In the 2014.7.x release cycle and earlier, container profiles are defined
+under \fBlxc.profile\fP\&. This parameter will still work in version 2015.5.0,
+but is deprecated and will be removed in a future release. Please note
+however that the profile merging feature described above will only work
+with profiles defined under \fBlxc.container_profile\fP, and only in versions
+2015.5.0 and later.
+.UNINDENT
+.UNINDENT
+.sp
+Additionally, in version 2015.5.0 container profiles have been expanded to
+support passing template\-specific CLI options to \fBlxc.create\fP\&. Below is a table describing the parameters which
+can be configured in container profiles:
+.TS
+center;
+|l|l|l|.
+_
+T{
+Parameter
+T}	T{
+2015.5.0 and Newer
+T}	T{
+2014.7.x and Earlier
+T}
+_
+T{
+\fItemplate\fP\s-2\u1\d\s0
+T}	T{
+Yes
+T}	T{
+Yes
+T}
+_
+T{
+\fIoptions\fP\s-2\u1\d\s0
+T}	T{
+Yes
+T}	T{
+No
+T}
+_
+T{
+\fIimage\fP\s-2\u1\d\s0
+T}	T{
+Yes
+T}	T{
+Yes
+T}
+_
+T{
+\fIbacking\fP
+T}	T{
+Yes
+T}	T{
+Yes
+T}
+_
+T{
+\fIsnapshot\fP\s-2\u2\d\s0
+T}	T{
+Yes
+T}	T{
+Yes
+T}
+_
+T{
+\fIlvname\fP\s-2\u1\d\s0
+T}	T{
+Yes
+T}	T{
+Yes
+T}
+_
+T{
+\fIfstype\fP\s-2\u1\d\s0
+T}	T{
+Yes
+T}	T{
+Yes
+T}
+_
+T{
+\fIsize\fP
+T}	T{
+Yes
+T}	T{
+Yes
+T}
+_
+.TE
+.INDENT 0.0
+.IP 1. 3
+Parameter is only supported for container creation, and will be ignored if
+the profile is used when cloning a container.
+.IP 2. 3
+Parameter is only supported for container cloning, and will be ignored if
+the profile is used when not cloning a container.
+.UNINDENT
+.SS Network Profiles
+.sp
+LXC network profiles are defined defined underneath the \fBlxc.network_profile\fP
+config option.
+By default, the module uses a DHCP based configuration and try to guess a bridge to
+get connectivity.
+.sp
+\fBWARNING:\fP
+.INDENT 0.0
+.INDENT 3.5
+on pre \fB2015.5.2\fP, you need to specify explitly the network bridge
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.network_profile:
+  centos:
+    eth0:
+      link: br0
+      type: veth
+      flags: up
+  ubuntu:
+    eth0:
+      link: lxcbr0
+      type: veth
+      flags: up
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+As with container profiles, network profiles are retrieved using the
+\fBconfig.get\fP function, with the \fBrecurse\fP
+merge strategy. Consider the following network profile data:
+.sp
+\fBIn the Master config file:\fP
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.network_profile:
+  centos:
+    eth0:
+      link: br0
+      type: veth
+      flags: up
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+\fBIn the Pillar data\fP
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.network_profile:
+  centos:
+    eth0:
+      link: lxcbr0
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Any minion with the above Pillar data would use the \fBlxcbr0\fP interface as the
+bridge interface for any container configured using the \fBcentos\fP network
+profile, while those minions without the above Pillar data would use the
+\fBbr0\fP interface for the same.
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+In the 2014.7.x release cycle and earlier, network profiles are defined
+under \fBlxc.nic\fP\&. This parameter will still work in version 2015.5.0, but
+is deprecated and will be removed in a future release. Please note however
+that the profile merging feature described above will only work with
+profiles defined under \fBlxc.network_profile\fP, and only in versions
+2015.5.0 and later.
+.UNINDENT
+.UNINDENT
+.sp
+The following are parameters which can be configured in network profiles. These
+will directly correspond to a parameter in an LXC configuration file (see \fBman
+5 lxc.container.conf\fP).
+.INDENT 0.0
+.IP \(bu 2
+\fBtype\fP \- Corresponds to \fBlxc.network.type\fP
+.IP \(bu 2
+\fBlink\fP \- Corresponds to \fBlxc.network.link\fP
+.IP \(bu 2
+\fBflags\fP \- Corresponds to \fBlxc.network.flags\fP
+.UNINDENT
+.sp
+Interface\-specific options (MAC address, IPv4/IPv6, etc.) must be passed on a
+container\-by\-container basis, for instance using the \fBnic_opts\fP argument to
+\fBlxc.create\fP:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.create container1 profile=centos network_profile=centos nic_opts=\(aq{eth0: {ipv4: 10.0.0.20/24, gateway: 10.0.0.1}}\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+\fBWARNING:\fP
+.INDENT 0.0
+.INDENT 3.5
+The \fBipv4\fP, \fBipv6\fP, \fBgateway\fP, and \fBlink\fP (bridge) settings in
+network profiles / nic_opts will only work if the container doesnt redefine
+the network configuration (for example in
+\fB/etc/sysconfig/network\-scripts/ifcfg\-<interface_name>\fP on RHEL/CentOS,
+or \fB/etc/network/interfaces\fP on Debian/Ubuntu/etc.). Use these with
+caution. The container images installed using the \fBdownload\fP template,
+for instance, typically are configured for eth0 to use DHCP, which will
+conflict with static IP addresses set at the container level.
+.UNINDENT
+.UNINDENT
+.SS Old lxc support (<1.0.7)
+.sp
+With saltstack \fB2015.5.2\fP and above, normally the setting is autoselected, but
+before, you\(aqll need to teach your network profile to set
+\fBlxc.network.ipv4.gateway\fP to \fBauto\fP when using a classic ipv4 configuration.
+.sp
+Thus you\(aqll need
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.network_profile.foo:
+  etho:
+    link: lxcbr0
+    ipv4.gateway: auto
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Tricky network setups Examples
+.sp
+This example covers how to make a container with both an internal ip and a
+public routable ip, wired on two veth pairs.
+.sp
+The another interface which receives directly a public routable ip can\(aqt be on
+the first interface that we reserve for private inter LXC networking.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.network_profile.foo:
+  eth0: {gateway: null, bridge: lxcbr0}
+  eth1:
+    # replace that by your main interface
+    \(aqlink\(aq: \(aqbr0\(aq
+    \(aqmac\(aq: \(aq00:16:5b:01:24:e1\(aq
+    \(aqgateway\(aq: \(aq2.20.9.14\(aq
+    \(aqipv4\(aq: \(aq2.20.9.1\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Creating a Container on the CLI
+.SS From a Template
+.sp
+LXC is commonly distributed with several template scripts in
+/usr/share/lxc/templates. Some distros may package these separately in an
+\fBlxc\-templates\fP package, so make sure to check if this is the case.
+.sp
+There are LXC template scripts for several different operating systems, but
+some of them are designed to use tools specific to a given distribution. For
+instance, the \fBubuntu\fP template uses deb_bootstrap, the \fBcentos\fP template
+uses yum, etc., making these templates impractical when a container from a
+different OS is desired.
+.sp
+The \fBlxc.create\fP function is used to create
+containers using a template script. To create a CentOS container named
+\fBcontainer1\fP on a CentOS minion named \fBmycentosminion\fP, using the
+\fBcentos\fP LXC template, one can simply run the following command:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt mycentosminion lxc.create container1 template=centos
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+For these instances, there is a \fBdownload\fP template which retrieves minimal
+container images for several different operating systems. To use this template,
+it is necessary to provide an \fBoptions\fP parameter when creating the
+container, with three values:
+.INDENT 0.0
+.IP 1. 3
+\fBdist\fP \- the Linux distribution (i.e. \fBubuntu\fP or \fBcentos\fP)
+.IP 2. 3
+\fBrelease\fP \- the release name/version (i.e. \fBtrusty\fP or \fB6\fP)
+.IP 3. 3
+\fBarch\fP \- CPU architecture (i.e. \fBamd64\fP or \fBi386\fP)
+.UNINDENT
+.sp
+The \fBlxc.images\fP function (new in version
+2015.5.0) can be used to list the available images. Alternatively, the releases
+can be viewed on \fI\%http://images.linuxcontainers.org/images/\fP\&. The images are
+organized in such a way that the \fBdist\fP, \fBrelease\fP, and \fBarch\fP can be
+determined using the following URL format:
+\fBhttp://images.linuxcontainers.org/images/dist/release/arch\fP\&. For example,
+\fBhttp://images.linuxcontainers.org/images/centos/6/amd64\fP would correspond to
+a \fBdist\fP of \fBcentos\fP, a \fBrelease\fP of \fB6\fP, and an \fBarch\fP of \fBamd64\fP\&.
+.sp
+Therefore, to use the \fBdownload\fP template to create a new 64\-bit CentOS 6
+container, the following command can be used:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.create container1 template=download options=\(aq{dist: centos, release: 6, arch: amd64}\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+These command\-line options can be placed into a \fI\%container profile\fP, like so:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.container_profile.cent6:
+  template: download
+  options:
+    dist: centos
+    release: 6
+    arch: amd64
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+The \fBoptions\fP parameter is not supported in profiles for the 2014.7.x
+release cycle and earlier, so it would still need to be provided on the
+command\-line.
+.UNINDENT
+.UNINDENT
+.SS Cloning an Existing Container
+.sp
+To clone a container, use the \fBlxc.clone\fP
+function:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.clone container2 orig=container1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Using a Container Image
+.sp
+While cloning is a good way to create new containers from a common base
+container, the source container that is being cloned needs to already exist on
+the minion. This makes deploying a common container across minions difficult.
+For this reason, Salt\(aqs \fBlxc.create\fP is capable
+of installing a container from a tar archive of another container\(aqs rootfs. To
+create an image of a container named \fBcent6\fP, run the following command as
+root:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+tar czf cent6.tar.gz \-C /var/lib/lxc/cent6 rootfs
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+Before doing this, it is recommended that the container is stopped.
+.UNINDENT
+.UNINDENT
+.sp
+The resulting tarball can then be placed alongside the files in the salt
+fileserver and referenced using a \fBsalt://\fP URL. To create a container using
+an image, use the \fBimage\fP parameter with \fBlxc.create\fP:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.create new\-cent6 image=salt://path/to/cent6.tar.gz
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+Making images of containers with LVM backing
+.sp
+For containers with LVM backing, the rootfs is not mounted, so it is
+necessary to mount it first before creating the tar archive. When a
+container is created using LVM backing, an empty \fBrootfs\fP dir is handily
+created within \fB/var/lib/lxc/container_name\fP, so this can be used as the
+mountpoint. The location of the logical volume for the container will be
+\fB/dev/vgname/lvname\fP, where \fBvgname\fP is the name of the volume group,
+and \fBlvname\fP is the name of the logical volume. Therefore, assuming a
+volume group of \fBvg1\fP, a logical volume of \fBlxc\-cent6\fP, and a container
+name of \fBcent6\fP, the following commands can be used to create a tar
+archive of the rootfs:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+mount /dev/vg1/lxc\-cent6 /var/lib/lxc/cent6/rootfs
+tar czf cent6.tar.gz \-C /var/lib/lxc/cent6 rootfs
+umount /var/lib/lxc/cent6/rootfs
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.sp
+\fBWARNING:\fP
+.INDENT 0.0
+.INDENT 3.5
+One caveat of using this method of container creation is that
+\fB/etc/hosts\fP is left unmodified.  This could cause confusion for some
+distros if salt\-minion is later installed on the container, as the
+functions that determine the hostname take \fB/etc/hosts\fP into account.
+.sp
+Additionally, when creating an rootfs image, be sure to remove
+\fB/etc/salt/minion_id\fP and make sure that \fBid\fP is not defined in
+\fB/etc/salt/minion\fP, as this will cause similar issues.
+.UNINDENT
+.UNINDENT
+.SS Initializing a New Container as a Salt Minion
+.sp
+The above examples illustrate a few ways to create containers on the CLI, but
+often it is desirable to also have the new container run as a Minion. To do
+this, the \fBlxc.init\fP function can be used. This
+function will do the following:
+.INDENT 0.0
+.IP 1. 3
+Create a new container
+.IP 2. 3
+Optionally set password and/or DNS
+.IP 3. 3
+Bootstrap the minion (using either \fI\%salt\-bootstrap\fP or a custom command)
+.UNINDENT
+.sp
+By default, the new container will be pointed at the same Salt Master as the
+host machine on which the container was created. It will then request to
+authenticate with the Master like any other bootstrapped Minion, at which point
+it can be accepted.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.init test1 profile=centos
+salt\-key \-a test1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+For even greater convenience, the \fBLXC runner\fP contains
+a runner function of the same name (\fBlxc.init\fP),
+which creates a keypair, seeds the new minion with it, and pre\-accepts the key,
+allowing for the new Minion to be created and authorized in a single step:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-run lxc.init test1 host=myminion profile=centos
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Running Commands Within a Container
+.sp
+For containers which are not running their own Minion, commands can be run
+within the container in a manner similar to using (\fBcmd.run
+<salt.modules.cmdmod.run\fP). The means of doing this have been changed
+significantly in version 2015.5.0 (though the deprecated behavior will still be
+supported for a few releases). Both the old and new usage are documented
+below.
+.SS 2015.5.0 and Newer
+.sp
+New functions have been added to mimic the behavior of the functions in the
+\fBcmd\fP module. Below is a table with the \fBcmd\fP functions and their \fBlxc\fP module
+equivalents:
+.TS
+center;
+|l|l|l|.
+_
+T{
+Description
+T}	T{
+\fBcmd\fP module
+T}	T{
+\fBlxc\fP module
+T}
+_
+T{
+Run a command and get all output
+T}	T{
+\fBcmd.run\fP
+T}	T{
+\fBlxc.run\fP
+T}
+_
+T{
+Run a command and get just stdout
+T}	T{
+\fBcmd.run_stdout\fP
+T}	T{
+\fBlxc.run_stdout\fP
+T}
+_
+T{
+Run a command and get just stderr
+T}	T{
+\fBcmd.run_stderr\fP
+T}	T{
+\fBlxc.run_stderr\fP
+T}
+_
+T{
+Run a command and get just the retcode
+T}	T{
+\fBcmd.retcode\fP
+T}	T{
+\fBlxc.retcode\fP
+T}
+_
+T{
+Run a command and get all information
+T}	T{
+\fBcmd.run_all\fP
+T}	T{
+\fBlxc.run_all\fP
+T}
+_
+.TE
+.SS 2014.7.x and Earlier
+.sp
+Earlier Salt releases use a single function (\fBlxc.run_cmd\fP) to run commands within containers. Whether stdout,
+stderr, etc. are returned depends on how the function is invoked.
+.sp
+To run a command and return the stdout:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.run_cmd web1 \(aqtail /var/log/messages\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To run a command and return the stderr:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.run_cmd web1 \(aqtail /var/log/messages\(aq stdout=False stderr=True
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To run a command and return the retcode:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.run_cmd web1 \(aqtail /var/log/messages\(aq stdout=False stderr=False
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To run a command and return all information:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.run_cmd web1 \(aqtail /var/log/messages\(aq stdout=True stderr=True
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Container Management Using salt\-cloud
+.sp
+Salt cloud uses under the hood the salt runner and module to manage containers,
+Please look at \fIthis chapter\fP
+.SS Container Management Using States
+.sp
+Several states are being renamed or otherwise modified in version 2015.5.0. The
+information in this tutorial refers to the new states. For
+2014.7.x and earlier, please refer to the \fBdocumentation for the LXC
+states\fP\&.
+.SS Ensuring a Container Is Present
+.sp
+To ensure the existence of a named container, use the \fBlxc.present\fP state. Here are some examples:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+# Using a template
+web1:
+  lxc.present:
+    \- template: download
+    \- options:
+        dist: centos
+        release: 6
+        arch: amd64
+
+# Cloning
+web2:
+  lxc.present:
+    \- clone_from: web\-base
+
+# Using a rootfs image
+web3:
+  lxc.present:
+    \- image: salt://path/to/cent6.tar.gz
+
+# Using profiles
+web4:
+  lxc.present:
+    \- profile: centos_web
+    \- network_profile: centos
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+\fBWARNING:\fP
+.INDENT 0.0
+.INDENT 3.5
+The \fBlxc.present\fP state will not modify an
+existing container (in other words, it will not re\-create the container).
+If an \fBlxc.present\fP state is run on an
+existing container, there will be no change and the state will return a
+\fBTrue\fP result.
+.UNINDENT
+.UNINDENT
+.sp
+The \fBlxc.present\fP state also includes an
+optional \fBrunning\fP parameter which can be used to ensure that a container is
+running/stopped. Note that there are standalone \fBlxc.running\fP and \fBlxc.stopped\fP
+states which can be used for this purpose.
+.SS Ensuring a Container Does Not Exist
+.sp
+To ensure that a named container is not present, use the \fBlxc.absent\fP state. For example:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+web1:
+  lxc.absent
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Ensuring a Container is Running/Stopped/Frozen
+.sp
+Containers can be in one of three states:
+.INDENT 0.0
+.IP \(bu 2
+\fBrunning\fP \- Container is running and active
+.IP \(bu 2
+\fBfrozen\fP \- Container is running, but all process are blocked and the
+container is essentially non\-active until the container is "unfrozen"
+.IP \(bu 2
+\fBstopped\fP \- Container is not running
+.UNINDENT
+.sp
+Salt has three states (\fBlxc.running\fP,
+\fBlxc.frozen\fP, and \fBlxc.stopped\fP) which can be used to ensure a container is in one
+of these states:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+web1:
+  lxc.running
+
+# Restart the container if it was already running
+web2:
+  lxc.running:
+    \- restart: True
+
+web3:
+  lxc.stopped
+
+# Explicitly kill all tasks in container instead of gracefully stopping
+web4:
+  lxc.stopped:
+    \- kill: True
+
+web5:
+  lxc.frozen
+
+# If container is stopped, do not start it (in which case the state will fail)
+web6:
+  lxc.frozen:
+    \- start: False
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .SS Salt Virt
 .SS Salt as a Cloud Controller
 .sp
@@ -10833,142 +12376,1016 @@
 .UNINDENT
 .sp
 All logs relating to halite are logged to the default /var/log/salt/master file.
-.SS Using Salt at scale
-.SS Using salt at scale
-.sp
-The focus of this tutorial will be building a Salt infrastructure for handling
-large numbers of minions. This will include tuning, topology, and best practices.
-.sp
-For how to install the saltmaster please
-go here: \fI\%Installing saltstack\fP
+.SS LXC
+.SS LXC Management with Salt
 .sp
 \fBNOTE:\fP
 .INDENT 0.0
 .INDENT 3.5
-This tutorial is intended for large installations, although these same settings
-won\(aqt hurt, it may not be worth the complexity to smaller installations.
-.sp
-When used with minions, the term \(aqmany\(aq refers to at least a thousand
-and \(aqa few\(aq always means 500.
-.sp
-For simplicity reasons, this tutorial will default to the standard ports
-used by salt.
+This walkthrough assumes basic knowledge of Salt. To get up to speed, check
+out the \fBSalt Walkthrough\fP\&.
 .UNINDENT
 .UNINDENT
-.SS The Master
 .sp
-The most common problems on the salt\-master are:
+\fBWARNING:\fP
 .INDENT 0.0
-.IP 1. 3
-too many minions authing at once
-.IP 2. 3
-too many minions re\-authing at once
-.IP 3. 3
-too many minions re\-connecting at once
-.IP 4. 3
-too many minions returning at once
-.IP 5. 3
-too few resources (CPU/HDD)
+.INDENT 3.5
+Some features are only currently available in the \fBdevelop\fP branch, and
+are new in the upcoming 2015.5.0 release. These new features will be
+clearly labeled.
+Even in 2015.5 release, you will need up to the last changeset of this
+stable branch for the salt\-cloud stuff to work correctly.
 .UNINDENT
+.UNINDENT
+.SS Dependencies
 .sp
-The first three are all "thundering herd" problems. To mitigate these issues
-we must configure the minions to back\-off appropriately when the master is
-under heavy load.
-.sp
-The fourth is caused by masters with little hardware resources in combination
-with a possible bug in ZeroMQ. At least thats what it looks like till today
-(\fI\%Issue 118651\fP,
-\fI\%Issue 5948\fP,
-\fI\%Mail thread\fP)
-.sp
-To fully understand each problem, it is important to understand, how salt works.
-.sp
-Very briefly, the saltmaster offers two services to the minions.
+Manipulation of LXC containers in Salt requires the minion to have an LXC
+version of at least 1.0 (an alpha or beta release of LXC 1.0 is acceptable).
+The following distributions are known to have new enough versions of LXC
+packaged:
 .INDENT 0.0
 .IP \(bu 2
-a job publisher on port 4505
+RHEL/CentOS 6 and later (via \fI\%EPEL\fP)
 .IP \(bu 2
-an open port 4506 to receive the minions returns
+Fedora (All non\-EOL releases)
+.IP \(bu 2
+Debian 8.0 (Jessie)
+.IP \(bu 2
+Ubuntu 14.04 LTS and later (LXC templates are packaged separately as
+\fBlxc\-templates\fP, it is recommended to also install this package)
+.IP \(bu 2
+openSUSE 13.2 and later
 .UNINDENT
+.SS Profiles
 .sp
-All minions are always connected to the publisher on port 4505 and only connect
-to the open return port 4506 if necessary. On an idle master, there will only
-be connections on port 4505.
-.SS Too many minions authing
-.sp
-When the minion service is first started up, it will connect to its master\(aqs publisher
-on port 4505. If too many minions are started at once, this can cause a "thundering herd".
-This can be avoided by not starting too many minions at once.
-.sp
-The connection itself usually isn\(aqt the culprit, the more likely cause of master\-side
-issues is the authentication that the minion must do with the master. If the master
-is too heavily loaded to handle the auth request it will time it out. The minion
-will then wait \fIacceptance_wait_time\fP to retry. If \fIacceptance_wait_time_max\fP is
-set then the minion will increase its wait time by the \fIacceptance_wait_time\fP each
-subsequent retry until reaching \fIacceptance_wait_time_max\fP\&.
-.SS Too many minions re\-authing
+Profiles allow for a sort of shorthand for commonly\-used
+configurations to be defined in the minion config file, \fIgrains\fP, \fIpillar\fP, or the master config file. The
+profile is retrieved by Salt using the \fBconfig.get\fP function, which looks in those locations, in that
+order. This allows for profiles to be defined centrally in the master config
+file, with several options for overriding them (if necessary) on groups of
+minions or individual minions.
 .sp
-This is most likely to happen in the testing phase, when all minion keys have
-already been accepted, the framework is being tested and parameters change
-frequently in the masters configuration file.
+There are two types of profiles:
+.INDENT 0.0
+.INDENT 3.5
+.INDENT 0.0
+.IP \(bu 2
+One for defining the parameters used in container creation/clone.
+.IP \(bu 2
+One for defining the container\(aqs network interface(s) settings.
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.SS Container Profiles
 .sp
-In a few cases (master restart, remove minion key, etc.) the salt\-master generates
-a new AES\-key to encrypt its publications with. The minions aren\(aqt notified of
-this but will realize this on the next pub job they receive. When the minion
-receives such a job it will then re\-auth with the master. Since Salt does minion\-side
-filtering this means that all the minions will re\-auth on the next command published
-on the master\-\- causing another "thundering herd". This can be avoided by
-setting the
+LXC container profiles are defined defined underneath the
+\fBlxc.container_profile\fP config option:
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-random_reauth_delay: 60
+lxc.container_profile:
+  centos:
+    template: centos
+    backing: lvm
+    vgname: vg1
+    lvname: lxclv
+    size: 10G
+  centos_big:
+    template: centos
+    backing: lvm
+    vgname: vg1
+    lvname: lxclv
+    size: 20G
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
-in the minions configuration file to a higher value and stagger the amount
-of re\-auth attempts. Increasing this value will of course increase the time
-it takes until all minions are reachable via salt commands.
-.SS Too many minions re\-connecting
-.sp
-By default the zmq socket will re\-connect every 100ms which for some larger
-installations may be too quick. This will control how quickly the TCP session is
-re\-established, but has no bearing on the auth load.
+Profiles are retrieved using the \fBconfig.get\fP
+function, with the \fBrecurse\fP merge strategy. This means that a profile can be
+defined at a lower level (for example, the master config file) and then parts
+of it can be overridden at a higher level (for example, in pillar data).
+Consider the following container profile data:
 .sp
-To tune the minions sockets reconnect attempts, there are a few values in
-the sample configuration file (default values)
+\fBIn the Master config file:\fP
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-recon_default: 100ms
-recon_max: 5000
-recon_randomize: True
+lxc.container_profile:
+  centos:
+    template: centos
+    backing: lvm
+    vgname: vg1
+    lvname: lxclv
+    size: 10G
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
-.INDENT 0.0
-.IP \(bu 2
-recon_default: the default value the socket should use, i.e. 100ms
-.IP \(bu 2
-recon_max: the max value that the socket should use as a delay before trying to reconnect
-.IP \(bu 2
-recon_randomize: enables randomization between recon_default and recon_max
-.UNINDENT
 .sp
-To tune this values to an existing environment, a few decision have to be made.
+\fBIn the Pillar data\fP
 .INDENT 0.0
-.IP 1. 3
-How long can one wait, before the minions should be online and reachable via salt?
-.IP 2. 3
-How many reconnects can the master handle without a syn flood?
-.UNINDENT
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.container_profile:
+  centos:
+    size: 20G
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Any minion with the above Pillar data would have the \fBsize\fP parameter in the
+\fBcentos\fP profile overriden to 20G, while those minions without the above
+Pillar data would have the 10G \fBsize\fP value. This is another way of achieving
+the same result as the \fBcentos_big\fP profile above, without having to define
+another whole profile that differs in just one value.
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+In the 2014.7.x release cycle and earlier, container profiles are defined
+under \fBlxc.profile\fP\&. This parameter will still work in version 2015.5.0,
+but is deprecated and will be removed in a future release. Please note
+however that the profile merging feature described above will only work
+with profiles defined under \fBlxc.container_profile\fP, and only in versions
+2015.5.0 and later.
+.UNINDENT
+.UNINDENT
+.sp
+Additionally, in version 2015.5.0 container profiles have been expanded to
+support passing template\-specific CLI options to \fBlxc.create\fP\&. Below is a table describing the parameters which
+can be configured in container profiles:
+.TS
+center;
+|l|l|l|.
+_
+T{
+Parameter
+T}	T{
+2015.5.0 and Newer
+T}	T{
+2014.7.x and Earlier
+T}
+_
+T{
+\fItemplate\fP\s-2\u1\d\s0
+T}	T{
+Yes
+T}	T{
+Yes
+T}
+_
+T{
+\fIoptions\fP\s-2\u1\d\s0
+T}	T{
+Yes
+T}	T{
+No
+T}
+_
+T{
+\fIimage\fP\s-2\u1\d\s0
+T}	T{
+Yes
+T}	T{
+Yes
+T}
+_
+T{
+\fIbacking\fP
+T}	T{
+Yes
+T}	T{
+Yes
+T}
+_
+T{
+\fIsnapshot\fP\s-2\u2\d\s0
+T}	T{
+Yes
+T}	T{
+Yes
+T}
+_
+T{
+\fIlvname\fP\s-2\u1\d\s0
+T}	T{
+Yes
+T}	T{
+Yes
+T}
+_
+T{
+\fIfstype\fP\s-2\u1\d\s0
+T}	T{
+Yes
+T}	T{
+Yes
+T}
+_
+T{
+\fIsize\fP
+T}	T{
+Yes
+T}	T{
+Yes
+T}
+_
+.TE
+.INDENT 0.0
+.IP 1. 3
+Parameter is only supported for container creation, and will be ignored if
+the profile is used when cloning a container.
+.IP 2. 3
+Parameter is only supported for container cloning, and will be ignored if
+the profile is used when not cloning a container.
+.UNINDENT
+.SS Network Profiles
+.sp
+LXC network profiles are defined defined underneath the \fBlxc.network_profile\fP
+config option.
+By default, the module uses a DHCP based configuration and try to guess a bridge to
+get connectivity.
+.sp
+\fBWARNING:\fP
+.INDENT 0.0
+.INDENT 3.5
+on pre \fB2015.5.2\fP, you need to specify explitly the network bridge
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.network_profile:
+  centos:
+    eth0:
+      link: br0
+      type: veth
+      flags: up
+  ubuntu:
+    eth0:
+      link: lxcbr0
+      type: veth
+      flags: up
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+As with container profiles, network profiles are retrieved using the
+\fBconfig.get\fP function, with the \fBrecurse\fP
+merge strategy. Consider the following network profile data:
+.sp
+\fBIn the Master config file:\fP
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.network_profile:
+  centos:
+    eth0:
+      link: br0
+      type: veth
+      flags: up
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+\fBIn the Pillar data\fP
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.network_profile:
+  centos:
+    eth0:
+      link: lxcbr0
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Any minion with the above Pillar data would use the \fBlxcbr0\fP interface as the
+bridge interface for any container configured using the \fBcentos\fP network
+profile, while those minions without the above Pillar data would use the
+\fBbr0\fP interface for the same.
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+In the 2014.7.x release cycle and earlier, network profiles are defined
+under \fBlxc.nic\fP\&. This parameter will still work in version 2015.5.0, but
+is deprecated and will be removed in a future release. Please note however
+that the profile merging feature described above will only work with
+profiles defined under \fBlxc.network_profile\fP, and only in versions
+2015.5.0 and later.
+.UNINDENT
+.UNINDENT
+.sp
+The following are parameters which can be configured in network profiles. These
+will directly correspond to a parameter in an LXC configuration file (see \fBman
+5 lxc.container.conf\fP).
+.INDENT 0.0
+.IP \(bu 2
+\fBtype\fP \- Corresponds to \fBlxc.network.type\fP
+.IP \(bu 2
+\fBlink\fP \- Corresponds to \fBlxc.network.link\fP
+.IP \(bu 2
+\fBflags\fP \- Corresponds to \fBlxc.network.flags\fP
+.UNINDENT
+.sp
+Interface\-specific options (MAC address, IPv4/IPv6, etc.) must be passed on a
+container\-by\-container basis, for instance using the \fBnic_opts\fP argument to
+\fBlxc.create\fP:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.create container1 profile=centos network_profile=centos nic_opts=\(aq{eth0: {ipv4: 10.0.0.20/24, gateway: 10.0.0.1}}\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+\fBWARNING:\fP
+.INDENT 0.0
+.INDENT 3.5
+The \fBipv4\fP, \fBipv6\fP, \fBgateway\fP, and \fBlink\fP (bridge) settings in
+network profiles / nic_opts will only work if the container doesnt redefine
+the network configuration (for example in
+\fB/etc/sysconfig/network\-scripts/ifcfg\-<interface_name>\fP on RHEL/CentOS,
+or \fB/etc/network/interfaces\fP on Debian/Ubuntu/etc.). Use these with
+caution. The container images installed using the \fBdownload\fP template,
+for instance, typically are configured for eth0 to use DHCP, which will
+conflict with static IP addresses set at the container level.
+.UNINDENT
+.UNINDENT
+.SS Old lxc support (<1.0.7)
+.sp
+With saltstack \fB2015.5.2\fP and above, normally the setting is autoselected, but
+before, you\(aqll need to teach your network profile to set
+\fBlxc.network.ipv4.gateway\fP to \fBauto\fP when using a classic ipv4 configuration.
+.sp
+Thus you\(aqll need
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.network_profile.foo:
+  etho:
+    link: lxcbr0
+    ipv4.gateway: auto
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Tricky network setups Examples
+.sp
+This example covers how to make a container with both an internal ip and a
+public routable ip, wired on two veth pairs.
+.sp
+The another interface which receives directly a public routable ip can\(aqt be on
+the first interface that we reserve for private inter LXC networking.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.network_profile.foo:
+  eth0: {gateway: null, bridge: lxcbr0}
+  eth1:
+    # replace that by your main interface
+    \(aqlink\(aq: \(aqbr0\(aq
+    \(aqmac\(aq: \(aq00:16:5b:01:24:e1\(aq
+    \(aqgateway\(aq: \(aq2.20.9.14\(aq
+    \(aqipv4\(aq: \(aq2.20.9.1\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Creating a Container on the CLI
+.SS From a Template
+.sp
+LXC is commonly distributed with several template scripts in
+/usr/share/lxc/templates. Some distros may package these separately in an
+\fBlxc\-templates\fP package, so make sure to check if this is the case.
+.sp
+There are LXC template scripts for several different operating systems, but
+some of them are designed to use tools specific to a given distribution. For
+instance, the \fBubuntu\fP template uses deb_bootstrap, the \fBcentos\fP template
+uses yum, etc., making these templates impractical when a container from a
+different OS is desired.
+.sp
+The \fBlxc.create\fP function is used to create
+containers using a template script. To create a CentOS container named
+\fBcontainer1\fP on a CentOS minion named \fBmycentosminion\fP, using the
+\fBcentos\fP LXC template, one can simply run the following command:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt mycentosminion lxc.create container1 template=centos
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+For these instances, there is a \fBdownload\fP template which retrieves minimal
+container images for several different operating systems. To use this template,
+it is necessary to provide an \fBoptions\fP parameter when creating the
+container, with three values:
+.INDENT 0.0
+.IP 1. 3
+\fBdist\fP \- the Linux distribution (i.e. \fBubuntu\fP or \fBcentos\fP)
+.IP 2. 3
+\fBrelease\fP \- the release name/version (i.e. \fBtrusty\fP or \fB6\fP)
+.IP 3. 3
+\fBarch\fP \- CPU architecture (i.e. \fBamd64\fP or \fBi386\fP)
+.UNINDENT
+.sp
+The \fBlxc.images\fP function (new in version
+2015.5.0) can be used to list the available images. Alternatively, the releases
+can be viewed on \fI\%http://images.linuxcontainers.org/images/\fP\&. The images are
+organized in such a way that the \fBdist\fP, \fBrelease\fP, and \fBarch\fP can be
+determined using the following URL format:
+\fBhttp://images.linuxcontainers.org/images/dist/release/arch\fP\&. For example,
+\fBhttp://images.linuxcontainers.org/images/centos/6/amd64\fP would correspond to
+a \fBdist\fP of \fBcentos\fP, a \fBrelease\fP of \fB6\fP, and an \fBarch\fP of \fBamd64\fP\&.
+.sp
+Therefore, to use the \fBdownload\fP template to create a new 64\-bit CentOS 6
+container, the following command can be used:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.create container1 template=download options=\(aq{dist: centos, release: 6, arch: amd64}\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+These command\-line options can be placed into a \fI\%container profile\fP, like so:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.container_profile.cent6:
+  template: download
+  options:
+    dist: centos
+    release: 6
+    arch: amd64
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+The \fBoptions\fP parameter is not supported in profiles for the 2014.7.x
+release cycle and earlier, so it would still need to be provided on the
+command\-line.
+.UNINDENT
+.UNINDENT
+.SS Cloning an Existing Container
+.sp
+To clone a container, use the \fBlxc.clone\fP
+function:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.clone container2 orig=container1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Using a Container Image
+.sp
+While cloning is a good way to create new containers from a common base
+container, the source container that is being cloned needs to already exist on
+the minion. This makes deploying a common container across minions difficult.
+For this reason, Salt\(aqs \fBlxc.create\fP is capable
+of installing a container from a tar archive of another container\(aqs rootfs. To
+create an image of a container named \fBcent6\fP, run the following command as
+root:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+tar czf cent6.tar.gz \-C /var/lib/lxc/cent6 rootfs
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+Before doing this, it is recommended that the container is stopped.
+.UNINDENT
+.UNINDENT
+.sp
+The resulting tarball can then be placed alongside the files in the salt
+fileserver and referenced using a \fBsalt://\fP URL. To create a container using
+an image, use the \fBimage\fP parameter with \fBlxc.create\fP:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.create new\-cent6 image=salt://path/to/cent6.tar.gz
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+Making images of containers with LVM backing
+.sp
+For containers with LVM backing, the rootfs is not mounted, so it is
+necessary to mount it first before creating the tar archive. When a
+container is created using LVM backing, an empty \fBrootfs\fP dir is handily
+created within \fB/var/lib/lxc/container_name\fP, so this can be used as the
+mountpoint. The location of the logical volume for the container will be
+\fB/dev/vgname/lvname\fP, where \fBvgname\fP is the name of the volume group,
+and \fBlvname\fP is the name of the logical volume. Therefore, assuming a
+volume group of \fBvg1\fP, a logical volume of \fBlxc\-cent6\fP, and a container
+name of \fBcent6\fP, the following commands can be used to create a tar
+archive of the rootfs:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+mount /dev/vg1/lxc\-cent6 /var/lib/lxc/cent6/rootfs
+tar czf cent6.tar.gz \-C /var/lib/lxc/cent6 rootfs
+umount /var/lib/lxc/cent6/rootfs
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.sp
+\fBWARNING:\fP
+.INDENT 0.0
+.INDENT 3.5
+One caveat of using this method of container creation is that
+\fB/etc/hosts\fP is left unmodified.  This could cause confusion for some
+distros if salt\-minion is later installed on the container, as the
+functions that determine the hostname take \fB/etc/hosts\fP into account.
+.sp
+Additionally, when creating an rootfs image, be sure to remove
+\fB/etc/salt/minion_id\fP and make sure that \fBid\fP is not defined in
+\fB/etc/salt/minion\fP, as this will cause similar issues.
+.UNINDENT
+.UNINDENT
+.SS Initializing a New Container as a Salt Minion
+.sp
+The above examples illustrate a few ways to create containers on the CLI, but
+often it is desirable to also have the new container run as a Minion. To do
+this, the \fBlxc.init\fP function can be used. This
+function will do the following:
+.INDENT 0.0
+.IP 1. 3
+Create a new container
+.IP 2. 3
+Optionally set password and/or DNS
+.IP 3. 3
+Bootstrap the minion (using either \fI\%salt\-bootstrap\fP or a custom command)
+.UNINDENT
+.sp
+By default, the new container will be pointed at the same Salt Master as the
+host machine on which the container was created. It will then request to
+authenticate with the Master like any other bootstrapped Minion, at which point
+it can be accepted.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.init test1 profile=centos
+salt\-key \-a test1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+For even greater convenience, the \fBLXC runner\fP contains
+a runner function of the same name (\fBlxc.init\fP),
+which creates a keypair, seeds the new minion with it, and pre\-accepts the key,
+allowing for the new Minion to be created and authorized in a single step:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-run lxc.init test1 host=myminion profile=centos
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Running Commands Within a Container
+.sp
+For containers which are not running their own Minion, commands can be run
+within the container in a manner similar to using (\fBcmd.run
+<salt.modules.cmdmod.run\fP). The means of doing this have been changed
+significantly in version 2015.5.0 (though the deprecated behavior will still be
+supported for a few releases). Both the old and new usage are documented
+below.
+.SS 2015.5.0 and Newer
+.sp
+New functions have been added to mimic the behavior of the functions in the
+\fBcmd\fP module. Below is a table with the \fBcmd\fP functions and their \fBlxc\fP module
+equivalents:
+.TS
+center;
+|l|l|l|.
+_
+T{
+Description
+T}	T{
+\fBcmd\fP module
+T}	T{
+\fBlxc\fP module
+T}
+_
+T{
+Run a command and get all output
+T}	T{
+\fBcmd.run\fP
+T}	T{
+\fBlxc.run\fP
+T}
+_
+T{
+Run a command and get just stdout
+T}	T{
+\fBcmd.run_stdout\fP
+T}	T{
+\fBlxc.run_stdout\fP
+T}
+_
+T{
+Run a command and get just stderr
+T}	T{
+\fBcmd.run_stderr\fP
+T}	T{
+\fBlxc.run_stderr\fP
+T}
+_
+T{
+Run a command and get just the retcode
+T}	T{
+\fBcmd.retcode\fP
+T}	T{
+\fBlxc.retcode\fP
+T}
+_
+T{
+Run a command and get all information
+T}	T{
+\fBcmd.run_all\fP
+T}	T{
+\fBlxc.run_all\fP
+T}
+_
+.TE
+.SS 2014.7.x and Earlier
+.sp
+Earlier Salt releases use a single function (\fBlxc.run_cmd\fP) to run commands within containers. Whether stdout,
+stderr, etc. are returned depends on how the function is invoked.
+.sp
+To run a command and return the stdout:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.run_cmd web1 \(aqtail /var/log/messages\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To run a command and return the stderr:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.run_cmd web1 \(aqtail /var/log/messages\(aq stdout=False stderr=True
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To run a command and return the retcode:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.run_cmd web1 \(aqtail /var/log/messages\(aq stdout=False stderr=False
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To run a command and return all information:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.run_cmd web1 \(aqtail /var/log/messages\(aq stdout=True stderr=True
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Container Management Using salt\-cloud
+.sp
+Salt cloud uses under the hood the salt runner and module to manage containers,
+Please look at \fIthis chapter\fP
+.SS Container Management Using States
+.sp
+Several states are being renamed or otherwise modified in version 2015.5.0. The
+information in this tutorial refers to the new states. For
+2014.7.x and earlier, please refer to the \fBdocumentation for the LXC
+states\fP\&.
+.SS Ensuring a Container Is Present
+.sp
+To ensure the existence of a named container, use the \fBlxc.present\fP state. Here are some examples:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+# Using a template
+web1:
+  lxc.present:
+    \- template: download
+    \- options:
+        dist: centos
+        release: 6
+        arch: amd64
+
+# Cloning
+web2:
+  lxc.present:
+    \- clone_from: web\-base
+
+# Using a rootfs image
+web3:
+  lxc.present:
+    \- image: salt://path/to/cent6.tar.gz
+
+# Using profiles
+web4:
+  lxc.present:
+    \- profile: centos_web
+    \- network_profile: centos
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+\fBWARNING:\fP
+.INDENT 0.0
+.INDENT 3.5
+The \fBlxc.present\fP state will not modify an
+existing container (in other words, it will not re\-create the container).
+If an \fBlxc.present\fP state is run on an
+existing container, there will be no change and the state will return a
+\fBTrue\fP result.
+.UNINDENT
+.UNINDENT
+.sp
+The \fBlxc.present\fP state also includes an
+optional \fBrunning\fP parameter which can be used to ensure that a container is
+running/stopped. Note that there are standalone \fBlxc.running\fP and \fBlxc.stopped\fP
+states which can be used for this purpose.
+.SS Ensuring a Container Does Not Exist
+.sp
+To ensure that a named container is not present, use the \fBlxc.absent\fP state. For example:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+web1:
+  lxc.absent
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Ensuring a Container is Running/Stopped/Frozen
+.sp
+Containers can be in one of three states:
+.INDENT 0.0
+.IP \(bu 2
+\fBrunning\fP \- Container is running and active
+.IP \(bu 2
+\fBfrozen\fP \- Container is running, but all process are blocked and the
+container is essentially non\-active until the container is "unfrozen"
+.IP \(bu 2
+\fBstopped\fP \- Container is not running
+.UNINDENT
+.sp
+Salt has three states (\fBlxc.running\fP,
+\fBlxc.frozen\fP, and \fBlxc.stopped\fP) which can be used to ensure a container is in one
+of these states:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+web1:
+  lxc.running
+
+# Restart the container if it was already running
+web2:
+  lxc.running:
+    \- restart: True
+
+web3:
+  lxc.stopped
+
+# Explicitly kill all tasks in container instead of gracefully stopping
+web4:
+  lxc.stopped:
+    \- kill: True
+
+web5:
+  lxc.frozen
+
+# If container is stopped, do not start it (in which case the state will fail)
+web6:
+  lxc.frozen:
+    \- start: False
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Using Salt at scale
+.SS Using salt at scale
+.sp
+The focus of this tutorial will be building a Salt infrastructure for handling
+large numbers of minions. This will include tuning, topology, and best practices.
+.sp
+For how to install the saltmaster please
+go here: \fI\%Installing saltstack\fP
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+This tutorial is intended for large installations, although these same settings
+won\(aqt hurt, it may not be worth the complexity to smaller installations.
+.sp
+When used with minions, the term \(aqmany\(aq refers to at least a thousand
+and \(aqa few\(aq always means 500.
+.sp
+For simplicity reasons, this tutorial will default to the standard ports
+used by salt.
+.UNINDENT
+.UNINDENT
+.SS The Master
+.sp
+The most common problems on the salt\-master are:
+.INDENT 0.0
+.IP 1. 3
+too many minions authing at once
+.IP 2. 3
+too many minions re\-authing at once
+.IP 3. 3
+too many minions re\-connecting at once
+.IP 4. 3
+too many minions returning at once
+.IP 5. 3
+too few resources (CPU/HDD)
+.UNINDENT
+.sp
+The first three are all "thundering herd" problems. To mitigate these issues
+we must configure the minions to back\-off appropriately when the master is
+under heavy load.
+.sp
+The fourth is caused by masters with little hardware resources in combination
+with a possible bug in ZeroMQ. At least thats what it looks like till today
+(\fI\%Issue 118651\fP,
+\fI\%Issue 5948\fP,
+\fI\%Mail thread\fP)
+.sp
+To fully understand each problem, it is important to understand, how salt works.
+.sp
+Very briefly, the saltmaster offers two services to the minions.
+.INDENT 0.0
+.IP \(bu 2
+a job publisher on port 4505
+.IP \(bu 2
+an open port 4506 to receive the minions returns
+.UNINDENT
+.sp
+All minions are always connected to the publisher on port 4505 and only connect
+to the open return port 4506 if necessary. On an idle master, there will only
+be connections on port 4505.
+.SS Too many minions authing
+.sp
+When the minion service is first started up, it will connect to its master\(aqs publisher
+on port 4505. If too many minions are started at once, this can cause a "thundering herd".
+This can be avoided by not starting too many minions at once.
+.sp
+The connection itself usually isn\(aqt the culprit, the more likely cause of master\-side
+issues is the authentication that the minion must do with the master. If the master
+is too heavily loaded to handle the auth request it will time it out. The minion
+will then wait \fIacceptance_wait_time\fP to retry. If \fIacceptance_wait_time_max\fP is
+set then the minion will increase its wait time by the \fIacceptance_wait_time\fP each
+subsequent retry until reaching \fIacceptance_wait_time_max\fP\&.
+.SS Too many minions re\-authing
+.sp
+This is most likely to happen in the testing phase, when all minion keys have
+already been accepted, the framework is being tested and parameters change
+frequently in the masters configuration file.
+.sp
+In a few cases (master restart, remove minion key, etc.) the salt\-master generates
+a new AES\-key to encrypt its publications with. The minions aren\(aqt notified of
+this but will realize this on the next pub job they receive. When the minion
+receives such a job it will then re\-auth with the master. Since Salt does minion\-side
+filtering this means that all the minions will re\-auth on the next command published
+on the master\-\- causing another "thundering herd". This can be avoided by
+setting the
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+random_reauth_delay: 60
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+in the minions configuration file to a higher value and stagger the amount
+of re\-auth attempts. Increasing this value will of course increase the time
+it takes until all minions are reachable via salt commands.
+.SS Too many minions re\-connecting
+.sp
+By default the zmq socket will re\-connect every 100ms which for some larger
+installations may be too quick. This will control how quickly the TCP session is
+re\-established, but has no bearing on the auth load.
+.sp
+To tune the minions sockets reconnect attempts, there are a few values in
+the sample configuration file (default values)
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+recon_default: 100ms
+recon_max: 5000
+recon_randomize: True
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.IP \(bu 2
+recon_default: the default value the socket should use, i.e. 100ms
+.IP \(bu 2
+recon_max: the max value that the socket should use as a delay before trying to reconnect
+.IP \(bu 2
+recon_randomize: enables randomization between recon_default and recon_max
+.UNINDENT
+.sp
+To tune this values to an existing environment, a few decision have to be made.
+.INDENT 0.0
+.IP 1. 3
+How long can one wait, before the minions should be online and reachable via salt?
+.IP 2. 3
+How many reconnects can the master handle without a syn flood?
+.UNINDENT
 .sp
 These questions can not be answered generally. Their answers depend on the
 hardware and the administrators requirements.
@@ -11165,7 +13582,7 @@
 Apache httpd server specifies the machine \fBweb1\fP as the target and the
 command will only be run on that one minion.
 .sp
-Similarly when using States, the following top file specifies that only
+Similarly when using States, the following \fItop file\fP specifies that only
 the \fBweb1\fP minion should execute the contents of \fBwebserver.sls\fP:
 .INDENT 0.0
 .INDENT 3.5
@@ -11193,15 +13610,15 @@
 .INDENT 3.5
 minion id and minion keys
 .sp
-The minion id is used to generate the minion\(aqs public/private keys
+The \fIminion id\fP is used to generate the minion\(aqs public/private keys
 and if it ever changes the master must then accept the new key as though
 the minion was a new host.
 .UNINDENT
 .UNINDENT
 .SS Globbing
 .sp
-The default matching that Salt utilizes is \fI\%shell\-style globbing\fP around the minion id\&. This also works for states
-in the top file\&.
+The default matching that Salt utilizes is \fI\%shell\-style globbing\fP around the \fIminion id\fP\&. This also works for states
+in the \fItop file\fP\&.
 .sp
 \fBNOTE:\fP
 .INDENT 0.0
@@ -11308,7 +13725,7 @@
 .UNINDENT
 .UNINDENT
 .sp
-When using regular expressions in a State\(aqs top file, you must specify
+When using regular expressions in a State\(aqs \fItop file\fP, you must specify
 the matcher as the first option. The following example executes the contents of
 \fBwebserver.sls\fP on the above\-mentioned minions.
 .INDENT 0.0
@@ -11473,7 +13890,7 @@
 .UNINDENT
 .SS Matching Grains in the Top File
 .sp
-With correctly configured grains on the Minion, the top file used in
+With correctly configured grains on the Minion, the \fItop file\fP used in
 Pillar or during Highstate can be made very efficient. For example, consider
 the following configuration:
 .INDENT 0.0
@@ -11504,7 +13921,7 @@
 For this example to work, you would need to have defined the grain
 \fBnode_type\fP for the minions you wish to match. This simple example is nice,
 but too much of the code is similar. To go one step further, Jinja templating
-can be used to simplify the top file\&.
+can be used to simplify the \fItop file\fP\&.
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -11576,8 +13993,8 @@
 .INDENT 0.0
 .INDENT 3.5
 Custom grains will not be available in the top file until after the first
-highstate\&. To make custom grains available on a
-minion\(aqs first highstate, it is recommended to use this example to ensure that the custom grains are synced when
+\fIhighstate\fP\&. To make custom grains available on a
+minion\(aqs first highstate, it is recommended to use \fIthis example\fP to ensure that the custom grains are synced when
 the minion starts.
 .UNINDENT
 .UNINDENT
@@ -11641,7 +14058,7 @@
 .sp
 Compound matchers allow very granular minion targeting using any of Salt\(aqs
 matchers. The default matcher is a \fI\%glob\fP match, just as
-with CLI and top file matching. To match using anything other than a
+with CLI and \fItop file\fP matching. To match using anything other than a
 glob, prefix the match string with the appropriate letter from the table below,
 followed by an \fB@\fP sign.
 .TS
@@ -11730,7 +14147,7 @@
 .UNINDENT
 .UNINDENT
 .sp
-That same example expressed in a top file looks like the following:
+That same example expressed in a \fItop file\fP looks like the following:
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -11841,7 +14258,7 @@
 .UNINDENT
 .UNINDENT
 .sp
-To match a nodegroup in your top file, make sure to put \fB\- match:
+To match a nodegroup in your \fItop file\fP, make sure to put \fB\- match:
 nodegroup\fP on the line directly following the nodegroup name.
 .INDENT 0.0
 .INDENT 3.5
@@ -12688,7 +15105,7 @@
 \fBSEE ALSO:\fP
 .INDENT 0.0
 .INDENT 3.5
-Common Salt Events
+\fICommon Salt Events\fP
 .UNINDENT
 .UNINDENT
 .sp
@@ -12804,7 +15221,7 @@
 Reactor still needs to call a function on the master in order to send the
 necessary data to the minion so the minion can execute that function.
 .sp
-The Reactor calls functions exposed in Salt\(aqs Python API documentation\&. and thus the structure of Reactor files very transparently
+The Reactor calls functions exposed in \fISalt\(aqs Python API documentation\fP\&. and thus the structure of Reactor files very transparently
 reflects the function signatures of those functions.
 .SS Calling Execution modules on Minions
 .sp
@@ -13006,7 +15423,7 @@
 .sp
 Finally, that data is available in the state file using the normal Pillar
 lookup syntax. The following example is grabbing web server names and IP
-addresses from Salt Mine\&. If this state is invoked from the
+addresses from \fISalt Mine\fP\&. If this state is invoked from the
 Reactor then the custom Pillar value from above will be available and the new
 minion will be added to the pool but with the \fBdisabled\fP flag so that HAProxy
 won\(aqt yet direct traffic to it.
@@ -13355,7 +15772,7 @@
 .ft C
 <...file contents snipped...>
 
-{% for server, addrs in salt[\(aqmine.get\(aq](\(aqroles:web\(aq, \(aqnetwork.ip_addrs\(aq, expr_form=\(aqgrain\(aq).items() %}
+{% for server, addrs in salt[\(aqmine.get\(aq](\(aqroles:web\(aq, \(aqnetwork.ip_addrs\(aq, expr_form=\(aqpillar\(aq).items() %}
 server {{ server }} {{ addrs[0] }}:80 check
 {% endfor %}
 
@@ -13372,7 +15789,7 @@
 .sp
 The external authentication system allows for specific users to be granted
 access to execute specific functions on specific minions. Access is configured
-in the master configuration file and uses the access control system:
+in the master configuration file and uses the \fIaccess control system\fP:
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -13402,8 +15819,8 @@
 .UNINDENT
 .UNINDENT
 .sp
-To allow access to wheel modules or runner
-modules the following \fB@\fP syntax must be used:
+To allow access to \fIwheel modules\fP or \fIrunner
+modules\fP the following \fB@\fP syntax must be used:
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -13653,7 +16070,7 @@
 .nf
 .ft C
 external_auth:
-ldap:
+  ldap:
     test_ldap_group%:
       \- \(aq*\(aq:
         \- test.echo
@@ -13661,6 +16078,71 @@
 .fi
 .UNINDENT
 .UNINDENT
+.SH ACCESS CONTROL SYSTEM
+.sp
+New in version 0.10.4.
+
+.sp
+Salt maintains a standard system used to open granular control to non
+administrative users to execute Salt commands. The access control system
+has been applied to all systems used to configure access to non administrative
+control interfaces in Salt.These interfaces include, the \fBpeer\fP system, the
+\fBexternal auth\fP system and the \fBclient acl\fP system.
+.sp
+The access control system mandated a standard configuration syntax used in
+all of the three aforementioned systems. While this adds functionality to the
+configuration in 0.10.4, it does not negate the old configuration.
+.sp
+Now specific functions can be opened up to specific minions from specific users
+in the case of external auth and client ACLs, and for specific minions in the
+case of the peer system.
+.sp
+The access controls are manifested using matchers in these configurations:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+client_acl:
+  fred:
+    \- web\e*:
+      \- pkg.list_pkgs
+      \- test.*
+      \- apache.*
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+In the above example, fred is able to send commands only to minions which match
+the specified glob target. This can be expanded to include other functions for
+other minions based on standard targets.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+external_auth:
+  pam:
+    dave:
+      \- test.ping
+      \- mongo\e*:
+        \- network.*
+      \- log\e*:
+        \- network.*
+        \- pkg.*
+      \- \(aqG@os:RedHat\(aq:
+        \- kmod.*
+    steve:
+      \- .*
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+The above allows for all minions to be hit by test.ping by dave, and adds a
+few functions that dave can execute on other minions. It also allows steve
+unrestricted access to salt commands.
 .SH JOB MANAGEMENT
 .sp
 New in version 0.9.7.
@@ -14317,6 +16799,198 @@
 Since specifying the returner repeatedly can be tiresome, the
 \fBschedule_returner\fP option is available to specify one or a list of global
 returners to be used by the minions when scheduling.
+.SH MANAGING THE JOB CACHE
+.sp
+The Salt Master maintains a job cache of all job executions which can be
+queried via the jobs runner. The way this job cache is managed is very
+pluggable via Salt\(aqs underlying returner interface.
+.SS Default Job Cache
+.sp
+A number of options are available when configuring the job cache. The default
+caching system uses local storage on the Salt Master and can be found in the
+job cache directory (on Linux systems this is typically
+/var/cache/salt/master/jobs). The default caching system is suitable for most
+deployments as it does not typically require any further configuration or
+management.
+.sp
+The default job cache is a temporary cache and jobs will be stored for 24
+hours. If the default cache needs to store jobs for a different period the
+time can be easily adjusted by changing the \fIkeep_jobs\fP parameter in the
+Salt Master configuration file. The value passed in is measured via hours:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+keep_jobs: 24
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS External Job Cache Options
+.sp
+Many deployments may wish to use an external database to maintain a long term
+register of executed jobs. Salt comes with two main mechanisms to do this, the
+master job cache and the external job cache. The difference is how the external
+data store is accessed.
+.SS Master Job Cache
+.sp
+New in version 2014.7.
+
+.sp
+The master job cache setting makes the built in job cache on the master
+modular. This system allows for the default cache to be swapped out by the Salt
+returner system. To configure the master job cache, set up an external returner
+database based on the instructions included with each returner and then simply
+add the following configuration to the master configuration file:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+master_job_cache: mysql
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS External Job Cache
+.sp
+The external job cache setting instructs the minions to directly contact the
+data store. This scenario is helpful when the data store needs to be made
+available to the minions. This can be an effective way to share historic data
+across an infrastructure as data can be retrieved from the external job cache
+via the \fBret\fP execution module.
+.sp
+To configure the external job cache, set up a returner database in the manner
+described in the specific returner documentation. Ensure that the returner
+database is accessible from the minions, and set the \fIext_job_cache\fP setting
+in the master configuration file:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+ext_job_cache: redis
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SH STORING DATA IN OTHER DATABASES
+.sp
+The SDB interface is designed to store and retrieve data that, unlike pillars
+and grains, is not necessarily minion\-specific. The initial design goal was to
+allow passwords to be stored in a secure database, such as one managed by the
+keyring package, rather than as plain\-text files. However, as a generic database
+interface, it could conceptually be used for a number of other purposes.
+.sp
+SDB was added to Salt in version 2014.7.0. SDB is currently experimental, and
+should probably not be used in production.
+.SS SDB Configuration
+.sp
+In order to use the SDB interface, a configuration profile must be set up in
+either the master or minion configuration file. The configuration stanza
+includes the name/ID that the profile will be referred to as, a \fBdriver\fP
+setting, and any other arguments that are necessary for the SDB module that will
+be used. For instance, a profile called \fBmykeyring\fP, which uses the
+\fBsystem\fP service in the \fBkeyring\fP module would look like:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+mykeyring:
+  driver: keyring
+  service: system
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+It is recommended to keep the name of the profile simple, as it is used in the
+SDB URI as well.
+.SS SDB URIs
+.sp
+SDB is designed to make small database queries (hence the name, SDB) using a
+compact URL. This allows users to reference a database value quickly inside
+a number of Salt configuration areas, without a lot of overhead. The basic
+format of an SDB URI is:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+sdb://<profile>/<args>
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+The profile refers to the configuration profile defined in either the master or
+the minion configuration file. The args are specific to the module referred to
+in the profile, but will typically only need to refer to the key of a
+key/value pair inside the database. This is because the profile itself should
+define as many other parameters as possible.
+.sp
+For example, a profile might be set up to reference credentials for a specific
+OpenStack account. The profile might look like:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+kevinopenstack:
+  driver: keyring
+  service: salt.cloud.openstack.kevin
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+And the URI used to reference the password might look like:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+sdb://kevinopenstack/password
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Writing SDB Modules
+.sp
+There is currently one function that MUST exist in any SDB module (\fBget()\fP)
+and one that MAY exist (\fBset_()\fP). If using a (\fBset_()\fP) function, a
+\fB__func_alias__\fP dictionary MUST be declared in the module as well:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+__func_alias__ = {
+    \(aqset_\(aq: \(aqset\(aq,
+}
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+This is because \fBset\fP is a Python built\-in, and therefore functions should not
+be created which are called \fBset()\fP\&. The \fB__func_alias__\fP functionality is
+provided via Salt\(aqs loader interfaces, and allows legally\-named functions to be
+referred to using names that would otherwise be unwise to use.
+.sp
+The \fBget()\fP function is required, as it will be called via functions in other
+areas of the code which make use of the \fBsdb://\fP URI. For example, the
+\fBconfig.get\fP function in the \fBconfig\fP execution module uses this function.
+.sp
+The \fBset_()\fP function may be provided, but is not required, as some sources
+may be read\-only, or may be otherwise unwise to access via a URI (for instance,
+because of SQL injection attacks).
+.sp
+A simple example of an SDB module is \fBsalt/sdb/keyring_db.py\fP, as it provides
+basic examples of most, if not all, of the types of functionality that are
+available not only for SDB modules, but for Salt modules in general.
 .SH SALT EVENT SYSTEM
 .sp
 The Salt Event System is used to fire off events enabling third party
@@ -14404,7 +17078,7 @@
 .INDENT 3.5
 If a master is in \fBauto_accept mode\fP, \fBsalt/key\fP events
 will not be fired when the keys are accepted.  In addition, pre\-seeding
-keys (like happens through Salt\-Cloud) will not cause
+keys (like happens through \fISalt\-Cloud\fP) will not cause
 firing of these events.
 .UNINDENT
 .UNINDENT
@@ -14941,6 +17615,192 @@
 .fi
 .UNINDENT
 .UNINDENT
+.SH BEACONS
+.sp
+The beacon system allows the minion to hook into system processes and
+continually translate external events into the salt event bus. The
+primary example of this is the \fBinotify\fP beacon. This
+beacon uses inotify to watch configured files or directories on the minion for
+changes, creation, deletion etc.
+.sp
+This allows for the changes to be sent up to the master where the
+reactor can respond to changes.
+.SS Configuring The Beacons
+.sp
+The beacon system, like many others in Salt, can be configured via the
+minion pillar, grains, or local config file:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+beacons:
+  inotify:
+    /etc/httpd/conf.d: {}
+    /opt: {}
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Optionally, a beacon can be run on an interval other than the default
+\fBloop_interval\fP, which is typically set to 1 second.
+.sp
+To run a beacon every 5 seconds, for example, provide an \fBinterval\fP argument
+to a beacon.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+beacons:
+  inotify:
+    /etc/httpd/conf.d: {}
+    /opt: {}
+    interval: 5
+  load:
+    \- 1m:
+      \- 0.0
+      \- 2.0
+    \- 5m:
+      \- 0.0
+      \- 1.5
+    \- 15m:
+      \- 0.1
+      \- 1.0
+    \- interval: 10
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Writing Beacon Plugins
+.sp
+Beacon plugins use the standard Salt loader system, meaning that many of the
+constructs from other plugin systems holds true, such as the \fB__virtual__\fP
+function.
+.sp
+The important function in the Beacon Plugin is the \fBbeacon\fP function. When
+the beacon is configured to run, this function will be executed repeatedly
+by the minion. The \fBbeacon\fP function therefore cannot block and should be
+as lightweight as possible. The \fBbeacon\fP also must return a list of dicts,
+each dict in the list will be translated into an event on the master.
+.sp
+Please see the \fBinotify\fP beacon as an example.
+.SH RUNNING CUSTOM MASTER PROCESSES
+.sp
+In addition to the processes that the Salt Master automatically spawns,
+it is possible to configure it to start additional custom processes.
+.sp
+This is useful if a dedicated process is needed that should run throughout
+the life of the Salt Master. For periodic independent tasks, a
+\fBscheduled runner\fP may be more appropriate.
+.sp
+Processes started in this way will be restarted if they die and will be
+killed when the Salt Master is shut down.
+.SS Example Configuration
+.sp
+Processes are declared in the master config file with the \fIext_processes\fP
+option. Processes will be started in the order they are declared.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+ext_processes:
+  \- mymodule.TestProcess
+  \- mymodule.AnotherProcess
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Example Process Class
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+# Import python libs
+import time
+import logging
+from multiprocessing import Process
+
+# Import Salt libs
+from salt.utils.event import SaltEvent
+
+
+log = logging.getLogger(__name__)
+
+
+class TestProcess(Process):
+    def __init__(self, opts):
+        Process.__init__(self)
+        self.opts = opts
+
+    def run(self):
+        self.event = SaltEvent(\(aqmaster\(aq, self.opts[\(aqsock_dir\(aq])
+        i = 0
+
+        while True:
+            self.event.fire_event({\(aqiteration\(aq: i}, \(aqext_processes/test{0}\(aq)
+            time.sleep(60)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SH HIGH AVAILABILITY FEATURES IN SALT
+.sp
+Salt supports several features for high availability and fault tolerance.
+Brief documentation for these features is listed alongside their configuration
+parameters in \fIConfiguration file examples\fP\&.
+.SS Multimaster
+.sp
+Salt minions can connect to multiple masters at one time by configuring the
+\fImaster\fP configuration paramter as a YAML list of all the available masters.  By
+default, all masters are "hot", meaning that any master can direct commands to
+the Salt infrastructure.
+.sp
+In a multimaster configuration, each master must have the same cryptographic
+keys, and minion keys must be accepted on all masters separately.  The contents
+of file_roots and pillar_roots need to be kept in sync with processes external
+to Salt as well
+.sp
+A tutorial on setting up multimaster with "hot" masters is here:
+.sp
+\fBMultimaster Tutorial\fP
+.SS Multimaster with Failover
+.sp
+Changing the \fBmaster_type\fP parameter from \fBstandard\fP to \fBfailover\fP will
+cause minions to connect to the first responding master in the list of masters.
+Every \fBmaster_alive_check\fP seconds the minions will check to make sure
+the current master is still responding.  If the master does not respond,
+the minion will attempt to connect to the next master in the list.  If the
+minion runs out of masters, the list will be recycled in case dead masters
+have been restored.  Note that \fBmaster_alive_check\fP must be present in the
+minion configuration, or else the recurring job to check master status
+will not get scheduled.
+.sp
+Failover can be combined with PKI\-style encrypted keys, but PKI is NOT
+REQUIRED to use failover.
+.sp
+Multimaster with PKI and Failover is discussed in
+\fBthis tutorial\fP
+.sp
+\fBmaster_type: failover\fP can be combined with \fBmaster_shuffle: True\fP
+to spread minion connections across all masters (one master per
+minion, not each minion connecting to all masters).  Adding Salt Syndics
+into the mix makes it possible to create a load\-balanced Salt infrastructure.
+If a master fails, minions will notice and select another master from the
+available list.
+.SS Syndic
+.sp
+Salt\(aqs Syndic feature is a way to create differing infrastructure
+topologies.  It is not strictly an HA feature, but can be treated as such.
+.sp
+With the syndic, a Salt infrastructure can be partitioned in such a way that
+certain masters control certain segments of the infrastructure, and "Master
+of Masters" nodes can control multiple segments underneath them.
+.sp
+Syndics are covered in depth in \fBSalt Syndic\fP\&.
 .SH SALT SYNDIC
 .sp
 The Salt Syndic interface is a powerful tool which allows for the construction
@@ -15039,11 +17899,7 @@
 In order for the high\-level master to return information from minions that are
 below the syndic(s), the CLI requires a short wait time in order to allow the
 syndic(s) to gather responses from their minions. This value is defined in the
-
-.nf
-\(ga\(ga
-.fi
-syndic_wait\(ga and has a default of five seconds.
+\fBsyndic_wait\fP and has a default of five seconds.
 .sp
 While it is possible to run a syndic without a minion installed on the same machine,
 it is recommended, for a faster CLI response time, to do so. Without a minion
@@ -15099,10 +17955,10 @@
 .IP 2. 3
 The \fI\%grains support code\fP (located in salt/grains).
 .IP 3. 3
-Salt modules specific to the controlled
+\fISalt modules\fP specific to the controlled
 device.
 .IP 4. 3
-Salt states specific to the controlled device.
+\fISalt states\fP specific to the controlled device.
 .UNINDENT
 .SS Configuration parameters on the master
 .sp
@@ -15373,6 +18229,142 @@
 The Junos API layer lacks the ability to do a traditional \(aqping\(aq, so the
 example simply checks the connection object field that indicates
 if the ssh connection was successfully made to the device.
+.SH THE RAET TRANSPORT
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+The RAET transport is in very early development, it is functional but no
+promises are yet made as to its reliability or security.
+As for reliability and security, the encryption used has been audited and
+our tests show that raet is reliable. With this said we are still conducting
+more security audits and pushing the reliability.
+This document outlines the encryption used in RAET
+.UNINDENT
+.UNINDENT
+.sp
+New in version 2014.7.0.
+
+.sp
+The Reliable Asynchronous Event Transport, or RAET, is an alternative transport
+medium developed specifically with Salt in mind. It has been developed to
+allow queuing to happen up on the application layer and comes with socket
+layer encryption. It also abstracts a great deal of control over the socket
+layer and makes it easy to bubble up errors and exceptions.
+.sp
+RAET also offers very powerful message routing capabilities, allowing for
+messages to be routed between processes on a single machine all the way up to
+processes on multiple machines. Messages can also be restricted, allowing
+processes to be sent messages of specific types from specific sources
+allowing for trust to be established.
+.SS Using RAET in Salt
+.sp
+Using RAET in Salt is easy, the main difference is that the core dependencies
+change, instead of needing pycrypto, M2Crypto, ZeroMQ, and PYZMQ, the packages
+libsodium, libnacl, ioflo, and raet are required. Encryption is handled very cleanly
+by libnacl, while the queueing and flow control is handled by
+ioflo. Distribution packages are forthcoming, but libsodium can be easily
+installed from source, or many distributions do ship packages for it.
+The libnacl and ioflo packages can be easily installed from pypi, distribution
+packages are in the works.
+.sp
+Once the new deps are installed the 2014.7 release or higher of Salt needs to
+be installed.
+.sp
+Once installed, modify the configuration files for the minion and master to
+set the transport to raet:
+.sp
+\fB/etc/salt/master\fP:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+transport: raet
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+\fB/etc/salt/minion\fP:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+transport: raet
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Now start salt as it would normally be started, the minion will connect to the
+master and share long term keys, which can then in turn be managed via
+salt\-key. Remote execution and salt states will function in the same way as
+with Salt over ZeroMQ.
+.SS Limitations
+.sp
+The 2014.7 release of RAET is not complete! The Syndic and Multi Master have
+not been completed yet and these are slated for completion in the 2015.5.0
+release.
+.sp
+Also, Salt\-Raet allows for more control over the client but these hooks have
+not been implemented yet, thereforre the client still uses the same system
+as the ZeroMQ client. This means that the extra reliability that RAET exposes
+has not yet been implemented in the CLI client.
+.SS Why?
+.SS Customer and User Request
+.sp
+Why make an alternative transport for Salt? There are many reasons, but the
+primary motivation came from customer requests, many large companies came with
+requests to run Salt over an alternative transport, the reasoning was varied,
+from performance and scaling improvements to licensing concerns. These
+customers have partnered with SaltStack to make RAET a reality.
+.SS More Capabilities
+.sp
+RAET has been designed to allow salt to have greater communication
+capabilities. It has been designed to allow for development into features
+which out ZeroMQ topologies can\(aqt match.
+.sp
+Many of the proposed features are still under development and will be
+announced as they enter proof of concept phases, but these features include
+\fIsalt\-fuse\fP \- a filesystem over salt, \fIsalt\-vt\fP \- a parallel api driven shell
+over the salt transport and many others.
+.SS RAET Reliability
+.sp
+RAET is reliable, hence the name (Reliable Asynchronous Event Transport).
+.sp
+The concern posed by some over RAET reliability is based on the fact that
+RAET uses UDP instead of TCP and UDP does not have built in reliability.
+.sp
+RAET itself implements the needed reliability layers that are not natively
+present in UDP, this allows RAET to dynamically optimize packet delivery
+in a way that keeps it both reliable and asynchronous.
+.SS RAET and ZeroMQ
+.sp
+When using RAET, ZeroMQ is not required. RAET is a complete networking
+replacement. It is noteworthy that RAET is not a ZeroMQ replacement in a
+general sense, the ZeroMQ constructs are not reproduced in RAET, but they are
+instead implemented in such a way that is specific to Salt\(aqs needs.
+.sp
+RAET is primarily an async communication layer over truly async connections,
+defaulting to UDP. ZeroMQ is over TCP and abstracts async constructs within the
+socket layer.
+.sp
+Salt is not dropping ZeroMQ support and has no immediate plans to do so.
+.SS Encryption
+.sp
+RAET uses Dan Bernstein\(aqs NACL encryption libraries and CurveCP handshake.
+The libnacl python binding binds to both libsodium and tweetnacl to execute
+the underlying cryptography. This allows us to completely rely on an
+externally developed cryptography system.
+.sp
+For more information on libsodium and CurveCP please see:
+\fI\%http://doc.libsodium.org/\fP
+\fI\%http://curvecp.org/\fP
+.SS Programming Intro
+.sp
+\fIRaet Programming Introduction\fP
 .SH WINDOWS SOFTWARE REPOSITORY
 .sp
 The Salt Windows Software Repository provides a package manager and software
@@ -15813,211 +18805,657 @@
 changing file permissions, besides modifying the owner/user.
 .SH SALT CLOUD
 .SS Getting Started
-.SS Install Salt Cloud
 .sp
-Salt Cloud is now part of Salt proper.  It was merged in as of
-\fBSalt version 2014.1.0\fP\&.
+Salt Cloud is built\-in to Salt and is configured on and executed from your Salt Master.
+.SS Define a Profile
 .sp
-On Ubuntu, install Salt Cloud by using following command:
+The first step is to add the credentials for your cloud provider. Credentials
+and provider settings are stored in provider configuration files.
+Provider configurations contain the details needed to connect, and any global options that you want set on
+your cloud minions (such as the location of your Salt Master).
+.sp
+On your Salt Master, browse to \fB/etc/salt/cloud.providers.d/\fP and create a file called \fB<provider>.provider.conf\fP,
+replacing \fB<provider>\fP with \fBec2\fP, \fBsoftlayer\fP, and so on. The name helps you identify the contents, and is not
+important as long as the file ends in \fB\&.conf\fP\&.
+.sp
+Next, browse to the \fI\%Provider specifics\fP and add any required settings for your
+provider to this file. Here is an example for Amazon EC2:
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-sudo add\-apt\-repository ppa:saltstack/salt
-sudo apt\-get install salt\-cloud
+my\-ec2:
+  provider: ec2
+  # Set the EC2 access credentials (see below)
+  #
+  id: \(aqHJGRYCILJLKJYG\(aq
+  key: \(aqkdjgfsgm;woormgl/aserigjksjdhasdfgn\(aq
+  # Make sure this key is owned by root with permissions 0400.
+  #
+  private_key: /etc/salt/my_test_key.pem
+  keyname: my_test_key
+  securitygroup: default
+  # Optional: Set up the location of the Salt Master
+  #
+  minion:
+    master: saltmaster.example.com
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
-If using Salt Cloud on OS X, \fBcurl\-ca\-bundle\fP must be installed. Presently,
-this package is not available via \fBbrew\fP, but it is available using MacPorts:
+The required configuration varies between providers so make sure you read the provider specifics.
+.SS List Cloud Provider Options
+.sp
+You can now query the cloud provider you configured for available locations,
+images, and sizes. This information is used when you set up VM profiles.
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-sudo port install curl\-ca\-bundle
+salt\-cloud \-\-list\-locations <provider_name>  # my\-ec2 in the previous example
+salt\-cloud \-\-list\-images <provider_name>
+salt\-cloud \-\-list\-sizes <provider_name>
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
-Salt Cloud depends on \fBapache\-libcloud\fP\&.  Libcloud can be installed via pip
-with \fBpip install apache\-libcloud\fP\&.
-.SS Installing Salt Cloud for development
-.sp
-Installing Salt for development enables Salt Cloud development as well, just
-make sure \fBapache\-libcloud\fP is installed as per above paragraph.
-.sp
-See these instructions: \fBInstalling Salt for development\fP\&.
-.SS Using Salt Cloud
-.SS Salt Cloud basic usage
+Replace \fB<provider_name>\fP with the name of the provider configuration you defined.
+.SS Create VM Profiles
 .sp
-Salt Cloud needs, at least, one configured
-Provider
-and \fBProfile\fP to be functional.
-.SS Creating a VM
+On your Salt Master, browse to \fB/etc/salt/cloud.profiles.d/\fP and create a file called \fB<provider>.profiles.conf\fP,
+replacing \fB<provider>\fP with \fBec2\fP, \fBsoftlayer\fP, and so on. The file must end in \fB\&.conf\fP\&.
 .sp
-To create a VM with salt cloud, use command:
+You can now add any custom profiles you\(aqd like to define to this file. Here are a few examples:
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt\-cloud \-p <profile> name_of_vm
+micro_ec2:
+  provider: my\-ec2
+  image: ami\-d514f291
+  size: t1.micro
+
+medium_ec2:
+  provider: my\-ec2
+  image: ami\-d514f291
+  size: m3.medium
+
+large_ec2:
+  provider: my\-ec2
+  image: ami\-d514f291
+  size: m3.large
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
-Assuming there is a profile configured as following:
+Notice that the \fBprovider\fP in our profile matches the provider name that we defined? That is how Salt Cloud
+knows how to connect to create a VM with these attributes.
+.SS Create VMs
+.sp
+VMs are created by calling \fBsalt\-cloud\fP with the following options:
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-fedora_rackspace:
-    provider: rackspace
-    image: Fedora 17
-    size: 256 server
-    script: bootstrap\-salt
+salt\-cloud \-p <profile> <name1> <name2> ...
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
-Then, the command to create new VM named \fBfedora_http_01\fP is:
+For example:
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt\-cloud \-p fedora_rackspace fedora_http_01
+salt\-cloud \-p micro_ec2 minion1 minion2
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
-.SS Destroying a VM
+.SS Destroy VMs
 .sp
-To destroy a created\-by\-salt\-cloud VM, use command:
+Add a \fB\-d\fP and the minion name you provided to destroy:
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt\-cloud \-d name_of_vm
+salt\-cloud \-d minion1 minion2
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
+.SS Query VMs
 .sp
-For example, to delete the VM created on above example, use:
+You can view details about the VMs you\(aqve created using \fB\-\-query\fP:
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt\-cloud \-d fedora_http_01
+salt\-cloud \-\-query
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
-.SS VM Profiles
+.SS Using Salt Cloud
+.SS \fBsalt\-cloud\fP
 .sp
-Salt cloud designates virtual machines inside the profile configuration file.
-The profile configuration file defaults to \fB/etc/salt/cloud.profiles\fP and is
-a yaml configuration. The syntax for declaring profiles is simple:
+Provision virtual machines in the cloud with Salt
+.SS Synopsis
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-fedora_rackspace:
-    provider: rackspace
-    image: Fedora 17
-    size: 256 server
-    script: bootstrap\-salt
+salt\-cloud \-m /etc/salt/cloud.map
+
+salt\-cloud \-m /etc/salt/cloud.map NAME
+
+salt\-cloud \-m /etc/salt/cloud.map NAME1 NAME2
+
+salt\-cloud \-p PROFILE NAME
+
+salt\-cloud \-p PROFILE NAME1 NAME2 NAME3 NAME4 NAME5 NAME6
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
+.SS Description
 .sp
-It should be noted that the \fBscript\fP option defaults to \fBbootstrap\-salt\fP,
-and does not normally need to be specified. Further examples in this document
-will not show the \fBscript\fP option.
-.sp
-A few key pieces of information need to be declared and can change based on the
-public cloud provider. A number of additional parameters can also be inserted:
+Salt Cloud is the system used to provision virtual machines on various public
+clouds via a cleanly controlled profile and mapping system.
+.SS Options
 .INDENT 0.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-centos_rackspace:
-    provider: rackspace
-    image: CentOS 6.2
-    size: 1024 server
-    minion:
-        master: salt.example.com
-        append_domain: webs.example.com
-        grains:
-            role: webserver
-.ft P
-.fi
+.TP
+.B \-\-version
+Print the version of Salt that is running.
 .UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-versions\-report
+Show program\(aqs dependencies and version number, and then exit
 .UNINDENT
-.sp
-The image must be selected from available images. Similarly, sizes must be
-selected from the list of sizes. To get a list of available images and sizes
-use the following command:
 .INDENT 0.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt\-cloud \-\-list\-images openstack
-salt\-cloud \-\-list\-sizes openstack
-.ft P
-.fi
+.TP
+.B \-h, \-\-help
+Show the help message and exit
 .UNINDENT
+.INDENT 0.0
+.TP
+.B \-c CONFIG_DIR, \-\-config\-dir=CONFIG_dir
+The location of the Salt configuration directory. This directory contains
+the configuration files for Salt master and minions. The default location
+on most systems is \fB/etc/salt\fP\&.
 .UNINDENT
-.sp
-Some parameters can be specified in the main Salt cloud configuration file and
-then are applied to all cloud profiles. For instance if only a single cloud
-provider is being used then the provider option can be declared in the Salt
-cloud configuration file.
-.SS Multiple Configuration Files
-.sp
-In addition to \fB/etc/salt/cloud.profiles\fP, profiles can also be specified in
-any file matching \fBcloud.profiles.d/*conf\fP which is a sub\-directory relative
-to the profiles configuration file(with the above configuration file as an
-example, \fB/etc/salt/cloud.profiles.d/*.conf\fP).  This allows for more
-extensible configuration, and plays nicely with various configuration
-management tools as well as version control systems.
-.SS Larger Example
+.SS Execution Options
 .INDENT 0.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-rhel_ec2:
-    provider: ec2
-    image: ami\-e565ba8c
-    size: t1.micro
-    minion:
-        cheese: edam
-
-ubuntu_ec2:
-    provider: ec2
-    image: ami\-7e2da54e
-    size: t1.micro
-    minion:
-        cheese: edam
-
-ubuntu_rackspace:
-    provider: rackspace
+.TP
+.B \-L LOCATION, \-\-location=LOCATION
+Specify which region to connect to.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-a ACTION, \-\-action=ACTION
+Perform an action that may be specific to this cloud provider. This
+argument requires one or more instance names to be specified.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-f <FUNC\-NAME> <PROVIDER>, \-\-function=<FUNC\-NAME> <PROVIDER>
+Perform an function that may be specific to this cloud provider, that does
+not apply to an instance. This argument requires a provider to be specified
+(i.e.: nova).
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-p PROFILE, \-\-profile=PROFILE
+Select a single profile to build the named cloud VMs from. The profile must
+be defined in the specified profiles file.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-m MAP, \-\-map=MAP
+Specify a map file to use. If used without any other options, this option
+will ensure that all of the mapped VMs are created. If the named VM already
+exists then it will be skipped.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-H, \-\-hard
+When specifying a map file, the default behavior is to ensure that all of
+the VMs specified in the map file are created. If the \-\-hard option is
+set, then any VMs that exist on configured cloud providers that are
+not specified in the map file will be destroyed. Be advised that this can
+be a destructive operation and should be used with care.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-d, \-\-destroy
+Pass in the name(s) of VMs to destroy, salt\-cloud will search the
+configured cloud providers for the specified names and destroy the
+VMs. Be advised that this is a destructive operation and should be used
+with care. Can be used in conjunction with the \-m option to specify a map
+of VMs to be deleted.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-P, \-\-parallel
+Normally when building many cloud VMs they are executed serially. The \-P
+option will run each cloud vm build in a separate process allowing for
+large groups of VMs to be build at once.
+.sp
+Be advised that some cloud provider\(aqs systems don\(aqt seem to be well suited
+for this influx of vm creation. When creating large groups of VMs watch the
+cloud provider carefully.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-u, \-\-update\-bootstrap
+Update salt\-bootstrap to the latest develop version on GitHub.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-y, \-\-assume\-yes
+Default yes in answer to all confirmation questions.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-k, \-\-keep\-tmp
+Do not remove files from /tmp/ after deploy.sh finishes.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-show\-deploy\-args
+Include the options used to deploy the minion in the data returned.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-script\-args=SCRIPT_ARGS
+Script arguments to be fed to the bootstrap script when deploying the VM.
+.UNINDENT
+.SS Query Options
+.INDENT 0.0
+.TP
+.B \-Q, \-\-query
+Execute a query and return some information about the nodes running on
+configured cloud providers
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-F, \-\-full\-query
+Execute a query and print out all available information about all cloud VMs.
+Can be used in conjunction with \-m to display only information about the
+specified map.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-S, \-\-select\-query
+Execute a query and print out selected information about all cloud VMs.
+Can be used in conjunction with \-m to display only information about the
+specified map.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-list\-providers
+Display a list of configured providers.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-list\-profiles
+New in version 2014.7.0.
+
+.sp
+Display a list of configured profiles. Pass in a cloud provider to view
+the provider\(aqs associated profiles, such as \fBdigital_ocean\fP, or pass in
+\fBall\fP to list all the configured profiles.
+.UNINDENT
+.SS Cloud Providers Listings
+.INDENT 0.0
+.TP
+.B \-\-list\-locations=LIST_LOCATIONS
+Display a list of locations available in configured cloud providers. Pass
+the cloud provider that available locations are desired on, aka "linode",
+or pass "all" to list locations for all configured cloud providers
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-list\-images=LIST_IMAGES
+Display a list of images available in configured cloud providers. Pass the
+cloud provider that available images are desired on, aka "linode", or pass
+"all" to list images for all configured cloud providers
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-list\-sizes=LIST_SIZES
+Display a list of sizes available in configured cloud providers. Pass the
+cloud provider that available sizes are desired on, aka "AWS", or pass
+"all" to list sizes for all configured cloud providers
+.UNINDENT
+.SS Cloud Credentials
+.INDENT 0.0
+.TP
+.B \-\-set\-password=<USERNAME> <PROVIDER>
+Configure password for a cloud provider and save it to the keyring.
+PROVIDER can be specified with or without a driver, for example:
+"\-\-set\-password bob rackspace" or more specific "\-\-set\-password bob
+rackspace:openstack" DEPRECATED!
+.UNINDENT
+.SS Output Options
+.INDENT 0.0
+.TP
+.B \-\-out
+Pass in an alternative outputter to display the return of data. This
+outputter can be any of the available outputters:
+.INDENT 7.0
+.INDENT 3.5
+\fBgrains\fP, \fBhighstate\fP, \fBjson\fP, \fBkey\fP, \fBoverstatestage\fP, \fBpprint\fP, \fBraw\fP, \fBtxt\fP, \fByaml\fP
+.UNINDENT
+.UNINDENT
+.sp
+Some outputters are formatted only for data returned from specific
+functions; for instance, the \fBgrains\fP outputter will not work for non\-grains
+data.
+.sp
+If an outputter is used that does not support the data passed into it, then
+Salt will fall back on the \fBpprint\fP outputter and display the return data
+using the Python \fBpprint\fP standard library module.
+.sp
+\fBNOTE:\fP
+.INDENT 7.0
+.INDENT 3.5
+If using \fB\-\-out=json\fP, you will probably want \fB\-\-static\fP as well.
+Without the static option, you will get a JSON string for each minion.
+This is due to using an iterative outputter. So if you want to feed it
+to a JSON parser, use \fB\-\-static\fP as well.
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-out\-indent OUTPUT_INDENT, \-\-output\-indent OUTPUT_INDENT
+Print the output indented by the provided value in spaces. Negative values
+disable indentation. Only applicable in outputters that support
+indentation.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-out\-file=OUTPUT_FILE, \-\-output\-file=OUTPUT_FILE
+Write the output to the specified file.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-no\-color
+Disable all colored output
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-force\-color
+Force colored output
+.sp
+\fBNOTE:\fP
+.INDENT 7.0
+.INDENT 3.5
+When using colored output the color codes are as follows:
+.sp
+\fBgreen\fP denotes success, \fBred\fP denotes failure, \fBblue\fP denotes
+changes and success and \fByellow\fP denotes a expected future change in configuration.
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.SS Examples
+.sp
+To create 4 VMs named web1, web2, db1, and db2 from specified profiles:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-p fedora_rackspace web1 web2 db1 db2
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To read in a map file and create all VMs specified therein:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-m /path/to/cloud.map
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To read in a map file and create all VMs specified therein in parallel:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-m /path/to/cloud.map \-P
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To delete any VMs specified in the map file:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-m /path/to/cloud.map \-d
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To delete any VMs NOT specified in the map file:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-m /path/to/cloud.map \-H
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To display the status of all VMs specified in the map file:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-m /path/to/cloud.map \-Q
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS See also
+.sp
+\fIsalt\-cloud(7)\fP
+\fIsalt(7)\fP
+\fIsalt\-master(1)\fP
+\fIsalt\-minion(1)\fP
+.SS Salt Cloud basic usage
+.sp
+Salt Cloud needs, at least, one configured
+\fIProvider\fP
+and \fBProfile\fP to be functional.
+.SS Creating a VM
+.sp
+To create a VM with salt cloud, use command:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-p <profile> name_of_vm
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Assuming there is a profile configured as following:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+fedora_rackspace:
+    provider: rackspace
+    image: Fedora 17
+    size: 256 server
+    script: bootstrap\-salt
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Then, the command to create new VM named \fBfedora_http_01\fP is:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-p fedora_rackspace fedora_http_01
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Destroying a VM
+.sp
+To destroy a created\-by\-salt\-cloud VM, use command:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-d name_of_vm
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+For example, to delete the VM created on above example, use:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-d fedora_http_01
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS VM Profiles
+.sp
+Salt cloud designates virtual machines inside the profile configuration file.
+The profile configuration file defaults to \fB/etc/salt/cloud.profiles\fP and is
+a yaml configuration. The syntax for declaring profiles is simple:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+fedora_rackspace:
+    provider: rackspace
+    image: Fedora 17
+    size: 256 server
+    script: bootstrap\-salt
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+It should be noted that the \fBscript\fP option defaults to \fBbootstrap\-salt\fP,
+and does not normally need to be specified. Further examples in this document
+will not show the \fBscript\fP option.
+.sp
+A few key pieces of information need to be declared and can change based on the
+public cloud provider. A number of additional parameters can also be inserted:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+centos_rackspace:
+    provider: rackspace
+    image: CentOS 6.2
+    size: 1024 server
+    minion:
+        master: salt.example.com
+        append_domain: webs.example.com
+        grains:
+            role: webserver
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+The image must be selected from available images. Similarly, sizes must be
+selected from the list of sizes. To get a list of available images and sizes
+use the following command:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-\-list\-images openstack
+salt\-cloud \-\-list\-sizes openstack
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Some parameters can be specified in the main Salt cloud configuration file and
+then are applied to all cloud profiles. For instance if only a single cloud
+provider is being used then the provider option can be declared in the Salt
+cloud configuration file.
+.SS Multiple Configuration Files
+.sp
+In addition to \fB/etc/salt/cloud.profiles\fP, profiles can also be specified in
+any file matching \fBcloud.profiles.d/*conf\fP which is a sub\-directory relative
+to the profiles configuration file(with the above configuration file as an
+example, \fB/etc/salt/cloud.profiles.d/*.conf\fP).  This allows for more
+extensible configuration, and plays nicely with various configuration
+management tools as well as version control systems.
+.SS Larger Example
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+rhel_ec2:
+    provider: ec2
+    image: ami\-e565ba8c
+    size: t1.micro
+    minion:
+        cheese: edam
+
+ubuntu_ec2:
+    provider: ec2
+    image: ami\-7e2da54e
+    size: t1.micro
+    minion:
+        cheese: edam
+
+ubuntu_rackspace:
+    provider: rackspace
     image: Ubuntu 12.04 LTS
     size: 256 server
     minion:
@@ -16105,6 +19543,15 @@
 .UNINDENT
 .UNINDENT
 .sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+Due to limitations in the GoGrid API, instances cannot be provisioned in parallel
+with the GoGrid driver. Map files will work with GoGrid, but the \fB\-P\fP
+argument should not be used on maps referencing GoGrid instances.
+.UNINDENT
+.UNINDENT
+.sp
 A map file can also be enforced to represent the total state of a cloud
 deployment by using the \fB\-\-hard\fP option. When using the hard option any vms
 that exist but are not specified in the map file will be destroyed:
@@ -16192,6 +19639,20 @@
 .fi
 .UNINDENT
 .UNINDENT
+.sp
+\fBWARNING:\fP
+.INDENT 0.0
+.INDENT 3.5
+Specifying Nodes with Maps on the Command Line
+Specifying the name of a node or nodes with the maps options on the command
+line is \fInot\fP supported. This is especially important to remember when
+using \fB\-\-destroy\fP with maps; \fBsalt\-cloud\fP will ignore any arguments
+passed in which are not directly relevant to the map file. \fIWhen using
+\(ga\(ga\-\-destroy\(ga\(ga with a map, every node in the map file will be deleted!\fP
+Maps don\(aqt provide any useful information for destroying individual nodes,
+and should not be used to destroy a subset of a map.
+.UNINDENT
+.UNINDENT
 .SS Setting up New Salt Masters
 .sp
 Bootstrapping a new master in the map is as simple as:
@@ -16327,22 +19788,14 @@
 .sp
 There are three universal salt\-cloud functions that are extremely useful for
 gathering information about instances on a provider basis:
-.sp
-
-.nf
-*
-.fi
+.INDENT 0.0
+.IP \(bu 2
 \fBlist_nodes\fP: Returns some general information about the instances for the given provider.
-
-.nf
-*
-.fi
+.IP \(bu 2
 \fBlist_nodes_full\fP: Returns all information about the instances for the given provider.
-
-.nf
-*
-.fi
+.IP \(bu 2
 \fBlist_nodes_select\fP: Returns select information about the instances for the given provider.
+.UNINDENT
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -16359,6 +19812,45 @@
 Another useful reference for viewing salt\-cloud functions is the
 :ref:Salt Cloud Feature Matrix <salt\-cloud\-feature\-matrix>
 .SS Core Configuration
+.SS Install Salt Cloud
+.sp
+Salt Cloud is now part of Salt proper.  It was merged in as of
+\fBSalt version 2014.1.0\fP\&.
+.sp
+On Ubuntu, install Salt Cloud by using following command:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+sudo add\-apt\-repository ppa:saltstack/salt
+sudo apt\-get install salt\-cloud
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+If using Salt Cloud on OS X, \fBcurl\-ca\-bundle\fP must be installed. Presently,
+this package is not available via \fBbrew\fP, but it is available using MacPorts:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+sudo port install curl\-ca\-bundle
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Salt Cloud depends on \fBapache\-libcloud\fP\&.  Libcloud can be installed via pip
+with \fBpip install apache\-libcloud\fP\&.
+.SS Installing Salt Cloud for development
+.sp
+Installing Salt for development enables Salt Cloud development as well, just
+make sure \fBapache\-libcloud\fP is installed as per above paragraph.
+.sp
+See these instructions: \fBInstalling Salt for development\fP\&.
 .SS Core Configuration
 .sp
 A number of core configuration options and some options that are global to the
@@ -16386,7 +19878,7 @@
 .sp
 The default minion configuration is set up in this file. Minions created by
 salt\-cloud derive their configuration from this file.  Almost all parameters
-found in Configuring the Salt Minion can
+found in \fIConfiguring the Salt Minion\fP can
 be used here.
 .INDENT 0.0
 .INDENT 3.5
@@ -16823,16 +20315,17 @@
 Using Salt for DigitalOcean requires a \fBclient_key\fP and an \fBapi_key\fP\&. These
 can be found in the DigitalOcean web interface, in the "My Settings" section,
 under the API Access tab.
-.. code\-block:: yaml
 .INDENT 0.0
 .INDENT 3.5
-.INDENT 0.0
-.TP
-.B my\-digitalocean\-config:
-provider: digital_ocean
-personal_access_token: xxx
-location: New York 1
-.UNINDENT
+.sp
+.nf
+.ft C
+my\-digitalocean\-config:
+  provider: digital_ocean
+  personal_access_token: xxx
+  location: New York 1
+.ft P
+.fi
 .UNINDENT
 .UNINDENT
 .sp
@@ -16940,11 +20433,7 @@
 .INDENT 0.0
 .INDENT 3.5
 In the cloud profile that uses this provider configuration, the syntax for the
-\fBprovider\fP required field would be 
-.nf
-\(ga\(ga
-.fi
-provdier: devhost10\-lxc\(ga.
+\fBprovider\fP required field would be \fBprovider: devhost10\-lxc\fP\&.
 .UNINDENT
 .UNINDENT
 .SS Saltify
@@ -17726,9 +21215,26 @@
 DigitalOcean is a public cloud provider that specializes in Linux instances.
 .SS Configuration
 .sp
-Using Salt for DigitalOcean requires a personal_access_token, an ssh_key_file,
-and at least one SSH key name in ssh_key_names, more can be added by comma\-separating them.
-The personal_access_token can be found in the Digital Ocean web interface,
+Starting in Salt 2015.5.0, a new DigitalOcean driver was added to Salt Cloud to support
+DigitalOcean\(aqs new API, APIv2. The original driver, referred to \fBdigital_ocean\fP will
+be supported throughout the 2015.5.x releases of Salt, but will then be removed in Salt
+Beryllium in favor of the APIv2 driver, \fBdigital_ocean_v2\fP\&. The following documentation
+is relevant to the new driver, \fBdigital_ocean_v2\fP\&. To see documentation related to the
+original \fBdigital_ocean\fP driver, please see the
+\fBDigitalOcean Salt Cloud Driver\fP
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+When Salt Beryllium is released, the original \fBdigital_ocean\fP driver will no longer
+be supported and the \fBdigital_ocean_v2\fP driver will become the \fBdigital_ocean\fP
+driver.
+.UNINDENT
+.UNINDENT
+.sp
+Using Salt for DigitalOcean requires a \fBpersonal_access_token\fP, an \fBssh_key_file\fP,
+and at least one SSH key name in \fBssh_key_names\fP\&. More can be added by separating each key
+with a comma. The \fBpersonal_access_token\fP can be found in the DigitalOcean web interface
 in the "Apps & API" section. The SSH key name can be found under the "SSH Keys" section.
 .INDENT 0.0
 .INDENT 3.5
@@ -17771,6 +21277,36 @@
 .UNINDENT
 .UNINDENT
 .sp
+Locations can be obtained using the \fB\-\-list\-locations\fP option for the \fBsalt\-cloud\fP
+command:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+# salt\-cloud \-\-list\-locations my\-digitalocean\-config
+my\-digitalocean\-config:
+    \-\-\-\-\-\-\-\-\-\-
+    digital_ocean:
+        \-\-\-\-\-\-\-\-\-\-
+        Amsterdam 1:
+            \-\-\-\-\-\-\-\-\-\-
+            available:
+                False
+            features:
+                [u\(aqbackups\(aq]
+            name:
+                Amsterdam 1
+            sizes:
+                []
+            slug:
+                ams1
+\&...SNIP...
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
 Sizes can be obtained using the \fB\-\-list\-sizes\fP option for the \fBsalt\-cloud\fP
 command:
 .INDENT 0.0
@@ -18357,7 +21893,7 @@
 type.  If more mappings are provided than are supported by the instance type,
 mappings will be created in the order provided and additional mappings will be
 ignored. Consult the \fI\%AWS documentation\fP for a listing of the available
-instance stores, device names, and mount points.
+instance stores, and device names.
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -18402,7 +21938,6 @@
 .nf
 .ft C
 device: /dev/xvdj
-mount_point: /mnt/my_ebs
 volume_id: vol\-12345abcd
 .ft P
 .fi
@@ -18416,7 +21951,6 @@
 .nf
 .ft C
 device: /dev/xvdj
-mount_point: /mnt/my_ebs
 snapshot: snap\-abcd12345
 .ft P
 .fi
@@ -19081,6 +22615,17 @@
 .fi
 .UNINDENT
 .UNINDENT
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+A Note about using Map files with GoGrid:
+.sp
+Due to limitations in the GoGrid API, instances cannot be provisioned in parallel
+with the GoGrid driver. Map files will work with GoGrid, but the \fB\-P\fP
+argument should not be used on maps referencing GoGrid instances.
+.UNINDENT
+.UNINDENT
 .SS Profiles
 .SS Cloud Profiles
 .sp
@@ -20213,7 +23758,19 @@
 .IP \(bu 2
 Provision and configure a container for networking access
 .IP \(bu 2
-Use saltify to deploy salt and re\-attach to master
+Use those modules to deploy salt and re\-attach to master.
+.INDENT 2.0
+.INDENT 3.5
+.INDENT 0.0
+.IP \(bu 2
+\fBlxc runner\fP
+.IP \(bu 2
+\fBlxc module\fP
+.IP \(bu 2
+\fBseed\fP
+.UNINDENT
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .SS Limitations
 .INDENT 0.0
@@ -20223,16 +23780,26 @@
 Listing images must be targeted to a particular LXC provider (nothing will be
 outputted with \fBall\fP)
 .UNINDENT
+.sp
+\fBWARNING:\fP
+.INDENT 0.0
+.INDENT 3.5
+On pre \fB2015.5.2\fP, you need to specify explitly the network bridge
+.UNINDENT
+.UNINDENT
 .SS Operation
 .sp
-Salt\(aqs LXC support does not use lxc.init.  This enables it to tie minions
-to a master in a more generic fashion (if any masters are defined)
-and allows other custom association code.
+Salt\(aqs LXC support does use \fBlxc.init\fP
+via the \fBlxc.cloud_init_interface\fP
+and seeds the minion via \fBseed.mkconfig\fP\&.
+.sp
+You can provide to those lxc VMs a profile and a network profile like if
+you were directly using the minion module.
 .sp
 Order of operation:
 .INDENT 0.0
 .IP \(bu 2
-Create the LXC container using \fBthe LXC execution module\fP on the desired minion (clone or template)
+Create the LXC container on the desired minion (clone or template)
 .IP \(bu 2
 Change LXC config options (if any need to be changed)
 .IP \(bu 2
@@ -20246,8 +23813,7 @@
 .IP \(bu 2
 Test SSH connection and bailout in error
 .IP \(bu 2
-Via SSH (with the help of saltify), upload deploy script and seeds,
-then re\-attach the minion.
+Upload deploy script and seeds, then re\-attach the minion.
 .UNINDENT
 .SS Provider configuration
 .sp
@@ -20268,94 +23834,174 @@
 .UNINDENT
 .SS Profile configuration
 .sp
+Please read \fItutorial\-lxc\fP before anything else.
+And specially \fItutorial\-lxc\-profiles\fP\&.
+.sp
 Here are the options to configure your containers:
 .INDENT 0.0
 .INDENT 3.5
+.INDENT 0.0
+.TP
+.B target
+Host minion id to install the lxc Container into
+.TP
+.B lxc_profile
+Name of the profile or inline options for the LXC vm creation/cloning,
+please see \fItutorial\-lxc\-profiles\-container\fP\&.
+.TP
+.B network_profile
+Name of the profile or inline options for the LXC vm network settings,
+please see \fItutorial\-lxc\-profiles\-network\fP\&.
+.TP
+.B nic_opts
+Totally optionnal.
+Per interface new\-style configuration options mappings which will
+override any profile default option:
+.INDENT 7.0
+.INDENT 3.5
 .sp
 .nf
 .ft C
-\(ga\(gatarget\(ga\(ga
-    Host minion id to install the lxc Container into
-\(ga\(gaprofile\(ga\(ga
-    Name of the profile containing the LXC configuration
-
-Container creation/clone options:
-    Create a container by cloning:
-        \(ga\(gafrom_container\(ga\(ga
-            Name of an original container using clone
-        \(ga\(gasnapshot\(ga\(ga
-            Do we use snapshots on cloned filesystems
-    Create a container from scratch using an LXC template:
-        image
-            template to use
-        backing
-            Backing store type (None, lvm, brtfs)
-        lvname
-            LVM logical volume name, if any
-        fstype
-            Type of filesystem
-size
-    Size of the containera (for brtfs, or lvm)
-vgname
-    LVM Volume Group name, if any
-users
-    Names of the users to be pre\-created inside the container
-ssh_username
-    Username of the SSH systems administrator inside the container
-sudo
-    Do we use sudo
-ssh_gateway
-    if the minion is not in your \(aqtopmaster\(aq network, use
-    that gateway to connect to the lxc container.
-    This may be the public ip of the hosting minion
-ssh_gateway_key
-    When using gateway, the ssh key of the gateway user (passed to saltify)
-ssh_gateway_port
-    When using gateway, the ssh port of the gateway (passed to saltify)
-ssh_gateway_user
-    When using gateway, user to login as via SSH (passed to saltify)
-password
-    password for root and sysadmin (see "users" parameter above)
-mac
-    mac address to assign to the container\(aqs network interface
-ip
-    IP address to assign to the container\(aqs network interface
-netmask
-    netmask for the network interface\(aqs IP
-bridge
-    bridge under which the container\(aqs network interface will be enslaved
-dnsservers
-    List of DNS servers to use\-\-this is optional.  If present, DNS
-    servers will be restricted to that list if used
-lxc_conf_unset
-    Configuration variables to unset in this container\(aqs LXC configuration
-lxc_conf
-    LXC configuration variables to add in this container\(aqs LXC configuration
-minion
-    minion configuration (see :doc:\(gaMinion Configuration in Salt Cloud </topics/cloud/config>\(ga)
+eth0: {\(aqmac\(aq: \(aq00:16:3e:01:29:40\(aq,
+              \(aqgateway\(aq: None, (default)
+              \(aqlink\(aq: \(aqbr0\(aq, (default)
+              \(aqgateway\(aq: None, (default)
+              \(aqnetmask\(aq: \(aq\(aq, (default)
+              \(aqip\(aq: \(aq22.1.4.25\(aq}}
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.TP
+.B password
+password for root and sysadmin users
+.TP
+.B dnsservers
+List of DNS servers to use. This is optional.
+.TP
+.B minion
+minion configuration (see \fBMinion Configuration in Salt Cloud\fP)
+.TP
+.B bootstrap_shell
+shell for bootstraping script (default: /bin/sh)
+.TP
+.B script
+defaults to salt\-boostrap
+.TP
+.B script_args
+arguments which are given to the bootstrap script.
+the {0} placeholder will be replaced by the path which contains the
+minion config and key files, eg:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+script_args="\-c {0}"
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.sp
+Using profiles:
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-# Note: This example would go in /etc/salt/cloud.profile or any file in the
-# /etc/salt/cloud.profile.d/ directory.
+# Note: This example would go in /etc/salt/cloud.profiles or any file in the
+# /etc/salt/cloud.profiles.d/ directory.
+devhost10\-lxc:
+  provider: devhost10\-lxc
+  lxc_profile: foo
+  network_profile: bar
+  minion:
+    master: 10.5.0.1
+    master_port: 4506
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Using inline profiles (eg to override the network bridge):
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+devhost11\-lxc:
+  provider: devhost10\-lxc
+  lxc_profile:
+    clone_from: foo
+  network_profile:
+    etho:
+      link: lxcbr0
+  minion:
+    master: 10.5.0.1
+    master_port: 4506
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Template instead of a clone:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+devhost11\-lxc:
+  provider: devhost10\-lxc
+  lxc_profile:
+    template: ubuntu
+  network_profile:
+    etho:
+      link: lxcbr0
+  minion:
+    master: 10.5.0.1
+    master_port: 4506
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Static ip:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+# Note: This example would go in /etc/salt/cloud.profiles or any file in the
+# /etc/salt/cloud.profiles.d/ directory.
+devhost10\-lxc:
+  provider: devhost10\-lxc
+  nic_opts:
+    eth0:
+      ipv4: 10.0.3.9
+  minion:
+    master: 10.5.0.1
+    master_port: 4506
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+DHCP:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+# Note: This example would go in /etc/salt/cloud.profiles or any file in the
+# /etc/salt/cloud.profiles.d/ directory.
 devhost10\-lxc:
   provider: devhost10\-lxc
-  from_container: ubuntu
-  backing: lvm
-  sudo: True
-  size: 3g
-  ip: 10.0.3.9
   minion:
     master: 10.5.0.1
     master_port: 4506
-  lxc_conf:
-    \- lxc.utsname: superlxc
 .ft P
 .fi
 .UNINDENT
@@ -20437,6 +24083,7 @@
   provider: my\-linode\-config
   size: Linode 1024
   image: Arch Linux 2013.06
+  location: london
 .ft P
 .fi
 .UNINDENT
@@ -20511,6 +24158,36 @@
 .fi
 .UNINDENT
 .UNINDENT
+.sp
+Locations can be obtained using the \fB\-\-list\-locations\fP option for the \fBsalt\-cloud\fP
+command:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+# salt\-cloud \-\-list\-locations my\-linode\-config
+my\-linode\-config:
+    \-\-\-\-\-\-\-\-\-\-
+    linode:
+        \-\-\-\-\-\-\-\-\-\-
+        Atlanta, GA, USA:
+            \-\-\-\-\-\-\-\-\-\-
+            abbreviation:
+                atlanta
+            id:
+                4
+        Dallas, TX, USA:
+            \-\-\-\-\-\-\-\-\-\-
+            abbreviation:
+                dallas
+            id:
+                2
+\&...SNIP...
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .SS Cloning
 .sp
 When salt\-cloud accesses Linode via linode\-python it can clone machines.
@@ -22104,6 +25781,147 @@
 .sp
 You can now continue to provision new instances and they will all automatically
 be set up as minions of the master you\(aqve defined in the configuration file.
+.SS Getting Started With vSphere
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+Deprecated since version Carbon: The \fBvsphere\fP cloud driver has been
+deprecated in favor of the \fBvmware\fP
+cloud driver and will be removed in Salt Carbon. Please refer to
+\fBGetting started with VMware\fP instead to get
+started with the configuration.
+
+.UNINDENT
+.UNINDENT
+.sp
+VMware vSphere is a management platform for virtual infrastructure and cloud
+computing.
+.SS Dependencies
+.sp
+The vSphere module for Salt Cloud requires the PySphere package, which is
+available at PyPI:
+.sp
+\fI\%https://pypi.python.org/pypi/pysphere\fP
+.sp
+This package can be installed using \fIpip\fP or \fIeasy_install\fP:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+# pip install pysphere
+# easy_install pysphere
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Configuration
+.sp
+Set up the cloud config at \fB/etc/salt/cloud.providers\fP or in the
+\fB/etc/salt/cloud.providers.d/\fP directory:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+my\-vsphere\-config:
+  provider: vsphere
+  # Set the vSphere access credentials
+  user: marco
+  password: polo
+  # Set the URL of your vSphere server
+  url: \(aqvsphere.example.com\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Profiles
+.SS Cloud Profiles
+.sp
+vSphere uses a Managed Object Reference to identify objects located in vCenter.
+The MOR ID\(aqs are used when configuring a vSphere cloud profile. Use the
+following reference when locating the MOR\(aqs for the cloud profile.
+.sp
+\fI\%http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=1017126&sliceId=1&docTypeID=DT_KB_1_1&dialogID=520386078&stateId=1%200%20520388386\fP
+.sp
+Set up an initial profile at \fB/etc/salt/cloud.profiles\fP or in the
+\fB/etc/salt/cloud.profiles.d\fP directory:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+vsphere\-centos:
+  provider: my\-vsphere\-config
+  image: centos
+  # Optional
+  datastore: datastore\-15
+  resourcepool: resgroup\-8
+  folder: salt\-cloud
+  host: host\-9
+  template: False
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS provider
+.sp
+Enter the name that was specified when the cloud provider profile was created.
+.SS image
+.sp
+Images available to build an instance can be found using the \fI\-\-list\-images\fP
+option:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+# salt\-cloud \-\-list\-images my\-vsphere\-config
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS datastore
+.sp
+The MOR of the datastore where the virtual machine should be located. If not
+specified, the current datastore is used.
+.SS resourcepool
+.sp
+The MOR of the resourcepool to be used for the new vm. If not set, it will use
+the same resourcepool as the original vm.
+.SS folder
+.sp
+Name of the folder that will contain the new VM. If not set, the VM will be
+added to the folder the original VM belongs to.
+.SS host
+.sp
+The MOR of the host where the vm should be registered.
+.INDENT 0.0
+.INDENT 3.5
+.INDENT 0.0
+.TP
+.B If not specified:
+.INDENT 7.0
+.IP \(bu 2
+if resourcepool is not specified, the current host is used.
+.IP \(bu 2
+if resourcepool is specified, and the target pool represents a
+stand\-alone host, the host is used.
+.IP \(bu 2
+if resourcepool is specified, and the target pool represents a
+DRS\-enabled cluster, a host selected by DRS is used.
+.IP \(bu 2
+if resourcepool is specified, and the target pool represents a
+cluster without DRS enabled, an InvalidArgument exception will be thrown.
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.SS template
+.sp
+Specifies whether or not the new virtual machine should be marked as a
+template. Default is False.
 .SS Miscellaneous Options
 .SS Miscellaneous Salt Cloud Options
 .sp
@@ -22142,16 +25960,18 @@
 .fi
 .UNINDENT
 .UNINDENT
-.SS Use SFTP to transfer files
+.SS Selecting the File Transport
 .sp
-Some distributions do not have scp distributed with the ssh package.  The
-solution is to use sftp with the \fIuse_sftp\fP flag
+By default, Salt Cloud uses SFTP to transfer files to Linux hosts. However, if
+SFTP is not available, or specific SCP functionality is needed, Salt Cloud can
+be configured to use SCP instead.
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-use_sftp: True
+file_transport: sftp
+file_transport: scp
 .ft P
 .fi
 .UNINDENT
@@ -25646,13 +29466,13 @@
 \fBSEE ALSO:\fP
 .INDENT 0.0
 .INDENT 3.5
-The full list of netapi modules
+\fIThe full list of netapi modules\fP
 .UNINDENT
 .UNINDENT
 .SS Configuration
 .sp
-All \fBnetapi\fP configuration is done in the Salt master
-config and takes a form similar to the following:
+All \fBnetapi\fP configuration is done in the \fISalt master
+config\fP and takes a form similar to the following:
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -25704,7 +29524,7 @@
 module to see external requirements and configuration settings.
 .sp
 Communication with Salt and Salt satellite projects is done using Salt\(aqs own
-Python API\&. A list of available client interfaces is below.
+\fIPython API\fP\&. A list of available client interfaces is below.
 .INDENT 0.0
 .INDENT 3.5
 .IP "salt\-api"
@@ -25718,7 +29538,7 @@
 \fBSEE ALSO:\fP
 .INDENT 0.0
 .INDENT 3.5
-The full list of netapi modules
+\fIThe full list of netapi modules\fP
 .UNINDENT
 .UNINDENT
 .SS Client interfaces
@@ -25743,7 +29563,7 @@
 .INDENT 7.0
 .TP
 .B local(*args, **kwargs)
-Run execution modules synchronously
+Run \fIexecution modules\fP synchronously
 .sp
 See \fBsalt.client.LocalClient.cmd()\fP for all available
 parameters.
@@ -25761,7 +29581,7 @@
 .INDENT 7.0
 .TP
 .B local_async(*args, **kwargs)
-Run execution modules asynchronously
+Run \fIexecution modules\fP asynchronously
 .sp
 Wraps \fBsalt.client.LocalClient.run_job()\fP\&.
 .INDENT 7.0
@@ -25773,7 +29593,7 @@
 .INDENT 7.0
 .TP
 .B local_batch(*args, **kwargs)
-Run execution modules against batches of minions
+Run \fIexecution modules\fP against batches of minions
 .sp
 New in version 0.8.4.
 
@@ -25804,7 +29624,7 @@
 .INDENT 7.0
 .TP
 .B wheel(fun, **kwargs)
-Run wheel modules synchronously
+Run \fIwheel modules\fP synchronously
 .sp
 Wraps \fBsalt.wheel.WheelClient.master_call()\fP\&.
 .sp
@@ -26454,6 +30274,14 @@
 file is in \fB/etc/salt/master\fP\&. If one wishes to use a customized configuration file,
 the \fB\-c\fP option to Salt SSH facilitates passing in a directory to look inside for a
 configuration file named \fBmaster\fP\&.
+.SS Minion Config
+.sp
+New in version 2015.5.1.
+
+.sp
+Minion config options can be defined globally using the master configuration
+option \fBssh_minion_opts\fP\&. It can also be defined on a per\-minion basis with
+the \fBminion_opts\fP entry in the roster.
 .SS Running Salt SSH as non\-root user
 .sp
 By default, Salt read all the configuration from /etc/salt/. If you are running
@@ -26513,7 +30341,7 @@
 \fBSEE ALSO:\fP
 .INDENT 0.0
 .INDENT 3.5
-all\-salt.roster
+\fIall\-salt.roster\fP
 .UNINDENT
 .UNINDENT
 .sp
@@ -26544,21 +30372,189 @@
 .sp
 .nf
 .ft C
-<Salt ID>:   # The id to reference the target system with
-    host:    # The IP address or DNS name of the remote host
-    user:    # The user to log in as
-    passwd:  # The password to log in with
+<Salt ID>:       # The id to reference the target system with
+    host:        # The IP address or DNS name of the remote host
+    user:        # The user to log in as
+    passwd:      # The password to log in with
 
     # Optional parameters
-    port:    # The target system\(aqs ssh port number
-    sudo:    # Boolean to run command via sudo
-    priv:    # File path to ssh private key, defaults to salt\-ssh.rsa
-    timeout: # Number of seconds to wait for response when establishing a
-               SSH connection
+    port:        # The target system\(aqs ssh port number
+    sudo:        # Boolean to run command via sudo
+    priv:        # File path to ssh private key, defaults to salt\-ssh.rsa
+    timeout:     # Number of seconds to wait for response when establishing
+                 # an SSH connection
+    timeout:     # Number of seconds to wait for response
+    minion_opts: # Dictionary of minion opts
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
+salt\-ssh server1 test.ping
+.sp
+salt\-ssh server1 test.ping \-i
+.sp
+salt\-ssh server1 test.ping \-\-askpass
+.sp
+salt\-ssh server1 test.ping
+.INDENT 0.0
+.IP \(bu 2
+permission denied, do you want to deply the key?
+.UNINDENT
+.sp
+salt\-ssh server1 disk.usage
+salt\-ssh server1 network.interfaces
+.INDENT 0.0
+.TP
+.B server1:
+host: 192.168.167.91
+user: root
+.TP
+.B server2:
+host: 192.168.167.92
+user: vagrant
+sudo: true
+.UNINDENT
+.sp
+Install a package in minutes
+.sp
+vim /etc/salt/roster
+.INDENT 0.0
+.TP
+.B server3:
+host: 192.168.167.93
+username: vagrant
+sudo: true
+.UNINDENT
+.sp
+salt\-ssh \-i server2 pkg.install cowsay
+.sp
+salt\-ssh \-i server2 cmd.run \(aq/usr/games/cowsay "Moo! This message brought to you by salt\-ssh"\(aq
+.sp
+Done
+.sp
+salt\-ssh \(aq*\(aq \-r \(aqifconfig\(aq
+.sp
+salt\-ssh \(aq*\(aq \-W pkg.install vim
+.sp
+salt\-ssh \(aq*\(aq cmd.run \(aqls \-a /tmp\(aq
+salt\-ssh \(aq*\(aq cmd.run \(aqls \-a /tmp\(aq \-W
+.sp
+salt\-ssh can be ran from any system, it doesn\(aqt have to be a master.
+Low overhead, run from your laptop.
+.sp
+Deployment handled by shim
+the shim is a small script.
+.sp
+Target system needs python 2, 2.6 or higher (unless raw mode)
+.sp
+salt/client/init.py
+.sp
+Architecture differences
+.sp
+Salt is a push pull architecture \- Master can push jobs to the
+minion, minion can pull files/data as needed
+.sp
+salt\-ssh is push only \- job has to be prepared beforehand
+The master compiles the low state and gets everything ready.
+.sp
+Wrapper functions
+.sp
+salt/client/ssh/wrapper/*
+.sp
+cd /srv/salt
+git clone \fI\%https://github.com/saltstack\-formulas/apache\-formula.git\fP base
+rmd \-r base/.git
+cp salt/pillar.example /srv/pillar/apache.sls
+vim srv/pillar/top.sls
+.INDENT 0.0
+.TP
+.B base:
+.INDENT 7.0
+.TP
+.B \(aq*\(aq:
+.INDENT 7.0
+.IP \(bu 2
+apache
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.sp
+salt\-ssh \(aq*\(aq pillar.item apache
+.sp
+vim /etc/salt/master
+.INDENT 0.0
+.TP
+.B extra_filerefs:
+.INDENT 7.0
+.IP \(bu 2
+salt://apache/map.jinja   (this file gets sent down with state runs \- can also be passed in on cli)
+.UNINDENT
+.UNINDENT
+.sp
+salt\-ssh \(aq*\(aq state.sls apache
+Getting Started
+.sp
+Salt SSH is an agentless .
+.sp
+Salt SSH was developed over 18 months
+.sp
+Salt over SSH
+Can leaves no trace (if desired)
+Close to feature parity with Salt \- limitations are due to design (no event bus, no reactor, but
+otherwise you can do all other actions)
+No minion is installed
+.sp
+Installation
+.sp
+Salt Roster
+.sp
+The roster contains the connection information that the Salt Master uses to contact
+a system over SSH. The roster is used only with SSH.
+.sp
+Open \fB/etc/salt/roster\fP in a text editor.
+.sp
+Add custom grains and other things here. By default ssh keys are used to authenticate.
+.sp
+The first time you connect to a system, use the \fB\-i\fP option. This accepts the host key
+.sp
+To auto accept run salt\-ssh \-i
+.sp
+Password authentication:
+.sp
+plain text password in roster file (not recommended)
+.sp
+\-\-askpass option
+.sp
+That worked!
+.sp
+Preferred way is to let salt ssh deploy its own key pair. All you need is the root password
+for the target system. When you run commands, you won\(aqt be prompted.
+.sp
+salt\-ssh \(aq*\(aq test.ping
+salt\-ssh \(aq*\(aq cmd.run \(aqls /\(aq
+salt
+.sp
+Deployment process
+.sp
+The master complies Salt Thin, doesn\(aqt have certain dependencies that are required in a
+typical environment. Creates a tarball, sends it over scp to a randomized secure temp directory
+and then runs salt call from that temp directory. Gives you all of the power of salt, but introduces
+some initial overhead.
+.sp
+The version of salt that is on the master is deployed to the ssh minion
+.sp
+Raw Commands
+.sp
+salt\-ssh \-r \- sends a raw command, this works on any system \- this doesn\(aqt go through a salt
+module (not even cmd.run),
+.sp
+Remove Salt\-ssh when finished
+.sp
+salt\-ssh \-W
+.sp
+State system \- templated states with jinja calls to the salt dictionary \- each call makes a new ssh system, runs, gets the return, and then inserts it.
+.sp
+Publish and mine calls \- each minion
 .SH REFERENCE
 .SS Full list of builtin auth modules
 .TS
@@ -26856,7 +30852,7 @@
 Behavior is highly dependent on if Active Directory is in use.
 .sp
 AD handles group membership very differently than OpenLDAP.
-See the External Authentication documentation for a thorough
+See the \fIExternal Authentication\fP documentation for a thorough
 discussion of available parameters for customizing the search.
 .sp
 OpenLDAP allows you to search for all groups in the directory
@@ -26874,65 +30870,46 @@
 a password. The password field will hold a SHA256 checksum.
 .INDENT 0.0
 .INDENT 3.5
-.INDENT 0.0
-.INDENT 3.5
 .sp
 .nf
 .ft C
-
+CREATE TABLE \(gausers\(ga (
+  \(gaid\(ga int(11) NOT NULL AUTO_INCREMENT,
+  \(gausername\(ga varchar(25) DEFAULT NULL,
+  \(gapassword\(ga varchar(70) DEFAULT NULL,
+  PRIMARY KEY (\(gaid\(ga)
+) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1;
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
-.INDENT 0.0
-.TP
-.B CREATE TABLE \fIusers\fP (
-\fIid\fP int(11) NOT NULL AUTO_INCREMENT,
-\fIusername\fP varchar(25) DEFAULT NULL,
-\fIpassword\fP varchar(70) DEFAULT NULL,
-PRIMARY KEY (\fIid\fP)
-.UNINDENT
-.sp
-) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1;
-.UNINDENT
-.UNINDENT
 .sp
 To create a user within MySQL, execute the following statement.
 .INDENT 0.0
 .INDENT 3.5
-.INDENT 0.0
-.INDENT 3.5
 .sp
 .nf
 .ft C
-
+INSERT INTO users VALUES (NULL, \(aqdiana\(aq, SHA2(\(aqsecret\(aq, 256))
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
-.sp
-INSERT INTO users VALUES (NULL, \(aqdiana\(aq, SHA2(\(aqsecret\(aq, 256))
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-
+mysql_auth:
+  hostname: localhost
+  database: SaltStack
+  username: root
+  password: letmein
+  auth_sql: \(aqSELECT username FROM users WHERE username = "{0}" AND password = SHA2("{1}", 256)\(aq
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
-.INDENT 0.0
-.TP
-.B mysql_auth:
-hostname: localhost
-database: SaltStack
-username: root
-password: letmein
-auth_sql: \(aqSELECT username FROM users WHERE username = "{0}" AND password = SHA2("{1}", 256)\(aq
-.UNINDENT
-.UNINDENT
-.UNINDENT
 .sp
 The \fIauth_sql\fP contains the SQL that will validate a user to ensure they are
 correctly authenticated. This is where you can specify other SQL queries to
@@ -26941,8 +30918,6 @@
 Enable MySQL authentication.
 .INDENT 0.0
 .INDENT 3.5
-.INDENT 0.0
-.INDENT 3.5
 .sp
 .nf
 .ft C
@@ -26954,8 +30929,6 @@
 .fi
 .UNINDENT
 .UNINDENT
-.UNINDENT
-.UNINDENT
 .INDENT 0.0
 .TP
 .B depends
@@ -27313,7 +31286,7 @@
 .UNINDENT
 .UNINDENT
 .sp
-more info on using targeting with grains can be found here\&.
+more info on using targeting with grains can be found \fIhere\fP\&.
 .SS Targeting with Executions
 .sp
 As of 0.8.8 targeting with executions is still under heavy development and this
@@ -27353,7 +31326,7 @@
 \fBwebser*\fP target does not need to be prefaced with a target type specifier
 because it is a glob.
 .sp
-more info on using compound targeting can be found here\&.
+more info on using compound targeting can be found \fIhere\fP\&.
 .SS Node Group Targeting
 .sp
 New in version 0.9.5.
@@ -27361,7 +31334,7 @@
 .sp
 For certain cases, it can be convenient to have a predefined group of minions
 on which to execute commands. This can be accomplished using what are called
-nodegroups\&. Nodegroups allow for predefined
+\fInodegroups\fP\&. Nodegroups allow for predefined
 compound targets to be declared in the master configuration file, as a sort of
 shorthand for having to type out complicated compound expressions.
 .INDENT 0.0
@@ -27528,7 +31501,20 @@
 .SS Description
 .sp
 The salt\-call command is used to run module functions locally on a minion
-instead of executing them from the master.
+instead of executing them from the master. Salt\-call is used to run a
+\fIStandalone Minion\fP, and was originally
+created for \fItroubleshooting\fP\&.
+.sp
+The Salt Master is contacted to retrieve state files and other resources
+during execution unless the \fB\-\-local\fP option is specified.
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+\fBsalt\-call\fP commands execute from the current user\(aqs shell
+context, while \fBsalt\fP commands execute from the system\(aqs default context.
+.UNINDENT
+.UNINDENT
 .SS Options
 .INDENT 0.0
 .TP
@@ -28128,12 +32114,6 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B \-Q, \-\-query
-Execute a query and print out information about all cloud VMs. Can be used
-in conjunction with \-m to display only information about the specified map.
-.UNINDENT
-.INDENT 0.0
-.TP
 .B \-u, \-\-update\-bootstrap
 Update salt\-bootstrap to the latest develop version on GitHub.
 .UNINDENT
@@ -29496,7 +33476,7 @@
 .sp
 Salt can be used from CLI scripts as well as via a REST interface.
 .sp
-See Salt\(aqs outputter system to retrieve structured
+See Salt\(aqs \fIoutputter system\fP to retrieve structured
 data from Salt as JSON, or as shell\-friendly text, or many other formats.
 .sp
 See the \fBstate.event\fP runner to utilize
@@ -29509,8 +33489,8 @@
 .SS Salt\(aqs \fBopts\fP dictionary
 .sp
 Some clients require access to Salt\(aqs \fBopts\fP dictionary. (The dictionary
-representation of the master or
-minion config files.)
+representation of the \fImaster\fP or
+\fIminion\fP config files.)
 .sp
 A common pattern for fetching the \fBopts\fP dictionary is to defer to
 environment variables if they exist or otherwise fetch the config from the
@@ -29671,7 +33651,7 @@
 The interface used by the \fBsalt\fP CLI tool on the Salt Master
 .sp
 \fBLocalClient\fP is used to send a command to Salt minions to execute
-execution modules and return the results to the
+\fIexecution modules\fP and return the results to the
 Salt Master.
 .sp
 Importing and using \fBLocalClient\fP must be done on the same machine as the
@@ -29878,8 +33858,8 @@
 .nf
 .ft C
 >>> returns = local.cmd_batch(\(aq*\(aq, \(aqstate.highstate\(aq, bat=\(aq10%\(aq)
->>> for return in returns:
-\&...     print return
+>>> for ret in returns:
+\&...     print(ret)
 {\(aqjerry\(aq: {...}}
 {\(aqdave\(aq: {...}}
 {\(aqstewart\(aq: {...}}
@@ -29898,7 +33878,7 @@
 .INDENT 7.0
 .TP
 .B Returns
-A generator
+A generator yielding the individual minion returns
 .UNINDENT
 .INDENT 7.0
 .INDENT 3.5
@@ -29907,7 +33887,7 @@
 .ft C
 >>> ret = local.cmd_iter(\(aq*\(aq, \(aqtest.ping\(aq)
 >>> for i in ret:
-\&...     print i
+\&...     print(i)
 {\(aqjerry\(aq: {\(aqret\(aq: True}}
 {\(aqdave\(aq: {\(aqret\(aq: True}}
 {\(aqstewart\(aq: {\(aqret\(aq: True}}
@@ -29919,24 +33899,29 @@
 .INDENT 7.0
 .TP
 .B cmd_iter_no_block(tgt, fun, arg=(), timeout=None, expr_form=\(aqglob\(aq, ret=\(aq\(aq, kwarg=None, **kwargs)
-Blocks while waiting for individual minions to return.
+.INDENT 7.0
+.TP
+.B Yields the individual minion returns as they come in, or None
+when no returns are available.
+.UNINDENT
 .sp
 The function signature is the same as \fBcmd()\fP with the
 following exceptions.
 .INDENT 7.0
 .TP
 .B Returns
-None until the next minion returns. This allows for actions
-to be injected in between minion returns.
+A generator yielding the individual minion returns, or None
+when no returns are available. This allows for actions to be
+injected in between minion returns.
 .UNINDENT
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
->>> ret = local.cmd_iter(\(aq*\(aq, \(aqtest.ping\(aq)
+>>> ret = local.cmd_iter_no_block(\(aq*\(aq, \(aqtest.ping\(aq)
 >>> for i in ret:
-\&...     print i
+\&...     print(i)
 None
 {\(aqjerry\(aq: {\(aqret\(aq: True}}
 {\(aqdave\(aq: {\(aqret\(aq: True}}
@@ -30093,7 +34078,7 @@
 .B class salt.runner.RunnerClient(opts)
 The interface used by the \fBsalt\-run\fP CLI tool on the Salt Master
 .sp
-It executes runner modules which run on the Salt
+It executes \fIrunner modules\fP which run on the Salt
 Master.
 .sp
 Importing and using \fBRunnerClient\fP must be done on the same machine as
@@ -30197,13 +34182,28 @@
 .B class salt.wheel.WheelClient(opts=None)
 An interface to Salt\(aqs wheel modules
 .sp
-Wheel modules interact with various parts of the
+\fIWheel modules\fP interact with various parts of the
 Salt Master.
 .sp
 Importing and using \fBWheelClient\fP must be done on the same machine as the
 Salt Master and it must be done using the same user that the Salt Master is
 running as. Unless \fBexternal_auth\fP is configured and the user
 is authorized to execute wheel functions: (\fB@wheel\fP).
+.sp
+Usage:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+import salt.config
+import salt.wheel
+opts = salt.config.master_config(\(aq/etc/salt/master\(aq)
+wheel = salt.wheel.WheelClient(opts)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .INDENT 7.0
 .TP
 .B async(fun, low, user=\(aqUNKNOWN\(aq)
@@ -30219,27 +34219,8 @@
 .sp
 .nf
 .ft C
->>> opts = salt.config.master_config(\(aq/etc/salt/master\(aq)
->>> runner = salt.runner.RunnerClient(opts)
->>> runner.cmd(\(aqjobs.list_jobs\(aq, [])
-{
-    \(aq20131219215650131543\(aq: {
-        \(aqArguments\(aq: [300],
-        \(aqFunction\(aq: \(aqtest.sleep\(aq,
-        \(aqStartTime\(aq: \(aq2013, Dec 19 21:56:50.131543\(aq,
-        \(aqTarget\(aq: \(aq*\(aq,
-        \(aqTarget\-type\(aq: \(aqglob\(aq,
-        \(aqUser\(aq: \(aqsaltdev\(aq
-    },
-    \(aq20131219215921857715\(aq: {
-        \(aqArguments\(aq: [300],
-        \(aqFunction\(aq: \(aqtest.sleep\(aq,
-        \(aqStartTime\(aq: \(aq2013, Dec 19 21:59:21.857715\(aq,
-        \(aqTarget\(aq: \(aq*\(aq,
-        \(aqTarget\-type\(aq: \(aqglob\(aq,
-        \(aqUser\(aq: \(aqsaltdev\(aq
-    },
-}
+>>> wheel.cmd(\(aqkey.finger\(aq, [\(aqjerry\(aq])
+{\(aqminions\(aq: {\(aqjerry\(aq: \(aq5d:f6:79:43:5e:d4:42:3f:57:b8:45:a8:7e:a4:6e:ca\(aq}}
 .ft P
 .fi
 .UNINDENT
@@ -30282,14 +34263,6 @@
 .sp
 .nf
 .ft C
-
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.sp
-.nf
-.ft C
 >>> wheel.cmd_sync({
 \(aqfun\(aq: \(aqkey.finger\(aq,
 \(aqmatch\(aq: \(aqjerry\(aq,
@@ -30302,6 +34275,8 @@
 .fi
 .UNINDENT
 .UNINDENT
+.UNINDENT
+.UNINDENT
 .SS CloudClient
 .INDENT 0.0
 .TP
@@ -30465,17 +34440,26 @@
 .TP
 .B class salt.client.ssh.client.SSHClient(c_path=\(aq/etc/salt/master\(aq, mopts=None)
 Create a client object for executing routines via the salt\-ssh backend
+.sp
+New in version 2015.5.0.
+
 .INDENT 7.0
 .TP
 .B cmd(tgt, fun, arg=(), timeout=None, expr_form=\(aqglob\(aq, kwarg=None, **kwargs)
 Execute a single command via the salt\-ssh subsystem and return all
 routines at once
+.sp
+New in version 2015.5.0.
+
 .UNINDENT
 .INDENT 7.0
 .TP
 .B cmd_iter(tgt, fun, arg=(), timeout=None, expr_form=\(aqglob\(aq, ret=\(aq\(aq, kwarg=None, **kwargs)
 Execute a single command via the salt\-ssh subsystem and return a
 generator
+.sp
+New in version 2015.5.0.
+
 .UNINDENT
 .UNINDENT
 .SS Full list of Salt Cloud modules
@@ -30534,6 +34518,7 @@
 T{
 \fBjoyent\fP
 T}	T{
+Joyent Cloud Module
 T}
 _
 T{
@@ -30549,11 +34534,6 @@
 T}
 _
 T{
-\fBlinodepy\fP
-T}	T{
-T}
-_
-T{
 \fBlxc\fP
 T}	T{
 Install Salt on an LXC Container
@@ -31123,6 +35103,18 @@
 The DigitalOcean cloud module is used to control access to the DigitalOcean
 VPS system.
 .sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+Due to Digital Ocean deprecating its original API, this salt\-cloud driver for
+Digital Ocean will be deprecated in Salt Beryllium. The digital_ocean_v2 driver
+that is currently available on all 2015.5.x releases will be used instead.
+Starting in Beryllium, the digital_ocean_v2.py driver will be renamed to
+digital_ocean.py and this driver will be removed. Please convert any original
+digital_ocean provider configs to use the new digital_ocean_v2 provider configs.
+.UNINDENT
+.UNINDENT
+.sp
 Use of this module only requires the \fBapi_key\fP parameter to be set. Set up the
 cloud configuration at \fB/etc/salt/cloud.providers\fP or
 \fB/etc/salt/cloud.providers.d/digital_ocean.conf\fP:
@@ -32063,6 +36055,10 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.cloud.clouds.ec2.sign(key, msg)
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.cloud.clouds.ec2.ssh_interface(vm_)
 Return the ssh_interface type to connect to. Either \(aqpublic_ips\(aq (default)
 or \(aqprivate_ips\(aq.
@@ -32116,13 +36112,15 @@
 Make sure Google Compute Engine service is enabled under the Services
 section.
 .IP \(bu 2
-Go to "APIs and auth" and then the "Registered apps" section.
+Go to "APIs and auth" section, and then the "Credentials" link.
 .IP \(bu 2
-Click the "REGISTER APP" button and give it a meaningful name.
+Click the "CREATE NEW CLIENT ID" button.
 .IP \(bu 2
-Select "Web Application" and click "Register".
+Select "Service Account" and click "Create Client ID" button.
 .IP \(bu 2
-Select Certificate, then "Generate Certificate"
+This will automatically download a .json file; ignore it.
+.IP \(bu 2
+Look for a new "Service Account" section in the page, click on the "Generate New P12 key" button
 .IP \(bu 2
 Copy the Email Address for inclusion in your /etc/salt/cloud file
 in the \(aqservice_account_email_address\(aq setting.
@@ -32148,7 +36146,7 @@
 .ft C
 my\-gce\-config:
   # The Google Cloud Platform Project ID
-  project: google.com:erjohnso
+  project: "my\-project\-id"
   # The Service ACcount client ID
   service_account_email_address: 1234567890@developer.gserviceaccount.com
   # The location of the private key (PEM format)
@@ -32739,6 +36737,17 @@
 .fi
 .UNINDENT
 .UNINDENT
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+A Note about using Map files with GoGrid:
+.sp
+Due to limitations in the GoGrid API, instances cannot be provisioned in parallel
+with the GoGrid driver. Map files will work with GoGrid, but the \fB\-P\fP
+argument should not be used on maps referencing GoGrid instances.
+.UNINDENT
+.UNINDENT
 .INDENT 0.0
 .TP
 .B salt.cloud.clouds.gogrid.avail_images(conn=None, call=None)
@@ -32747,6 +36756,12 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.cloud.clouds.gogrid.avail_locations(conn=None, call=None)
+Return a dict of all available VM locations on the cloud provider with
+relevant data
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.cloud.clouds.gogrid.avail_sizes(conn=None, call=None)
 Return a dict of all available VM images on the cloud provider with
 relevant data
@@ -32778,6 +36793,17 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.cloud.clouds.gogrid.get_node(conn, name)
+Return a libcloud node for the named VM
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.gogrid.get_salt_interface(vm_)
+Return the salt_interface type to connect to. Either \(aqpublic_ips\(aq (default)
+or \(aqprivate_ips\(aq.
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.cloud.clouds.gogrid.get_size(conn, vm_)
 Return the VM\(aqs size object
 .UNINDENT
@@ -32798,6 +36824,11 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.cloud.clouds.gogrid.reboot(name, conn=None)
+Reboot a single VM
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.cloud.clouds.gogrid.script(vm_)
 Return the script deployment object
 .UNINDENT
@@ -32806,6 +36837,463 @@
 .B salt.cloud.clouds.gogrid.show_instance(name, call=None)
 Show the details from the provider concerning an instance
 .UNINDENT
+.SS salt.cloud.clouds.joyent
+.SS Joyent Cloud Module
+.sp
+The Joyent Cloud module is used to interact with the Joyent cloud system.
+.sp
+Set up the cloud configuration at \fB/etc/salt/cloud.providers\fP or
+\fB/etc/salt/cloud.providers.d/joyent.conf\fP:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+my\-joyent\-config:
+  provider: joyent
+  # The Joyent login user
+  user: fred
+  # The Joyent user\(aqs password
+  password: saltybacon
+  # The location of the ssh private key that can log into the new VM
+  private_key: /root/mykey.pem
+  # The name of the private key
+  private_key: mykey
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+When creating your profiles for the joyent cloud, add the location attribute to
+the profile, this will automatically get picked up when performing tasks
+associated with that vm. An example profile might look like:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+joyent_512:
+  provider: my\-joyent\-config
+  size: Extra Small 512 MB
+  image: centos\-6
+  location: us\-east\-1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+This driver can also be used with the Joyent SmartDataCenter project. More
+details can be found at:
+.sp
+Using SDC requires that an api_host_suffix is set. The default value for this is
+\fI\&.api.joyentcloud.com\fP\&. All characters, including the leading \fI\&.\fP, should be
+included:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+api_host_suffix: .api.myhostname.com
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B depends
+PyCrypto
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.avail_images(call=None)
+Get list of available images
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-\-list\-images
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Can use a custom URL for images. Default is:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+image_url: images.joyent.com/image
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.avail_locations(call=None)
+List all available locations
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.avail_sizes(call=None)
+get list of available packages
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-\-list\-sizes
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.create(vm_)
+Create a single VM from a data dict
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-p profile_name vm_name
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.create_node(**kwargs)
+convenience function to make the rest api call for node creation.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.delete_key(kwargs=None, call=None)
+List the keys available
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-f delete_key joyent keyname=mykey
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.destroy(name, call=None)
+destroy a machine by name
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBname\fP \-\- name given to the machine
+.IP \(bu 2
+\fBcall\fP \-\- call value in this case is \(aqaction\(aq
+.UNINDENT
+.TP
+.B Returns
+array of booleans , true if successfully stopped and true if
+successfully removed
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-d vm_name
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.get_configured_provider()
+Return the first configured instance.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.get_image(vm_)
+Return the image object to use
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.get_location(vm_=None)
+.INDENT 7.0
+.TP
+.B Return the joyent data center to use, in this order:
+.INDENT 7.0
+.IP \(bu 2
+CLI parameter
+.IP \(bu 2
+VM parameter
+.IP \(bu 2
+Cloud profile setting
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.get_location_path(location=\(aqus\-east\-1\(aq, api_host_suffix=\(aq.api.joyentcloud.com\(aq)
+create url from location variable
+:param location: joyent data center location
+:return: url
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.get_node(name)
+gets the node from the full node list by name
+:param name: name of the vm
+:return: node object
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.get_salt_interface(vm_)
+Return the salt_interface type to connect to. Either \(aqpublic_ips\(aq (default)
+or \(aqprivate_ips\(aq.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.get_size(vm_)
+Return the VM\(aqs size object
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.has_method(obj, method_name)
+Find if the provided object has a specific method
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.import_key(kwargs=None, call=None)
+List the keys available
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-f import_key joyent keyname=mykey keyfile=/tmp/mykey.pub
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.joyent_node_state(id_)
+Convert joyent returned state to state common to other data center return
+values for consistency
+.INDENT 7.0
+.TP
+.B Parameters
+\fBid\fP \-\- joyent state value
+.TP
+.B Returns
+libcloudfuncs state value
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.key_list(items=None)
+convert list to dictionary using the key as the identifier
+:param items: array to iterate over
+:return: dictionary
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.list_keys(kwargs=None, call=None)
+List the keys available
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.list_nodes(full=False, call=None)
+list of nodes, keeping only a brief listing
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-Q
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.list_nodes_full(call=None)
+list of nodes, maintaining all content provided from joyent listings
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-F
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.list_nodes_select(call=None)
+Return a list of the VMs that are on the provider, with select fields
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.query(action=None, command=None, args=None, method=\(aqGET\(aq, location=None, data=None)
+Make a web call to Joyent
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.query_instance(vm_=None, call=None)
+Query an instance upon creation from the Joyent API
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.reboot(name, call=None)
+reboot a machine by name
+:param name: name given to the machine
+:param call: call value in this case is \(aqaction\(aq
+:return: true if successful
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-a reboot vm_name
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.reformat_node(item=None, full=False)
+Reformat the returned data from joyent, determine public/private IPs and
+strip out fields if necessary to provide either full or brief content.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBitem\fP \-\- node dictionary
+.IP \(bu 2
+\fBfull\fP \-\- full or brief output
+.UNINDENT
+.TP
+.B Returns
+dict
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.show_instance(name, call=None)
+get details about a machine
+:param name: name given to the machine
+:param call: call value in this case is \(aqaction\(aq
+:return: machine information
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-a show_instance vm_name
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.show_key(kwargs=None, call=None)
+List the keys available
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.ssh_interface(vm_)
+Return the ssh_interface type to connect to. Either \(aqpublic_ips\(aq (default)
+or \(aqprivate_ips\(aq.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.start(name, call=None)
+start a machine by name
+:param name: name given to the machine
+:param call: call value in this case is \(aqaction\(aq
+:return: true if successful
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-a start vm_name
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.stop(name, call=None)
+stop a machine by name
+:param name: name given to the machine
+:param call: call value in this case is \(aqaction\(aq
+:return: true if successful
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-cloud \-a stop vm_name
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.joyent.take_action(name=None, call=None, command=None, data=None, method=\(aqGET\(aq, location=\(aqus\-east\-1\(aq)
+take action call used by start,stop, reboot
+:param name: name given to the machine
+:param call: call value in this case is \(aqaction\(aq
+:command: api path
+:data: any data to be passed to the api, must be in json format
+:method: GET,POST,or DELETE
+:location: data center to execute the command on
+:return: true if successful
+.UNINDENT
 .SS salt.cloud.clouds.libcloud_aws
 .SS The AWS Cloud Module
 .sp
@@ -33015,7 +37503,11 @@
 .UNINDENT
 .sp
 OR
-:depends: apache\-libcloud >= 0.13.2
+.INDENT 0.0
+.TP
+.B depends
+apache\-libcloud >= 0.13.2
+.UNINDENT
 .sp
 \fBNOTE:\fP
 .INDENT 0.0
@@ -33227,7 +37719,7 @@
 New in version 2014.7.0.
 
 .sp
-Please read core config documentation\&.
+Please read \fIcore config documentation\fP\&.
 .INDENT 0.0
 .TP
 .B salt.cloud.clouds.lxc.avail_images()
@@ -33533,6 +38025,11 @@
 rackconnect v3 cloud network as it\(aqs variable
 .INDENT 0.0
 .TP
+.B salt.cloud.clouds.nova.attach_volume(name, server_name, device=\(aq/dev/xvdb\(aq, **kwargs)
+Attach block volume
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.cloud.clouds.nova.avail_images()
 Return a dict of all available VM images on the cloud provider.
 .UNINDENT
@@ -33553,6 +38050,16 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.cloud.clouds.nova.create_attach_volumes(name, call=None, **kwargs)
+Create and attach volumes to created node
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.cloud.clouds.nova.create_volume(name, size=100, snapshot=None, voltype=None, **kwargs)
+Create block storage device
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.cloud.clouds.nova.destroy(name, conn=None, call=None)
 Delete a single VM
 .UNINDENT
@@ -33680,6 +38187,11 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.cloud.clouds.nova.volume_create_attach(name, call=None, **kwargs)
+Create and attach volumes to created node
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.cloud.clouds.nova.volume_delete(name, **kwargs)
 Delete block storage device
 .UNINDENT
@@ -34690,7 +39202,7 @@
 .sp
 Use of this module requires no configuration in the main cloud configuration
 file. However, profiles must still be configured, as described in the
-core config documentation\&.
+\fIcore config documentation\fP\&.
 .INDENT 0.0
 .TP
 .B salt.cloud.clouds.saltify.create(vm_)
@@ -34719,11 +39231,6 @@
 Because this module is not specific to any cloud providers, there will be
 no nodes to list.
 .UNINDENT
-.INDENT 0.0
-.TP
-.B salt.cloud.clouds.saltify.script(vm_)
-Return the script deployment object
-.UNINDENT
 .SS salt.cloud.clouds.softlayer
 .SS SoftLayer Cloud Module
 .sp
@@ -34984,8 +39491,17 @@
 .SS salt.cloud.clouds.vsphere
 .SS vSphere Cloud Module
 .sp
-New in version 2014.7.0.
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+Deprecated since version Carbon: The \fI\%vsphere\fP cloud driver has been
+deprecated in favor of the \fBvmware\fP
+cloud driver and will be removed in Salt Carbon. Please refer to
+\fBGetting started with VMware\fP to get started
+and convert your vsphere provider configurations to use the vmware driver.
 
+.UNINDENT
+.UNINDENT
 .sp
 The vSphere cloud module is used to control access to VMWare vSphere.
 .INDENT 0.0
@@ -35025,6 +39541,8 @@
   provider: vsphere
   user: myuser
   password: verybadpass
+  template_user: root
+  template_password: mybadVMpassword
   url: \(aqhttps://10.1.1.1:443\(aq
 .ft P
 .fi
@@ -35049,19 +39567,23 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B folder: Name of the folder that will contain the new VM. If not set, the VM will
-be added to the folder the original VM belongs to.
+.B folder
+Name of the folder that will contain the new VM. If not set, the VM will be added to
+the folder the original VM belongs to.
+.TP
+.B resourcepool
+MOR of the resourcepool to be used for the new vm. If not set, it uses the same
+resourcepool than the original vm.
+.TP
+.B datastore
+MOR of the datastore where the virtual machine should be located. If not specified,
+the current datastore is used.
 .TP
-.B resourcepool: MOR of the resourcepool to be used for the new vm. If not set, it
-uses the same resourcepool than the original vm.
-.TP
-.B datastore: MOR of the datastore where the virtual machine should be located. If
-not specified, the current datastore is used.
-.TP
-.B host: MOR of the host where the virtual machine should be registered.
+.B host
+MOR of the host where the virtual machine should be registered.
 .INDENT 7.0
 .TP
-.B IF not specified:
+.B Id not specified:
 .INDENT 7.0
 .IP \(bu 2
 if resourcepool is not specified, current host is used.
@@ -35077,8 +39599,27 @@
 .UNINDENT
 .UNINDENT
 .TP
-.B template: Specifies whether or not the new virtual machine should be marked as a
-template. Default is False.
+.B template
+Specifies whether or not the new virtual machine should be marked as a template.
+Default is False.
+.TP
+.B template_user
+Specifies the user to access the VM. Should be
+.TP
+.B template_password
+The password with which to access the VM.
+.TP
+.B sudo
+The user to access the VM with sudo privileges.
+.sp
+New in version 2015.5.2.
+
+.TP
+.B sudo_password
+The password corresponding to the sudo user to access the VM with sudo privileges.
+.sp
+New in version 2015.5.2.
+
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -35250,7 +39791,8 @@
 
 # The number of worker threads to start. These threads are used to manage
 # return calls made from minions to the master. If the master seems to be
-# running slowly, increase the number of threads.
+# running slowly, increase the number of threads. This setting can not be
+# set lower than 3.
 #worker_threads: 5
 
 # The port used by the communication interface. The ret (return) port is the
@@ -35499,6 +40041,17 @@
 # will cause minion to throw an exception and drop the message.
 # sign_pub_messages: False
 
+#####     Salt\-SSH Configuration     #####
+##########################################
+
+# Pass in an alternative location for the salt\-ssh roster file
+#roster_file: /etc/salt/roster
+
+# Pass in minion option overrides that will be inserted into the SHIM for
+# salt\-ssh calls. The local minion config is not used for salt\-ssh. Can be
+# overridden on a per\-minion basis in the roster (\(gaminion_opts\(ga)
+#ssh_minion_opts:
+#  gpg_keydir: /root/gpg
 
 #####    Master Module Management    #####
 ##########################################
@@ -35952,6 +40505,18 @@
 # If only one master is listed, this setting is ignored and a warning will be logged.
 #random_master: False
 
+# Minions can connect to multiple masters simultaneously (all masters
+# are "hot"), or can be configured to failover if a master becomes
+# unavailable.  Multiple hot masters are configured by setting this
+# value to "standard".  Failover masters can be requested by setting
+# to "failover".  MAKE SURE TO SET master_alive_interval if you are
+# using failover.
+# master_type: standard
+
+# Poll interval in seconds for checking if the master is still there.  Only
+# respected if master_type above is "failover".
+# master_alive_interval: 30
+
 # Set whether the minion should connect to the master via IPv6:
 #ipv6: False
 
@@ -36391,6 +40956,10 @@
 # states is cluttering the logs. Set it to True to ignore them.
 #state_output_diff: False
 
+# The state_output_profile setting changes whether profile information
+# will be shown for each state run.
+#state_output_profile: True
+
 # Fingerprint of the master public key to double verify the master is valid,
 # the master fingerprint can be found by running "salt\-key \-F master" on the
 # salt master.
@@ -36547,8 +41116,8 @@
 .SS Configuring Salt
 .sp
 Salt configuration is very simple. The default configuration for the
-master will work for most installations and the only requirement for
-setting up a minion is to set the location of the master in the minion
+\fImaster\fP will work for most installations and the only requirement for
+setting up a \fIminion\fP is to set the location of the master in the minion
 configuration file.
 .sp
 The configuration files will be installed to \fB/etc/salt\fP and are named
@@ -36790,7 +41359,7 @@
 \fBSEE ALSO:\fP
 .INDENT 0.0
 .INDENT 3.5
-example master configuration file
+\fIexample master configuration file\fP
 .UNINDENT
 .UNINDENT
 .sp
@@ -37152,11 +41721,11 @@
 .UNINDENT
 .SS \fBenable_gpu_grains\fP
 .sp
-Default: \fBFalse\fP
+Default: \fBTrue\fP
 .sp
-The master can take a while to start up when lspci and/or dmidecode is used
-to populate the grains for the master. Enable if you want to see GPU hardware
-data for your master.
+Enable GPU hardware data for your master. Be aware that the master can
+take a while to start up when lspci and/or dmidecode is used to populate the
+grains for the master.
 .SS \fBjob_cache\fP
 .sp
 Default: \fBTrue\fP
@@ -37309,7 +41878,7 @@
 Default: False
 .sp
 Causes the master to periodically look for actively connected minions.
-Presence events are fired on the event bus on a
+\fIPresence events\fP are fired on the event bus on a
 regular interval with a list of connected minions, as well as events with lists
 of newly connected or disconnected minions. This is a master\-only operation
 that does not send executions to minions. Note, this does not detect minions
@@ -37324,6 +41893,7 @@
 .fi
 .UNINDENT
 .UNINDENT
+.SS Salt\-SSH Configuration
 .SS \fBroster_file\fP
 .sp
 Default: \(aq/etc/salt/roster\(aq
@@ -37339,6 +41909,24 @@
 .fi
 .UNINDENT
 .UNINDENT
+.SS \fBssh_minion_opts\fP
+.sp
+Default: None
+.sp
+Pass in minion option overrides that will be inserted into the SHIM for
+salt\-ssh calls. The local minion config is not used for salt\-ssh. Can be
+overridden on a per\-minion basis in the roster (\fBminion_opts\fP)
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+minion_opts:
+  gpg_keydir: /root/gpg
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .SS Master Security Settings
 .SS \fBopen_mode\fP
 .sp
@@ -37946,15 +42534,15 @@
 .UNINDENT
 .sp
 As of 2014.7.0, it is possible to have per\-repo versions of several of the
-gitfs configuration parameters. For more information, see the GitFS
-Walkthrough\&.
+gitfs configuration parameters. For more information, see the \fIGitFS
+Walkthrough\fP\&.
 .SS \fBgitfs_provider\fP
 .sp
 New in version 2014.7.0.
 
 .sp
 Specify the provider to be used for gitfs. More information can be found in the
-GitFS Walkthrough\&.
+\fIGitFS Walkthrough\fP\&.
 .sp
 Specify one value among valid values: \fBgitpython\fP, \fBpygit2\fP, \fBdulwich\fP
 .INDENT 0.0
@@ -37995,7 +42583,7 @@
 .sp
 Specifies a path on the salt fileserver from which gitfs remotes are served.
 Can be used in conjunction with \fI\%gitfs_root\fP\&. Can also be
-configured on a per\-remote basis, see here for
+configured on a per\-remote basis, see \fIhere\fP for
 more info.
 .INDENT 0.0
 .INDENT 3.5
@@ -38035,7 +42623,7 @@
 .UNINDENT
 .sp
 Changed in version 2014.7.0: Ability to specify gitfs roots on a per\-remote basis was added. See
-here for more info.
+\fIhere\fP for more info.
 
 .SS \fBgitfs_base\fP
 .sp
@@ -38053,7 +42641,7 @@
 .UNINDENT
 .UNINDENT
 .sp
-Changed in version 2014.7.0: Ability to specify the base on a per\-remote basis was added. See here for more info.
+Changed in version 2014.7.0: Ability to specify the base on a per\-remote basis was added. See \fIhere\fP for more info.
 
 .SS \fBgitfs_env_whitelist\fP
 .sp
@@ -38064,7 +42652,7 @@
 .sp
 Used to restrict which environments are made available. Can speed up state runs
 if the repos in \fI\%gitfs_remotes\fP contain many branches/tags.  More
-information can be found in the GitFS Walkthrough\&.
+information can be found in the \fIGitFS Walkthrough\fP\&.
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -38087,7 +42675,7 @@
 .sp
 Used to restrict which environments are made available. Can speed up state runs
 if the repos in \fI\%gitfs_remotes\fP contain many branches/tags. More
-information can be found in the GitFS Walkthrough\&.
+information can be found in the \fIGitFS Walkthrough\fP\&.
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -38104,7 +42692,7 @@
 .SS GitFS Authentication Options
 .sp
 These parameters only currently apply to the pygit2 gitfs provider. Examples of
-how to use these can be found in the GitFS Walkthrough\&.
+how to use these can be found in the \fIGitFS Walkthrough\fP\&.
 .SS \fBgitfs_user\fP
 .sp
 New in version 2014.7.0.
@@ -38171,7 +42759,7 @@
 .sp
 Along with \fI\%gitfs_privkey\fP (and optionally
 \fI\%gitfs_passphrase\fP), is used to authenticate to SSH remotes. This
-parameter (or its per\-remote counterpart) is
+parameter (or its \fIper\-remote counterpart\fP) is
 required for SSH remotes.
 .INDENT 0.0
 .INDENT 3.5
@@ -38192,7 +42780,7 @@
 .sp
 Along with \fI\%gitfs_pubkey\fP (and optionally
 \fI\%gitfs_passphrase\fP), is used to authenticate to SSH remotes. This
-parameter (or its per\-remote counterpart) is
+parameter (or its \fIper\-remote counterpart\fP) is
 required for SSH remotes.
 .INDENT 0.0
 .INDENT 3.5
@@ -38854,7 +43442,7 @@
 .UNINDENT
 .UNINDENT
 .sp
-There are additional details at salt\-pillars
+There are additional details at \fIsalt\-pillars\fP
 .SS \fBext_pillar_first\fP
 .sp
 New in version 2015.5.0.
@@ -39370,7 +43958,7 @@
 .UNINDENT
 .UNINDENT
 .sp
-More information on using nodegroups can be found here\&.
+More information on using nodegroups can be found \fIhere\fP\&.
 .SS Range Cluster Settings
 .SS \fBrange_server\fP
 .sp
@@ -39473,6 +44061,24 @@
 .fi
 .UNINDENT
 .UNINDENT
+.sp
+To specify a specific revision of the repository, preface the
+repository location with a commit ID:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+win_gitrepos:
+  \- \(aq<commit_id> https://github.com/saltstack/salt\-winrepo.git\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Replacing \fB<commit_id>\fP with the ID from GitHub. Specifying a commit
+ID is useful if you need to revert to a previous version if an error
+is introduced in the latest version.
 .SS Configuring the Salt Minion
 .sp
 The Salt system is amazingly simple and easy to configure. The two components
@@ -39483,7 +44089,7 @@
 \fBSEE ALSO:\fP
 .INDENT 0.0
 .INDENT 3.5
-example minion configuration file
+\fIexample minion configuration file\fP
 .UNINDENT
 .UNINDENT
 .sp
@@ -39569,22 +44175,16 @@
 New in version 2014.7.0.
 
 .sp
-Default: \fBstr\fP
+Default: \fBstandard\fP
 .sp
-The type of the \fI\%master\fP variable. Can be either \fBfunc\fP or
-\fBfailover\fP\&.
-.sp
-If the master needs to be dynamically assigned by executing a function instead
-of reading in the static master value, set this to \fBfunc\fP\&. This can be used
-to manage the minion\(aqs master setting from an execution module. By simply
-changing the algorithm in the module to return a new master ip/fqdn, restart
-the minion and it will connect to the new master.
+The type of the \fI\%master\fP variable. Can be \fBstandard\fP, \fBfailover\fP or
+\fBfunc\fP\&.
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-master_type: func
+master_type: failover
 .ft P
 .fi
 .UNINDENT
@@ -39592,17 +44192,40 @@
 .sp
 If this option is set to \fBfailover\fP, \fI\%master\fP must be a list of
 master addresses. The minion will then try each master in the order specified
-in the list until it successfully connects.
+in the list until it successfully connects.  \fBmaster_alive_interval\fP
+must also be set, this determines how often the minion will verify the presence
+of the master.
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-master_type: failover
+master_type: func
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+If the master needs to be dynamically assigned by executing a function instead
+of reading in the static master value, set this to \fBfunc\fP\&. This can be used
+to manage the minion\(aqs master setting from an execution module. By simply
+changing the algorithm in the module to return a new master ip/fqdn, restart
+the minion and it will connect to the new master.
+.SS \fBmaster_alive_interval\fP
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+master_alive_interval: 30
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
+.sp
+Configures how often, in seconds, the minion will verify that the current
+master is alive and responding.  The minion will try to establish a connection
+to the next master in the list if it finds the existing one is dead.
 .SS \fBmaster_shuffle\fP
 .sp
 New in version 2014.7.0.
@@ -39725,7 +44348,7 @@
 \fBSEE ALSO:\fP
 .INDENT 0.0
 .INDENT 3.5
-Salt Walkthrough
+\fISalt Walkthrough\fP
 .sp
 The \fBSetting up a Salt Minion\fP section contains detailed
 information on how the hostname is determined.
@@ -39820,6 +44443,23 @@
 .fi
 .UNINDENT
 .UNINDENT
+.SS \fBgrains_cache\fP
+.sp
+Default: \fBFalse\fP
+.sp
+The minion can locally cache grain data instead of refreshing the data
+each time the grain is referenced. By default this feature is disabled,
+to enable set grains_cache to \fBTrue\fP\&.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+cache_jobs: False
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .SS \fBsock_dir\fP
 .sp
 Default: \fB/var/run/salt/minion\fP
@@ -39972,23 +44612,6 @@
 .fi
 .UNINDENT
 .UNINDENT
-.SS \fBdns_check\fP
-.sp
-Default: \fBTrue\fP
-.sp
-When healing, a dns_check is run. This is to make sure that the originally
-resolved dns has not changed. If this is something that does not happen in your
-environment, set this value to \fBFalse\fP\&.
-.INDENT 0.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-dns_check: True
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
 .SS \fBcache_sreqs\fP
 .sp
 Default: \fBTrue\fP
@@ -41295,7 +45918,7 @@
 server backends allow the Salt file server to act as a transparent bridge to
 external resources. A good example of this is the \fBgit\fP backend, which allows Salt to serve files sourced from
 one or more git repositories, but there are several others as well. Click
-here for a full list of Salt\(aqs fileserver
+\fIhere\fP for a full list of Salt\(aqs fileserver
 backends.
 .SS Enabling a Fileserver Backend
 .sp
@@ -41313,7 +45936,7 @@
 .UNINDENT
 .UNINDENT
 .sp
-See the documentation for each backend to find the
+See the \fIdocumentation\fP for each backend to find the
 correct value to add to \fBfileserver_backend\fP in order to enable
 them.
 .SS Using Multiple Backends
@@ -41547,6 +46170,25 @@
 The cp module is the home of minion side file server operations. The cp module
 is used by the Salt state system, salt\-cp, and can be used to distribute files
 presented by the Salt file server.
+.SS Escaping Special Characters
+.sp
+The \fBsalt://\fP url format can potentially contain a query string, for example
+\fBsalt://dir/file.txt?saltenv=base\fP\&. You can prevent the fileclient/fileserver from
+interpreting \fB?\fP as the initial token of a query string by referencing the file
+with \fBsalt://|\fP rather than \fBsalt://\fP\&.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+/etc/marathon/conf/?checkpoint:
+  file.managed:
+    \- source: salt://|hw/config/?checkpoint
+    \- makedirs: True
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .SS Environments
 .sp
 Since the file server is made to work with the Salt state system, it supports
@@ -41780,8 +46422,8 @@
 An optional master config parameter (\fBgitfs_provider\fP) can be used
 to specify which provider should be used.
 .sp
-More detailed information on how to use gitfs can be found in the Gitfs
-Walkthrough\&.
+More detailed information on how to use gitfs can be found in the \fIGitfs
+Walkthrough\fP\&.
 .sp
 \fBNOTE:\fP
 .INDENT 0.0
@@ -41790,7 +46432,7 @@
 .sp
 To use \fI\%GitPython\fP for gitfs requires a minimum GitPython version of 0.3.0,
 as well as the git CLI utility. Instructions for installing GitPython can
-be found here\&.
+be found \fIhere\fP\&.
 .sp
 To use \fI\%pygit2\fP for gitfs requires a minimum \fI\%pygit2\fP version of 0.20.3.
 \fI\%pygit2\fP 0.20.3 requires \fI\%libgit2\fP 0.20.0. \fI\%pygit2\fP and \fI\%libgit2\fP are developed
@@ -42020,7 +46662,7 @@
 \fBSEE ALSO:\fP
 .INDENT 0.0
 .INDENT 3.5
-tutorial\-minionfs
+\fItutorial\-minionfs\fP
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
@@ -43286,6 +47928,12 @@
 T}
 _
 T{
+\fBcassandra_cql\fP
+T}	T{
+Cassandra Database Module
+T}
+_
+T{
 \fBchef\fP
 T}	T{
 Execute chef in server or solo mode
@@ -43306,7 +47954,7 @@
 T{
 \fBcmdmod\fP
 T}	T{
-A module for shelling out
+A module for shelling out.
 T}
 _
 T{
@@ -43352,6 +48000,11 @@
 T}
 _
 T{
+\fBcytest\fP
+T}	T{
+T}
+_
+T{
 \fBdaemontools\fP
 T}	T{
 daemontools service module. This module will create daemontools type
@@ -43561,12 +48214,6 @@
 T}
 _
 T{
-\fBfsutils\fP
-T}	T{
-Run\-time utilities
-T}
-_
-T{
 \fBgem\fP
 T}	T{
 Manage ruby gems.
@@ -43671,6 +48318,7 @@
 T{
 \fBhipchat\fP
 T}	T{
+Module for sending messages to hipchat.
 T}
 _
 T{
@@ -43728,6 +48376,12 @@
 T}
 _
 T{
+\fBipmi\fP
+T}	T{
+Support IPMI commands over LAN.
+T}
+_
+T{
 \fBipset\fP
 T}	T{
 Support for ipset
@@ -43950,6 +48604,12 @@
 T}
 _
 T{
+\fBnacl\fP
+T}	T{
+This module helps include encrypted passwords in pillars, grains and salt state files.
+T}
+_
+T{
 \fBnagios\fP
 T}	T{
 Run nagios plugins/checks from salt and get the return as data.
@@ -44161,7 +48821,6 @@
 T{
 \fBps\fP
 T}	T{
-A salt interface to psutil, a system and process library.
 T}
 _
 T{
@@ -44227,6 +48886,7 @@
 T{
 \fBrandom_org\fP
 T}	T{
+Module for retrieving random information from Random.org
 T}
 _
 T{
@@ -44394,6 +49054,7 @@
 T{
 \fBslack_notify\fP
 T}	T{
+Module for sending messages to Slack
 T}
 _
 T{
@@ -44483,7 +49144,7 @@
 T{
 \fBstate\fP
 T}	T{
-Control the state system on the minion
+Control the state system on the minion.
 T}
 _
 T{
@@ -44547,6 +49208,12 @@
 T}
 _
 T{
+\fBsystem_profiler\fP
+T}	T{
+System Profiler Module
+T}
+_
+T{
 \fBsystemd\fP
 T}	T{
 Provide the service module for systemd
@@ -44747,7 +49414,7 @@
 T{
 \fBwin_useradd\fP
 T}	T{
-Manage Windows users with ADSI
+Manage Windows users with the net user command
 T}
 _
 T{
@@ -46036,7 +50703,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.aptpkg.upgrade(refresh=True, dist_upgrade=True)
+.B salt.modules.aptpkg.upgrade(refresh=True, dist_upgrade=False)
 Upgrades all packages via \fBapt\-get dist\-upgrade\fP
 .sp
 Returns a dict containing the changes.
@@ -46053,7 +50720,7 @@
 .TP
 .B dist_upgrade
 Whether to perform the upgrade using dist\-upgrade vs upgrade.  Default
-is to use dist\-upgrade.
+is to use upgrade.
 .UNINDENT
 .sp
 New in version 2014.7.0.
@@ -48111,7 +52778,7 @@
 .sp
 Connection module for Amazon DynamoDB
 .sp
-New in version 2015.5.
+New in version 2015.5.0.
 
 .INDENT 0.0
 .TP
@@ -48163,13 +52830,15 @@
 as a passed in dict, or as a string to pull from pillars or minion config:
 .INDENT 7.0
 .INDENT 3.5
-.INDENT 0.0
-.TP
-.B myprofile:
-keyid: GKTADJGHEIQSXMKKRBJ08H
-key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
-region: us\-east\-1
-.UNINDENT
+.sp
+.nf
+.ft C
+myprofile:
+    keyid: GKTADJGHEIQSXMKKRBJ08H
+    key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
+    region: us\-east\-1
+.ft P
+.fi
 .UNINDENT
 .UNINDENT
 .TP
@@ -51728,6 +56397,542 @@
 .UNINDENT
 .UNINDENT
 .UNINDENT
+.SS salt.modules.cassandra_cql
+.sp
+Cassandra Database Module
+.sp
+New in version 2015.5.0.
+
+.INDENT 0.0
+.TP
+.B depends
+DataStax Python Driver for Apache Cassandra
+\fI\%https://github.com/datastax/python\-driver\fP
+pip install cassandra\-driver
+.TP
+.B referenced by
+Salt\(aqs cassandra_cql returner
+.TP
+.B configuration
+The Cassandra cluster members and connection port can either be specified
+in the master or minion config, the minion\(aqs pillar or be passed to the module.
+.sp
+Example configuration in the config for a single node:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+cassandra:
+  cluster: 192.168.50.10
+  port: 9000
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Example configuration in the config for a cluster:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+cassandra:
+  cluster:
+    \- 192.168.50.10
+    \- 192.168.50.11
+    \- 192.168.50.12
+  port: 9000
+  username: cas_admin
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.cassandra_cql.cql_query(query, contact_points=None, port=None, cql_user=None, cql_pass=None)
+Run a query on a Cassandra cluster and return a dictionary.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBquery\fP (\fI\%str\fP) \-\- The query to execute.
+.IP \(bu 2
+\fBcontact_points\fP (\fIstr | list[str]\fP) \-\- The Cassandra cluster addresses, can either be a string or a list of IPs.
+.IP \(bu 2
+\fBcql_user\fP (\fI\%str\fP) \-\- The Cassandra user if authentication is turned on.
+.IP \(bu 2
+\fBcql_pass\fP (\fI\%str\fP) \-\- The Cassandra user password if authentication is turned on.
+.IP \(bu 2
+\fBport\fP (\fI\%int\fP) \-\- The Cassandra cluster port, defaults to None.
+.IP \(bu 2
+\fBparams\fP (\fI\%str\fP) \-\- The parameters for the query, optional.
+.UNINDENT
+.TP
+.B Returns
+A dictionary from the return values of the query
+.TP
+.B Return type
+list[dict]
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.cassandra_cql.create_keyspace(keyspace, replication_strategy=\(aqSimpleStrategy\(aq, replication_factor=1, replication_datacenters=None, contact_points=None, port=None, cql_user=None, cql_pass=None)
+Create a new keyspace in Cassandra.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBkeyspace\fP (\fI\%str\fP) \-\- The keyspace name
+.IP \(bu 2
+\fBreplication_strategy\fP (\fI\%str\fP) \-\- either \fISimpleStrategy\fP or \fINetworkTopologyStrategy\fP
+.IP \(bu 2
+\fBreplication_factor\fP (\fI\%int\fP) \-\- number of replicas of data on multiple nodes. not used if using NetworkTopologyStrategy
+.IP \(bu 2
+\fBreplication_datacenters\fP (\fIstr | dict[str, int]\fP) \-\- string or dict of datacenter names to replication factors, required if using
+NetworkTopologyStrategy (will be a dict if coming from state file).
+.IP \(bu 2
+\fBcontact_points\fP (\fIstr | list[str]\fP) \-\- The Cassandra cluster addresses, can either be a string or a list of IPs.
+.IP \(bu 2
+\fBcql_user\fP (\fI\%str\fP) \-\- The Cassandra user if authentication is turned on.
+.IP \(bu 2
+\fBcql_pass\fP (\fI\%str\fP) \-\- The Cassandra user password if authentication is turned on.
+.IP \(bu 2
+\fBport\fP (\fI\%int\fP) \-\- The Cassandra cluster port, defaults to None.
+.UNINDENT
+.TP
+.B Returns
+The info for the keyspace or False if it does not exist.
+.TP
+.B Return type
+\fI\%dict\fP
+.UNINDENT
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aqminion1\(aq cassandra_cql.create_keyspace keyspace=newkeyspace
+
+salt \(aqminion1\(aq cassandra_cql.create_keyspace keyspace=newkeyspace replication_strategy=NetworkTopologyStrategy         replication_datacenters=\(aq{"datacenter_1": 3, "datacenter_2": 2}\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.cassandra_cql.create_user(username, password, superuser=False, contact_points=None, port=None, cql_user=None, cql_pass=None)
+Create a new cassandra user with credentials and superuser status.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBusername\fP (\fI\%str\fP) \-\- The name of the new user.
+.IP \(bu 2
+\fBpassword\fP (\fI\%str\fP) \-\- The password of the new user.
+.IP \(bu 2
+\fBsuperuser\fP (\fI\%bool\fP) \-\- Is the new user going to be a superuser? default: False
+.IP \(bu 2
+\fBcontact_points\fP (\fIstr | list[str]\fP) \-\- The Cassandra cluster addresses, can either be a string or a list of IPs.
+.IP \(bu 2
+\fBcql_user\fP (\fI\%str\fP) \-\- The Cassandra user if authentication is turned on.
+.IP \(bu 2
+\fBcql_pass\fP (\fI\%str\fP) \-\- The Cassandra user password if authentication is turned on.
+.IP \(bu 2
+\fBport\fP (\fI\%int\fP) \-\- The Cassandra cluster port, defaults to None.
+.UNINDENT
+.TP
+.B Returns
+
+.TP
+.B Return type
+
+.UNINDENT
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aqminion1\(aq cassandra_cql.create_user username=joe password=secret
+
+salt \(aqminion1\(aq cassandra_cql.create_user username=joe password=secret superuser=True
+
+salt \(aqminion1\(aq cassandra_cql.create_user username=joe password=secret superuser=True contact_points=minion1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.cassandra_cql.drop_keyspace(keyspace, contact_points=None, port=None, cql_user=None, cql_pass=None)
+Drop a keyspace if it exists in a Cassandra cluster.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBkeyspace\fP (\fI\%str\fP) \-\- The keyspace to drop.
+.IP \(bu 2
+\fBcontact_points\fP (\fIstr | list[str]\fP) \-\- The Cassandra cluster addresses, can either be a string or a list of IPs.
+.IP \(bu 2
+\fBcql_user\fP (\fI\%str\fP) \-\- The Cassandra user if authentication is turned on.
+.IP \(bu 2
+\fBcql_pass\fP (\fI\%str\fP) \-\- The Cassandra user password if authentication is turned on.
+.IP \(bu 2
+\fBport\fP (\fI\%int\fP) \-\- The Cassandra cluster port, defaults to None.
+.UNINDENT
+.TP
+.B Returns
+The info for the keyspace or False if it does not exist.
+.TP
+.B Return type
+\fI\%dict\fP
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aqminion1\(aq cassandra_cql.drop_keyspace keyspace=test
+
+salt \(aqminion1\(aq cassandra_cql.drop_keyspace keyspace=test contact_points=minion1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.cassandra_cql.grant_permission(username, resource=None, resource_type=\(aqkeyspace\(aq, permission=None, contact_points=None, port=None, cql_user=None, cql_pass=None)
+Grant permissions to a user.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBusername\fP (\fI\%str\fP) \-\- The name of the user to grant permissions to.
+.IP \(bu 2
+\fBresource\fP (\fI\%str\fP) \-\- The resource (keyspace or table), if None, permissions for all resources are granted.
+.IP \(bu 2
+\fBresource_type\fP (\fI\%str\fP) \-\- The resource_type (keyspace or table), defaults to \(aqkeyspace\(aq.
+.IP \(bu 2
+\fBpermission\fP (\fI\%str\fP) \-\- A permission name (e.g. select), if None, all permissions are granted.
+.IP \(bu 2
+\fBcontact_points\fP (\fIstr | list[str]\fP) \-\- The Cassandra cluster addresses, can either be a string or a list of IPs.
+.IP \(bu 2
+\fBcql_user\fP (\fI\%str\fP) \-\- The Cassandra user if authentication is turned on.
+.IP \(bu 2
+\fBcql_pass\fP (\fI\%str\fP) \-\- The Cassandra user password if authentication is turned on.
+.IP \(bu 2
+\fBport\fP (\fI\%int\fP) \-\- The Cassandra cluster port, defaults to None.
+.UNINDENT
+.TP
+.B Returns
+
+.TP
+.B Return type
+
+.UNINDENT
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aqminion1\(aq cassandra_cql.grant_permission
+
+salt \(aqminion1\(aq cassandra_cql.grant_permission username=joe resource=test_keyspace permission=select
+
+salt \(aqminion1\(aq cassandra_cql.grant_permission username=joe resource=test_table resource_type=table         permission=select contact_points=minion1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.cassandra_cql.info(contact_points=None, port=None, cql_user=None, cql_pass=None)
+Show the Cassandra information for this cluster.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBcontact_points\fP (\fIstr | list[str]\fP) \-\- The Cassandra cluster addresses, can either be a string or a list of IPs.
+.IP \(bu 2
+\fBcql_user\fP (\fI\%str\fP) \-\- The Cassandra user if authentication is turned on.
+.IP \(bu 2
+\fBcql_pass\fP (\fI\%str\fP) \-\- The Cassandra user password if authentication is turned on.
+.IP \(bu 2
+\fBport\fP (\fI\%int\fP) \-\- The Cassandra cluster port, defaults to None.
+.UNINDENT
+.TP
+.B Returns
+The information for this Cassandra cluster.
+.TP
+.B Return type
+\fI\%dict\fP
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aqminion1\(aq cassandra_cql.info
+
+salt \(aqminion1\(aq cassandra_cql.info contact_points=minion1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.cassandra_cql.keyspace_exists(keyspace, contact_points=None, port=None, cql_user=None, cql_pass=None)
+Check if a keyspace exists in a Cassandra cluster.
+.sp
+:param keyspace        The keyspace name to check for.
+:type  keyspace:       str
+:param contact_points: The Cassandra cluster addresses, can either be a string or a list of IPs.
+:type  contact_points: str | list[str]
+:param cql_user:       The Cassandra user if authentication is turned on.
+:type  cql_user:       str
+:param cql_pass:       The Cassandra user password if authentication is turned on.
+:type  cql_pass:       str
+:param port:           The Cassandra cluster port, defaults to None.
+:type  port:           int
+:return:               The info for the keyspace or False if it does not exist.
+:rtype:                dict
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aqminion1\(aq cassandra_cql.keyspace_exists keyspace=system
+
+salt \(aqminion1\(aq cassandra_cql.list_keyspaces keyspace=system contact_points=minion1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.cassandra_cql.list_column_families(keyspace=None, contact_points=None, port=None, cql_user=None, cql_pass=None)
+List column families in a Cassandra cluster for all keyspaces or just the provided one.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBkeyspace\fP (\fI\%str\fP) \-\- The keyspace to provide the column families for, optional.
+.IP \(bu 2
+\fBcontact_points\fP (\fIstr | list[str]\fP) \-\- The Cassandra cluster addresses, can either be a string or a list of IPs.
+.IP \(bu 2
+\fBcql_user\fP (\fI\%str\fP) \-\- The Cassandra user if authentication is turned on.
+.IP \(bu 2
+\fBcql_pass\fP (\fI\%str\fP) \-\- The Cassandra user password if authentication is turned on.
+.IP \(bu 2
+\fBport\fP (\fI\%int\fP) \-\- The Cassandra cluster port, defaults to None.
+.UNINDENT
+.TP
+.B Returns
+The column families in this Cassandra cluster.
+.TP
+.B Return type
+list[dict]
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aqminion1\(aq cassandra_cql.list_column_families
+
+salt \(aqminion1\(aq cassandra_cql.list_column_families contact_points=minion1
+
+salt \(aqminion1\(aq cassandra_cql.list_column_families keyspace=system
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.cassandra_cql.list_keyspaces(contact_points=None, port=None, cql_user=None, cql_pass=None)
+List keyspaces in a Cassandra cluster.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBcontact_points\fP (\fIstr | list[str]\fP) \-\- The Cassandra cluster addresses, can either be a string or a list of IPs.
+.IP \(bu 2
+\fBcql_user\fP (\fI\%str\fP) \-\- The Cassandra user if authentication is turned on.
+.IP \(bu 2
+\fBcql_pass\fP (\fI\%str\fP) \-\- The Cassandra user password if authentication is turned on.
+.IP \(bu 2
+\fBport\fP (\fI\%int\fP) \-\- The Cassandra cluster port, defaults to None.
+.UNINDENT
+.TP
+.B Returns
+The keyspaces in this Cassandra cluster.
+.TP
+.B Return type
+list[dict]
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aqminion1\(aq cassandra_cql.list_keyspaces
+
+salt \(aqminion1\(aq cassandra_cql.list_keyspaces contact_points=minion1 port=9000
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.cassandra_cql.list_permissions(username=None, resource=None, resource_type=\(aqkeyspace\(aq, permission=None, contact_points=None, port=None, cql_user=None, cql_pass=None)
+List permissions.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBusername\fP (\fI\%str\fP) \-\- The name of the user to list permissions for.
+.IP \(bu 2
+\fBresource\fP (\fI\%str\fP) \-\- The resource (keyspace or table), if None, permissions for all resources are listed.
+.IP \(bu 2
+\fBresource_type\fP (\fI\%str\fP) \-\- The resource_type (keyspace or table), defaults to \(aqkeyspace\(aq.
+.IP \(bu 2
+\fBpermission\fP (\fI\%str\fP) \-\- A permission name (e.g. select), if None, all permissions are listed.
+.IP \(bu 2
+\fBcontact_points\fP (\fIstr | list[str]\fP) \-\- The Cassandra cluster addresses, can either be a string or a list of IPs.
+.IP \(bu 2
+\fBcql_user\fP (\fI\%str\fP) \-\- The Cassandra user if authentication is turned on.
+.IP \(bu 2
+\fBcql_pass\fP (\fI\%str\fP) \-\- The Cassandra user password if authentication is turned on.
+.IP \(bu 2
+\fBport\fP (\fI\%int\fP) \-\- The Cassandra cluster port, defaults to None.
+.UNINDENT
+.TP
+.B Returns
+Dictionary of permissions.
+.TP
+.B Return type
+\fI\%dict\fP
+.UNINDENT
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aqminion1\(aq cassandra_cql.list_permissions
+
+salt \(aqminion1\(aq cassandra_cql.list_permissions username=joe resource=test_keyspace permission=select
+
+salt \(aqminion1\(aq cassandra_cql.list_permissions username=joe resource=test_table resource_type=table         permission=select contact_points=minion1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.cassandra_cql.list_users(contact_points=None, port=None, cql_user=None, cql_pass=None)
+List existing users in this Cassandra cluster.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBcontact_points\fP (\fIstr | list[str]\fP) \-\- The Cassandra cluster addresses, can either be a string or a list of IPs.
+.IP \(bu 2
+\fBport\fP (\fI\%int\fP) \-\- The Cassandra cluster port, defaults to None.
+.IP \(bu 2
+\fBcql_user\fP (\fI\%str\fP) \-\- The Cassandra user if authentication is turned on.
+.IP \(bu 2
+\fBcql_pass\fP (\fI\%str\fP) \-\- The Cassandra user password if authentication is turned on.
+.UNINDENT
+.TP
+.B Returns
+The list of existing users.
+.TP
+.B Return type
+\fI\%dict\fP
+.UNINDENT
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aqminion1\(aq cassandra_cql.list_users
+
+salt \(aqminion1\(aq cassandra_cql.list_users contact_points=minion1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.cassandra_cql.version(contact_points=None, port=None, cql_user=None, cql_pass=None)
+Show the Cassandra version.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBcontact_points\fP (\fIstr | list[str]\fP) \-\- The Cassandra cluster addresses, can either be a string or a list of IPs.
+.IP \(bu 2
+\fBcql_user\fP (\fI\%str\fP) \-\- The Cassandra user if authentication is turned on.
+.IP \(bu 2
+\fBcql_pass\fP (\fI\%str\fP) \-\- The Cassandra user password if authentication is turned on.
+.IP \(bu 2
+\fBport\fP (\fI\%int\fP) \-\- The Cassandra cluster port, defaults to None.
+.UNINDENT
+.TP
+.B Returns
+The version for this Cassandra cluster.
+.TP
+.B Return type
+\fI\%str\fP
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aqminion1\(aq cassandra_cql.version
+
+salt \(aqminion1\(aq cassandra_cql.version contact_points=minion1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
 .SS salt.modules.chef
 .sp
 Execute chef in server or solo mode
@@ -52658,7 +57863,7 @@
 .UNINDENT
 .SS salt.modules.cmdmod
 .sp
-A module for shelling out
+A module for shelling out.
 .sp
 Keep in mind that this module is insecure, in that it can give whomever has
 access to the master root execution access to all salt minions.
@@ -52720,7 +57925,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.cmdmod.retcode(cmd, cwd=None, stdin=None, runas=None, shell=\(aq/usr/bin/zsh\(aq, python_shell=None, env=None, clean_env=False, template=None, umask=None, output_loglevel=\(aqdebug\(aq, timeout=None, reset_system_locale=True, ignore_retcode=False, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
+.B salt.modules.cmdmod.retcode(cmd, cwd=None, stdin=None, runas=None, shell=\(aq/bin/bash\(aq, python_shell=None, env=None, clean_env=False, template=None, umask=None, output_loglevel=\(aqdebug\(aq, timeout=None, reset_system_locale=True, ignore_retcode=False, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
 Execute a shell command and return the command\(aqs return code.
 .sp
 Note that \fBenv\fP represents the environment variables for the command, and
@@ -52779,13 +57984,16 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.cmdmod.run(cmd, cwd=None, stdin=None, runas=None, shell=\(aq/usr/bin/zsh\(aq, python_shell=None, env=None, clean_env=False, template=None, rstrip=True, umask=None, output_loglevel=\(aqdebug\(aq, timeout=None, reset_system_locale=True, ignore_retcode=False, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
+.B salt.modules.cmdmod.run(cmd, cwd=None, stdin=None, runas=None, shell=\(aq/bin/bash\(aq, python_shell=None, env=None, clean_env=False, template=None, rstrip=True, umask=None, output_loglevel=\(aqdebug\(aq, timeout=None, reset_system_locale=True, ignore_retcode=False, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
 Execute the passed command and return the output as a string
 .sp
 Note that \fBenv\fP represents the environment variables for the command, and
 should be formatted as a dict, or a YAML string which resolves to a dict.
 .sp
-WARNING: This function does not process commands through a shell
+\fBWARNING:\fP
+.INDENT 7.0
+.INDENT 3.5
+This function does not process commands through a shell
 unless the python_shell flag is set to True. This means that any
 shell\-specific functionality such as \(aqecho\(aq or the use of pipes,
 redirection or &&, should either be migrated to cmd.shell or
@@ -52795,7 +58003,8 @@
 including potentially malicious commands such as \(aqgood_command;rm \-rf /\(aq.
 Be absolutely certain that you have sanitized your input prior to using
 python_shell=True
-\fB*********************************************************************\fP
+.UNINDENT
+.UNINDENT
 .sp
 CLI Example:
 .INDENT 7.0
@@ -52866,7 +58075,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.cmdmod.run_all(cmd, cwd=None, stdin=None, runas=None, shell=\(aq/usr/bin/zsh\(aq, python_shell=None, env=None, clean_env=False, template=None, rstrip=True, umask=None, output_loglevel=\(aqdebug\(aq, timeout=None, reset_system_locale=True, ignore_retcode=False, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
+.B salt.modules.cmdmod.run_all(cmd, cwd=None, stdin=None, runas=None, shell=\(aq/bin/bash\(aq, python_shell=None, env=None, clean_env=False, template=None, rstrip=True, umask=None, output_loglevel=\(aqdebug\(aq, timeout=None, reset_system_locale=True, ignore_retcode=False, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
 Execute the passed command and return a dict of return data
 .sp
 Note that \fBenv\fP represents the environment variables for the command, and
@@ -52914,7 +58123,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.cmdmod.run_chroot(root, cmd, cwd=None, stdin=None, runas=None, shell=\(aq/usr/bin/zsh\(aq, python_shell=True, env=None, clean_env=False, template=None, rstrip=True, umask=None, output_loglevel=\(aqquiet\(aq, quiet=False, timeout=None, reset_system_locale=True, ignore_retcode=False, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
+.B salt.modules.cmdmod.run_chroot(root, cmd, cwd=None, stdin=None, runas=None, shell=\(aq/bin/bash\(aq, python_shell=True, env=None, clean_env=False, template=None, rstrip=True, umask=None, output_loglevel=\(aqquiet\(aq, quiet=False, timeout=None, reset_system_locale=True, ignore_retcode=False, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
 New in version 2014.7.0.
 
 .sp
@@ -52952,7 +58161,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.cmdmod.run_stderr(cmd, cwd=None, stdin=None, runas=None, shell=\(aq/usr/bin/zsh\(aq, python_shell=None, env=None, clean_env=False, template=None, rstrip=True, umask=None, output_loglevel=\(aqdebug\(aq, timeout=None, reset_system_locale=True, ignore_retcode=False, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
+.B salt.modules.cmdmod.run_stderr(cmd, cwd=None, stdin=None, runas=None, shell=\(aq/bin/bash\(aq, python_shell=None, env=None, clean_env=False, template=None, rstrip=True, umask=None, output_loglevel=\(aqdebug\(aq, timeout=None, reset_system_locale=True, ignore_retcode=False, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
 Execute a command and only return the standard error
 .sp
 Note that \fBenv\fP represents the environment variables for the command, and
@@ -53000,7 +58209,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.cmdmod.run_stdout(cmd, cwd=None, stdin=None, runas=None, shell=\(aq/usr/bin/zsh\(aq, python_shell=None, env=None, clean_env=False, template=None, rstrip=True, umask=None, output_loglevel=\(aqdebug\(aq, timeout=None, reset_system_locale=True, ignore_retcode=False, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
+.B salt.modules.cmdmod.run_stdout(cmd, cwd=None, stdin=None, runas=None, shell=\(aq/bin/bash\(aq, python_shell=None, env=None, clean_env=False, template=None, rstrip=True, umask=None, output_loglevel=\(aqdebug\(aq, timeout=None, reset_system_locale=True, ignore_retcode=False, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
 Execute a command, and only return the standard out
 .sp
 Note that \fBenv\fP represents the environment variables for the command, and
@@ -53048,7 +58257,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.cmdmod.script(source, args=None, cwd=None, stdin=None, runas=None, shell=\(aq/usr/bin/zsh\(aq, python_shell=None, env=None, template=None, umask=None, output_loglevel=\(aqdebug\(aq, quiet=False, timeout=None, reset_system_locale=True, __env__=None, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
+.B salt.modules.cmdmod.script(source, args=None, cwd=None, stdin=None, runas=None, shell=\(aq/bin/bash\(aq, python_shell=None, env=None, template=None, umask=None, output_loglevel=\(aqdebug\(aq, quiet=False, timeout=None, reset_system_locale=True, __env__=None, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
 Download a script from a remote location and execute the script locally.
 The script can be located on the salt master file server or on an HTTP/FTP
 server.
@@ -53089,7 +58298,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.cmdmod.script_retcode(source, args=None, cwd=None, stdin=None, runas=None, shell=\(aq/usr/bin/zsh\(aq, python_shell=None, env=None, template=\(aqjinja\(aq, umask=None, timeout=None, reset_system_locale=True, __env__=None, saltenv=\(aqbase\(aq, output_loglevel=\(aqdebug\(aq, use_vt=False, **kwargs)
+.B salt.modules.cmdmod.script_retcode(source, args=None, cwd=None, stdin=None, runas=None, shell=\(aq/bin/bash\(aq, python_shell=None, env=None, template=\(aqjinja\(aq, umask=None, timeout=None, reset_system_locale=True, __env__=None, saltenv=\(aqbase\(aq, output_loglevel=\(aqdebug\(aq, use_vt=False, **kwargs)
 Download a script from a remote location and execute the script locally.
 The script can be located on the salt master file server or on an HTTP/FTP
 server.
@@ -53131,17 +58340,21 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.cmdmod.shell(cmd, cwd=None, stdin=None, runas=None, shell=\(aq/usr/bin/zsh\(aq, env=None, clean_env=False, template=None, rstrip=True, umask=None, output_loglevel=\(aqdebug\(aq, quiet=False, timeout=None, reset_system_locale=True, ignore_retcode=False, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
+.B salt.modules.cmdmod.shell(cmd, cwd=None, stdin=None, runas=None, shell=\(aq/bin/bash\(aq, env=None, clean_env=False, template=None, rstrip=True, umask=None, output_loglevel=\(aqdebug\(aq, quiet=False, timeout=None, reset_system_locale=True, ignore_retcode=False, saltenv=\(aqbase\(aq, use_vt=False, **kwargs)
 Execute the passed command and return the output as a string.
 .sp
 New in version 2015.5.0.
 
 .sp
-WARNING: This passes the cmd argument directly to the shell
+\fBWARNING:\fP
+.INDENT 7.0
+.INDENT 3.5
+This passes the cmd argument directly to the shell
 without any further processing! Be absolutely sure that you
 have properly santized the command passed to this function
 and do not use untrusted inputs.
-\fB********************************************************\fP
+.UNINDENT
+.UNINDENT
 .sp
 Note that \fBenv\fP represents the environment variables for the command, and
 should be formatted as a dict, or a YAML string which resolves to a dict.
@@ -55014,6 +60227,26 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.modules.data.pop(key, default=None)
+Pop (return & delete) a value from the minion datastore
+.sp
+New in version 2015.5.2.
+
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq data.pop <key> "there was no val"
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.modules.data.update(key, value)
 Update a key with a value in the minion datastore
 .sp
@@ -56879,7 +62112,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.dockerio.create_container(image, command=None, hostname=None, user=None, detach=True, stdin_open=False, tty=False, mem_limit=0, ports=None, environment=None, dns=None, volumes=None, volumes_from=None, name=None, cpu_shares=None, cpuset=None)
+.B salt.modules.dockerio.create_container(image, command=None, hostname=None, user=None, detach=True, stdin_open=False, tty=False, mem_limit=0, ports=None, environment=None, dns=None, volumes=None, volumes_from=None, name=None, cpu_shares=None, cpuset=None, binds=None)
 Create a new container
 .INDENT 7.0
 .TP
@@ -56905,17 +62138,43 @@
 port redirections \fB({\(aq222\(aq: {}})\fP
 .TP
 .B volumes
-list of volume mappings:
+list of volume mappings in either local volume, bound volume, or read\-only
+bound volume form:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+([\(aq/var/lib/mysql/\(aq, \(aq/usr/local/etc/ssl:/etc/ssl\(aq, \(aq/etc/passwd:/etc/passwd:ro\(aq])
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.TP
+.B binds
+complete dictionary of bound volume mappings:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-([\(aq/mountpoint/in/container:/guest/foo\(aq, \(aq/same/path/mounted/point\(aq])
+{ \(aq/usr/local/etc/ssl/certs/internal.crt\(aq: {
+    \(aqbind\(aq: \(aq/etc/ssl/certs/com.example.internal.crt\(aq,
+    \(aqro\(aq: True
+    },
+  \(aq/var/lib/mysql\(aq: {
+    \(aqbind\(aq: \(aq/var/lib/mysql/\(aq,
+    \(aqro\(aq: False
+    }
+}
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
+.sp
+This dictionary is suitable for feeding directly into the Docker API, and all
+keys are required.
+(see \fI\%http://docker\-py.readthedocs.org/en/latest/volumes/\fP)
 .TP
 .B tty
 attach ttys, Default is \fBFalse\fP
@@ -57238,14 +62497,8 @@
 .INDENT 0.0
 .TP
 .B salt.modules.dockerio.load(imagepath)
-.INDENT 7.0
-.INDENT 3.5
 Load the specified file at imagepath into docker that was generated from
-.UNINDENT
-.UNINDENT
-.INDENT 7.0
-.TP
-.B a docker save command
+a docker save command
 e.g. \fIdocker load < imagepath\fP
 .INDENT 7.0
 .TP
@@ -57265,7 +62518,6 @@
 .UNINDENT
 .UNINDENT
 .UNINDENT
-.UNINDENT
 .INDENT 0.0
 .TP
 .B salt.modules.dockerio.login(url=None, username=None, password=None, email=None)
@@ -57727,7 +62979,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.dockerio.script(container, source, args=None, cwd=None, stdin=None, runas=None, shell=\(aq/usr/bin/zsh\(aq, env=None, template=\(aqjinja\(aq, umask=None, timeout=None, reset_system_locale=True, no_clean=False, saltenv=\(aqbase\(aq)
+.B salt.modules.dockerio.script(container, source, args=None, cwd=None, stdin=None, runas=None, shell=\(aq/bin/bash\(aq, env=None, template=\(aqjinja\(aq, umask=None, timeout=None, reset_system_locale=True, no_clean=False, saltenv=\(aqbase\(aq)
 Wrapper for \fBcmdmod.script\fP inside a container context
 .INDENT 7.0
 .TP
@@ -57788,7 +63040,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.dockerio.script_retcode(container, source, cwd=None, stdin=None, runas=None, shell=\(aq/usr/bin/zsh\(aq, env=None, template=\(aqjinja\(aq, umask=None, timeout=None, reset_system_locale=True, no_clean=False, saltenv=\(aqbase\(aq)
+.B salt.modules.dockerio.script_retcode(container, source, cwd=None, stdin=None, runas=None, shell=\(aq/bin/bash\(aq, env=None, template=\(aqjinja\(aq, umask=None, timeout=None, reset_system_locale=True, no_clean=False, saltenv=\(aqbase\(aq)
 Wrapper for \fBcmdmod.script_retcode\fP inside a container context
 .INDENT 7.0
 .TP
@@ -60083,7 +65335,7 @@
 .B salt.modules.file.basename(path)
 Returns the final component of a pathname
 .sp
-New in version 2015.5.
+New in version 2015.5.0.
 
 .sp
 This can be useful at the CLI but is frequently useful when scripting.
@@ -60561,7 +65813,7 @@
 .B salt.modules.file.dirname(path)
 Returns the directory component of a pathname
 .sp
-New in version 2015.5.
+New in version 2015.5.0.
 
 .sp
 This can be useful at the CLI but is frequently useful when scripting.
@@ -61532,6 +66784,9 @@
 This file is then grabbed and if it has template set, it renders the file to be placed
 into the correct place on the system using salt.files.utils.copyfile()
 .TP
+.B ret
+The initial state return data structure. Pass in \fBNone\fP to use the default structure.
+.TP
 .B source
 file reference on the master
 .TP
@@ -61700,7 +66955,7 @@
 .B salt.modules.file.normpath(path)
 Returns Normalize path, eliminating double slashes, etc.
 .sp
-New in version 2015.5.
+New in version 2015.5.0.
 
 .sp
 This can be useful at the CLI but is frequently useful when scripting.
@@ -62728,8 +67983,28 @@
 Add a service for zone. If zone is omitted, default zone will be used.
 .sp
 CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.add_service ssh
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .sp
 To assign a service to a specific zone
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.add_service ssh my_zone
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -62754,9 +68029,29 @@
 Delete an existing service
 .sp
 CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.delete_service my_service
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .sp
 By default firewalld will be reloaded. However, to avoid reloading
 you need to specify the restart as False
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.delete_service my_service False
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -62764,9 +68059,29 @@
 Delete an existing zone
 .sp
 CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.delete_zone my_zone
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .sp
 By default firewalld will be reloaded. However, to avoid reloading
 you need to specify the restart as False
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.delete_zone my_zone False
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -62825,8 +68140,28 @@
 List everything added for or enabled in a zone
 .sp
 CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.list_all
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .sp
 List a specific zone
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.list_all my_zone
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -62835,35 +68170,75 @@
 If zone is omitted, default zone will be used.
 .sp
 CLI Example:
-.sp
-List a specific zone
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.firewalld.list_zones()
-List everything added for or enabled in all zones
-.sp
-CLI Example:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq firewalld.list_zones
+salt \(aq*\(aq firewalld.list_services
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
-.UNINDENT
+.sp
+List a specific zone
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.list_services my_zone
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.firewalld.list_zones()
+List everything added for or enabled in all zones
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.list_zones
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
 .INDENT 0.0
 .TP
 .B salt.modules.firewalld.new_service(name, restart=True)
 Add a new service
 .sp
 CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.new_service my_service
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .sp
 By default firewalld will be reloaded. However, to avoid reloading
 you need to specify the restart as False
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.new_service my_service False
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -62871,9 +68246,29 @@
 Add a new zone
 .sp
 CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.new_zone my_zone
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .sp
 By default firewalld will be reloaded. However, to avoid reloading
 you need to specify the restart as False
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.new_zone my_zone False
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -62882,8 +68277,28 @@
 If zone is omitted, default zone will be used.
 .sp
 CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.remove_service ssh
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .sp
 To remove a service from a specific zone
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.remove_service ssh dmz
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -62891,6 +68306,16 @@
 Set default zone
 .sp
 CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq firewalld.set_default_zone damian
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -64143,9 +69568,6 @@
 .UNINDENT
 .UNINDENT
 .UNINDENT
-.SS salt.modules.fsutils
-.sp
-Run\-time utilities
 .SS salt.modules.gem
 .sp
 Manage ruby gems.
@@ -65153,10 +70575,16 @@
 .B https_user
 None
 HTTP Basic Auth username for HTTPS (only) clones
+.sp
+New in version 20515.5.0.
+
 .TP
 .B https_pass
 None
 HTTP Basic Auth password for HTTPS (only) clones
+.sp
+New in version 2015.5.0.
+
 .UNINDENT
 .sp
 CLI Example:
@@ -65427,10 +70855,16 @@
 .B https_user
 None
 HTTP Basic Auth username for HTTPS (only) clones
+.sp
+New in version 2015.5.0.
+
 .TP
 .B https_pass
 None
 HTTP Basic Auth password for HTTPS (only) clones
+.sp
+New in version 2015.5.0.
+
 .UNINDENT
 .sp
 CLI Example:
@@ -65652,10 +71086,16 @@
 .B https_user
 None
 HTTP Basic Auth username for HTTPS (only) clones
+.sp
+New in version 2015.5.0.
+
 .TP
 .B https_pass
 None
 HTTP Basic Auth password for HTTPS (only) clones
+.sp
+New in version 2015.5.0.
+
 .UNINDENT
 .sp
 CLI Example:
@@ -66793,14 +72233,12 @@
 .UNINDENT
 .UNINDENT
 .UNINDENT
-.sp
-\&... \-\-\-\-\-END PGP PUBLIC KEY BLOCK\-\-\-\-\-\(aq
 .INDENT 7.0
-.INDENT 3.5
+.TP
+.B \&... \-\-\-\-\-END PGP PUBLIC KEY BLOCK\-\-\-\-\-\(aq
 salt \(aq*\(aq gpg.import_key filename=\(aq/path/to/public\-key\-file\(aq
 .UNINDENT
 .UNINDENT
-.UNINDENT
 .INDENT 0.0
 .TP
 .B salt.modules.gpg.list_keys(user=None)
@@ -67037,7 +72475,7 @@
 Return/control aspects of the grains data
 .INDENT 0.0
 .TP
-.B salt.modules.grains.append(key, val, convert=False)
+.B salt.modules.grains.append(key, val, convert=False, delimiter=\(aq:\(aq)
 New in version 0.17.0.
 
 .sp
@@ -67055,9 +72493,18 @@
 .INDENT 7.0
 .TP
 .B Parameters
+.INDENT 7.0
+.IP \(bu 2
 \fBconvert\fP \-\- If convert is True, convert non\-list contents into a list.
 If convert is False and the grain contains non\-list contents, an error
 is given. Defaults to False.
+.IP \(bu 2
+\fBdelimiter\fP \-\- The key can be a nested dict key. Use this parameter to
+specify the delimiter you use.
+You can now append values to a list in nested dictionnary grains. If the
+list doesn\(aqt exist at this level, it will be created.
+.. versionadded:: 2014.7.6
+.UNINDENT
 .UNINDENT
 .sp
 CLI Example:
@@ -67310,6 +72757,16 @@
 .fi
 .UNINDENT
 .UNINDENT
+.sp
+\fBWARNING:\fP
+.INDENT 7.0
+.INDENT 3.5
+This function could return strings which may contain characters which are reserved
+as directives by the YAML parser, such as strings beginning with \fI%\fP\&. To avoid
+issues when using the output of this function in an SLS file containing YAML+Jinja,
+surround the call with single quotes.
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -68328,6 +73785,160 @@
 .UNINDENT
 .UNINDENT
 .UNINDENT
+.SS salt.modules.hipchat
+.sp
+Module for sending messages to hipchat.
+.sp
+New in version 2015.5.0.
+
+.INDENT 0.0
+.TP
+.B configuration
+This module can be used by either passing an api key and version
+directly or by specifying both in a configuration profile in the salt
+master/minion config.
+.sp
+For example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+hipchat:
+  api_key: peWcBiMOS9HrZG15peWcBiMOS9HrZG15
+  api_version: v1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.hipchat.find_room(name, api_key=None, api_version=None)
+Find a room by name and return it.
+:param name:    The room name.
+:param api_key: The HipChat admin api key.
+:param api_version: The HipChat api version, if not specified in the configuration.
+:return:        The room object.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq hipchat.find_room name="Development Room"
+
+salt \(aq*\(aq hipchat.find_room name="Development Room" api_key=peWcBiMOS9HrZG15peWcBiMOS9HrZG15 api_version=v1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.hipchat.find_user(name, api_key=None, api_version=None)
+Find a user by name and return it.
+:param name:        The user name.
+:param api_key:     The HipChat admin api key.
+:param api_version: The HipChat api version, if not specified in the configuration.
+:return:            The user object.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq hipchat.find_user name="Thomas Hatch"
+
+salt \(aq*\(aq hipchat.find_user name="Thomas Hatch" api_key=peWcBiMOS9HrZG15peWcBiMOS9HrZG15 api_version=v1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.hipchat.list_rooms(api_key=None, api_version=None)
+List all HipChat rooms.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBapi_key\fP \-\- The HipChat admin api key.
+.IP \(bu 2
+\fBapi_version\fP \-\- The HipChat api version, if not specified in the configuration.
+.UNINDENT
+.TP
+.B Returns
+The room list.
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq hipchat.list_rooms
+
+salt \(aq*\(aq hipchat.list_rooms api_key=peWcBiMOS9HrZG15peWcBiMOS9HrZG15 api_version=v1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.hipchat.list_users(api_key=None, api_version=None)
+List all HipChat users.
+:param api_key: The HipChat admin api key.
+:param api_version: The HipChat api version, if not specified in the configuration.
+:return: The user list.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq hipchat.list_users
+
+salt \(aq*\(aq hipchat.list_users api_key=peWcBiMOS9HrZG15peWcBiMOS9HrZG15 api_version=v1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.hipchat.send_message(room_id, message, from_name, api_key=None, api_version=None, color=\(aqyellow\(aq, notify=False)
+Send a message to a HipChat room.
+:param room_id:     The room id or room name, either will work.
+:param message:     The message to send to the HipChat room.
+:param from_name:   Specify who the message is from.
+:param api_key:     The HipChat api key, if not specified in the configuration.
+:param api_version: The HipChat api version, if not specified in the configuration.
+:param color:       The color for the message, default: yellow.
+:param notify:      Whether to notify the room, default: False.
+:return:            Boolean if message was sent successfully.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq hipchat.send_message room_id="Development Room" message="Build is done" from_name="Build Server"
+
+salt \(aq*\(aq hipchat.send_message room_id="Development Room" message="Build failed" from_name="Build Server" color="red" notify=True
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
 .SS salt.modules.hosts
 .sp
 Manage the information in the hosts file
@@ -68549,13 +74160,16 @@
 Module for making various web calls. Primarily designed for webhooks and the
 like, but also useful for basic http testing.
 .sp
-New in version 2015.5.
+New in version 2015.5.0.
 
 .INDENT 0.0
 .TP
 .B salt.modules.http.query(url, **kwargs)
 Query a resource, and decode the return data
 .sp
+New in version 2015.5.0.
+
+.sp
 CLI Example:
 .INDENT 7.0
 .INDENT 3.5
@@ -68575,6 +74189,9 @@
 .B salt.modules.http.update_ca_bundle(target=None, source=None, merge_files=None)
 Update the local CA bundle file from a URL
 .sp
+New in version 2015.5.0.
+
+.sp
 CLI Example:
 .INDENT 7.0
 .INDENT 3.5
@@ -68679,6 +74296,16 @@
 Configure SNMP
 .sp
 CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq ilo.configure_snmp [COMMUNITY STRING] [SNMP PORT] [SNMP TRAP PORT]
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -68911,6 +74538,16 @@
 Configure the port HTTP should listen on
 .sp
 CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq ilo.set_http_port 8080
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -69868,60 +75505,54 @@
 .UNINDENT
 .UNINDENT
 .UNINDENT
-.SS salt.modules.ipset
+.SS salt.modules.ipmi
 .sp
-Support for ipset
+Support IPMI commands over LAN. This module does not talk to the local
+systems hardware through IPMI drivers. It uses a python module \fIpyghmi\fP\&.
 .INDENT 0.0
 .TP
-.B salt.modules.ipset.add(set=None, entry=None, family=\(aqipv4\(aq, **kwargs)
-Append an entry to the specified set.
-.sp
-CLI Example:
+.B depends
+Python module pyghmi.
+You can install pyghmi using pip:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq ipset.add setname 192.168.1.26
-
-salt \(aq*\(aq ipset.add setname 192.168.0.3,AA:BB:CC:DD:EE:FF
+pip install pyghmi
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
-.UNINDENT
-.INDENT 0.0
 .TP
-.B salt.modules.ipset.check(set=None, entry=None, family=\(aqipv4\(aq)
-Check that an entry exists in the specified set.
-.sp
-CLI Example:
+.B configuration
+The following configuration defaults can be
+define (pillar or config files):
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq ipset.check setname \(aq192.168.0.1 comment "Hello"\(aq
+ipmi.config:
+    api_host: 127.0.0.1
+    api_user: admin
+    api_pass: apassword
+    api_port: 623
+    api_kg: None
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ipset.check_set(set=None, family=\(aqipv4\(aq)
-New in version 2014.7.0.
-
-.sp
-Check that given ipset set exists.
 .sp
-CLI Example:
+Usage can override the config defaults:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq ipset.check_set setname
+salt\-call ipmi.get_user api_host=myipmienabled.system
+                        api_user=admin api_pass=pass
+                        uid=1
 .ft P
 .fi
 .UNINDENT
@@ -69929,64 +75560,45 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.ipset.delete(set=None, entry=None, family=\(aqipv4\(aq, **kwargs)
-Delete an entry from the specified set.
-.sp
-CLI Example:
+.B salt.modules.ipmi.create_user(uid, name, password, channel=14, callback=False, link_auth=True, ipmi_msg=True, privilege_level=\(aqadministrator\(aq, **kwargs)
+create/ensure a user is created with provided settings.
 .INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ipset.delete setname 192.168.0.3,AA:BB:CC:DD:EE:FF
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
 .TP
-.B salt.modules.ipset.delete_set(set=None, family=\(aqipv4\(aq)
-New in version 2014.7.0.
-
-.sp
-Delete ipset set.
-.sp
-CLI Example:
+.B Parameters
 .INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ipset.delete_set custom_set
-
-IPv6:
-salt \(aq*\(aq ipset.delete_set custom_set family=ipv6
-.ft P
-.fi
+.IP \(bu 2
+\fBprivilege_level\fP \-\- User Privilege Limit. (Determines the maximum privilege level that
+the user is allowed to switch to on the specified channel.)
+* callback
+* user
+* operator
+* administrator
+* proprietary
+* no_access
+.IP \(bu 2
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
 .UNINDENT
+
 .UNINDENT
 .UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ipset.flush(set=None, family=\(aqipv4\(aq)
-Flush entries in the specified set,
-Flush all sets if set is not specified.
 .sp
-CLI Example:
+CLI Examples:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq ipset.flush
-
-salt \(aq*\(aq ipset.flush set
-
-IPv6:
-salt \(aq*\(aq ipset.flush
-
-salt \(aq*\(aq ipset.flush set
+salt\-call ipmi.create_user uid=2 name=steverweber api_host=172.168.0.7 api_pass=nevertell
 .ft P
 .fi
 .UNINDENT
@@ -69994,19 +75606,34 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.ipset.list_sets(family=\(aqipv4\(aq)
-New in version 2014.7.0.
+.B salt.modules.ipmi.fast_connect_test(**kwargs)
+Returns True if connection success.
+This uses an aggressive timeout value!
+.INDENT 7.0
+.TP
+.B Parameters
+\fBkwargs\fP \-\- .INDENT 7.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
 
+.UNINDENT
 .sp
-List all ipset sets.
-.sp
-CLI Example:
+CLI Examples:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq ipset.list_sets
+salt\-call ipmi.fast_connect_test api_host=172.168.0.9
 .ft P
 .fi
 .UNINDENT
@@ -70014,11 +75641,30 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.ipset.new_set(set=None, set_type=None, family=\(aqipv4\(aq, comment=False, **kwargs)
-New in version 2014.7.0.
-
+.B salt.modules.ipmi.get_bootdev(**kwargs)
+Get current boot device override information.
 .sp
-Create new custom set
+Provides the current requested boot device.  Be aware that not all IPMI
+devices support this.  Even in BMCs that claim to, occasionally the
+BIOS or UEFI fail to honor it. This is usually only applicable to the
+next reboot.
+.INDENT 7.0
+.TP
+.B Parameters
+\fBkwargs\fP \-\- .INDENT 7.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
+.UNINDENT
 .sp
 CLI Example:
 .INDENT 7.0
@@ -70026,12 +75672,7 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq ipset.new_set custom_set list:set
-
-salt \(aq*\(aq ipset.new_set custom_set list:set comment=True
-
-IPv6:
-salt \(aq*\(aq ipset.new_set custom_set list:set family=ipv6
+salt\-call ipmi.get_bootdev api_host=127.0.0.1 api_user=admin api_pass=pass
 .ft P
 .fi
 .UNINDENT
@@ -70039,113 +75680,129 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.ipset.rename_set(set=None, new_set=None, family=\(aqipv4\(aq)
-New in version 2014.7.0.
-
-.sp
-Delete ipset set.
-.sp
-CLI Example:
+.B salt.modules.ipmi.get_channel_access(channel=14, read_mode=\(aqnon_volatile\(aq, **kwargs)
+:param kwargs:api_host=\(aq127.0.0.1\(aq api_user=\(aqadmin\(aq api_pass=\(aqexample\(aq api_port=623
 .INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ipset.rename_set custom_set new_set=new_set_name
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBchannel\fP \-\- number [1:7]
+.IP \(bu 2
+\fBread_mode\fP \-\- .INDENT 2.0
+.IP \(bu 2
+non_volatile  = get non\-volatile Channel Access
+.IP \(bu 2
+volatile      = get present volatile (active) setting of Channel Access
+.UNINDENT
 
-IPv6:
-salt \(aq*\(aq ipset.rename_set custom_set new_set=new_set_name family=ipv6
-.ft P
-.fi
+.IP \(bu 2
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
 .UNINDENT
+
 .UNINDENT
 .UNINDENT
-.INDENT 0.0
+.INDENT 7.0
 .TP
-.B salt.modules.ipset.test(set=None, entry=None, family=\(aqipv4\(aq, **kwargs)
-Test if an entry is in the specified set.
-.sp
-CLI Example:
+.B return
+A Python dict with the following keys/values:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq ipset.test setname 192.168.0.2
-
-IPv6:
-salt \(aq*\(aq ipset.test setname fd81:fc56:9ac7::/48
+{
+    alerting:
+    per_msg_auth:
+    user_level_auth:
+    access_mode:{ (ONE OF)
+        0: \(aqdisabled\(aq,
+        1: \(aqpre_boot\(aq,
+        2: \(aqalways\(aq,
+        3: \(aqshared\(aq
+    }
+    privilege_level: { (ONE OF)
+        1: \(aqcallback\(aq,
+        2: \(aquser\(aq,
+        3: \(aqoperator\(aq,
+        4: \(aqadministrator\(aq,
+        5: \(aqproprietary\(aq,
+    }
+}
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ipset.version()
-Return version from ipset \-\-version
 .sp
-CLI Example:
+CLI Examples:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq ipset.version
+salt\-call ipmi.get_channel_access channel=1
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .UNINDENT
-.SS salt.modules.iptables
-.sp
-Support for iptables
 .INDENT 0.0
 .TP
-.B salt.modules.iptables.append(table=\(aqfilter\(aq, chain=None, rule=None, family=\(aqipv4\(aq)
-Append a rule to the specified table/chain.
+.B salt.modules.ipmi.get_channel_info(channel=14, **kwargs)
+Get channel info
 .INDENT 7.0
 .TP
-.B This function accepts a rule in a standard iptables command format,
-starting with the chain. Trying to force users to adapt to a new
-method of creating rules would be irritating at best, and we
-already have a parser that can handle it.
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBchannel\fP \-\- number [1:7]
+.IP \(bu 2
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
 .UNINDENT
-.sp
-CLI Example:
+
+.UNINDENT
+.UNINDENT
+.INDENT 7.0
+.TP
+.B return
+channel session supports:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq iptables.append filter INPUT \e
-    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq
-
-IPv6:
-salt \(aq*\(aq iptables.append filter INPUT \e
-    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq \e
-    family=ipv6
+\- no_session: channel is session\-less
+\- single: channel is single\-session
+\- multi: channel is multi\-session
+\- auto: channel is session\-based (channel could alternate between
+    single\- and multi\-session operation, as can occur with a
+    serial/modem channel that supports connection mode auto\-detect)
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.iptables.build_rule(table=None, chain=None, command=None, position=\(aq\(aq, full=None, family=\(aqipv4\(aq, **kwargs)
-Build a well\-formatted iptables rule based on kwargs. Long options must be
-used (\fI\-\-jump\fP instead of \fI\-j\fP) because they will have the \fI\-\-\fP added to
-them. A \fItable\fP and \fIchain\fP are not required, unless \fIfull\fP is True.
-.sp
-If \fIfull\fP is \fITrue\fP, then \fItable\fP, \fIchain\fP and \fIcommand\fP are required.
-\fIcommand\fP may be specified as either a short option (\(aqI\(aq) or a long option
-(\fI\-\-insert\fP). This will return the iptables command, exactly as it would
-be used from the command line.
-.sp
-If a position is required (as with \fI\-I\fP or \fI\-D\fP), it may be specified as
-\fIposition\fP\&. This will only be useful if \fIfull\fP is True.
-.sp
-If \fIconnstate\fP is passed in, it will automatically be changed to \fIstate\fP\&.
 .sp
 CLI Examples:
 .INDENT 7.0
@@ -70153,32 +75810,7 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq iptables.build_rule match=state \e
-    connstate=RELATED,ESTABLISHED jump=ACCEPT
-
-salt \(aq*\(aq iptables.build_rule filter INPUT command=I position=3 \e
-    full=True match=state state=RELATED,ESTABLISHED jump=ACCEPT
-
-salt \(aq*\(aq iptables.build_rule filter INPUT command=A \e
-    full=True match=state state=RELATED,ESTABLISHED \e
-    source=\(aq127.0.0.1\(aq jump=ACCEPT
-
-\&.. Invert Rules
-salt \(aq*\(aq iptables.build_rule filter INPUT command=A \e
-    full=True match=state state=RELATED,ESTABLISHED \e
-    source=\(aq! 127.0.0.1\(aq jump=ACCEPT
-
-salt \(aq*\(aq iptables.build_rule filter INPUT command=A \e
-    full=True match=state state=RELATED,ESTABLISHED \e
-    destination=\(aqnot 127.0.0.1\(aq jump=ACCEPT
-
-IPv6:
-salt \(aq*\(aq iptables.build_rule match=state \e
-    connstate=RELATED,ESTABLISHED jump=ACCEPT \e
-    family=ipv6
-salt \(aq*\(aq iptables.build_rule filter INPUT command=I position=3 \e
-    full=True match=state state=RELATED,ESTABLISHED jump=ACCEPT \e
-    family=ipv6
+salt\-call ipmi.get_channel_info
 .ft P
 .fi
 .UNINDENT
@@ -70186,29 +75818,41 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.iptables.check(table=\(aqfilter\(aq, chain=None, rule=None, family=\(aqipv4\(aq)
-Check for the existence of a rule in the table and chain
+.B salt.modules.ipmi.get_channel_max_user_count(channel=14, **kwargs)
+Get max users in channel
 .INDENT 7.0
 .TP
-.B This function accepts a rule in a standard iptables command format,
-starting with the chain. Trying to force users to adapt to a new
-method of creating rules would be irritating at best, and we
-already have a parser that can handle it.
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBchannel\fP \-\- number [1:7]
+.IP \(bu 2
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
+.UNINDENT
+.TP
+.B Returns
+int \-\- often 16
 .UNINDENT
 .sp
-CLI Example:
+CLI Examples:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq iptables.check filter INPUT \e
-    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq
-
-IPv6:
-salt \(aq*\(aq iptables.check filter INPUT \e
-    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq \e
-    family=ipv6
+salt\-call ipmi.get_channel_max_user_count
 .ft P
 .fi
 .UNINDENT
@@ -70216,11 +75860,31 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.iptables.check_chain(table=\(aqfilter\(aq, chain=None, family=\(aqipv4\(aq)
-New in version 2014.1.0.
-
+.B salt.modules.ipmi.get_health(**kwargs)
+Get Summarize health
 .sp
-Check for the existence of a chain in the table
+This provides a summary of the health of the managed system.
+It additionally provides an iterable list of reasons for
+warning, critical, or failed assessments.
+.sp
+good health: {\(aqbadreadings\(aq: [], \(aqhealth\(aq: 0}
+.INDENT 7.0
+.TP
+.B Parameters
+\fBkwargs\fP \-\- .INDENT 7.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
+.UNINDENT
 .sp
 CLI Example:
 .INDENT 7.0
@@ -70228,10 +75892,7 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq iptables.check_chain filter INPUT
-
-IPv6:
-salt \(aq*\(aq iptables.check_chain filter INPUT family=ipv6
+salt\-call ipmi.get_health api_host=127.0.0.1 api_user=admin api_pass=pass
 .ft P
 .fi
 .UNINDENT
@@ -70239,33 +75900,36 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.iptables.delete(table, chain=None, position=None, rule=None, family=\(aqipv4\(aq)
+.B salt.modules.ipmi.get_power(**kwargs)
+Get current power state
+.sp
+The response, if successful, should contain \(aqpowerstate\(aq key and
+either \(aqon\(aq or \(aqoff\(aq to indicate current state.
 .INDENT 7.0
 .TP
-.B Delete a rule from the specified table/chain, specifying either the rule
-in its entirety, or the rule\(aqs position in the chain.
-.TP
-.B This function accepts a rule in a standard iptables command format,
-starting with the chain. Trying to force users to adapt to a new
-method of creating rules would be irritating at best, and we
-already have a parser that can handle it.
+.B Parameters
+\fBkwargs\fP \-\- .INDENT 7.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
 .UNINDENT
 .sp
-CLI Examples:
+CLI Example:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq iptables.delete filter INPUT position=3
-salt \(aq*\(aq iptables.delete filter INPUT \e
-    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq
-
-IPv6:
-salt \(aq*\(aq iptables.delete filter INPUT position=3 family=ipv6
-salt \(aq*\(aq iptables.delete filter INPUT \e
-    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq \e
-    family=ipv6
+salt\-call ipmi.get_power api_host=127.0.0.1 api_user=admin api_pass=pass
 .ft P
 .fi
 .UNINDENT
@@ -70273,11 +75937,27 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.iptables.delete_chain(table=\(aqfilter\(aq, chain=None, family=\(aqipv4\(aq)
-New in version 2014.1.0.
-
+.B salt.modules.ipmi.get_sensor_data(**kwargs)
+Get sensor readings
 .sp
-Delete custom chain to the specified table.
+Iterates sensor reading objects
+.INDENT 7.0
+.TP
+.B Parameters
+\fBkwargs\fP \-\- .INDENT 7.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
+.UNINDENT
 .sp
 CLI Example:
 .INDENT 7.0
@@ -70285,10 +75965,7 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq iptables.delete_chain filter CUSTOM_CHAIN
-
-IPv6:
-salt \(aq*\(aq iptables.delete_chain filter CUSTOM_CHAIN family=ipv6
+salt\-call ipmi.get_sensor_data api_host=127.0.0.1 api_user=admin api_pass=pass
 .ft P
 .fi
 .UNINDENT
@@ -70296,40 +75973,64 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.iptables.flush(table=\(aqfilter\(aq, chain=\(aq\(aq, family=\(aqipv4\(aq)
-Flush the chain in the specified table, flush all chains in the specified
-table if not specified chain.
+.B salt.modules.ipmi.get_user(uid, channel=14, **kwargs)
+Get user from uid and access on channel
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBuid\fP \-\- user number [1:16]
+.IP \(bu 2
+\fBchannel\fP \-\- number [1:7]
+.IP \(bu 2
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
+.UNINDENT
+.UNINDENT
 .sp
-CLI Example:
+return
 .INDENT 7.0
 .INDENT 3.5
+.INDENT 0.0
+.INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq iptables.flush filter INPUT
-
-IPv6:
-salt \(aq*\(aq iptables.flush filter INPUT family=ipv6
+name: (str)
+uid: (int)
+channel: (int)
+access:
+    \- callback (bool)
+    \- link_auth (bool)
+    \- ipmi_msg (bool)
+    \- privilege_level: (str)[callback, user, operatorm administrator,
+                            proprietary, no_access]
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.iptables.get_policy(table=\(aqfilter\(aq, chain=None, family=\(aqipv4\(aq)
-Return the current policy for the specified table/chain
+.UNINDENT
 .sp
-CLI Example:
+CLI Examples:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq iptables.get_policy filter INPUT
-
-IPv6:
-salt \(aq*\(aq iptables.get_policy filter INPUT family=ipv6
+salt\-call ipmi.get_user uid=2
 .ft P
 .fi
 .UNINDENT
@@ -70337,28 +76038,57 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.iptables.get_rules(family=\(aqipv4\(aq)
-Return a data structure of the current, in\-memory rules
+.B salt.modules.ipmi.get_user_access(uid, channel=14, **kwargs)
+Get user access
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBuid\fP \-\- user number [1:16]
+.IP \(bu 2
+\fBchannel\fP \-\- number [1:7]
+.IP \(bu 2
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
+.UNINDENT
+.UNINDENT
 .sp
-CLI Example:
+return
 .INDENT 7.0
 .INDENT 3.5
+.INDENT 0.0
+.INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq iptables.get_rules
-
-IPv6:
-salt \(aq*\(aq iptables.get_rules family=ipv6
+channel_info:
+    \- max_user_count = maximum number of user IDs on this channel
+    \- enabled_users = count of User ID slots presently in use
+    \- users_with_fixed_names = count of user IDs with fixed names
+access:
+    \- callback
+    \- link_auth
+    \- ipmi_msg
+    \- privilege_level: [reserved, callback, user, operator
+                       administrator, proprietary, no_access]
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.iptables.get_saved_policy(table=\(aqfilter\(aq, chain=None, conf_file=None, family=\(aqipv4\(aq)
-Return the current policy for the specified table/chain
+.UNINDENT
 .sp
 CLI Examples:
 .INDENT 7.0
@@ -70366,14 +76096,7 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq iptables.get_saved_policy filter INPUT
-salt \(aq*\(aq iptables.get_saved_policy filter INPUT \e
-    conf_file=/etc/iptables.saved
-
-IPv6:
-salt \(aq*\(aq iptables.get_saved_policy filter INPUT family=ipv6
-salt \(aq*\(aq iptables.get_saved_policy filter INPUT \e
-    conf_file=/etc/iptables.saved family=ipv6
+salt\-call ipmi.get_user_access uid=2
 .ft P
 .fi
 .UNINDENT
@@ -70381,19 +76104,40 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.iptables.get_saved_rules(conf_file=None, family=\(aqipv4\(aq)
-Return a data structure of the rules in the conf file
+.B salt.modules.ipmi.get_user_name(uid, return_none_on_error=True, **kwargs)
+Get user name
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBuid\fP \-\- user number [1:16]
+.IP \(bu 2
+\fBreturn_none_on_error\fP \-\- return None on error
+.IP \(bu 2
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
+.UNINDENT
+.UNINDENT
 .sp
-CLI Example:
+CLI Examples:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq iptables.get_saved_rules
-
-IPv6:
-salt \(aq*\(aq iptables.get_saved_rules family=ipv6
+salt\-call ipmi.get_user_name uid=2
 .ft P
 .fi
 .UNINDENT
@@ -70401,19 +76145,54 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.iptables.insert(table=\(aqfilter\(aq, chain=None, position=None, rule=None, family=\(aqipv4\(aq)
-Insert a rule into the specified table/chain, at the specified position.
+.B salt.modules.ipmi.get_users(channel=14, **kwargs)
+get list of users and access information
 .INDENT 7.0
 .TP
-.B This function accepts a rule in a standard iptables command format,
-starting with the chain. Trying to force users to adapt to a new
-method of creating rules would be irritating at best, and we
-already have a parser that can handle it.
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBchannel\fP \-\- number [1:7]
+.IP \(bu 2
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
+.UNINDENT
 .TP
-.B If the position specified is a negative number, then the insert will be
-performed counting from the end of the list. For instance, a position
-of \-1 will insert the rule as the second to last rule. To insert a rule
-in the last position, use the append function instead.
+.B Returns
+name: (str)
+uid: (int)
+channel: (int)
+access:
+.INDENT 7.0
+.INDENT 3.5
+.INDENT 0.0
+.IP \(bu 2
+callback (bool)
+.IP \(bu 2
+link_auth (bool)
+.IP \(bu 2
+ipmi_msg (bool)
+.IP \(bu 2
+.INDENT 2.0
+.TP
+.B privilege_level: (str)[callback, user, operatorm administrator,
+proprietary, no_access]
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.UNINDENT
+
 .UNINDENT
 .sp
 CLI Examples:
@@ -70422,13 +76201,7 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq iptables.insert filter INPUT position=3 \e
-    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq
-
-IPv6:
-salt \(aq*\(aq iptables.insert filter INPUT position=3 \e
-    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq \e
-    family=ipv6
+salt\-call ipmi.get_users api_host=172.168.0.7
 .ft P
 .fi
 .UNINDENT
@@ -70436,22 +76209,52 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.iptables.new_chain(table=\(aqfilter\(aq, chain=None, family=\(aqipv4\(aq)
-New in version 2014.1.0.
-
+.B salt.modules.ipmi.raw_command(netfn, command, bridge_request=None, data=(), retry=True, delay_xmit=None, **kwargs)
+Send raw ipmi command
 .sp
-Create new custom chain to the specified table.
+This allows arbitrary IPMI bytes to be issued.  This is commonly used
+for certain vendor specific commands.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBnetfn\fP \-\- Net function number
+.IP \(bu 2
+\fBcommand\fP \-\- Command value
+.IP \(bu 2
+\fBbridge_request\fP \-\- The target slave address and channel number for
+the bridge request.
+.IP \(bu 2
+\fBdata\fP \-\- Command data as a tuple or list
+.IP \(bu 2
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
+.UNINDENT
+.TP
+.B Returns
+dict \-\- The response from IPMI device
+.UNINDENT
 .sp
-CLI Example:
+CLI Examples:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq iptables.new_chain filter CUSTOM_CHAIN
-
-IPv6:
-salt \(aq*\(aq iptables.new_chain filter CUSTOM_CHAIN family=ipv6
+salt\-call ipmi.raw_command netfn=0x06 command=0x46 data=[0x02]
+# this will return the name of the user with id 2 in bytes
 .ft P
 .fi
 .UNINDENT
@@ -70459,39 +76262,88 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.iptables.save(filename=None, family=\(aqipv4\(aq)
-Save the current in\-memory rules to disk
-.sp
-CLI Example:
+.B salt.modules.ipmi.set_bootdev(bootdev=\(aqdefault\(aq, persist=False, uefiboot=False, **kwargs)
+Set boot device to use on next reboot
 .INDENT 7.0
-.INDENT 3.5
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBbootdev\fP \-\- 
 .sp
+
 .nf
-.ft C
-salt \(aq*\(aq iptables.save /etc/sysconfig/iptables
+*
+.fi
+network \-\- Request network boot
 
-IPv6:
-salt \(aq*\(aq iptables.save /etc/sysconfig/iptables family=ipv6
-.ft P
+.nf
+*
+.fi
+hd \-\- Boot from hard drive
+
+.nf
+*
+.fi
+safe \-\- Boot from hard drive, requesting \(aqsafe mode\(aq
+
+.nf
+*
+.fi
+optical \-\- boot from CD/DVD/BD drive
+
+.nf
+*
+.fi
+setup \-\- Boot into setup utility
+
+.nf
+*
 .fi
+default \-\- remove any IPMI directed boot device
+.INDENT 2.0
+.INDENT 3.5
+request
 .UNINDENT
 .UNINDENT
+
+.IP \(bu 2
+\fBpersist\fP \-\- If true, ask that system firmware use this device
+beyond next boot.  Be aware many systems do not honor
+this
+.IP \(bu 2
+\fBuefiboot\fP \-\- If true, request UEFI boot explicitly.  Strictly
+speaking, the spec sugests that if not set, the system
+should BIOS boot and offers no "don\(aqt care" option.
+In practice, this flag not being set does not preclude
+UEFI boot on any system I\(aqve encountered.
+.IP \(bu 2
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
 .UNINDENT
-.INDENT 0.0
 .TP
-.B salt.modules.iptables.set_policy(table=\(aqfilter\(aq, chain=None, policy=None, family=\(aqipv4\(aq)
-Set the current policy for the specified table/chain
+.B Returns
+dict or True \-\- If callback is not provided, the response
+.UNINDENT
 .sp
-CLI Example:
+CLI Examples:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq iptables.set_policy filter INPUT ACCEPT
-
-IPv6:
-salt \(aq*\(aq iptables.set_policy filter INPUT ACCEPT family=ipv6
+salt\-call ipmi.set_bootdev bootdev=network persist=True
 .ft P
 .fi
 .UNINDENT
@@ -70499,99 +76351,180 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.iptables.version(family=\(aqipv4\(aq)
-Return version from iptables \-\-version
-.sp
-CLI Example:
+.B salt.modules.ipmi.set_channel_access(channel=14, access_update_mode=\(aqnon_volatile\(aq, alerting=False, per_msg_auth=False, user_level_auth=False, access_mode=\(aqalways\(aq, privilege_update_mode=\(aqnon_volatile\(aq, privilege_level=\(aqadministrator\(aq, **kwargs)
+Set channel access
+.INDENT 7.0
+.TP
+.B Parameters
 .INDENT 7.0
+.IP \(bu 2
+\fBchannel\fP \-\- number [1:7]
+.IP \(bu 2
+\fBaccess_update_mode\fP \-\- one of
+\- \(aqdont_change\(aq  = don\(aqt set or change Channel Access
+\- \(aqnon_volatile\(aq = set non\-volatile Channel Access
+\- \(aqvolatile\(aq     = set volatile (active) setting of Channel Access
+.IP \(bu 2
+\fBalerting\fP \-\- 
+.sp
+PEF Alerting Enable/Disable
+\- True  = enable PEF Alerting
+\- False = disable PEF Alerting on this channel
+.INDENT 2.0
 .INDENT 3.5
+(Alert Immediate command can still be used to generate alerts)
+.UNINDENT
+.UNINDENT
+
+.IP \(bu 2
+\fBper_msg_auth\fP \-\- 
 .sp
-.nf
-.ft C
-salt \(aq*\(aq iptables.version
+Per\-message Authentication
+\- True  = enable
+\- False = disable Per\-message Authentication. [Authentication required to
+.INDENT 2.0
+.INDENT 3.5
+activate any session on this channel, but authentication not
+used on subsequent packets for the session.]
+.UNINDENT
+.UNINDENT
 
-IPv6:
-salt \(aq*\(aq iptables.version family=ipv6
-.ft P
-.fi
+.IP \(bu 2
+\fBuser_level_auth\fP \-\- 
+.sp
+User Level Authentication Enable/Disable.
+\- True  = enable User Level Authentication. All User Level commands are
+.INDENT 2.0
+.INDENT 3.5
+to be authenticated per the Authentication Type that was
+negotiated when the session was activated.
+.UNINDENT
 .UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+.INDENT 2.0
+.TP
+.B False = disable User Level Authentication. Allow User Level commands to
+be executed without being authenticated.
+If the option to disable User Level Command authentication is
+accepted, the BMC will accept packets with Authentication Type
+set to None if they contain user level commands.
+For outgoing packets, the BMC returns responses with the same
+Authentication Type that was used for the request.
 .UNINDENT
 .UNINDENT
-.SS salt.modules.jboss7
+
+.IP \(bu 2
+\fBaccess_mode\fP \-\- 
 .sp
-Module for managing JBoss AS 7 through the CLI interface.
-.INDENT 0.0
+Access Mode for IPMI messaging
+(PEF Alerting is enabled/disabled separately from IPMI messaging)
+* disabled = disabled for IPMI messaging
+* pre_boot = pre\-boot only channel only available when system is in a
+.INDENT 2.0
+.INDENT 3.5
+powered down state or in BIOS prior to start of boot.
+.UNINDENT
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+.INDENT 2.0
 .TP
-.B In order to run each function, jboss_config dictionary with the following properties must be passed:
-.INDENT 7.0
+.B always   = channel always available regardless of system mode.
+BIOS typically dedicates the serial connection to the BMC.
+.UNINDENT
 .IP \(bu 2
-cli_path: the path to jboss\-cli script, for example: \(aq/opt/jboss/jboss\-7.0/bin/jboss\-cli.sh\(aq
+.INDENT 2.0
+.TP
+.B shared   = same as always available, but BIOS typically leaves the
+serial port available for software use.
+.UNINDENT
+.UNINDENT
+
 .IP \(bu 2
-controller: the ip addres and port of controller, for example: 10.11.12.13:9999
+\fBprivilege_update_mode\fP \-\- Channel Privilege Level Limit.
+This value sets the maximum privilege level
+that can be accepted on the specified channel.
+* dont_change  = don\(aqt set or change channel Privilege Level Limit
+* non_volatile = non\-volatile Privilege Level Limit according
+* volatile     = volatile setting of Privilege Level Limit
 .IP \(bu 2
-cli_user: username to connect to jboss administration console if necessary
+\fBprivilege_level\fP \-\- Channel Privilege Level Limit
+* reserved      = unused
+* callback
+* user
+* operator
+* administrator
+* proprietary   = used by OEM
 .IP \(bu 2
-cli_password: password to connect to jboss administration console if necessary
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
 .UNINDENT
 .UNINDENT
 .sp
-Example:
-.INDENT 0.0
+CLI Examples:
+.INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-jboss_config:
-   cli_path: \(aq/opt/jboss/jboss\-7.0/bin/jboss\-cli.sh\(aq
-   controller: 10.11.12.13:9999
-   cli_user: \(aqjbossadm\(aq
-   cli_password: \(aqjbossadm\(aq
+salt\-call ipmi.set_channel_access privilege_level=\(aqadministrator\(aq
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
+.UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.jboss7.create_datasource(jboss_config, name, datasource_properties)
-Create datasource in running jboss instance
-.INDENT 7.0
-.TP
-.B jboss_config
-Configuration dictionary with properties specified above.
-.TP
-.B name
-Datasource name
-.TP
-.B datasource_properties
+.B salt.modules.ipmi.set_identify(on=True, duration=600, **kwargs)
+Request identify light
+.sp
+Request the identify light to turn off, on for a duration,
+or on indefinitely.  Other than error exceptions,
 .INDENT 7.0
 .TP
-.B A dictionary of datasource properties to be created:
+.B Parameters
 .INDENT 7.0
 .IP \(bu 2
-driver\-name: mysql
+\fBon\fP \-\- Set to True to force on or False to force off
 .IP \(bu 2
-connection\-url: \(aq\fI\%jdbc:mysql://localhost:3306/sampleDatabase\fP\(aq
+\fBduration\fP \-\- Set if wanting to request turn on for a duration
+in seconds, None = indefinitely.
 .IP \(bu 2
-jndi\-name: \(aqjava:jboss/datasources/sampleDS\(aq
+\fBkwargs\fP \-\- .INDENT 2.0
 .IP \(bu 2
-user\-name: sampleuser
+api_host=127.0.0.1
 .IP \(bu 2
-password: secret
+api_user=admin
 .IP \(bu 2
-min\-pool\-size: 3
+api_pass=example
 .IP \(bu 2
-use\-java\-context: True
+api_port=623
+.IP \(bu 2
+api_kg=None
 .UNINDENT
+
 .UNINDENT
 .UNINDENT
 .sp
-CLI Example:
+CLI Examples:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq jboss7.create_datasource \(aq{"cli_path": "integration.modules.sysmod.SysModuleTest.test_valid_docs", "controller": "10.11.12.13:9999", "cli_user": "jbossadm", "cli_password": "jbossadm"}\(aq \(aqmy_datasource\(aq \(aq{"driver\-name": "mysql", "connection\-url": "jdbc:mysql://localhost:3306/sampleDatabase", "jndi\-name": "java:jboss/datasources/sampleDS", "user\-name": "sampleuser", "password": "secret", "min\-pool\-size": 3, "use\-java\-context": True}\(aq
+salt\-call ipmi.set_identify
 .ft P
 .fi
 .UNINDENT
@@ -70599,27 +76532,58 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.jboss7.create_simple_binding(jboss_config, binding_name, value)
-Create a simple jndi binding in the running jboss instance
+.B salt.modules.ipmi.set_power(state=\(aqpower_on\(aq, wait=True, **kwargs)
+Request power state change
 .INDENT 7.0
 .TP
-.B jboss_config
-Configuration dictionary with properties specified above.
-.TP
-.B binding_name
-Binding name to be created
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBname\fP \-\- .INDENT 2.0
+.IP \(bu 2
+power_on \-\- system turn on
+.IP \(bu 2
+power_off \-\- system turn off (without waiting for OS)
+.IP \(bu 2
+shutdown \-\- request OS proper shutdown
+.IP \(bu 2
+reset \-\- reset (without waiting for OS)
+.IP \(bu 2
+boot \-\- If system is off, then \(aqon\(aq, else \(aqreset\(aq
+.UNINDENT
+
+.IP \(bu 2
+\fBensure\fP \-\- If (bool True), do not return until system actually completes
+requested state change for 300 seconds.
+If a non\-zero (int), adjust the wait time to the
+requested number of seconds
+.IP \(bu 2
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
+.UNINDENT
 .TP
-.B value
-Binding value
+.B Returns
+dict \-\- A dict describing the response retrieved
 .UNINDENT
 .sp
-CLI Example:
+CLI Examples:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq jboss7.create_simple_binding \(aq{"cli_path": "integration.modules.sysmod.SysModuleTest.test_valid_docs", "controller": "10.11.12.13:9999", "cli_user": "jbossadm", "cli_password": "jbossadm"}\(aq my_binding_name my_binding_value
+salt\-call ipmi.set_power state=shutdown wait=True
 .ft P
 .fi
 .UNINDENT
@@ -70627,58 +76591,1074 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.jboss7.deploy(jboss_config, source_file)
-Deploy the application on the jboss instance from the local file system where minion is running.
+.B salt.modules.ipmi.set_user_access(uid, channel=14, callback=True, link_auth=True, ipmi_msg=True, privilege_level=\(aqadministrator\(aq, **kwargs)
+Set user access
 .INDENT 7.0
 .TP
-.B jboss_config
-Configuration dictionary with properties specified above.
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBuid\fP \-\- user number [1:16]
+.IP \(bu 2
+\fBchannel\fP \-\- number [1:7]
+.UNINDENT
 .TP
-.B source_file
-Source file to deploy from
+.B Parm callback
+User Restricted to Callback
 .UNINDENT
-.sp
-CLI Example:
 .INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq jboss7.deploy \(aq{"cli_path": "integration.modules.sysmod.SysModuleTest.test_valid_docs", "controller": "10.11.12.13:9999", "cli_user": "jbossadm", "cli_password": "jbossadm"}\(aq /opt/deploy_files/my_deploy
-.ft P
-.fi
-.UNINDENT
+.TP
+.B False = User Privilege Limit is determined by the User Privilege Limit
+parameter, below, for both callback and non\-callback connections.
+.TP
+.B True  = User Privilege Limit is determined by the User Privilege Limit
+parameter for callback connections, but is restricted to Callback
+level for non\-callback connections. Thus, a user can only initiate
+a Callback when they \(aqcall in\(aq to the BMC, but once the callback
+connection has been made, the user could potentially establish a
+session as an Operator.
 .UNINDENT
+.INDENT 7.0
+.TP
+.B Parameters
+\fBlink_auth\fP \-\- User Link authentication
 .UNINDENT
-.INDENT 0.0
+.sp
+enable/disable (used to enable whether this
+user\(aqs name and password information will be used for link
+authentication, e.g. PPP CHAP) for the given channel. Link
+authentication itself is a global setting for the channel and is
+enabled/disabled via the serial/modem configuration parameters.
+.INDENT 7.0
 .TP
-.B salt.modules.jboss7.list_deployments(jboss_config)
-List all deployments on the jboss instance
+.B Parameters
+\fBipmi_msg\fP \-\- User IPMI Messaginge:
+.UNINDENT
+.sp
+(used to enable/disable whether
+this user\(aqs name and password information will be used for IPMI
+Messaging. In this case, \(aqIPMI Messaging\(aq refers to the ability to
+execute generic IPMI commands that are not associated with a
+particular payload type. For example, if IPMI Messaging is disabled for
+a user, but that user is enabled for activatallow_authing the SOL
+payload type, then IPMI commands associated with SOL and session
+management, such as Get SOL Configuration Parameters and Close Session
+are available, but generic IPMI commands such as Get SEL Time are
+unavailable.)
 .INDENT 7.0
 .TP
-.B jboss_config
+.B Parameters
+\fBprivilege_level\fP \-\- 
+.UNINDENT
+.sp
+User Privilege Limit. (Determines the maximum privilege level that the
+user is allowed to switch to on the specified channel.)
 .INDENT 7.0
 .INDENT 3.5
-Configuration dictionary with properties specified above.
+.INDENT 0.0
+.IP \(bu 2
+callback
+.IP \(bu 2
+user
+.IP \(bu 2
+operator
+.IP \(bu 2
+administrator
+.IP \(bu 2
+proprietary
+.IP \(bu 2
+no_access
+.UNINDENT
 .UNINDENT
 .UNINDENT
+.INDENT 7.0
+.TP
+.B Parameters
+\fBkwargs\fP \-\- .INDENT 7.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
+.UNINDENT
 .sp
-CLI Example:
+CLI Examples:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq jboss7.list_deployments \(aq{"cli_path": "integration.modules.sysmod.SysModuleTest.test_valid_docs", "controller": "10.11.12.13:9999", "cli_user": "jbossadm", "cli_password": "jbossadm"}\(aq
+salt\-call ipmi.set_user_access uid=2 privilege_level=\(aqoperator\(aq
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .UNINDENT
-.UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.jboss7.read_datasource(jboss_config, name)
+.B salt.modules.ipmi.set_user_name(uid, name, **kwargs)
+Set user name
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBuid\fP \-\- user number [1:16]
+.IP \(bu 2
+\fBname\fP \-\- username (limit of 16bytes)
+.IP \(bu 2
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
+.UNINDENT
+.UNINDENT
+.sp
+CLI Examples:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-call ipmi.set_user_name uid=2 name=\(aqsteverweber\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.ipmi.set_user_password(uid, mode=\(aqset_password\(aq, password=None, **kwargs)
+Set user password and (modes)
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBuid\fP \-\- id number of user.  see: get_names_uid()[\(aqname\(aq]
+.IP \(bu 2
+\fBmode\fP \-\- .INDENT 2.0
+.IP \(bu 2
+disable       = disable user connections
+.IP \(bu 2
+enable        = enable user connections
+.IP \(bu 2
+set_password  = set or ensure password
+.IP \(bu 2
+test_password = test password is correct
+.UNINDENT
+
+.IP \(bu 2
+\fBpassword\fP \-\- max 16 char string
+(optional when mode is [disable or enable])
+.IP \(bu 2
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
+.UNINDENT
+.TP
+.B Returns
+True on success
+when mode = test_password, return False on bad password
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-call ipmi.set_user_password api_host=127.0.0.1 api_user=admin api_pass=pass
+                                 uid=1 password=newPass
+salt\-call ipmi.set_user_password uid=1 mode=enable
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.ipmi.user_delete(uid, channel=14, **kwargs)
+Delete user (helper)
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBuid\fP \-\- user number [1:16]
+.IP \(bu 2
+\fBchannel\fP \-\- number [1:7]
+.IP \(bu 2
+\fBkwargs\fP \-\- .INDENT 2.0
+.IP \(bu 2
+api_host=127.0.0.1
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=example
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+
+.UNINDENT
+.UNINDENT
+.sp
+CLI Examples:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-call ipmi.user_delete uid=2
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.SS salt.modules.ipset
+.sp
+Support for ipset
+.INDENT 0.0
+.TP
+.B salt.modules.ipset.add(set=None, entry=None, family=\(aqipv4\(aq, **kwargs)
+Append an entry to the specified set.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq ipset.add setname 192.168.1.26
+
+salt \(aq*\(aq ipset.add setname 192.168.0.3,AA:BB:CC:DD:EE:FF
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.ipset.check(set=None, entry=None, family=\(aqipv4\(aq)
+Check that an entry exists in the specified set.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq ipset.check setname \(aq192.168.0.1 comment "Hello"\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.ipset.check_set(set=None, family=\(aqipv4\(aq)
+New in version 2014.7.0.
+
+.sp
+Check that given ipset set exists.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq ipset.check_set setname
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.ipset.delete(set=None, entry=None, family=\(aqipv4\(aq, **kwargs)
+Delete an entry from the specified set.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq ipset.delete setname 192.168.0.3,AA:BB:CC:DD:EE:FF
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.ipset.delete_set(set=None, family=\(aqipv4\(aq)
+New in version 2014.7.0.
+
+.sp
+Delete ipset set.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq ipset.delete_set custom_set
+
+IPv6:
+salt \(aq*\(aq ipset.delete_set custom_set family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.ipset.flush(set=None, family=\(aqipv4\(aq)
+Flush entries in the specified set,
+Flush all sets if set is not specified.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq ipset.flush
+
+salt \(aq*\(aq ipset.flush set
+
+IPv6:
+salt \(aq*\(aq ipset.flush
+
+salt \(aq*\(aq ipset.flush set
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.ipset.list_sets(family=\(aqipv4\(aq)
+New in version 2014.7.0.
+
+.sp
+List all ipset sets.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq ipset.list_sets
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.ipset.new_set(set=None, set_type=None, family=\(aqipv4\(aq, comment=False, **kwargs)
+New in version 2014.7.0.
+
+.sp
+Create new custom set
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq ipset.new_set custom_set list:set
+
+salt \(aq*\(aq ipset.new_set custom_set list:set comment=True
+
+IPv6:
+salt \(aq*\(aq ipset.new_set custom_set list:set family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.ipset.rename_set(set=None, new_set=None, family=\(aqipv4\(aq)
+New in version 2014.7.0.
+
+.sp
+Delete ipset set.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq ipset.rename_set custom_set new_set=new_set_name
+
+IPv6:
+salt \(aq*\(aq ipset.rename_set custom_set new_set=new_set_name family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.ipset.test(set=None, entry=None, family=\(aqipv4\(aq, **kwargs)
+Test if an entry is in the specified set.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq ipset.test setname 192.168.0.2
+
+IPv6:
+salt \(aq*\(aq ipset.test setname fd81:fc56:9ac7::/48
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.ipset.version()
+Return version from ipset \-\-version
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq ipset.version
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.SS salt.modules.iptables
+.sp
+Support for iptables
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.append(table=\(aqfilter\(aq, chain=None, rule=None, family=\(aqipv4\(aq)
+Append a rule to the specified table/chain.
+.INDENT 7.0
+.TP
+.B This function accepts a rule in a standard iptables command format,
+starting with the chain. Trying to force users to adapt to a new
+method of creating rules would be irritating at best, and we
+already have a parser that can handle it.
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.append filter INPUT \e
+    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq
+
+IPv6:
+salt \(aq*\(aq iptables.append filter INPUT \e
+    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq \e
+    family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.build_rule(table=None, chain=None, command=None, position=\(aq\(aq, full=None, family=\(aqipv4\(aq, **kwargs)
+Build a well\-formatted iptables rule based on kwargs. A \fItable\fP and \fIchain\fP
+are not required, unless \fIfull\fP is True.
+.sp
+If \fIfull\fP is \fITrue\fP, then \fItable\fP, \fIchain\fP and \fIcommand\fP are required.
+\fIcommand\fP may be specified as either a short option (\(aqI\(aq) or a long option
+(\fI\-\-insert\fP). This will return the iptables command, exactly as it would
+be used from the command line.
+.sp
+If a position is required (as with \fI\-I\fP or \fI\-D\fP), it may be specified as
+\fIposition\fP\&. This will only be useful if \fIfull\fP is True.
+.sp
+If \fIconnstate\fP is passed in, it will automatically be changed to \fIstate\fP\&.
+.sp
+To pass in jump options that doesn\(aqt take arguments, pass in an empty
+string.
+.sp
+CLI Examples:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.build_rule match=state \e
+    connstate=RELATED,ESTABLISHED jump=ACCEPT
+
+salt \(aq*\(aq iptables.build_rule filter INPUT command=I position=3 \e
+    full=True match=state state=RELATED,ESTABLISHED jump=ACCEPT
+
+salt \(aq*\(aq iptables.build_rule filter INPUT command=A \e
+    full=True match=state state=RELATED,ESTABLISHED \e
+    source=\(aq127.0.0.1\(aq jump=ACCEPT
+
+\&.. Invert Rules
+salt \(aq*\(aq iptables.build_rule filter INPUT command=A \e
+    full=True match=state state=RELATED,ESTABLISHED \e
+    source=\(aq! 127.0.0.1\(aq jump=ACCEPT
+
+salt \(aq*\(aq iptables.build_rule filter INPUT command=A \e
+    full=True match=state state=RELATED,ESTABLISHED \e
+    destination=\(aqnot 127.0.0.1\(aq jump=ACCEPT
+
+IPv6:
+salt \(aq*\(aq iptables.build_rule match=state \e
+    connstate=RELATED,ESTABLISHED jump=ACCEPT \e
+    family=ipv6
+salt \(aq*\(aq iptables.build_rule filter INPUT command=I position=3 \e
+    full=True match=state state=RELATED,ESTABLISHED jump=ACCEPT \e
+    family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.check(table=\(aqfilter\(aq, chain=None, rule=None, family=\(aqipv4\(aq)
+Check for the existence of a rule in the table and chain
+.INDENT 7.0
+.TP
+.B This function accepts a rule in a standard iptables command format,
+starting with the chain. Trying to force users to adapt to a new
+method of creating rules would be irritating at best, and we
+already have a parser that can handle it.
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.check filter INPUT \e
+    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq
+
+IPv6:
+salt \(aq*\(aq iptables.check filter INPUT \e
+    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq \e
+    family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.check_chain(table=\(aqfilter\(aq, chain=None, family=\(aqipv4\(aq)
+New in version 2014.1.0.
+
+.sp
+Check for the existence of a chain in the table
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.check_chain filter INPUT
+
+IPv6:
+salt \(aq*\(aq iptables.check_chain filter INPUT family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.delete(table, chain=None, position=None, rule=None, family=\(aqipv4\(aq)
+.INDENT 7.0
+.TP
+.B Delete a rule from the specified table/chain, specifying either the rule
+in its entirety, or the rule\(aqs position in the chain.
+.TP
+.B This function accepts a rule in a standard iptables command format,
+starting with the chain. Trying to force users to adapt to a new
+method of creating rules would be irritating at best, and we
+already have a parser that can handle it.
+.UNINDENT
+.sp
+CLI Examples:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.delete filter INPUT position=3
+salt \(aq*\(aq iptables.delete filter INPUT \e
+    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq
+
+IPv6:
+salt \(aq*\(aq iptables.delete filter INPUT position=3 family=ipv6
+salt \(aq*\(aq iptables.delete filter INPUT \e
+    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq \e
+    family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.delete_chain(table=\(aqfilter\(aq, chain=None, family=\(aqipv4\(aq)
+New in version 2014.1.0.
+
+.sp
+Delete custom chain to the specified table.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.delete_chain filter CUSTOM_CHAIN
+
+IPv6:
+salt \(aq*\(aq iptables.delete_chain filter CUSTOM_CHAIN family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.flush(table=\(aqfilter\(aq, chain=\(aq\(aq, family=\(aqipv4\(aq)
+Flush the chain in the specified table, flush all chains in the specified
+table if not specified chain.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.flush filter INPUT
+
+IPv6:
+salt \(aq*\(aq iptables.flush filter INPUT family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.get_policy(table=\(aqfilter\(aq, chain=None, family=\(aqipv4\(aq)
+Return the current policy for the specified table/chain
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.get_policy filter INPUT
+
+IPv6:
+salt \(aq*\(aq iptables.get_policy filter INPUT family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.get_rules(family=\(aqipv4\(aq)
+Return a data structure of the current, in\-memory rules
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.get_rules
+
+IPv6:
+salt \(aq*\(aq iptables.get_rules family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.get_saved_policy(table=\(aqfilter\(aq, chain=None, conf_file=None, family=\(aqipv4\(aq)
+Return the current policy for the specified table/chain
+.sp
+CLI Examples:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.get_saved_policy filter INPUT
+salt \(aq*\(aq iptables.get_saved_policy filter INPUT \e
+    conf_file=/etc/iptables.saved
+
+IPv6:
+salt \(aq*\(aq iptables.get_saved_policy filter INPUT family=ipv6
+salt \(aq*\(aq iptables.get_saved_policy filter INPUT \e
+    conf_file=/etc/iptables.saved family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.get_saved_rules(conf_file=None, family=\(aqipv4\(aq)
+Return a data structure of the rules in the conf file
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.get_saved_rules
+
+IPv6:
+salt \(aq*\(aq iptables.get_saved_rules family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.insert(table=\(aqfilter\(aq, chain=None, position=None, rule=None, family=\(aqipv4\(aq)
+Insert a rule into the specified table/chain, at the specified position.
+.INDENT 7.0
+.TP
+.B This function accepts a rule in a standard iptables command format,
+starting with the chain. Trying to force users to adapt to a new
+method of creating rules would be irritating at best, and we
+already have a parser that can handle it.
+.TP
+.B If the position specified is a negative number, then the insert will be
+performed counting from the end of the list. For instance, a position
+of \-1 will insert the rule as the second to last rule. To insert a rule
+in the last position, use the append function instead.
+.UNINDENT
+.sp
+CLI Examples:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.insert filter INPUT position=3 \e
+    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq
+
+IPv6:
+salt \(aq*\(aq iptables.insert filter INPUT position=3 \e
+    rule=\(aq\-m state \-\-state RELATED,ESTABLISHED \-j ACCEPT\(aq \e
+    family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.new_chain(table=\(aqfilter\(aq, chain=None, family=\(aqipv4\(aq)
+New in version 2014.1.0.
+
+.sp
+Create new custom chain to the specified table.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.new_chain filter CUSTOM_CHAIN
+
+IPv6:
+salt \(aq*\(aq iptables.new_chain filter CUSTOM_CHAIN family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.save(filename=None, family=\(aqipv4\(aq)
+Save the current in\-memory rules to disk
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.save /etc/sysconfig/iptables
+
+IPv6:
+salt \(aq*\(aq iptables.save /etc/sysconfig/iptables family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.set_policy(table=\(aqfilter\(aq, chain=None, policy=None, family=\(aqipv4\(aq)
+Set the current policy for the specified table/chain
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.set_policy filter INPUT ACCEPT
+
+IPv6:
+salt \(aq*\(aq iptables.set_policy filter INPUT ACCEPT family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.iptables.version(family=\(aqipv4\(aq)
+Return version from iptables \-\-version
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq iptables.version
+
+IPv6:
+salt \(aq*\(aq iptables.version family=ipv6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.SS salt.modules.jboss7
+.sp
+Module for managing JBoss AS 7 through the CLI interface.
+.sp
+New in version 2015.5.0.
+
+.INDENT 0.0
+.TP
+.B In order to run each function, jboss_config dictionary with the following properties must be passed:
+.INDENT 7.0
+.IP \(bu 2
+cli_path: the path to jboss\-cli script, for example: \(aq/opt/jboss/jboss\-7.0/bin/jboss\-cli.sh\(aq
+.IP \(bu 2
+controller: the ip addres and port of controller, for example: 10.11.12.13:9999
+.IP \(bu 2
+cli_user: username to connect to jboss administration console if necessary
+.IP \(bu 2
+cli_password: password to connect to jboss administration console if necessary
+.UNINDENT
+.UNINDENT
+.sp
+Example:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+jboss_config:
+   cli_path: \(aq/opt/jboss/jboss\-7.0/bin/jboss\-cli.sh\(aq
+   controller: 10.11.12.13:9999
+   cli_user: \(aqjbossadm\(aq
+   cli_password: \(aqjbossadm\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.jboss7.create_datasource(jboss_config, name, datasource_properties)
+Create datasource in running jboss instance
+.INDENT 7.0
+.TP
+.B jboss_config
+Configuration dictionary with properties specified above.
+.TP
+.B name
+Datasource name
+.TP
+.B datasource_properties
+.INDENT 7.0
+.TP
+.B A dictionary of datasource properties to be created:
+.INDENT 7.0
+.IP \(bu 2
+driver\-name: mysql
+.IP \(bu 2
+connection\-url: \(aq\fI\%jdbc:mysql://localhost:3306/sampleDatabase\fP\(aq
+.IP \(bu 2
+jndi\-name: \(aqjava:jboss/datasources/sampleDS\(aq
+.IP \(bu 2
+user\-name: sampleuser
+.IP \(bu 2
+password: secret
+.IP \(bu 2
+min\-pool\-size: 3
+.IP \(bu 2
+use\-java\-context: True
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq jboss7.create_datasource \(aq{"cli_path": "integration.modules.sysmod.SysModuleTest.test_valid_docs", "controller": "10.11.12.13:9999", "cli_user": "jbossadm", "cli_password": "jbossadm"}\(aq \(aqmy_datasource\(aq \(aq{"driver\-name": "mysql", "connection\-url": "jdbc:mysql://localhost:3306/sampleDatabase", "jndi\-name": "java:jboss/datasources/sampleDS", "user\-name": "sampleuser", "password": "secret", "min\-pool\-size": 3, "use\-java\-context": True}\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.jboss7.create_simple_binding(jboss_config, binding_name, value)
+Create a simple jndi binding in the running jboss instance
+.INDENT 7.0
+.TP
+.B jboss_config
+Configuration dictionary with properties specified above.
+.TP
+.B binding_name
+Binding name to be created
+.TP
+.B value
+Binding value
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq jboss7.create_simple_binding \(aq{"cli_path": "integration.modules.sysmod.SysModuleTest.test_valid_docs", "controller": "10.11.12.13:9999", "cli_user": "jbossadm", "cli_password": "jbossadm"}\(aq my_binding_name my_binding_value
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.jboss7.deploy(jboss_config, source_file)
+Deploy the application on the jboss instance from the local file system where minion is running.
+.INDENT 7.0
+.TP
+.B jboss_config
+Configuration dictionary with properties specified above.
+.TP
+.B source_file
+Source file to deploy from
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq jboss7.deploy \(aq{"cli_path": "integration.modules.sysmod.SysModuleTest.test_valid_docs", "controller": "10.11.12.13:9999", "cli_user": "jbossadm", "cli_password": "jbossadm"}\(aq /opt/deploy_files/my_deploy
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.jboss7.list_deployments(jboss_config)
+List all deployments on the jboss instance
+.INDENT 7.0
+.TP
+.B jboss_config
+.INDENT 7.0
+.INDENT 3.5
+Configuration dictionary with properties specified above.
+.UNINDENT
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq jboss7.list_deployments \(aq{"cli_path": "integration.modules.sysmod.SysModuleTest.test_valid_docs", "controller": "10.11.12.13:9999", "cli_user": "jbossadm", "cli_password": "jbossadm"}\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.jboss7.read_datasource(jboss_config, name)
 Read datasource properties in the running jboss instance.
 .INDENT 7.0
 .TP
@@ -71263,9 +78243,19 @@
 .INDENT 0.0
 .TP
 .B salt.modules.keystone.auth(profile=None, **connection_args)
-Set up keystone credentials
+Set up keystone credentials. Only intended to be used within Keystone\-enabled modules.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
 .sp
-Only intended to be used within Keystone\-enabled modules
+.nf
+.ft C
+salt \(aq*\(aq keystone.auth
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -71413,7 +78403,9 @@
 .INDENT 0.0
 .TP
 .B salt.modules.keystone.role_create(name, profile=None, **connection_args)
-Create named role
+Create a named role.
+.sp
+CLI Example:
 .INDENT 7.0
 .INDENT 3.5
 .sp
@@ -73402,6 +80394,19 @@
 .fi
 .UNINDENT
 .UNINDENT
+.sp
+The special case to disable use of ethernet nics:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aqminion\(aq lxc.apply_network_profile web1 centos \e
+        "{eth0: {disable: true}}"
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -73487,7 +80492,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.lxc.clone(name, orig, profile=None, **kwargs)
+.B salt.modules.lxc.clone(name, orig, profile=None, network_profile=None, nic_opts=None, **kwargs)
 Create a new container as a clone of another container
 .INDENT 7.0
 .TP
@@ -73516,6 +80521,18 @@
 .B backing
 The type of storage to use. Set to \fBlvm\fP to use an LVM group.
 Defaults to filesystem within /var/lib/lxc.
+.TP
+.B network_profile
+Network profile to use for container
+.sp
+New in version 2015.5.2.
+
+.TP
+.B nic_opts
+give extra opts overriding network profile values
+.sp
+New in version 2015.5.2.
+
 .UNINDENT
 .sp
 CLI Examples:
@@ -73586,6 +80603,68 @@
 .B name
 name of the lxc container to create
 .TP
+.B pub_key
+public key to preseed the minion with.
+Can be the keycontent or a filepath
+.TP
+.B priv_key
+private key to preseed the minion with.
+Can be the keycontent or a filepath
+.TP
+.B profile
+\fIprofile\fP selection
+.TP
+.B network_profile
+\fInetwork profile\fP selection
+.TP
+.B nic_opts
+per interface settings compatibles with
+network profile (ipv4/ipv6/link/gateway/mac/netmask)
+.sp
+eg:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+\- {\(aqeth0\(aq: {\(aqmac\(aq: \(aq00:16:3e:01:29:40\(aq,
+            \(aqgateway\(aq: None, (default)
+            \(aqlink\(aq: \(aqbr0\(aq, (default)
+            \(aqgateway\(aq: None, (default)
+            \(aqnetmask\(aq: \(aq\(aq, (default)
+            \(aqip\(aq: \(aq22.1.4.25\(aq}}
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.TP
+.B unconditional_install
+given to lxc.bootstrap (see relative doc)
+.TP
+.B force_install
+given to lxc.bootstrap (see relative doc)
+.TP
+.B config
+any extra argument for the salt minion config
+.TP
+.B dnsservers
+dns servers to set inside the container
+.TP
+.B autostart
+autostart the container at boot time
+.TP
+.B password
+administrative password for the container
+.UNINDENT
+.sp
+\fBWARNING:\fP
+.INDENT 7.0
+.INDENT 3.5
+Legacy but still supported options:
+.UNINDENT
+.UNINDENT
+.INDENT 7.0
+.TP
 .B from_container
 which container we use as a template
 when running lxc.clone
@@ -73613,17 +80692,9 @@
 .B vgname
 if using LVM: vgname
 .TP
-.B lgname
+.B lvname
 if using LVM: lvname
 .TP
-.B pub_key
-public key to preseed the minion with.
-Can be the keycontent or a filepath
-.TP
-.B priv_key
-private key to preseed the minion with.
-Can be the keycontent or a filepath
-.TP
 .B ip
 ip for the primary nic
 .TP
@@ -73664,27 +80735,13 @@
 .UNINDENT
 .UNINDENT
 .TP
-.B unconditional_install
-given to lxc.bootstrap (see relative doc)
-.TP
-.B force_install
-given to lxc.bootstrap (see relative doc)
-.TP
-.B config
-any extra argument for the salt minion config
-.TP
-.B dnsservers
-dns servers to set inside the container
-.TP
-.B autostart
-autostart the container at boot time
-.TP
-.B password
-administrative password for the container
-.TP
 .B users
 administrative users for the container
 default: [root] and [root, ubuntu] on ubuntu
+.TP
+.B default_nic
+name of the first interface, you should
+really not override this
 .UNINDENT
 .sp
 CLI Example:
@@ -74001,7 +81058,7 @@
 container creation arguments (such as the ones passed to \fI\%lxc.create\fP) to this function.
 .sp
 A profile can be defined either as the name of the profile, or a dictionary
-of variable names and values. See the LXC Tutorial for more information on how to use LXC profiles.
+of variable names and values. See the \fILXC Tutorial\fP for more information on how to use LXC profiles.
 .sp
 CLI Example:
 .INDENT 7.0
@@ -74023,7 +81080,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.lxc.get_network_profile(name=None)
+.B salt.modules.lxc.get_network_profile(name=None, **kwargs)
 New in version 2015.5.0.
 
 .sp
@@ -74059,11 +81116,25 @@
 .UNINDENT
 .UNINDENT
 .sp
-Parameters set in a profile can be overridden by passing additional
-arguments to this function.
+To disable networking entirely:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+lxc.network_profile.centos:
+  eth0:
+    disable: true
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Parameters set in a profile can be overridden by passing additional
+arguments to this function.
 .sp
 A profile can be passed either as the name of the profile, or a
-dictionary of variable names and values. See the LXC Tutorial for more information on how to use network
+dictionary of variable names and values. See the \fILXC Tutorial\fP for more information on how to use network
 profiles.
 .sp
 \fBWARNING:\fP
@@ -74157,7 +81228,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.lxc.init(name, config=None, cpuset=None, cpushare=None, memory=None, profile=None, network_profile=<object object>, nic=<object object>, nic_opts=None, cpu=None, autostart=True, password=None, password_encrypted=None, users=None, dnsservers=None, searchdomains=None, bridge=None, gateway=None, pub_key=None, priv_key=None, force_install=False, unconditional_install=False, bootstrap_delay=None, bootstrap_args=None, bootstrap_shell=None, bootstrap_url=None, **kwargs)
+.B salt.modules.lxc.init(name, config=None, cpuset=None, cpushare=None, memory=None, profile=None, network_profile=None, nic=<object object>, nic_opts=None, cpu=None, autostart=True, password=None, password_encrypted=None, users=None, dnsservers=None, searchdomains=None, bridge=None, gateway=None, pub_key=None, priv_key=None, force_install=False, unconditional_install=False, bootstrap_delay=None, bootstrap_args=None, bootstrap_shell=None, bootstrap_url=None, **kwargs)
 Initialize a new container.
 .sp
 This is a partial idempotent function as if it is already provisioned, we
@@ -74258,6 +81329,12 @@
 Optional config parameters. By default, the id is set to
 the name of the container.
 .TP
+.B master
+salt master (default to minion\(aqs master)
+.TP
+.B master_port
+salt master port (default to minion\(aqs master port)
+.TP
 .B pub_key
 Explicit public key to preseed the minion with (optional).
 This can be either a filepath or a string representing the key
@@ -74448,7 +81525,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.lxc.retcode(name, cmd, no_start=False, preserve_state=True, stdin=None, python_shell=True, output_loglevel=\(aqdebug\(aq, use_vt=False, ignore_retcode=False, keep_env=\(aqhttp_proxy, https_proxy, no_proxy\(aq)
+.B salt.modules.lxc.retcode(name, cmd, no_start=False, preserve_state=True, stdin=None, python_shell=True, output_loglevel=\(aqdebug\(aq, use_vt=False, ignore_retcode=False, chroot_fallback=False, keep_env=\(aqhttp_proxy, https_proxy, no_proxy\(aq)
 New in version 2015.5.0.
 
 .sp
@@ -74509,6 +81586,10 @@
 .B keep_env
 http_proxy,https_proxy,no_proxy
 A list of env vars to preserve. May be passed as commma\-delimited list.
+.TP
+.B chroot_fallback
+if the container is not running, try to run the command using chroot
+default: false
 .UNINDENT
 .sp
 CLI Example:
@@ -74525,7 +81606,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.lxc.run(name, cmd, no_start=False, preserve_state=True, stdin=None, python_shell=True, output_loglevel=\(aqdebug\(aq, use_vt=False, ignore_retcode=False, keep_env=\(aqhttp_proxy, https_proxy, no_proxy\(aq)
+.B salt.modules.lxc.run(name, cmd, no_start=False, preserve_state=True, stdin=None, python_shell=True, output_loglevel=\(aqdebug\(aq, use_vt=False, ignore_retcode=False, chroot_fallback=False, keep_env=\(aqhttp_proxy, https_proxy, no_proxy\(aq)
 New in version 2015.5.0.
 
 .sp
@@ -74583,6 +81664,10 @@
 Use SaltStack\(aqs utils.vt to stream output to console. Assumes
 \fBoutput=all\fP\&.
 .TP
+.B chroot_fallback
+if the container is not running, try to run the command using chroot
+default: false
+.TP
 .B keep_env
 http_proxy,https_proxy,no_proxy
 A list of env vars to preserve. May be passed as commma\-delimited list.
@@ -74602,7 +81687,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.lxc.run_all(name, cmd, no_start=False, preserve_state=True, stdin=None, python_shell=True, output_loglevel=\(aqdebug\(aq, use_vt=False, ignore_retcode=False, keep_env=\(aqhttp_proxy, https_proxy, no_proxy\(aq)
+.B salt.modules.lxc.run_all(name, cmd, no_start=False, preserve_state=True, stdin=None, python_shell=True, output_loglevel=\(aqdebug\(aq, use_vt=False, ignore_retcode=False, chroot_fallback=False, keep_env=\(aqhttp_proxy, https_proxy, no_proxy\(aq)
 New in version 2015.5.0.
 
 .sp
@@ -74661,6 +81746,10 @@
 .B keep_env
 http_proxy,https_proxy,no_proxy
 A list of env vars to preserve. May be passed as commma\-delimited list.
+.TP
+.B chroot_fallback
+if the container is not running, try to run the command using chroot
+default: false
 .UNINDENT
 .sp
 CLI Example:
@@ -74677,13 +81766,13 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.lxc.run_cmd(name, cmd, no_start=False, preserve_state=True, stdin=None, stdout=True, stderr=False, python_shell=True, output_loglevel=\(aqdebug\(aq, use_vt=False, ignore_retcode=False, keep_env=\(aqhttp_proxy, https_proxy, no_proxy\(aq)
+.B salt.modules.lxc.run_cmd(name, cmd, no_start=False, preserve_state=True, stdin=None, stdout=True, stderr=False, python_shell=True, output_loglevel=\(aqdebug\(aq, use_vt=False, ignore_retcode=False, chroot_fallback=False, keep_env=\(aqhttp_proxy, https_proxy, no_proxy\(aq)
 Deprecated since version 2015.5.0: Use \fI\%lxc.run\fP instead
 
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.lxc.run_stderr(name, cmd, no_start=False, preserve_state=True, stdin=None, python_shell=True, output_loglevel=\(aqdebug\(aq, use_vt=False, ignore_retcode=False, keep_env=\(aqhttp_proxy, https_proxy, no_proxy\(aq)
+.B salt.modules.lxc.run_stderr(name, cmd, no_start=False, preserve_state=True, stdin=None, python_shell=True, output_loglevel=\(aqdebug\(aq, use_vt=False, ignore_retcode=False, chroot_fallback=False, keep_env=\(aqhttp_proxy, https_proxy, no_proxy\(aq)
 New in version 2015.5.0.
 
 .sp
@@ -74742,6 +81831,10 @@
 .B keep_env
 http_proxy,https_proxy,no_proxy
 A list of env vars to preserve. May be passed as commma\-delimited list.
+.TP
+.B chroot_fallback
+if the container is not running, try to run the command using chroot
+default: false
 .UNINDENT
 .sp
 CLI Example:
@@ -74758,7 +81851,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.lxc.run_stdout(name, cmd, no_start=False, preserve_state=True, stdin=None, python_shell=True, output_loglevel=\(aqdebug\(aq, use_vt=False, ignore_retcode=False, keep_env=\(aqhttp_proxy, https_proxy, no_proxy\(aq)
+.B salt.modules.lxc.run_stdout(name, cmd, no_start=False, preserve_state=True, stdin=None, python_shell=True, output_loglevel=\(aqdebug\(aq, use_vt=False, ignore_retcode=False, chroot_fallback=False, keep_env=\(aqhttp_proxy, https_proxy, no_proxy\(aq)
 New in version 2015.5.0.
 
 .sp
@@ -74819,6 +81912,10 @@
 .B keep_env
 http_proxy,https_proxy,no_proxy
 A list of env vars to preserve. May be passed as commma\-delimited list.
+.TP
+.B chroot_fallback
+if the container is not running, try to run the command using chroot
+default: false
 .UNINDENT
 .sp
 CLI Example:
@@ -74835,6 +81932,57 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.modules.lxc.running_systemd(name, cache=True)
+Determine if systemD is running
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq lxc.running_systemd ubuntu
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.lxc.search_lxc_bridge()
+Search the first bridge which is potentially available as LXC bridge
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq lxc.search_lxc_bridge
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.lxc.search_lxc_bridges()
+Search which bridges are potentially available as LXC bridges
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq lxc.search_lxc_bridges
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.modules.lxc.set_dns(name, dnsservers=None, searchdomains=None)
 Changed in version 2015.5.0: The \fBdnsservers\fP and \fBsearchdomains\fP parameters can now be passed
 as a comma\-separated list.
@@ -74983,6 +82131,23 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.modules.lxc.systemd_running_state(name)
+Get the operational state of a systemd based container
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.systemd_running_state ubuntu
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.modules.lxc.templates()
 New in version 2015.5.0.
 
@@ -75003,6 +82168,41 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.modules.lxc.test_bare_started_state(name)
+Test if a non systemd container is fully started
+For now, it consists only to test if the container is attachable
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.test_bare_started_state ubuntu
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.lxc.test_sd_started_state(name)
+Test if a systemd container is fully started
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.test_sd_started_state ubuntu
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.modules.lxc.unfreeze(name)
 Unfreeze the named container.
 .sp
@@ -75039,6 +82239,50 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.modules.lxc.version()
+Return the actual lxc client version
+.INDENT 7.0
+.INDENT 3.5
+New in version 2015.5.2.
+
+.UNINDENT
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq lxc.version
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.lxc.wait_started(name, timeout=300)
+Check that the system has fully inited
+.sp
+This is actually very important for systemD based containers
+.sp
+see \fI\%https://github.com/saltstack/salt/issues/23847\fP
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt myminion lxc.wait_started ubuntu
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.modules.lxc.write_conf(conf_file, conf)
 Write out an LXC configuration file
 .sp
@@ -77712,6 +84956,33 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.modules.mod_random.rand_int(start=1, end=10)
+Returns a random integer number between the start and end number.
+.INDENT 7.0
+.TP
+.B start
+1
+Any valid integer number
+.TP
+.B end
+10
+Any valid integer number
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq random.rand_int 1 10
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.modules.mod_random.shadow_hash(crypt_salt=None, password=None, algorithm=\(aqsha512\(aq)
 Generates a salted hash suitable for /etc/shadow.
 .INDENT 7.0
@@ -77778,7 +85049,7 @@
 Below is an example of the configuration needed for this module. This
 configuration data can be placed either in \fBgrains\fP or \fBpillar\fP\&.
 .sp
-If using grains, this can be accomplished statically or via a grain module\&.
+If using grains, this can be accomplished \fIstatically\fP or via a \fIgrain module\fP\&.
 .sp
 If using pillar, the yaml configuration can be placed directly into a pillar
 SLS file, making this both the easier and more dynamic method of configuring
@@ -79742,6 +87013,188 @@
 .UNINDENT
 .UNINDENT
 .UNINDENT
+.SS salt.modules.nacl
+.sp
+This module helps include encrypted passwords in pillars, grains and salt state files.
+.INDENT 0.0
+.TP
+.B depends
+libnacl, \fI\%https://github.com/saltstack/libnacl\fP
+.UNINDENT
+.sp
+This is often useful if you wish to store your pillars in source control or
+share your pillar data with others that you trust. I don\(aqt advise making your pillars public
+regardless if they are encrypted or not.
+.sp
+When generating keys and encrypting passwords use \-\-local when using salt\-call for extra
+security. Also consider using just the salt runner nacl when encrypting pillar passwords.
+.sp
+The nacl lib uses 32byte keys, these keys are base64 encoded to make your life more simple.
+To generate your \fIkey\fP or \fIkeyfile\fP you can use:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-call \-\-local nacl.keygen keyfile=/root/.nacl
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Now with your key, you can encrypt some data:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-call \-\-local nacl.enc mypass keyfile=/root/.nacl
+DRB7Q6/X5gGSRCTpZyxS6hXO5LnlJIIJ4ivbmUlbWj0llUA+uaVyvou3vJ4=
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To decrypt the data:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-call \-\-local nacl.dec data=\(aqDRB7Q6/X5gGSRCTpZyxS6hXO5LnlJIIJ4ivbmUlbWj0llUA+uaVyvou3vJ4=\(aq keyfile=/root/.nacl
+mypass
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+The following optional configurations can be defined in the
+minion or master config. Avoid storing the config in pillars!
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+cat /etc/salt/master.d/nacl.conf
+nacl.config:
+    key: None
+    keyfile: /root/.nacl
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+When the key is defined in the master config you can use it from the nacl runner:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-run nacl.enc \(aqmyotherpass\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Now you can create a pillar with protected data like:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+pillarexample:
+    user: root
+    password: {{ salt.nacl.dec(\(aqDRB7Q6/X5gGSRCTpZyxS6hXO5LnlJIIJ4ivbmUlbWj0llUA+uaVyvou3vJ4=\(aq) }}
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Or do something interesting with grains like:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-call nacl.enc minionname:dbrole
+AL24Z2C5OlkReer3DuQTFdrNLchLuz3NGIhGjZkLtKRYry/b/CksWM8O9yskLwH2AGVLoEXI5jAa
+
+salt minionname grains.setval role \(aqAL24Z2C5OlkReer3DuQTFdrNLchLuz3NGIhGjZkLtKRYry/b/CksWM8O9yskLwH2AGVLoEXI5jAa\(aq
+
+{%\- set r = grains.get(\(aqrole\(aq) %}
+{%\- set role = None %}
+{%\- if r and \(aqnacl.dec\(aq in salt %}
+    {%\- set r = salt[\(aqnacl.dec\(aq](r,keyfile=\(aq/root/.nacl\(aq).split(\(aq:\(aq) %}
+    {%\- if opts[\(aqid\(aq] == r[0] %}
+        {%\- set role = r[1] %}
+    {%\- endif %}
+{%\- endif %}
+base:
+    {%\- if role %}
+    \(aq{{ opts[\(aqid\(aq] }}\(aq:
+        \- {{ role }}
+    {%\- endif %}
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.nacl.dec(data, **kwargs)
+Takes a key generated from \fInacl.keygen\fP and decrypt some data.
+.sp
+CLI Examples:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-call \-\-local nacl.dec pEXHQM6cuaF7A=
+salt\-call \-\-local nacl.dec data=\(aqpEXHQM6cuaF7A=\(aq keyfile=/root/.nacl
+salt\-call \-\-local nacl.dec data=\(aqpEXHQM6cuaF7A=\(aq key=\(aqcKEzd4kXsbeCE7/nLTIqXwnUiD1ulg4NoeeYcCFpd9k=\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.nacl.enc(data, **kwargs)
+Takes a key generated from \fInacl.keygen\fP and encrypt some data.
+.sp
+CLI Examples:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-call \-\-local nacl.enc datatoenc
+salt\-call \-\-local nacl.enc datatoenc keyfile=/root/.nacl
+salt\-call \-\-local nacl.enc datatoenc key=\(aqcKEzd4kXsbeCE7/nLTIqXwnUiD1ulg4NoeeYcCFpd9k=\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.nacl.keygen(keyfile=None)
+Use libnacl to generate a private key
+.sp
+CLI Examples:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt\-call \-\-local nacl.keygen
+salt\-call \-\-local nacl.keygen keyfile=/root/.nacl
+salt\-call \-\-local \-\-out=newline_values_only nacl.keygen > /root/.nacl
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
 .SS salt.modules.nagios
 .sp
 Run nagios plugins/checks from salt and get the return as data.
@@ -81213,14 +88666,24 @@
 Return a True or False instead of ping output.
 .INDENT 7.0
 .INDENT 3.5
+.sp
+.nf
+.ft C
 salt \(aq*\(aq network.ping archlinux.org return_boolean=True
+.ft P
+.fi
 .UNINDENT
 .UNINDENT
 .sp
 Set the time to wait for a response in seconds.
 .INDENT 7.0
 .INDENT 3.5
+.sp
+.nf
+.ft C
 salt \(aq*\(aq network.ping archlinux.org timeout=3
+.ft P
+.fi
 .UNINDENT
 .UNINDENT
 .UNINDENT
@@ -84705,7 +92168,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.npm.uninstall(pkg, dir=None, runas=None)
+.B salt.modules.npm.uninstall(pkg, dir=None, runas=None, env=None)
 Uninstall an NPM package.
 .sp
 If no directory is specified, the package will be uninstalled globally.
@@ -84720,6 +92183,14 @@
 .TP
 .B runas
 The user to run NPM with
+.TP
+.B env
+Environment variables to set when invoking npm. Uses the same \fBenv\fP
+format as the \fBcmd.run\fP execution
+function.
+.sp
+New in version 2015.5.3.
+
 .UNINDENT
 .sp
 CLI Example:
@@ -87285,7 +94756,8 @@
 functional on the salt installation itself. You can pip install dependencies
 for your custom modules. You can even upgrade salt itself using pip. For this
 to work properly, you must specify the Current Working Directory (\fBcwd\fP) and
-the Pip Binary (\fBbin_env\fP) salt should use.
+the Pip Binary (\fBbin_env\fP) salt should use.  The variable \fBpip_bin\fP can
+be either a virtualenv path or the path to the pip binary itself.
 .sp
 For example, the following command will list all software installed using pip
 to your current salt environment:
@@ -87331,7 +94803,7 @@
 .sp
 To do this you just use pip with git to update to the version you want and then
 restart the service. Here is a sample state file that upgrades salt to the head
-of the 2015.2 branch:
+of the 2015.5 branch:
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -87341,7 +94813,7 @@
   pip.installed:
     \- cwd: \(aqC:\esalt\ebin\escripts\(aq
     \- bin_env: \(aqC:\esalt\ebin\escripts\epip.exe\(aq
-    \- editable: git+https://github.com/saltstack/salt@2015.2#egg=salt
+    \- editable: git+https://github.com/saltstack/salt@2015.5#egg=salt
     \- upgrade: True
 
 restart_service:
@@ -87660,7 +95132,9 @@
 .TP
 .B no_chown
 When user is given, do not attempt to copy and chown
-a requirements file
+a requirements file (needed if the requirements file refers to other
+files via relative paths, as the copy\-and\-chown procedure does not
+account for such files)
 .TP
 .B cwd
 Current working directory to run pip from
@@ -91388,518 +98862,6 @@
 .B salt.modules.powerpath.remove_license(key)
 Remove a license
 .UNINDENT
-.SS salt.modules.ps
-.sp
-A salt interface to psutil, a system and process library.
-See \fI\%http://code.google.com/p/psutil\fP\&.
-.INDENT 0.0
-.TP
-.B depends
-.INDENT 7.0
-.IP \(bu 2
-psutil Python module, version 0.3.0 or later
-.IP \(bu 2
-python\-utmp package (optional)
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.boot_time(time_format=None)
-Return the boot time in number of seconds since the epoch began.
-.sp
-CLI Example:
-.INDENT 7.0
-.TP
-.B time_format
-Optionally specify a \fI\%strftime\fP format string. Use
-\fBtime_format=\(aq%c\(aq\fP to get a nicely\-formatted locale specific date and
-time (i.e. \fBFri May  2 19:08:32 2014\fP).
-.sp
-New in version 2014.1.4.
-
-.UNINDENT
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.boot_time
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.cpu_percent(interval=0.1, per_cpu=False)
-Return the percent of time the CPU is busy.
-.INDENT 7.0
-.TP
-.B interval
-the number of seconds to sample CPU usage over
-.TP
-.B per_cpu
-if True return an array of CPU percent busy for each CPU, otherwise
-aggregate all percents into one number
-.UNINDENT
-.sp
-CLI Example:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.cpu_percent
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.cpu_times(per_cpu=False)
-Return the percent of time the CPU spends in each state,
-e.g. user, system, idle, nice, iowait, irq, softirq.
-.INDENT 7.0
-.TP
-.B per_cpu
-if True return an array of percents for each CPU, otherwise aggregate
-all percents into one number
-.UNINDENT
-.sp
-CLI Example:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.cpu_times
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.disk_io_counters(device=None)
-Return disk I/O statistics.
-.sp
-CLI Example:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.disk_io_counters
-
-salt \(aq*\(aq ps.disk_io_counters device=sda1
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.disk_partition_usage(all=False)
-Return a list of disk partitions plus the mount point, filesystem and usage
-statistics.
-.sp
-CLI Example:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.disk_partition_usage
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.disk_partitions(all=False)
-Return a list of disk partitions and their device, mount point, and
-filesystem type.
-.INDENT 7.0
-.TP
-.B all
-if set to False, only return local, physical partitions (hard disk,
-USB, CD/DVD partitions).  If True, return all filesystems.
-.UNINDENT
-.sp
-CLI Example:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.disk_partitions
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.disk_usage(path)
-Given a path, return a dict listing the total available space as well as
-the free space, and used space.
-.sp
-CLI Example:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.disk_usage /home
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.get_pid_list()
-Return a list of process ids (PIDs) for all running processes.
-.sp
-CLI Example:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.get_pid_list
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.get_users()
-Return logged\-in users.
-.sp
-CLI Example:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.get_users
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.kill_pid(pid, signal=15)
-Kill a process by PID.
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aqminion\(aq ps.kill_pid pid [signal=signal_number]
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.INDENT 7.0
-.TP
-.B pid
-PID of process to kill.
-.TP
-.B signal
-Signal to send to the process. See manpage entry for kill
-for possible values. Default: 15 (SIGTERM).
-.UNINDENT
-.sp
-\fBExample:\fP
-.sp
-Send SIGKILL to process with PID 2000:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aqminion\(aq ps.kill_pid 2000 signal=9
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.network_io_counters(interface=None)
-Return network I/O statistics.
-.sp
-CLI Example:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.network_io_counters
-
-salt \(aq*\(aq ps.network_io_counters interface=eth0
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.num_cpus()
-Return the number of CPUs.
-.sp
-CLI Example:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.num_cpus
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.pgrep(pattern, user=None, full=False)
-Return the pids for processes matching a pattern.
-.sp
-If full is true, the full command line is searched for a match,
-otherwise only the name of the command is searched.
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.pgrep pattern [user=username] [full=(true|false)]
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.INDENT 7.0
-.TP
-.B pattern
-Pattern to search for in the process list.
-.TP
-.B user
-Limit matches to the given username. Default: All users.
-.TP
-.B full
-A boolean value indicating whether only the name of the command or
-the full command line should be matched against the pattern.
-.UNINDENT
-.sp
-\fBExamples:\fP
-.sp
-Find all httpd processes on all \(aqwww\(aq minions:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aqwww.*\(aq ps.pgrep httpd
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.sp
-Find all bash processes owned by user \(aqtom\(aq:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.pgrep bash user=tom
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.pkill(pattern, user=None, signal=15, full=False)
-Kill processes matching a pattern.
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.pkill pattern [user=username] [signal=signal_number] \e
-        [full=(true|false)]
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.INDENT 7.0
-.TP
-.B pattern
-Pattern to search for in the process list.
-.TP
-.B user
-Limit matches to the given username. Default: All users.
-.TP
-.B signal
-Signal to send to the process(es). See manpage entry for kill
-for possible values. Default: 15 (SIGTERM).
-.TP
-.B full
-A boolean value indicating whether only the name of the command or
-the full command line should be matched against the pattern.
-.UNINDENT
-.sp
-\fBExamples:\fP
-.sp
-Send SIGHUP to all httpd processes on all \(aqwww\(aq minions:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aqwww.*\(aq ps.pkill httpd signal=1
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.sp
-Send SIGKILL to all bash processes owned by user \(aqtom\(aq:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.pkill bash signal=9 user=tom
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.proc_info(pid, attrs=None)
-Return a dictionary of information for a process id (PID).
-.sp
-CLI Example:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.proc_info 2322
-salt \(aq*\(aq ps.proc_info 2322 attrs=\(aq["pid", "name"]\(aq
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.INDENT 7.0
-.TP
-.B pid
-PID of process to query.
-.TP
-.B attrs
-Optional list of desired process attributes.  The list of possible
-attributes can be found here:
-\fI\%http://pythonhosted.org/psutil/#psutil.Process\fP
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.swap_memory()
-New in version 2014.7.0.
-
-.sp
-Return a dict that describes swap memory statistics.
-.sp
-\fBNOTE:\fP
-.INDENT 7.0
-.INDENT 3.5
-This function is only available in psutil version 0.6.0 and above.
-.UNINDENT
-.UNINDENT
-.sp
-CLI Example:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.swap_memory
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.top(num_processes=5, interval=3)
-Return a list of top CPU consuming processes during the interval.
-num_processes = return the top N CPU consuming processes
-interval = the number of seconds to sample CPU usage over
-.sp
-CLI Examples:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.top
-
-salt \(aq*\(aq ps.top 5 10
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.total_physical_memory()
-Return the total number of bytes of physical memory.
-.sp
-CLI Example:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.total_physical_memory
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.ps.virtual_memory()
-New in version 2014.7.0.
-
-.sp
-Return a dict that describes statistics about system memory usage.
-.sp
-\fBNOTE:\fP
-.INDENT 7.0
-.INDENT 3.5
-This function is only available in psutil version 0.6.0 and above.
-.UNINDENT
-.UNINDENT
-.sp
-CLI Example:
-.INDENT 7.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-salt \(aq*\(aq ps.virtual_memory
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.UNINDENT
 .SS salt.modules.publish
 .sp
 Publish a command from a minion to a target
@@ -92058,11 +99020,19 @@
 Execute puppet routines
 .INDENT 0.0
 .TP
-.B salt.modules.puppet.disable()
+.B salt.modules.puppet.disable(message=None)
 New in version 2014.7.0.
 
 .sp
 Disable the puppet agent
+.INDENT 7.0
+.TP
+.B message
+New in version 2015.5.2.
+
+.sp
+Disable message to send to puppet
+.UNINDENT
 .sp
 CLI Example:
 .INDENT 7.0
@@ -92071,6 +99041,7 @@
 .nf
 .ft C
 salt \(aq*\(aq puppet.disable
+salt \(aq*\(aq puppet.disable \(aqdisabled for a good reason\(aq
 .ft P
 .fi
 .UNINDENT
@@ -93691,6 +100662,326 @@
 .UNINDENT
 .UNINDENT
 .UNINDENT
+.SS salt.modules.random_org
+.sp
+Module for retrieving random information from Random.org
+.sp
+New in version 2015.5.0.
+
+.INDENT 0.0
+.TP
+.B configuration
+This module can be used by either passing an api key and version
+directly or by specifying both in a configuration profile in the salt
+master/minion config.
+.sp
+For example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+random_org:
+  api_key: 7be1402d\-5719\-5bd3\-a306\-3def9f135da5
+  api_version: 1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.random_org.generateBlobs(api_key=None, api_version=None, **kwargs)
+List all Slack users.
+:param api_key: The Random.org api key.
+:param api_version: The Random.org api version.
+:param format: Specifies the format in which the
+.INDENT 7.0
+.INDENT 3.5
+blobs will be returned. Values
+allowed are base64 and hex.
+.UNINDENT
+.UNINDENT
+.INDENT 7.0
+.TP
+.B Returns
+The user list.
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq get_integers number=5 min=1 max=6
+
+salt \(aq*\(aq get_integers number=5 min=1 max=6
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.random_org.generateDecimalFractions(api_key=None, api_version=None, **kwargs)
+Generates true random decimal fractions
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBapi_key\fP \-\- The Random.org api key.
+.IP \(bu 2
+\fBapi_version\fP \-\- The Random.org api version.
+.IP \(bu 2
+\fBnumber\fP \-\- How many random decimal fractions
+you need. Must be within the [1,1e4] range.
+.IP \(bu 2
+\fBdecimalPlaces\fP \-\- The number of decimal places
+to use. Must be within the [1,20] range.
+.IP \(bu 2
+\fBreplacement\fP \-\- Specifies whether the random numbers should
+be picked with replacement. The default (true)
+will cause the numbers to be picked with replacement,
+i.e., the resulting numbers may contain duplicate
+values (like a series of dice rolls). If you want the
+numbers picked to be unique (like raffle tickets drawn
+from a container), set this value to false.
+.UNINDENT
+.TP
+.B Returns
+A list of decimal fraction
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq random_org.generateDecimalFractions number=10 decimalPlaces=4
+
+salt \(aq*\(aq random_org.generateDecimalFractions number=10 decimalPlaces=4 replacement=True
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.random_org.generateGaussians(api_key=None, api_version=None, **kwargs)
+This method generates true random numbers from a
+Gaussian distribution (also known as a normal distribution).
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBapi_key\fP \-\- The Random.org api key.
+.IP \(bu 2
+\fBapi_version\fP \-\- The Random.org api version.
+.IP \(bu 2
+\fBnumber\fP \-\- How many random numbers you need.
+Must be within the [1,1e4] range.
+.IP \(bu 2
+\fBmean\fP \-\- The distribution\(aqs mean. Must be
+within the [\-1e6,1e6] range.
+.IP \(bu 2
+\fBstandardDeviation\fP \-\- The distribution\(aqs standard
+deviation. Must be within
+the [\-1e6,1e6] range.
+.IP \(bu 2
+\fBsignificantDigits\fP \-\- The number of significant digits
+to use. Must be within the [2,20] range.
+.UNINDENT
+.TP
+.B Returns
+The user list.
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq random_org.generateGaussians number=10 mean=0.0 standardDeviation=1.0 significantDigits=8
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.random_org.generateIntegers(api_key=None, api_version=None, **kwargs)
+Generate random integers
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBapi_key\fP \-\- The Random.org api key.
+.IP \(bu 2
+\fBapi_version\fP \-\- The Random.org api version.
+.IP \(bu 2
+\fBnumber\fP \-\- The number of integers to generate
+.IP \(bu 2
+\fBminimum\fP \-\- The lower boundary for the range from which the
+random numbers will be picked. Must be within
+the [\-1e9,1e9] range.
+.IP \(bu 2
+\fBmaximum\fP \-\- The upper boundary for the range from which the
+random numbers will be picked. Must be within
+the [\-1e9,1e9] range.
+.IP \(bu 2
+\fBreplacement\fP \-\- Specifies whether the random numbers should
+be picked with replacement. The default (true)
+will cause the numbers to be picked with replacement,
+i.e., the resulting numbers may contain duplicate
+values (like a series of dice rolls). If you want the
+numbers picked to be unique (like raffle tickets drawn
+from a container), set this value to false.
+.IP \(bu 2
+\fBbase\fP \-\- Specifies the base that will be used to display the numbers.
+Values allowed are 2, 8, 10 and 16. This affects the JSON
+types and formatting of the resulting data as discussed below.
+.UNINDENT
+.TP
+.B Returns
+A list of integers.
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq random_org.generateIntegers number=5 minimum=1 maximum=6
+
+salt \(aq*\(aq random_org.generateIntegers number=5 minimum=2 maximum=255 base=2
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.random_org.generateStrings(api_key=None, api_version=None, **kwargs)
+Generate random strings.
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBapi_key\fP \-\- The Random.org api key.
+.IP \(bu 2
+\fBapi_version\fP \-\- The Random.org api version.
+.IP \(bu 2
+\fBnumber\fP \-\- The number of strings to generate.
+.IP \(bu 2
+\fBlength\fP \-\- The length of each string. Must be
+within the [1,20] range. All strings
+will be of the same length
+.IP \(bu 2
+\fBcharacters\fP \-\- A string that contains the set of
+characters that are allowed to occur
+in the random strings. The maximum number
+of characters is 80.
+.IP \(bu 2
+\fBreplacement\fP \-\- Specifies whether the random strings should be picked
+with replacement. The default (true) will cause the
+strings to be picked with replacement, i.e., the
+resulting list of strings may contain duplicates (like
+a series of dice rolls). If you want the strings to be
+unique (like raffle tickets drawn from a container), set
+this value to false.
+.UNINDENT
+.TP
+.B Returns
+A list of strings.
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq random_org.generateStrings number=5 length=8 characters=\(aqabcdefghijklmnopqrstuvwxyz\(aq
+
+salt \(aq*\(aq random_org.generateStrings number=10 length=16 characters\(aqabcdefghijklmnopqrstuvwxyz\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.random_org.generateUUIDs(api_key=None, api_version=None, **kwargs)
+Generate a list of random UUIDs
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBapi_key\fP \-\- The Random.org api key.
+.IP \(bu 2
+\fBapi_version\fP \-\- The Random.org api version.
+.IP \(bu 2
+\fBnumber\fP \-\- How many random UUIDs you need.
+Must be within the [1,1e3] range.
+.UNINDENT
+.TP
+.B Returns
+A list of UUIDs
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq random_org.generateUUIDs number=5
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.random_org.getUsage(api_key=None, api_version=None)
+Show current usages statistics
+.INDENT 7.0
+.TP
+.B Parameters
+.INDENT 7.0
+.IP \(bu 2
+\fBapi_key\fP \-\- The Random.org api key.
+.IP \(bu 2
+\fBapi_version\fP \-\- The Random.org api version.
+.UNINDENT
+.TP
+.B Returns
+The current usage statistics.
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq random_org.getUsage
+
+salt \(aq*\(aq random_org.getUsage api_key=peWcBiMOS9HrZG15peWcBiMOS9HrZG15 api_version=1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
 .SS salt.modules.rbenv
 .sp
 Manage ruby installations with rbenv.
@@ -96653,6 +103944,23 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.modules.saltutil.refresh_beacons()
+Signal the minion to refresh the beacons.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq saltutil.refresh_beacons
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.modules.saltutil.refresh_modules()
 Signal the minion to refresh the module and grain data
 .sp
@@ -96812,6 +104120,29 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.modules.saltutil.sync_beacons(saltenv=None, refresh=True)
+Sync the beacons from the _beacons directory on the salt master file
+server. This function is environment aware, pass the desired environment
+to grab the contents of the _beacons directory, base is the default
+environment.
+.sp
+New in version 2015.5.1.
+
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq saltutil.sync_beacons
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.modules.saltutil.sync_grains(saltenv=None, refresh=True)
 Sync the grains from the _grains directory on the salt master file
 server. This function is environment aware, pass the desired environment
@@ -96838,6 +104169,9 @@
 to grab the contents of the _modules directory, base is the default
 environment.
 .sp
+New in version 2015.5.1.
+
+.sp
 CLI Example:
 .INDENT 7.0
 .INDENT 3.5
@@ -98124,21 +105458,27 @@
 .UNINDENT
 .UNINDENT
 .UNINDENT
-.SS salt.modules.smartos_imgadm
+.SS salt.modules.slack_notify
 .sp
-Module for running imgadm command on SmartOS
+Module for sending messages to Slack
+.sp
+New in version 2015.5.0.
+
 .INDENT 0.0
 .TP
-.B salt.modules.smartos_imgadm.avail(search=None)
-Return a list of available images
+.B configuration
+This module can be used by either passing an api key and version
+directly or by specifying both in a configuration profile in the salt
+master/minion config.
 .sp
-CLI Example:
+For example:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-salt \(aq*\(aq imgadm.avail [percona]
+slack:
+  api_key: peWcBiMOS9HrZG15peWcBiMOS9HrZG15
 .ft P
 .fi
 .UNINDENT
@@ -98146,8 +105486,11 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.smartos_imgadm.delete(uuid=None)
-Remove an installed image
+.B salt.modules.slack_notify.find_room(name, api_key=None)
+Find a room by name and return it.
+:param name:    The room name.
+:param api_key: The Slack admin api key.
+:return:        The room object.
 .sp
 CLI Example:
 .INDENT 7.0
@@ -98155,7 +105498,9 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq imgadm.delete e42f8c84\-bbea\-11e2\-b920\-078fab2aab1f
+salt \(aq*\(aq slack.find_room name="random"
+
+salt \(aq*\(aq slack.find_room name="random" api_key=peWcBiMOS9HrZG15peWcBiMOS9HrZG15
 .ft P
 .fi
 .UNINDENT
@@ -98163,8 +105508,11 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.smartos_imgadm.get(uuid=None)
-Return info on an installed image
+.B salt.modules.slack_notify.find_user(name, api_key=None)
+Find a user by name and return it.
+:param name:        The user name.
+:param api_key:     The Slack admin api key.
+:return:            The user object.
 .sp
 CLI Example:
 .INDENT 7.0
@@ -98172,7 +105520,9 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq imgadm.get e42f8c84\-bbea\-11e2\-b920\-078fab2aab1f
+salt \(aq*\(aq slack.find_user name="ThomasHatch"
+
+salt \(aq*\(aq slack.find_user name="ThomasHatch" api_key=peWcBiMOS9HrZG15peWcBiMOS9HrZG15
 .ft P
 .fi
 .UNINDENT
@@ -98180,8 +105530,16 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.smartos_imgadm.import_image(uuid=None)
-Import an image from the repository
+.B salt.modules.slack_notify.list_rooms(api_key=None)
+List all Slack rooms.
+.INDENT 7.0
+.TP
+.B Parameters
+\fBapi_key\fP \-\- The Slack admin api key.
+.TP
+.B Returns
+The room list.
+.UNINDENT
 .sp
 CLI Example:
 .INDENT 7.0
@@ -98189,7 +105547,9 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq imgadm.import_image e42f8c84\-bbea\-11e2\-b920\-078fab2aab1f
+salt \(aq*\(aq slack.list_rooms
+
+salt \(aq*\(aq slack.list_rooms api_key=peWcBiMOS9HrZG15peWcBiMOS9HrZG15
 .ft P
 .fi
 .UNINDENT
@@ -98197,8 +105557,10 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.smartos_imgadm.list_installed()
-Return a list of installed images
+.B salt.modules.slack_notify.list_users(api_key=None)
+List all Slack users.
+:param api_key: The Slack admin api key.
+:return: The user list.
 .sp
 CLI Example:
 .INDENT 7.0
@@ -98206,7 +105568,9 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq imgadm.list_installed
+salt \(aq*\(aq slack.list_users
+
+salt \(aq*\(aq slack.list_users api_key=peWcBiMOS9HrZG15peWcBiMOS9HrZG15
 .ft P
 .fi
 .UNINDENT
@@ -98214,8 +105578,13 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.smartos_imgadm.show(uuid=None)
-Show manifest of a given image
+.B salt.modules.slack_notify.post_message(channel, message, from_name, api_key=None)
+Send a message to a Slack channel.
+:param channel:     The channel name, either will work.
+:param message:     The message to send to the HipChat room.
+:param from_name:   Specify who the message is from.
+:param api_key:     The Slack api key, if not specified in the configuration.
+:return:            Boolean if message was sent successfully.
 .sp
 CLI Example:
 .INDENT 7.0
@@ -98223,16 +105592,19 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq imgadm.show e42f8c84\-bbea\-11e2\-b920\-078fab2aab1f
+salt \(aq*\(aq slack.send_message channel="Development Room" message="Build is done" from_name="Build Server"
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .UNINDENT
+.SS salt.modules.smartos_imgadm
+.sp
+Module for running imgadm command on SmartOS
 .INDENT 0.0
 .TP
-.B salt.modules.smartos_imgadm.update_installed()
-Gather info on unknown images (locally installed)
+.B salt.modules.smartos_imgadm.avail(search=None)
+Return a list of available images
 .sp
 CLI Example:
 .INDENT 7.0
@@ -98240,7 +105612,7 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq imgadm.update_installed()
+salt \(aq*\(aq imgadm.avail [percona]
 .ft P
 .fi
 .UNINDENT
@@ -98248,8 +105620,8 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.smartos_imgadm.version()
-Return imgadm version
+.B salt.modules.smartos_imgadm.delete(uuid=None)
+Remove an installed image
 .sp
 CLI Example:
 .INDENT 7.0
@@ -98257,19 +105629,16 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq imgadm.version
+salt \(aq*\(aq imgadm.delete e42f8c84\-bbea\-11e2\-b920\-078fab2aab1f
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .UNINDENT
-.SS salt.modules.smartos_vmadm
-.sp
-Module for managing VMs on SmartOS
 .INDENT 0.0
 .TP
-.B salt.modules.smartos_vmadm.destroy(uuid=None)
-Hard power down the virtual machine, this is equivalent to pulling the power
+.B salt.modules.smartos_imgadm.get(uuid=None)
+Return info on an installed image
 .sp
 CLI Example:
 .INDENT 7.0
@@ -98277,7 +105646,7 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq virt.destroy <uuid>
+salt \(aq*\(aq imgadm.get e42f8c84\-bbea\-11e2\-b920\-078fab2aab1f
 .ft P
 .fi
 .UNINDENT
@@ -98285,8 +105654,8 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.smartos_vmadm.get_macs(uuid=None)
-Return a list off MAC addresses from the named VM
+.B salt.modules.smartos_imgadm.import_image(uuid=None)
+Import an image from the repository
 .sp
 CLI Example:
 .INDENT 7.0
@@ -98294,7 +105663,7 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq virt.get_macs <uuid>
+salt \(aq*\(aq imgadm.import_image e42f8c84\-bbea\-11e2\-b920\-078fab2aab1f
 .ft P
 .fi
 .UNINDENT
@@ -98302,8 +105671,8 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.smartos_vmadm.init(**kwargs)
-Initialize a new VM
+.B salt.modules.smartos_imgadm.list_installed()
+Return a list of installed images
 .sp
 CLI Example:
 .INDENT 7.0
@@ -98311,7 +105680,7 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq virt.init image_uuid=\(aq...\(aq alias=\(aq...\(aq [...]
+salt \(aq*\(aq imgadm.list_installed
 .ft P
 .fi
 .UNINDENT
@@ -98319,8 +105688,8 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.smartos_vmadm.list_active_vms()
-Return a list of uuids for active virtual machine on the minion
+.B salt.modules.smartos_imgadm.show(uuid=None)
+Show manifest of a given image
 .sp
 CLI Example:
 .INDENT 7.0
@@ -98328,7 +105697,7 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq virt.list_active_vms
+salt \(aq*\(aq imgadm.show e42f8c84\-bbea\-11e2\-b920\-078fab2aab1f
 .ft P
 .fi
 .UNINDENT
@@ -98336,8 +105705,8 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.smartos_vmadm.list_inactive_vms()
-Return a list of uuids for inactive virtual machine on the minion
+.B salt.modules.smartos_imgadm.update_installed()
+Gather info on unknown images (locally installed)
 .sp
 CLI Example:
 .INDENT 7.0
@@ -98345,7 +105714,112 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq virt.list_inactive_vms
+salt \(aq*\(aq imgadm.update_installed()
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.smartos_imgadm.version()
+Return imgadm version
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq imgadm.version
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.SS salt.modules.smartos_vmadm
+.sp
+Module for managing VMs on SmartOS
+.INDENT 0.0
+.TP
+.B salt.modules.smartos_vmadm.destroy(uuid=None)
+Hard power down the virtual machine, this is equivalent to pulling the power
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq virt.destroy <uuid>
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.smartos_vmadm.get_macs(uuid=None)
+Return a list off MAC addresses from the named VM
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq virt.get_macs <uuid>
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.smartos_vmadm.init(**kwargs)
+Initialize a new VM
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq virt.init image_uuid=\(aq...\(aq alias=\(aq...\(aq [...]
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.smartos_vmadm.list_active_vms()
+Return a list of uuids for active virtual machine on the minion
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq virt.list_active_vms
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.smartos_vmadm.list_inactive_vms()
+Return a list of uuids for inactive virtual machine on the minion
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq virt.list_inactive_vms
 .ft P
 .fi
 .UNINDENT
@@ -99540,36 +107014,33 @@
 IPS pkg support for Solaris
 .sp
 This module provides support for Solaris 11 new package management \- IPS (Image Packaging System).
-In order to manage the IPS packages using salt, you need to override the \fBpkg\fP provider
-by setting the \fBproviders\fP parameter in your Minion config file like this:
+This is the default pkg module for Solaris 11 (and later).
+.sp
+If you want to use also other packaging module (e.g. pkgutil) together with IPS, you need to override the \fBpkg\fP provider
+in sls for each package:
 .INDENT 0.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-providers:
-  pkg: solarisips
+mypackage:
+  pkg.installed:
+    \- provider: solarisips
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
-Or you can set the provider in sls for each pkg:
-.. code\-block:: yaml
+Or you can override it globally by setting the \fBproviders\fP parameter in your Minion config file like this:
 .INDENT 0.0
 .INDENT 3.5
-.INDENT 0.0
-.TP
-.B mypackage:
-.INDENT 7.0
-.TP
-.B pkg.installed:
-.INDENT 7.0
-.IP \(bu 2
-provider: solarisips
-.UNINDENT
-.UNINDENT
-.UNINDENT
+.sp
+.nf
+.ft C
+providers:
+  pkg: pkgutil
+.ft P
+.fi
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
@@ -99578,6 +107049,7 @@
 The available version of the package in the repository.
 In case of multiple match, it returns list of all matched packages.
 Accepts full or partial FMRI.
+Please use pkg.latest_version as pkg.available_version is being deprecated.
 .sp
 CLI Example:
 .INDENT 7.0
@@ -99594,7 +107066,7 @@
 .INDENT 0.0
 .TP
 .B salt.modules.solarisips.get_fmri(name, **kwargs)
-Returns FMRI from partial name. Returns \(aq\(aq if not found.
+Returns FMRI from partial name. Returns empty string (\(aq\(aq) if not found.
 In case of multiple match, the function returns list of all matched packages.
 .sp
 CLI Example:
@@ -99644,6 +107116,7 @@
 salt \(aq*\(aq pkg.install vim
 salt \(aq*\(aq pkg.install pkg://solaris/editor/vim
 salt \(aq*\(aq pkg.install pkg://solaris/editor/vim refresh=True
+salt \(aq*\(aq pkg.install pkgs=\(aq["foo", "bar"]\(aq
 .ft P
 .fi
 .UNINDENT
@@ -99674,6 +107147,7 @@
 The available version of the package in the repository.
 In case of multiple match, it returns list of all matched packages.
 Accepts full or partial FMRI.
+Please use pkg.latest_version as pkg.available_version is being deprecated.
 .sp
 CLI Example:
 .INDENT 7.0
@@ -99738,7 +107212,7 @@
 .INDENT 0.0
 .TP
 .B salt.modules.solarisips.normalize_name(name, **kwargs)
-Normalizes pkg name to full FMRI before running pkg.install.
+Internal function. Normalizes pkg name to full FMRI before running pkg.install.
 In case of multiple match or no match, it returns the name without modifications and lets the "pkg install" to decide what to do.
 .sp
 CLI Example:
@@ -99838,7 +107312,7 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq pkg.is_installed bash
+salt \(aq*\(aq pkg.search bash
 .ft P
 .fi
 .UNINDENT
@@ -101199,7 +108673,7 @@
 .sp
 Module for interop with the Splunk API
 .sp
-New in version 2015.5.
+New in version 2015.5.0.
 
 .INDENT 0.0
 .TP
@@ -101752,7 +109226,12 @@
 .UNINDENT
 .SS salt.modules.state
 .sp
-Control the state system on the minion
+Control the state system on the minion.
+.SS State Caching
+.sp
+When a highstate is called, the minion automatically caches a copy of the last high data.
+If you then run a highstate with cache=True it will use that cached highdata and won\(aqt hit the fileserver
+except for \fBsalt://\fP links in the states themselves.
 .INDENT 0.0
 .TP
 .B salt.modules.state.apply_(mods=None, **kwargs)
@@ -105188,6 +112667,62 @@
 .UNINDENT
 .UNINDENT
 .UNINDENT
+.SS salt.modules.system_profiler
+.sp
+System Profiler Module
+.sp
+Interface with Mac OSX\(aqs command\-line System Profiler utility to get
+information about package receipts and installed applications.
+.sp
+New in version 2015.5.0.
+
+.INDENT 0.0
+.TP
+.B salt.modules.system_profiler.applications()
+Return the results of a call to
+\fBsystem_profiler \-xml \-detail full SPApplicationsDataType\fP
+as a dictionary.  Top\-level keys of the dictionary
+are the names of each set of install receipts, since
+there can be multiple receipts with the same name.
+Contents of each key are a list of dictionaries.
+.sp
+Note that this can take a long time depending on how many
+applications are installed on the target Mac.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq systemprofiler.applications
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.system_profiler.receipts()
+Return the results of a call to
+\fBsystem_profiler \-xml \-detail full SPInstallHistoryDataType\fP
+as a dictionary.  Top\-level keys of the dictionary
+are the names of each set of install receipts, since
+there can be multiple receipts with the same name.
+Contents of each key are a list of dictionaries.
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq systemprofiler.receipts
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
 .SS salt.modules.systemd
 .sp
 Provide the service module for systemd
@@ -106228,11 +113763,11 @@
 .B depends
 .INDENT 7.0
 .IP \(bu 2
-PyOpenSSL Python module
+PyOpenSSL Python module (0.14 or later)
 .UNINDENT
 .TP
 .B configuration
-Add the following values in \fB/etc/salt/minion\fP for the CA module
+Add the following values in /etc/salt/minion for the CA module
 to function properly:
 .INDENT 7.0
 .INDENT 3.5
@@ -106245,9 +113780,127 @@
 .UNINDENT
 .UNINDENT
 .UNINDENT
+.sp
+CLI Example #1
+Creating a CA, a server request and its signed certificate:
+.INDENT 0.0
+.INDENT 3.5
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+# salt\-call tls.create_ca my_little       days=5       CN=\(aqMy Little CA\(aq       C=US       ST=Utah       L=Salt Lake City       O=Saltstack       \fI\%emailAddress=pleasedontemail@thisisnot.coms\fP
+.sp
+Created Private Key: "/etc/pki/my_little/my_little_ca_cert.key"
+Created CA "my_little_ca": "/etc/pki/my_little_ca/my_little_ca_cert.crt"
+.sp
+# salt\-call tls.create_csr my_little CN=www.thisisnot.coms
+Created Private Key: "/etc/pki/my_little/certs/www.thisisnot.coms.key
+Created CSR for "www.thisisnot.coms": "/etc/pki/my_little/certs/www.thisisnot.coms.csr"
+.sp
+# salt\-call tls.create_ca_signed_cert my_little CN=www.thisisnot.coms
+Created Certificate for "www.thisisnot.coms": /etc/pki/my_little/certs/www.thisisnot.coms.crt"
+.UNINDENT
+.UNINDENT
+.sp
+CLI Example #2:
+Creating a client request and its signed certificate
+.INDENT 0.0
+.INDENT 3.5
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+# salt\-call tls.create_csr my_little CN=DBReplica_No.1 cert_type=client
+Created Private Key: "/etc/pki/my_little/certs//DBReplica_No.1.key."
+Created CSR for "DBReplica_No.1": "/etc/pki/my_little/certs/DBReplica_No.1.csr."
+.sp
+# salt\-call tls.create_ca_signed_cert my_little CN=DBReplica_No.1
+Created Certificate for "DBReplica_No.1": "/etc/pki/my_little/certs/DBReplica_No.1.crt"
+.UNINDENT
+.UNINDENT
+.sp
+CLI Example #3:
+Creating both a server and client req + cert for the same CN
+.INDENT 0.0
+.INDENT 3.5
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+# salt\-call tls.create_csr my_little CN=MasterDBReplica_No.2          cert_type=client
+Created Private Key: "/etc/pki/my_little/certs/MasterDBReplica_No.2.key."
+Created CSR for "DBReplica_No.1": "/etc/pki/my_little/certs/MasterDBReplica_No.2.csr."
+.sp
+# salt\-call tls.create_ca_signed_cert my_little CN=MasterDBReplica_No.2
+Created Certificate for "DBReplica_No.1": "/etc/pki/my_little/certs/DBReplica_No.1.crt"
+.sp
+# salt\-call tls.create_csr my_little CN=MasterDBReplica_No.2         cert_type=server
+Certificate "MasterDBReplica_No.2" already exists
+.sp
+(doh!)
+.sp
+# salt\-call tls.create_csr my_little CN=MasterDBReplica_No.2         cert_type=server type_ext=True
+Created Private Key: "/etc/pki/my_little/certs/DBReplica_No.1_client.key."
+Created CSR for "DBReplica_No.1": "/etc/pki/my_little/certs/DBReplica_No.1_client.csr."
+.sp
+# salt\-call tls.create_ca_signed_cert my_little CN=MasterDBReplica_No.2
+Certificate "MasterDBReplica_No.2" already exists
+.sp
+(DOH!)
+.sp
+# salt\-call tls.create_ca_signed_cert my_little CN=MasterDBReplica_No.2         cert_type=server type_ext=True
+Created Certificate for "MasterDBReplica_No.2": "/etc/pki/my_little/certs/MasterDBReplica_No.2_server.crt"
+.UNINDENT
+.UNINDENT
+.sp
+CLI Example #4:
+Create a server req + cert with non\-CN filename for the cert
+.INDENT 0.0
+.INDENT 3.5
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+# salt\-call tls.create_csr my_little CN=www.anothersometh.ing         cert_type=server type_ext=True
+Created Private Key: "/etc/pki/my_little/certs/www.anothersometh.ing_server.key."
+Created CSR for "DBReplica_No.1": "/etc/pki/my_little/certs/www.anothersometh.ing_server.csr."
+.sp
+# salt\-call tls_create_ca_signed_cert my_little CN=www.anothersometh.ing         cert_type=server cert_filename="something_completely_different"
+Created Certificate for "www.anothersometh.ing": /etc/pki/my_little/certs/something_completely_different.crt
+.UNINDENT
+.UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.tls.ca_exists(ca_name, cacert_path=None)
+.B salt.modules.tls.ca_exists(ca_name, cacert_path=None, ca_filename=None)
 Verify whether a Certificate Authority (CA) already exists
 .INDENT 7.0
 .TP
@@ -106256,6 +113909,12 @@
 .TP
 .B cacert_path
 absolute path to ca certificates root directory
+.TP
+.B ca_filename
+alternative filename for the CA
+.sp
+New in version 2015.5.3.
+
 .UNINDENT
 .sp
 CLI Example:
@@ -106274,6 +113933,11 @@
 .TP
 .B salt.modules.tls.cert_base_path(cacert_path=None)
 Return the base path for certs from CLI or from options
+.INDENT 7.0
+.TP
+.B cacert_path
+absolute path to ca certificates root directory
+.UNINDENT
 .sp
 CLI Example:
 .INDENT 7.0
@@ -106314,7 +113978,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.tls.create_ca(ca_name, bits=2048, days=365, CN=\(aqlocalhost\(aq, C=\(aqUS\(aq, ST=\(aqUtah\(aq, L=\(aqSalt Lake City\(aq, O=\(aqSaltStack\(aq, OU=None, emailAddress=\(aqxyz@pdq.net\(aq, fixmode=False, cacert_path=None, digest=\(aqsha256\(aq)
+.B salt.modules.tls.create_ca(ca_name, bits=2048, days=365, CN=\(aqlocalhost\(aq, C=\(aqUS\(aq, ST=\(aqUtah\(aq, L=\(aqSalt Lake City\(aq, O=\(aqSaltStack\(aq, OU=None, emailAddress=\(aqxyz@pdq.net\(aq, fixmode=False, cacert_path=None, ca_filename=None, digest=\(aqsha256\(aq, onlyif=None, unless=None, replace=False)
 Create a Certificate Authority (CA)
 .INDENT 7.0
 .TP
@@ -106322,39 +113986,51 @@
 name of the CA
 .TP
 .B bits
-number of RSA key bits, Default is \fB2048\fP
+number of RSA key bits, default is 2048
 .TP
 .B days
-number of days the CA will be valid, Default is \fB365\fP
+number of days the CA will be valid, default is 365
 .TP
 .B CN
-common name in the request, Default is \fBlocalhost\fP
+common name in the request, default is "localhost"
 .TP
 .B C
-country, Default is \fBUS\fP
+country, default is "US"
 .TP
 .B ST
-state, Default is \fBUtah\fP
+state, default is "Utah"
 .TP
 .B L
-locality, Default is \fBSalt Lake City\fP
+locality, default is "Centerville", the city where SaltStack originated
 .TP
 .B O
-organization, Default is \fBSaltStack\fP
+organization, default is "SaltStack"
 .TP
 .B OU
-organizational unit, Default is \fBNone\fP
+organizational unit, default is None
 .TP
 .B emailAddress
-email address for the CA owner, Default is \fBxyz@pdq.net\fP
+email address for the CA owner, default is \fI\%\(aqxyz@pdq.net\fP\(aq
 .TP
 .B cacert_path
 absolute path to ca certificates root directory
 .TP
+.B ca_filename
+alternative filename for the CA
+.sp
+New in version 2015.5.3.
+
+.TP
 .B digest
 The message digest algorithm. Must be a string describing a digest
 algorithm supported by OpenSSL (by EVP_get_digestbyname, specifically).
 For example, "md5" or "sha1". Default: \(aqsha256\(aq
+.TP
+.B replace
+Replace this certificate even if it exists
+.sp
+New in version 2015.5.1.
+
 .UNINDENT
 .sp
 Writes out a CA certificate based upon defined config values. If the file
@@ -106374,7 +114050,8 @@
 .UNINDENT
 .UNINDENT
 .sp
-the resulting CA, and corresponding key, would be written in the following location:
+the resulting CA, and corresponding key, would be written in the following
+location:
 .INDENT 7.0
 .INDENT 3.5
 .sp
@@ -106401,7 +114078,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.tls.create_ca_signed_cert(ca_name, CN, days=365, cacert_path=None, digest=\(aqsha256\(aq, **extensions)
+.B salt.modules.tls.create_ca_signed_cert(ca_name, CN, days=365, cacert_path=None, ca_filename=None, cert_path=None, cert_filename=None, digest=\(aqsha256\(aq, cert_type=None, type_ext=False, replace=False)
 Create a Certificate (CERT) signed by a named Certificate Authority (CA)
 .sp
 If the certificate file already exists, the function just returns assuming
@@ -106418,29 +114095,69 @@
 common name matching the certificate signing request
 .TP
 .B days
-number of days certificate is valid, Default is \fB365\fP (1 year)
+number of days certificate is valid, default is 365 (1 year)
 .TP
 .B cacert_path
 absolute path to ca certificates root directory
 .TP
+.B ca_filename
+alternative filename for the CA
+.sp
+New in version 2015.5.3.
+
+.TP
+.B cert_path
+full path to the certificates directory
+.TP
+.B cert_filename
+alternative filename for the certificate, useful when using special
+characters in the CN. If this option is set it will override
+the certificate filename output effects of \fBcert_type\fP\&.
+\fBtype_ext\fP will be completely overridden.
+.sp
+New in version 2015.5.3.
+
+.TP
 .B digest
 The message digest algorithm. Must be a string describing a digest
 algorithm supported by OpenSSL (by EVP_get_digestbyname, specifically).
 For example, "md5" or "sha1". Default: \(aqsha256\(aq
 .TP
-.B 
-.nf
-**
-.fi
-extensions
-X509 V3 certificate extension
+.B replace
+Replace this certificate even if it exists
+.sp
+New in version 2015.5.1.
+
+.TP
+.B cert_type
+string. Either \(aqserver\(aq or \(aqclient\(aq (see create_csr() for details).
+.sp
+If create_csr(type_ext=True) this function \fBmust\fP be called with the
+same cert_type so it can find the CSR file.
+.UNINDENT
+.sp
+\fBNOTE:\fP
+.INDENT 7.0
+.INDENT 3.5
+create_csr() defaults to cert_type=\(aqserver\(aq; therefore, if it was also
+called with type_ext, cert_type becomes a required argument for
+create_ca_signed_cert()
 .UNINDENT
+.UNINDENT
+.INDENT 7.0
+.TP
+.B type_ext
+bool. If set True, use \fBcert_type\fP as an extension to the CN when
+formatting the filename.
 .sp
-Writes out a Certificate (CERT). If the file already
-exists, the function just returns assuming the CERT already exists.
+e.g.: some_subject_CN_server.crt or some_subject_CN_client.crt
 .sp
-The CN \fImust\fP match an existing CSR generated by create_csr. If it
-does not, this method does nothing.
+This facilitates the context where both types are required for the same
+subject
+.sp
+If \fBcert_filename\fP is \fInot None\fP, setting \fBtype_ext\fP has no
+effect
+.UNINDENT
 .sp
 If the following values were set:
 .INDENT 7.0
@@ -106456,8 +114173,8 @@
 .UNINDENT
 .UNINDENT
 .sp
-the resulting signed certificate would be written in the
-following location:
+the resulting signed certificate would be written in the following
+location:
 .INDENT 7.0
 .INDENT 3.5
 .sp
@@ -106483,7 +114200,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.tls.create_csr(ca_name, bits=2048, CN=\(aqlocalhost\(aq, C=\(aqUS\(aq, ST=\(aqUtah\(aq, L=\(aqSalt Lake City\(aq, O=\(aqSaltStack\(aq, OU=None, emailAddress=\(aqxyz@pdq.net\(aq, subjectAltName=None, cacert_path=None, digest=\(aqsha256\(aq)
+.B salt.modules.tls.create_csr(ca_name, bits=2048, CN=\(aqlocalhost\(aq, C=\(aqUS\(aq, ST=\(aqUtah\(aq, L=\(aqSalt Lake City\(aq, O=\(aqSaltStack\(aq, OU=None, emailAddress=\(aqxyz@pdq.net\(aq, subjectAltName=None, cacert_path=None, ca_filename=None, csr_path=None, csr_filename=None, digest=\(aqsha256\(aq, type_ext=False, cert_type=\(aqserver\(aq, replace=False)
 Create a Certificate Signing Request (CSR) for a
 particular Certificate Authority (CA)
 .INDENT 7.0
@@ -106492,40 +114209,103 @@
 name of the CA
 .TP
 .B bits
-number of RSA key bits, Default is \fB2048\fP
+number of RSA key bits, default is 2048
 .TP
 .B CN
-common name in the request, Default is \fBlocalhost\fP
+common name in the request, default is "localhost"
 .TP
 .B C
-country, Default is \fBUS\fP
+country, default is "US"
 .TP
 .B ST
-state, Default is \fBUtah\fP
+state, default is "Utah"
 .TP
 .B L
-locality, Default is \fBSalt Lake City\fP
+locality, default is "Centerville", the city where SaltStack originated
 .TP
 .B O
-organization. Must the same as CA certificate or an error will be raised, Default is \fBSaltStack\fP
+organization, default is "SaltStack"
+NOTE: Must the same as CA certificate or an error will be raised
 .TP
 .B OU
-organizational unit, Default is \fBNone\fP
+organizational unit, default is None
 .TP
 .B emailAddress
-email address for the request, Default is \fBxyz@pdq.net\fP
+email address for the request, default is \fI\%\(aqxyz@pdq.net\fP\(aq
 .TP
 .B subjectAltName
 valid subjectAltNames in full form, e.g. to add DNS entry you would call
-this function with this value:  \fB[\(aqDNS:myapp.foo.comm\(aq]\fP
+this function with this value:
+.INDENT 7.0
 .TP
-.B cacert_path
-absolute path to ca certificates root directory
+.B examples: [\(aq\fI\%DNS:somednsname.com\fP\(aq,
+\(aq\fI\%DNS:1.2.3.4\fP\(aq,
+\(aqIP:1.2.3.4\(aq,
+\(aqIP:2001:4801:7821:77:be76:4eff:fe11:e51\(aq,
+\(aqemail:me@i.like.pie.com\(aq]
+.UNINDENT
+.UNINDENT
+.sp
+\fBNOTE:\fP
+.INDENT 7.0
+.INDENT 3.5
+some libraries do not properly query IP: prefixes, instead looking
+for the given req. source with a DNS: prefix. To be thorough, you
+may want to include both DNS: and IP: entries if you are using
+subjectAltNames for destinations for your TLS connections.
+.INDENT 0.0
+.INDENT 3.5
+.INDENT 0.0
 .TP
-.B digest
-The message digest algorithm. Must be a string describing a digest
-algorithm supported by OpenSSL (by EVP_get_digestbyname, specifically).
-For example, "md5" or "sha1". Default: \(aqsha256\(aq
+.B e.g.:
+requests to \fI\%https://1.2.3.4\fP will fail from python\(aqs
+requests library w/out the second entry in the above list
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.sp
+New in version Beryllium.
+
+.INDENT 7.0
+.TP
+.B cert_type
+Specify the general certificate type. Can be either \fIserver\fP or
+\fIclient\fP\&. Indicates the set of common extensions added to the CSR.
+.INDENT 7.0
+.TP
+.B server: {
+\(aqbasicConstraints\(aq: \(aqCA:FALSE\(aq,
+\(aqextendedKeyUsage\(aq: \(aqserverAuth\(aq,
+\(aqkeyUsage\(aq: \(aqdigitalSignature, keyEncipherment\(aq
+.UNINDENT
+.sp
+}
+.INDENT 7.0
+.TP
+.B client: {
+\(aqbasicConstraints\(aq: \(aqCA:FALSE\(aq,
+\(aqextendedKeyUsage\(aq: \(aqclientAuth\(aq,
+\(aqkeyUsage\(aq: \(aqnonRepudiation, digitalSignature, keyEncipherment\(aq
+.UNINDENT
+.sp
+}
+.TP
+.B type_ext
+boolean.  Whether or not to extend the filename with CN_[cert_type]
+This can be useful if a server and client certificate are needed for
+the same CN. Defaults to False to avoid introducing an unexpected file
+naming pattern
+.sp
+The files normally named some_subject_CN.csr and some_subject_CN.key
+will then be saved
+.TP
+.B replace
+Replace this signing request even if it exists
+.sp
+New in version 2015.5.1.
+
 .UNINDENT
 .sp
 Writes out a Certificate Signing Request (CSR) If the file already
@@ -106573,7 +114353,44 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.tls.create_pkcs12(ca_name, CN, passphrase=\(aq\(aq, cacert_path=None)
+.B salt.modules.tls.create_empty_crl(ca_name, cacert_path=None, ca_filename=None, crl_file=None)
+Create an empty Certificate Revocation List.
+.sp
+New in version Beryllium.
+
+.INDENT 7.0
+.TP
+.B ca_name
+name of the CA
+.TP
+.B cacert_path
+absolute path to ca certificates root directory
+.TP
+.B ca_filename
+alternative filename for the CA
+.sp
+New in version 2015.5.3.
+
+.TP
+.B crl_file
+full path to the CRL file
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq tls.create_empty_crl ca_name=\(aqkoji\(aq                 ca_filename=\(aqca\(aq                 crl_file=\(aq/etc/openvpn/team1/crl.pem\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.tls.create_pkcs12(ca_name, CN, passphrase=\(aq\(aq, cacert_path=None, replace=False)
 Create a PKCS#12 browser certificate for a particular Certificate (CN)
 .INDENT 7.0
 .TP
@@ -106588,6 +114405,12 @@
 .TP
 .B cacert_path
 absolute path to ca certificates root directory
+.TP
+.B replace
+Replace this certificate even if it exists
+.sp
+New in version 2015.5.1.
+
 .UNINDENT
 .sp
 If the following values were set:
@@ -106631,39 +114454,37 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.tls.create_self_signed_cert(tls_dir=\(aqtls\(aq, bits=2048, days=365, CN=\(aqlocalhost\(aq, C=\(aqUS\(aq, ST=\(aqUtah\(aq, L=\(aqSalt Lake City\(aq, O=\(aqSaltStack\(aq, OU=None, emailAddress=\(aqxyz@pdq.net\(aq, cacert_path=None, digest=\(aqsha256\(aq)
+.B salt.modules.tls.create_self_signed_cert(tls_dir=\(aqtls\(aq, bits=2048, days=365, CN=\(aqlocalhost\(aq, C=\(aqUS\(aq, ST=\(aqUtah\(aq, L=\(aqSalt Lake City\(aq, O=\(aqSaltStack\(aq, OU=None, emailAddress=\(aqxyz@pdq.net\(aq, cacert_path=None, cert_filename=None, digest=\(aqsha256\(aq, replace=False)
 Create a Self\-Signed Certificate (CERT)
 .INDENT 7.0
 .TP
 .B tls_dir
-location appended to the ca.cert_base_path, Default is \fBtls\fP
+location appended to the ca.cert_base_path, default is \(aqtls\(aq
 .TP
 .B bits
-number of RSA key bits, Default is \fB2048\fP
-.TP
-.B days
-validity of certificate, Default is \fB365\fP
+number of RSA key bits, default is 2048
 .TP
 .B CN
-common name in the request, Default is \fBlocalhost\fP
+common name in the request, default is "localhost"
 .TP
 .B C
-country, Default is \fBUS\fP
+country, default is "US"
 .TP
 .B ST
-state, Default is \fBUtah\fP
+state, default is "Utah"
 .TP
 .B L
-locality, Default is \fBSalt Lake City\fP
+locality, default is "Centerville", the city where SaltStack originated
 .TP
 .B O
-organization. Must the same as CA certificate or an error will be raised, Default is \fBSaltStack\fP
+organization, default is "SaltStack"
+NOTE: Must the same as CA certificate or an error will be raised
 .TP
 .B OU
-organizational unit, Default is \fBNone\fP
+organizational unit, default is None
 .TP
 .B emailAddress
-email address for the request, Default is \fBxyz@pdq.net\fP
+email address for the request, default is \fI\%\(aqxyz@pdq.net\fP\(aq
 .TP
 .B cacert_path
 absolute path to ca certificates root directory
@@ -106672,6 +114493,12 @@
 The message digest algorithm. Must be a string describing a digest
 algorithm supported by OpenSSL (by EVP_get_digestbyname, specifically).
 For example, "md5" or "sha1". Default: \(aqsha256\(aq
+.TP
+.B replace
+Replace this certificate even if it exists
+.sp
+New in version 2015.5.1.
+
 .UNINDENT
 .sp
 Writes out a Self\-Signed Certificate (CERT). If the file already
@@ -106705,13 +114532,24 @@
 .UNINDENT
 .UNINDENT
 .sp
-CLI Examples:
+CLI Example:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 salt \(aq*\(aq tls.create_self_signed_cert
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Passing options from the command line:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
 salt \(aqminion\(aq tls.create_self_signed_cert CN=\(aqtest.mysite.org\(aq
 .ft P
 .fi
@@ -106748,7 +114586,109 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.tls.maybe_fix_ssl_version(ca_name, cacert_path=None)
+.B salt.modules.tls.get_ca_signed_cert(ca_name, CN=\(aqlocalhost\(aq, as_text=False, cacert_path=None, cert_filename=None)
+Get the certificate path or content
+.INDENT 7.0
+.TP
+.B ca_name
+name of the CA
+.TP
+.B CN
+common name of the certificate
+.TP
+.B as_text
+if true, return the certificate content instead of the path
+.TP
+.B cacert_path
+absolute path to certificates root directory
+.TP
+.B cert_filename
+alternative filename for the certificate, useful when using special characters in the CN
+.sp
+New in version 2015.5.3.
+
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq tls.get_ca_signed_cert test_ca CN=localhost as_text=False cacert_path=/etc/certs
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.tls.get_ca_signed_key(ca_name, CN=\(aqlocalhost\(aq, as_text=False, cacert_path=None, key_filename=None)
+Get the certificate path or content
+.INDENT 7.0
+.TP
+.B ca_name
+name of the CA
+.TP
+.B CN
+common name of the certificate
+.TP
+.B as_text
+if true, return the certificate content instead of the path
+.TP
+.B cacert_path
+absolute path to certificates root directory
+.TP
+.B key_filename
+alternative filename for the key, useful when using special characters
+.sp
+New in version 2015.5.3.
+
+.sp
+in the CN
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq tls.get_ca_signed_key                 test_ca CN=localhost                 as_text=False                 cacert_path=/etc/certs
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.tls.get_extensions(cert_type)
+Fetch X509 and CSR extension definitions from tls:extensions:
+(common|server|client) or set them to standard defaults.
+.sp
+New in version Beryllium.
+
+.INDENT 7.0
+.TP
+.B cert_type:
+The type of certificate such as \fBserver\fP or \fBclient\fP\&.
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq tls.get_extensions client
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.modules.tls.maybe_fix_ssl_version(ca_name, cacert_path=None, ca_filename=None)
 Check that the X509 version is correct
 (was incorrectly set in previous salt versions).
 This will fix the version if needed.
@@ -106759,6 +114699,12 @@
 .TP
 .B cacert_path
 absolute path to ca certificates root directory
+.TP
+.B ca_filename
+alternative filename for the CA
+.sp
+New in version 2015.5.3.
+
 .UNINDENT
 .sp
 CLI Example:
@@ -106775,6 +114721,50 @@
 .UNINDENT
 .INDENT 0.0
 .TP
+.B salt.modules.tls.revoke_cert(ca_name, CN, cacert_path=None, ca_filename=None, cert_path=None, cert_filename=None, crl_file=None)
+Revoke a certificate.
+.sp
+New in version Beryllium.
+
+.INDENT 7.0
+.TP
+.B ca_name
+Name of the CA.
+.TP
+.B CN
+Common name matching the certificate signing request.
+.TP
+.B cacert_path
+Absolute path to ca certificates root directory.
+.TP
+.B ca_filename
+Alternative filename for the CA.
+.TP
+.B cert_path
+Path to the cert file.
+.TP
+.B cert_filename
+Alternative filename for the certificate, useful when using special
+characters in the CN.
+.TP
+.B crl_file
+Full path to the CRL file.
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq tls.revoke_cert ca_name=\(aqkoji\(aq                 ca_filename=\(aqca\(aq                 crl_file=\(aq/etc/openvpn/team1/crl.pem\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.modules.tls.set_ca_path(cacert_path)
 If wanted, store the aforementioned cacert_path in context
 to be used as the basepath for further operations
@@ -110355,13 +118345,6 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.win_groupadd.list_groups(useldap=False)
-Return a list of groups on Windows
-.sp
-set \(aquseldap\(aq to True to connect to the local LDAP server
-.UNINDENT
-.INDENT 0.0
-.TP
 .B salt.modules.win_groupadd.members(name, members_list)
 remove a user from a group
 .sp
@@ -110372,10 +118355,6 @@
 .nf
 .ft C
 salt \(aq*\(aq group.members foo \(aquser1,user2,user3\(aq
-
-if using LDAP DNs, usernames must be seperated with a ", "
-
-salt \(aq*\(aq group.members name=\(aqcn=foo,dc=domain,dc=com\(aq members_list=\(aqcn=user1,cn=Users,dc=domain,dc=com, cn=user2,ou=Test,dc=domain,dc=com\(aq
 .ft P
 .fi
 .UNINDENT
@@ -110963,6 +118942,11 @@
 .TP
 .B salt.modules.win_path.add(path, index=0)
 Add the directory to the SYSTEM path in the index location
+.INDENT 7.0
+.TP
+.B Returns:
+boolean True if successful, False if unsuccessful
+.UNINDENT
 .sp
 CLI Example:
 .INDENT 7.0
@@ -110985,6 +118969,11 @@
 .B salt.modules.win_path.exists(path)
 Check if the directory is configured in the SYSTEM path
 Case\-insensitive and ignores trailing backslash
+.INDENT 7.0
+.TP
+.B Returns:
+boolean True if path exists, False if not
+.UNINDENT
 .sp
 CLI Example:
 .INDENT 7.0
@@ -111003,17 +118992,56 @@
 .INDENT 0.0
 .TP
 .B salt.modules.win_path.get_path()
-Returns the system path
+Returns a list of items in the SYSTEM path
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq win_path.get_path
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
 .B salt.modules.win_path.rehash()
-Send a WM_SETTINGCHANGE Broadcast to Windows to rehash the Environment variables
+Send a WM_SETTINGCHANGE Broadcast to Windows to refresh the Environment variables
+.sp
+CLI Example:
+.sp
+\&... code\-block:: bash
+.INDENT 7.0
+.INDENT 3.5
+salt \(aq*\(aq win_path.rehash
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
 .B salt.modules.win_path.remove(path)
 Remove the directory from the SYSTEM path
+.INDENT 7.0
+.TP
+.B Returns:
+boolean True if successful, False if unsuccessful
+.UNINDENT
+.sp
+CLI Example:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+# Will remove C:\ePython27 from the path
+salt \(aq*\(aq win_path.remove \(aqc:\e\epython27\(aq
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .SS salt.modules.win_pkg
 .sp
@@ -112623,13 +120651,12 @@
 .UNINDENT
 .SS salt.modules.win_useradd
 .sp
-Manage Windows users with ADSI
+Manage Windows users with the net user command
 .sp
-Can manage local user accounts or domain accounts (if salt\-minion is running as a user w/access
-to AD (or localsystem on a DC), AD accounts should be managed as LDAP objects...
+NOTE: This currently only works with local user accounts, not domain accounts
 .INDENT 0.0
 .TP
-.B salt.modules.win_useradd.add(name, password=None, fullname=False, description=False, firstname=False, lastname=False, middleinitial=False, disabled=False, requirepwchange=True, pwneverexpires=False, uid=None, gid=None, groups=None, home=False, shell=None, unique=False, system=False, roomnumber=False, workphone=False, homephone=False, loginclass=False, createhome=False)
+.B salt.modules.win_useradd.add(name, password=None, uid=None, gid=None, groups=None, home=False, shell=None, unique=False, system=False, fullname=False, roomnumber=False, workphone=False, homephone=False, loginclass=False, createhome=False)
 Add a user to the minion
 .sp
 CLI Example:
@@ -112639,13 +120666,6 @@
 .nf
 .ft C
 salt \(aq*\(aq user.add name password
-
-if you want to create on a domain controller, you should use the LDAP DN of the object to create
-short name will work, but UPN will not get set
-
-you must use name=\(aqcn=user,....\(aq since the DN contains \(aq=\(aq
-
-salt \(aqdomainController\(aq user.add name=\(aqcn=user,cn=Users,dc=domain,dc=dom\(aq password=\(aqpa$$word\(aq
 .ft P
 .fi
 .UNINDENT
@@ -112698,8 +120718,6 @@
 .nf
 .ft C
 salt \(aq*\(aq user.chgroups foo wheel,root True
-
-if using DNs, group names must be separated with \(aq, \(aq
 .ft P
 .fi
 .UNINDENT
@@ -112707,8 +120725,9 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.win_useradd.chhome(name, home)
-Change the home directory of the user
+.B salt.modules.win_useradd.chhome(name, home, persist=False)
+Change the home directory of the user, pass True for persist to move files
+to the new home directory if the old home directory exist.
 .sp
 CLI Example:
 .INDENT 7.0
@@ -112716,7 +120735,7 @@
 .sp
 .nf
 .ft C
-salt \(aq*\(aq user.chhome foo \e\efileserver\ehome\efoo
+salt \(aq*\(aq user.chhome foo \e\efileserver\ehome\efoo True
 .ft P
 .fi
 .UNINDENT
@@ -112759,24 +120778,6 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.win_useradd.disable(name, disabled=True)
-disable a user account
-.sp
-salt \(aq*\(aq disableuser foo
-.sp
-to enable a user:
-.sp
-salt \(aq*\(aq disableuser foot False
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.win_useradd.enable(name)
-enable a user account
-.sp
-salt \(aq*\(aq user.enable foo
-.UNINDENT
-.INDENT 0.0
-.TP
 .B salt.modules.win_useradd.getent(refresh=False)
 Return the list of all info for all users
 .sp
@@ -112828,22 +120829,11 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.win_useradd.list_users(useldap=False)
+.B salt.modules.win_useradd.list_users()
 Return a list of users on Windows
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.win_useradd.passwordneverexpires(name, clear=False)
-set a user\(aqs password to never expire
-.sp
-salt \(aq*\(aq user.passwordneverexpires foo
-.sp
-to clear the password never expires setting (i.e. set it to expire), use clear=True
-.sp
-salt \(aq*\(aq user.passwordneverexpires foo True
-.UNINDENT
-.INDENT 0.0
-.TP
 .B salt.modules.win_useradd.removegroup(name, group)
 Remove user from a group
 .sp
@@ -112871,9 +120861,6 @@
 .nf
 .ft C
 salt \(aq*\(aq user.rename name new_name
-
-domain users should use LDAP, to rename the cn, sAMAccountName, and UPN
-salt \(aqdomainController\(aq user.rename name=\(aqcn=user,cn=Users,dc=domain,dc=dom\(aq new_name=\(aqnewUserName\(aq
 .ft P
 .fi
 .UNINDENT
@@ -112881,25 +120868,8 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.win_useradd.requirepasswordchange(name, clear=False)
-expire a user\(aqs password (i.e. require it to change on next logon)
-if the password is set to "never expire" this has no effect
-.sp
-salt \(aq*\(aq user.requirepasswordchange foo
-.sp
-to clear the require password change flag, use clear=True
-.sp
-salt \(aq*\(aq user.requirepasswordchange foo True
-.UNINDENT
-.INDENT 0.0
-.TP
-.B salt.modules.win_useradd.setpassword(name, password, mustchange=None, neverexpires=None)
+.B salt.modules.win_useradd.setpassword(name, password)
 Set a user\(aqs password
-.INDENT 7.0
-.TP
-.B use \(aqmustchange\(aq and \(aqneverexpires\(aq to set those user account attributes, by default they will be left alone (None)
-setting to \(aqFalse\(aq will clear them, setting to \(aqTrue\(aq will set them
-.UNINDENT
 .sp
 CLI Example:
 .INDENT 7.0
@@ -114162,7 +122132,7 @@
 .INDENT 7.0
 .TP
 .B name
-The name of the package to be deleted.
+The name of the package to be held.
 .UNINDENT
 .sp
 Multiple Package Options:
@@ -114695,7 +122665,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.modules.yumpkg.refresh_db(branch_arg, repo_arg, exclude_arg)
+.B salt.modules.yumpkg.refresh_db(branch_arg=None, repo_arg=None, exclude_arg=None, branch=None, repo=None, exclude=None)
 Check the yum repos for updated packages
 .sp
 Returns:
@@ -116298,7 +124268,7 @@
 .B repo or alias
 alias by which the zypper refers to the repo
 .TP
-.B url or mirrorlist
+.B url, mirrorlist or baseurl
 the URL for zypper to reference
 .TP
 .B enabled
@@ -116651,11 +124621,10 @@
 .INDENT 7.0
 .IP \(bu 2
 CherryPy Python module. Versions 3.2.{2,3,4} are strongly
-.UNINDENT
-.sp
 recommended due to a known \fI\%SSL error\fP
 introduced in version 3.2.5. The issue was reportedly resolved with
 CherryPy milestone 3.3, but the patch was committed for version 3.6.1.
+.UNINDENT
 .TP
 .B optdepends
 .INDENT 7.0
@@ -116663,8 +124632,16 @@
 ws4py Python module for websockets support.
 .UNINDENT
 .TP
+.B client_libraries
+.INDENT 7.0
+.IP \(bu 2
+Java: \fI\%https://github.com/SUSE/saltstack\-netapi\-client\-java\fP
+.IP \(bu 2
+Python: \fI\%https://github.com/saltstack/pepper\fP
+.UNINDENT
+.TP
 .B configuration
-All authentication is done through Salt\(aqs external auth system which requires additional configuration not described
+All authentication is done through Salt\(aqs \fIexternal auth\fP system which requires additional configuration not described
 here.
 .sp
 Example production\-ready configuration; add to the Salt master config file
@@ -116881,7 +124858,7 @@
 .sp
 Lowstate, broadly, is a dictionary of values that are mapped to a function
 call. This pattern is used pervasively throughout Salt. The functions called
-from netapi modules are described in Client Interfaces\&.
+from netapi modules are described in \fIClient Interfaces\fP\&.
 .sp
 The following example (in JSON format) causes Salt to execute two commands, a
 command sent to minions as well as a runner function on the master:
@@ -117376,7 +125353,7 @@
 .UNINDENT
 .UNINDENT
 .sp
-lowstate data describing Salt commands must be sent in the
+\fIlowstate\fP data describing Salt commands must be sent in the
 request body. The \fBclient\fP option will be set to
 \fBlocal_async()\fP\&.
 .UNINDENT
@@ -117582,7 +125559,7 @@
 must pass full Salt authentication credentials. Otherwise this URL
 is identical to the \fI\%root URL (/)\fP\&.
 .sp
-lowstate data describing Salt commands must be sent in the
+\fIlowstate\fP data describing Salt commands must be sent in the
 request body.
 .INDENT 7.0
 .TP
@@ -117730,7 +125707,7 @@
 \fBSEE ALSO:\fP
 .INDENT 7.0
 .INDENT 3.5
-events
+\fIevents\fP
 .UNINDENT
 .UNINDENT
 .INDENT 7.0
@@ -117954,7 +125931,7 @@
 \fBSEE ALSO:\fP
 .INDENT 7.0
 .INDENT 3.5
-events, reactor
+\fIevents\fP, \fIreactor\fP
 .UNINDENT
 .UNINDENT
 .INDENT 7.0
@@ -118325,7 +126302,7 @@
 \fBSEE ALSO:\fP
 .INDENT 7.0
 .INDENT 3.5
-events
+\fIevents\fP
 .UNINDENT
 .UNINDENT
 .INDENT 7.0
@@ -118537,7 +126514,7 @@
 .UNINDENT
 .TP
 .B configuration
-All authentication is done through Salt\(aqs external auth system which requires additional configuration not described
+All authentication is done through Salt\(aqs \fIexternal auth\fP system which requires additional configuration not described
 here.
 .UNINDENT
 .sp
@@ -118618,7 +126595,7 @@
 .sp
 Salt uses the lowstate data format internally in many places to pass
 command data between functions. Salt also uses lowstate for the
-LocalClient() Python API interface.
+\fILocalClient()\fP Python API interface.
 .UNINDENT
 .sp
 The following example (in JSON format) causes Salt to execute two commands:
@@ -119087,43 +127064,43 @@
 .INDENT 0.0
 .TP
 .B salt.netapi.rest_tornado.saltnado.SaltAPIHandler
-alias of \fB<Mock object at 0x7fe0b9a3dcd0>\fP
+alias of \fB<Mock object at 0x2ac77a348cd0>\fP
 .UNINDENT
 .SS \fB/login\fP
 .INDENT 0.0
 .TP
 .B salt.netapi.rest_tornado.saltnado.SaltAuthHandler
-alias of \fB<Mock object at 0x7fe0b9658c10>\fP
+alias of \fB<Mock object at 0x2ac77a348690>\fP
 .UNINDENT
 .SS \fB/minions\fP
 .INDENT 0.0
 .TP
 .B salt.netapi.rest_tornado.saltnado.MinionSaltAPIHandler
-alias of \fB<Mock object at 0x7fe0b5fe4c10>\fP
+alias of \fB<Mock object at 0x2ac77a348d50>\fP
 .UNINDENT
 .SS \fB/jobs\fP
 .INDENT 0.0
 .TP
 .B salt.netapi.rest_tornado.saltnado.JobsSaltAPIHandler
-alias of \fB<Mock object at 0x7fe0b5fe43d0>\fP
+alias of \fB<Mock object at 0x2ac77a348d90>\fP
 .UNINDENT
 .SS \fB/run\fP
 .INDENT 0.0
 .TP
 .B salt.netapi.rest_tornado.saltnado.RunSaltAPIHandler
-alias of \fB<Mock object at 0x7fe0b5c87510>\fP
+alias of \fB<Mock object at 0x2ac77a348450>\fP
 .UNINDENT
 .SS \fB/events\fP
 .INDENT 0.0
 .TP
 .B salt.netapi.rest_tornado.saltnado.EventsSaltAPIHandler
-alias of \fB<Mock object at 0x7fe0bbd0ae10>\fP
+alias of \fB<Mock object at 0x2ac768d811d0>\fP
 .UNINDENT
 .SS \fB/hook\fP
 .INDENT 0.0
 .TP
 .B salt.netapi.rest_tornado.saltnado.WebhookSaltAPIHandler
-alias of \fB<Mock object at 0x7fe0bbd0a390>\fP
+alias of \fB<Mock object at 0x2ac77b8501d0>\fP
 .UNINDENT
 .SS rest_wsgi
 .SS A minimalist REST API for Salt
@@ -119134,7 +127111,7 @@
 Extra care must be taken when deploying this module into production. Please
 read this documentation in entirety.
 .sp
-All authentication is done through Salt\(aqs external auth
+All authentication is done through Salt\(aqs \fIexternal auth\fP
 system.
 .SS Usage
 .INDENT 0.0
@@ -119290,8 +127267,8 @@
 .INDENT 0.0
 .TP
 .B form lowstate
-A list of lowstate data appropriate for the
-client interface you are calling.
+A list of \fIlowstate\fP data appropriate for the
+\fIclient\fP interface you are calling.
 .TP
 .B status 200
 success
@@ -119401,12 +127378,7 @@
 .SS Display compact output data structure
 .sp
 Example output::
-\(aqsaltdev\(aq: {\(aqtest_|\-always\-passes_|\-foo_|\-succeed_without_changes\(aq: {\(aqcomment\(aq: \(aqSuccess!\(aq, \(aqname\(aq: \(aqfoo\(aq, \(aqstart_time\(aq: \(aq05:16:26.111814\(aq, \(aqresult\(aq: True, \(aqduration\(aq: 1, \(aq__run_num__\(aq: 0, \(aqchanges\(aq: {}}, \(aqtest_|\-my\-custom\-combo_|\-foo_|\-configurable_test_state\(aq: {\(aqcomment\(aq: \(aqbar.baz\(aq, \(aqname\(aq: \(aqfoo\(aq, \(aqstart_time\(aq: \(aq05:16:26.117177\(aq, \(aqresult\(aq: False, \(aqduration\(aq: 1, \(aq__run_num__\(aq: 4, \(aqchanges\(aq: {\(aqtesting\(aq: {\(aqnew\(aq: \(aqSomething pretended to change\(aq, \(aqold\(aq: \(aqUnchanged\(aq}}}, \(aqtest_|\-always\-fails_|\-foo_|\-fail_without_changes\(aq: {\(aqcomment\(aq: \(aqFailure!\(aq, \(aqname\(aq: \(aqfoo\(aq, \(aqstart_time\(aq: \(aq05:16:26.113124\(aq, \(aqresult\(aq: False, \(aqduration\(aq: 1, \(aq__run_num__\(aq: 1, \(aqchanges\(aq: {}}, \(aqtest_|\-always\-changes\-and\-succeeds_|\-foo_|\-succeed_with_changes\(aq: {\(aqcomment\(aq: \(aqSuccess!\(aq, \(aqname\(aq: \(aqfoo\(aq, \(aqstart_time\(aq: \(aq05:16:26.114570\(aq, \(aqresult\(aq: True, \(aqduration\(aq: 0, \(aq__run_num__\(aq: 2, \(aqchanges\(aq: {\(aqtesting\(aq: {\(aqnew\(aq: \(aqSomething pretended to change\(aq, \(aqold\(aq: \(aqUnchanged\(aq}}}, \(aqtest_|\-always\-changes\-and\-fails_|\-foo_|\-fail_with_changes\(aq: {\(aqcomment\(aq: \(aqFailure!\(aq, \(aqname\(aq: \(aqfoo\(aq, \(aqstart_time\(aq: \(aq05:16:26.115561\(aq, \(aqresult\(aq: False, \(aqduration\(aq: 1, \(aq__run_num__\(aq: 3, \(aqchanges\(aq: {\(aqtesting\(aq: {\(aqnew\(aq: \(aqSomething pretended to change\(aq, \(aqold\(aq: \(aqUnchanged\(aq}}}}}
-.INDENT 0.0
-.INDENT 3.5
-{\(aqmyminion\(aq: {\(aqfoo\(aq: {\(aqlist\(aq: [\(aqHello\(aq, \(aqWorld\(aq], \(aqbar\(aq: \(aqbaz\(aq, \(aqdictionary\(aq: {\(aqabc\(aq: 123, \(aqdef\(aq: 456}}}}
-.UNINDENT
-.UNINDENT
+\(aqsaltdev\(aq: {\(aqtest_|\-always\-passes_|\-foo_|\-succeed_without_changes\(aq: {\(aqcomment\(aq: \(aqSuccess!\(aq, \(aqname\(aq: \(aqfoo\(aq, \(aqstart_time\(aq: \(aq05:16:26.111814\(aq, \(aqresult\(aq: True, \(aqduration\(aq: 1, \(aq__run_num__\(aq: 0, \(aqchanges\(aq: {}}, \(aqtest_|\-my\-custom\-combo_|\-foo_|\-configurable_test_state\(aq: {\(aqcomment\(aq: \(aqbar.baz\(aq, \(aqname\(aq: \(aqfoo\(aq, \(aqstart_time\(aq: \(aq05:16:26.117177\(aq, \(aqresult\(aq: False, \(aqduration\(aq: 1, \(aq__run_num__\(aq: 4, \(aqchanges\(aq: {\(aqtesting\(aq: {\(aqnew\(aq: \(aqSomething pretended to change\(aq, \(aqold\(aq: \(aqUnchanged\(aq}}}, \(aqtest_|\-always\-fails_|\-foo_|\-fail_without_changes\(aq: {\(aqcomment\(aq: \(aqFailure!\(aq, \(aqname\(aq: \(aqfoo\(aq, \(aqstart_time\(aq: \(aq05:16:26.113124\(aq, \(aqresult\(aq: False, \(aqduration\(aq: 1, \(aq__run_num__\(aq: 1, \(aqchanges\(aq: {}}, \(aqtest_|\-always\-changes\-and\-succeeds_|\-foo_|\-succeed_with_changes\(aq: {\(aqcomment\(aq: \(aqSuccess!\(aq, \(aqname\(aq: \(aqfoo\(aq, \(aqstart_time\(aq: \(aq05:16:26.114570\(aq, \(aqresult\(aq: True, \(aqduration\(aq: 0, \(aq__run_num__\(aq: 2, \(aqchanges\(aq: {\(aqtesting\(aq: {\(aqnew\(aq: \(aqSomething pretended to change\(aq, \(aqold\(aq: \(aqUnchanged\(aq}}}, \(aqtest_|\-always\-changes\-and\-fails_|\-foo_|\-fail_with_changes\(aq: {\(aqcomment\(aq: \(aqFailure!\(aq, \(aqname\(aq: \(aqfoo\(aq, \(aqstart_time\(aq: \(aq05:16:26.115561\(aq, \(aqresult\(aq: False, \(aqduration\(aq: 1, \(aq__run_num__\(aq: 3, \(aqchanges\(aq: {\(aqtesting\(aq: {\(aqnew\(aq: \(aqSomething pretended to change\(aq, \(aqold\(aq: \(aqUnchanged\(aq}}}}}{\(aqmyminion\(aq: {\(aqfoo\(aq: {\(aqlist\(aq: [\(aqHello\(aq, \(aqWorld\(aq], \(aqbar\(aq: \(aqbaz\(aq, \(aqdictionary\(aq: {\(aqabc\(aq: 123, \(aqdef\(aq: 456}}}}
 .INDENT 0.0
 .TP
 .B salt.output.compact.output(data)
@@ -119738,7 +127710,7 @@
 .SS salt.output.overstatestage
 .SS Display clean output of an overstate stage
 .sp
-This outputter is used to display OverState stages,
+This outputter is used to display \fIOverState\fP stages,
 and should not be called directly.
 .INDENT 0.0
 .TP
@@ -120018,10 +127990,10 @@
 .SS Pillars
 .sp
 Salt includes a number of built\-in external pillars, listed at
-all\-salt.pillars\&.
+\fIall\-salt.pillars\fP\&.
 .sp
 You may also wish to look at the standard pillar documentation, at
-pillar\-configuration
+\fIpillar\-configuration\fP
 .sp
 The source for the built\-in Salt pillars can be found here:
 \fI\%https://github.com/saltstack/salt/blob/develop/salt/pillar\fP
@@ -120073,11 +128045,6 @@
 T}
 _
 T{
-\fBfile_encode\fP
-T}	T{
-T}
-_
-T{
 \fBfile_tree\fP
 T}	T{
 Recursively iterate over directories and add all files as Pillar data.
@@ -120164,7 +128131,7 @@
 T{
 \fBvarstack_pillar\fP
 T}	T{
-Use varstack data as a Pillar source
+Use \fI\%Varstack\fP data as a Pillar source
 T}
 _
 T{
@@ -120797,13 +128764,13 @@
 .nf
 .ft C
 ext_pillar:
-  \- git: _ git://gitserver/git\-pillar.git root=pillar
+  \- git: __env__ git://gitserver/git\-pillar.git root=pillar
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
-The (optinal) root=pillar defines the directory that contains the pillar data.
+The (optional) root=pillar defines the directory that contains the pillar data.
 The corresponding \fBtop.sls\fP would be like:
 .INDENT 0.0
 .INDENT 3.5
@@ -121972,7 +129939,27 @@
 .UNINDENT
 .SS salt.pillar.varstack_pillar
 .sp
-Use varstack data as a Pillar source
+Use \fI\%Varstack\fP data as a Pillar source
+.SS Configuring Varstack
+.sp
+Using varstack in Salt is fairly simple. Just put the following into the
+config file of your master:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+ext_pillar:
+  \- varstack: /etc/varstack.yaml
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Varstack will then use /etc/varstack.yaml to determine which configuration
+data to return as pillar information. From there you can take a look at the
+\fI\%README\fP of
+varstack on how this file is evaluated.
 .INDENT 0.0
 .TP
 .B salt.pillar.varstack_pillar.ext_pillar(minion_id, pillar, conf)
@@ -122696,7 +130683,7 @@
 .SS Calling Salt Functions
 .sp
 The Jinja renderer provides a shorthand lookup syntax for the \fBsalt\fP
-dictionary of execution function\&.
+dictionary of \fIexecution function\fP\&.
 .sp
 New in version 2014.7.0.
 
@@ -122994,12 +130981,12 @@
 execution functions, grains, pillar, etc. They are:
 .INDENT 0.0
 .IP \(bu 2
-\fB__salt__\fP \- Execution functions (i.e.
+\fB__salt__\fP \- \fIExecution functions\fP (i.e.
 \fB__salt__[\(aqtest.echo\(aq](\(aqfoo\(aq)\fP)
 .IP \(bu 2
-\fB__grains__\fP \- Grains (i.e. \fB__grains__[\(aqos\(aq]\fP)
+\fB__grains__\fP \- \fIGrains\fP (i.e. \fB__grains__[\(aqos\(aq]\fP)
 .IP \(bu 2
-\fB__pillar__\fP \- Pillar data (i.e. \fB__pillar__[\(aqfoo\(aq]\fP)
+\fB__pillar__\fP \- \fIPillar data\fP (i.e. \fB__pillar__[\(aqfoo\(aq]\fP)
 .IP \(bu 2
 \fB__opts__\fP \- Minion configuration options
 .IP \(bu 2
@@ -123137,27 +131124,27 @@
 \fBinclude\fP
 .INDENT 0.0
 .INDENT 3.5
-Salt PyDSL function for creating include\-declaration\(aqs.
+Salt PyDSL function for creating \fIinclude\-declaration\fP\(aqs.
 .UNINDENT
 .UNINDENT
 .sp
 \fBextend\fP
 .INDENT 0.0
 .INDENT 3.5
-Salt PyDSL function for creating extend\-declaration\(aqs.
+Salt PyDSL function for creating \fIextend\-declaration\fP\(aqs.
 .UNINDENT
 .UNINDENT
 .sp
 \fBstate\fP
 .INDENT 0.0
 .INDENT 3.5
-Salt PyDSL function for creating ID\-declaration\(aqs.
+Salt PyDSL function for creating \fIID\-declaration\fP\(aqs.
 .UNINDENT
 .UNINDENT
 .UNINDENT
 .UNINDENT
 .sp
-A state ID\-declaration is created with a \fBstate(id)\fP function call.
+A state \fIID\-declaration\fP is created with a \fBstate(id)\fP function call.
 Subsequent \fBstate(id)\fP call with the same id returns the same object. This
 singleton access pattern applies to all declaration objects created with the
 DSL.
@@ -123179,7 +131166,7 @@
 the \fIid\fP\&.
 .sp
 \fBstate(id)\fP returns an object under which you can create a
-state\-declaration object by accessing an attribute named after \fIany\fP
+\fIstate\-declaration\fP object by accessing an attribute named after \fIany\fP
 state module available in Salt.
 .INDENT 0.0
 .INDENT 3.5
@@ -123195,11 +131182,11 @@
 .UNINDENT
 .UNINDENT
 .sp
-Then, a function\-declaration object can be created from a
-state\-declaration object by one of the following two ways:
+Then, a \fIfunction\-declaration\fP object can be created from a
+\fIstate\-declaration\fP object by one of the following two ways:
 .INDENT 0.0
 .IP 1. 3
-by calling a method named after the state function on the state\-declaration object.
+by calling a method named after the state function on the \fIstate\-declaration\fP object.
 .UNINDENT
 .INDENT 0.0
 .INDENT 3.5
@@ -123213,7 +131200,7 @@
 .UNINDENT
 .INDENT 0.0
 .IP 2. 3
-by directly calling the attribute named for the state\-declaration, and
+by directly calling the attribute named for the \fIstate\-declaration\fP, and
 supplying the state function name as the first argument.
 .UNINDENT
 .INDENT 0.0
@@ -123227,9 +131214,9 @@
 .UNINDENT
 .UNINDENT
 .sp
-With either way of creating a function\-declaration object, any
-function\-arg\-declaration\(aqs can be passed as keyword arguments to the
-call. Subsequent calls of a function\-declaration will update the arg
+With either way of creating a \fIfunction\-declaration\fP object, any
+\fIfunction\-arg\-declaration\fP\(aqs can be passed as keyword arguments to the
+call. Subsequent calls of a \fIfunction\-declaration\fP will update the arg
 declarations.
 .INDENT 0.0
 .INDENT 3.5
@@ -123245,7 +131232,7 @@
 .sp
 As a shortcut, the special \fIname\fP argument can also be passed as the
 first or second positional argument depending on the first or second
-way of calling the state\-declaration object. In the following
+way of calling the \fIstate\-declaration\fP object. In the following
 two examples \fIls \-la\fP is the \fIname\fP argument.
 .INDENT 0.0
 .INDENT 3.5
@@ -123259,16 +131246,16 @@
 .UNINDENT
 .UNINDENT
 .sp
-Finally, a requisite\-declaration object with its
-requisite\-reference\(aqs can be created by invoking one of the
-requisite methods (see \fBState Requisites\fP) on either a function\-declaration
-object or a state\-declaration object. The return value of a
-requisite call is also a function\-declaration object, so you
+Finally, a \fIrequisite\-declaration\fP object with its
+\fIrequisite\-reference\fP\(aqs can be created by invoking one of the
+requisite methods (see \fBState Requisites\fP) on either a \fIfunction\-declaration\fP
+object or a \fIstate\-declaration\fP object. The return value of a
+requisite call is also a \fIfunction\-declaration\fP object, so you
 can chain several requisite calls together.
 .sp
-Arguments to a requisite call can be a list of state\-declaration objects
+Arguments to a requisite call can be a list of \fIstate\-declaration\fP objects
 and/or a set of keyword arguments whose names are state modules and values are
-IDs of ID\-declaration\(aqs or names of name\-declaration\(aqs.
+IDs of \fIID\-declaration\fP\(aqs or names of \fIname\-declaration\fP\(aqs.
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -123298,9 +131285,9 @@
 .UNINDENT
 .UNINDENT
 .sp
-include\-declaration objects can be created with the \fBinclude\fP function,
-while extend\-declaration objects can be created with the \fBextend\fP function,
-whose arguments are just function\-declaration objects.
+\fIinclude\-declaration\fP objects can be created with the \fBinclude\fP function,
+while \fIextend\-declaration\fP objects can be created with the \fBextend\fP function,
+whose arguments are just \fIfunction\-declaration\fP objects.
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -123316,7 +131303,7 @@
 The \fBinclude\fP function, by default, causes the included sls file to be rendered
 as soon as the \fBinclude\fP function is called. It returns a list of rendered module
 objects; sls files not rendered with the pydsl renderer return \fBNone\fP\(aqs.
-This behavior creates no include\-declaration\(aqs in the resulting high state
+This behavior creates no \fIinclude\-declaration\fP\(aqs in the resulting high state
 data structure.
 .INDENT 0.0
 .INDENT 3.5
@@ -123357,7 +131344,7 @@
 .UNINDENT
 .UNINDENT
 .sp
-Above will just create a include\-declaration in the rendered result, and
+Above will just create a \fIinclude\-declaration\fP in the rendered result, and
 such call always returns \fBNone\fP\&.
 .SS Special integration with the \fIcmd\fP state
 .sp
@@ -123385,9 +131372,9 @@
 See \fBsalt.states.cmd.call()\fP for more information.
 .SS Implicit ordering of states
 .sp
-Salt states are explicitly ordered via requisite\-declaration\(aqs.
+Salt states are explicitly ordered via \fIrequisite\-declaration\fP\(aqs.
 However, with \fIpydsl\fP it\(aqs possible to let the renderer track the order
-of creation for function\-declaration objects, and implicitly add
+of creation for \fIfunction\-declaration\fP objects, and implicitly add
 \fBrequire\fP requisites for your states to enforce the ordering. This feature
 is enabled by setting the \fBordered\fP option on \fB__pydsl__\fP\&.
 .sp
@@ -123427,11 +131414,11 @@
 \fBone\fP, \fBtwo\fP, \fB3\fP, ... \fB9\fP, in that order.
 .sp
 It\(aqs important to know that \fIpydsl\fP tracks the \fIcreations\fP of
-function\-declaration objects, and automatically adds a \fBrequire\fP requisite
-to a function\-declaration object that requires the last
-function\-declaration object created before it in the sls file.
+\fIfunction\-declaration\fP objects, and automatically adds a \fBrequire\fP requisite
+to a \fIfunction\-declaration\fP object that requires the last
+\fIfunction\-declaration\fP object created before it in the sls file.
 .sp
-This means later calls (perhaps to update the function\(aqs function\-arg\-declaration) to a previously created function declaration will not change the
+This means later calls (perhaps to update the function\(aqs \fIfunction\-arg\-declaration\fP) to a previously created function declaration will not change the
 order.
 .SS Render time state execution
 .sp
@@ -123440,7 +131427,7 @@
 In the case of the \fIpydsl\fP renderer, the .sls file is executed as a python module
 as it is being rendered which makes it easy to execute a state at render time.
 In \fIpydsl\fP, executing one or more states at render time can be done by calling a
-configured ID\-declaration object.
+configured \fIID\-declaration\fP object.
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -123460,15 +131447,15 @@
 .UNINDENT
 .UNINDENT
 .sp
-Once an ID\-declaration is called at render time it is detached from the
+Once an \fIID\-declaration\fP is called at render time it is detached from the
 sls module as if it was never defined.
 .sp
 \fBNOTE:\fP
 .INDENT 0.0
 .INDENT 3.5
 If \fIimplicit ordering\fP is enabled (i.e., via \fB__pydsl__.set(ordered=True)\fP) then
-the \fIfirst\fP invocation of a ID\-declaration object must be done before a
-new function\-declaration is created.
+the \fIfirst\fP invocation of a \fIID\-declaration\fP object must be done before a
+new \fIfunction\-declaration\fP is created.
 .UNINDENT
 .UNINDENT
 .SS Integration with the stateconf renderer
@@ -124420,7 +132407,7 @@
 \fBSEE ALSO:\fP
 .INDENT 0.0
 .INDENT 3.5
-Full list of builtin returners
+\fIFull list of builtin returners\fP
 .UNINDENT
 .UNINDENT
 .SS Using Returners
@@ -124461,7 +132448,7 @@
 .sp
 A returner is a Python module containing at minimum a \fBreturner\fP function.
 Other optional functions can be included to add support for
-master_job_cache, external_job_cache, and \fI\%Event Returners\fP\&.
+\fImaster_job_cache\fP, \fIexternal_job_cache\fP, and \fI\%Event Returners\fP\&.
 .INDENT 0.0
 .TP
 .B \fBreturner\fP
@@ -124511,9 +132498,9 @@
 serializes the data as JSON and sets it in redis.
 .SS Master Job Cache Support
 .sp
-master_job_cache, external_job_cache, and \fI\%Event Returners\fP\&.
-Salt\(aqs master_job_cache allows returners to be used as a pluggable
-replacement for the default_job_cache\&. In order to do so, a returner
+\fImaster_job_cache\fP, \fIexternal_job_cache\fP, and \fI\%Event Returners\fP\&.
+Salt\(aqs \fImaster_job_cache\fP allows returners to be used as a pluggable
+replacement for the \fIdefault_job_cache\fP\&. In order to do so, a returner
 must implement the following functions:
 .sp
 \fBNOTE:\fP
@@ -124625,7 +132612,7 @@
 .UNINDENT
 .SS External Job Cache Support
 .sp
-Salt\(aqs external_job_cache extends the master_job_cache\&. External
+Salt\(aqs \fIexternal_job_cache\fP extends the \fImaster_job_cache\fP\&. External
 Job Cache support requires the following functions in addition to what is
 required for Master Job Cache support:
 .INDENT 0.0
@@ -124786,7 +132773,7 @@
 .sp
 Note that a returner\(aqs default name is its filename (i.e. \fBfoo.py\fP becomes
 returner \fBfoo\fP), but that its name can be overridden by using a
-__virtual__ function\&. A good example of this can be
+\fI__virtual__ function\fP\&. A good example of this can be
 found in the \fI\%redis\fP returner, which is named \fBredis_return.py\fP but is
 loaded as simply \fBredis\fP:
 .INDENT 0.0
@@ -124814,7 +132801,7 @@
 .sp
 The \fBreturner\fP, \fBprep_jid\fP, \fBsave_load\fP, \fBget_load\fP, and
 \fBevent_return\fP functions can be tested by configuring the
-master_job_cache and \fI\%Event Returners\fP in the master config
+\fImaster_job_cache\fP and \fI\%Event Returners\fP in the master config
 file and submitting a job to \fBtest.ping\fP each minion from the master.
 .sp
 Once you have successfully exercised the Master Job Cache functions, test the
@@ -124909,6 +132896,7 @@
 T{
 \fBhipchat_return\fP
 T}	T{
+Return salt data via hipchat.
 T}
 _
 T{
@@ -124992,6 +132980,7 @@
 T{
 \fBslack_returner\fP
 T}	T{
+Return salt data via slack
 T}
 _
 T{
@@ -125393,27 +133382,17 @@
 \(aqreturner_callback\(aq with this module\(aqs \(aqreturner\(aq function:
 .INDENT 0.0
 .INDENT 3.5
-.INDENT 0.0
-.INDENT 3.5
 .sp
 .nf
 .ft C
-
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.sp
 import salt.returners.django_return
 from django.dispatch import receiver
-.sp
+
 @receiver(salt.returners.django_return, sender=returner)
 def returner_callback(sender, ret):
-.INDENT 0.0
-.INDENT 3.5
-print(\(aqI received {0} from {1}\(aq.format(ret, sender))
-.UNINDENT
-.UNINDENT
+    print(\(aqI received {0} from {1}\(aq.format(ret, sender))
+.ft P
+.fi
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
@@ -125631,6 +133610,114 @@
 .B salt.returners.etcd_return.save_load(jid, load)
 Save the load to the specified jid
 .UNINDENT
+.SS salt.returners.hipchat_return
+.sp
+Return salt data via hipchat.
+.sp
+New in version 2015.5.0.
+
+.sp
+The following fields can be set in the minion conf file:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+hipchat.room_id (required)
+hipchat.api_key (required)
+hipchat.api_version (required)
+hipchat.from_name (required)
+hipchat.color (optional)
+hipchat.notify (optional)
+hipchat.profile (optional)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Alternative configuration values can be used by prefacing the configuration.
+Any values not found in the alternative configuration will be pulled from
+the default location:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+hipchat.room_id
+hipchat.api_key
+hipchat.api_version
+hipchat.from_name
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Hipchat settings may also be configured as:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+hipchat:
+  room_id: RoomName
+  api_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+  api_version: v1
+  from_name: user@email.com
+
+alternative.hipchat:
+  room_id: RoomName
+  api_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+  api_version: v1
+  from_name: user@email.com
+
+hipchat_profile:
+  api_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+  api_version: v1
+  from_name: user@email.com
+
+hipchat:
+  profile: hipchat_profile
+  room_id: RoomName
+
+alternative.hipchat:
+  profile: hipchat_profile
+  room_id: RoomName
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To use the HipChat returner, append \(aq\-\-return hipchat\(aq to the salt command.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq test.ping \-\-return hipchat
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To use the alternative configuration, append \(aq\-\-return_config alternative\(aq to the salt command.
+.sp
+New in version 2015.5.0.
+
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq test.ping \-\-return hipchat \-\-return_config alternative
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.returners.hipchat_return.returner(ret)
+Send an hipchat message with the data
+.UNINDENT
 .SS salt.returners.kafka_return
 .sp
 Return data to a Kafka topic
@@ -125856,6 +133943,20 @@
 This returner will send data from the minions to a MongoDB server. To
 configure the settings for your MongoDB server, add the following lines
 to the minion config files:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+mongo.db: <database name>
+mongo.host: <server ip address>
+mongo.user: <MongoDB username>
+mongo.password: <MongoDB user password>
+mongo.port: 27017
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .sp
 You can also ask for indexes creation on the most common used fields, which
 should greatly improve performance. Indexes are not created by default.
@@ -126960,6 +135061,104 @@
 Log outcome to sentry. The returner tries to identify errors and report them as such. All other
 messages will be reported at info level.
 .UNINDENT
+.SS salt.returners.slack_returner
+.sp
+Return salt data via slack
+.sp
+New in version 2015.5.0.
+
+.sp
+The following fields can be set in the minion conf file:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+slack.channel (required)
+slack.api_key (required)
+slack.from_name (required)
+slack.profile (optional)
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Alternative configuration values can be used by prefacing the configuration.
+Any values not found in the alternative configuration will be pulled from
+the default location:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+slack.channel
+slack.api_key
+slack.from_name
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Hipchat settings may also be configured as:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+slack:
+    channel: RoomName
+    api_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+    from_name: user@email.com
+
+alternative.slack:
+    room_id: RoomName
+    api_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+    from_name: user@email.com
+
+slack_profile:
+    api_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+    from_name: user@email.com
+
+slack:
+    profile: slack_profile
+    channel: RoomName
+
+alternative.slack:
+    profile: slack_profile
+    channel: RoomName
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To use the HipChat returner, append \(aq\-\-return slack\(aq to the salt command.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq test.ping \-\-return slack
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To use the alternative configuration, append \(aq\-\-return_config alternative\(aq to the salt command.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+salt \(aq*\(aq test.ping \-\-return slack \-\-return_config alternative
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.returners.slack_returner.returner(ret)
+Send an slack message with the data
+.UNINDENT
 .SS salt.returners.sms_return
 .sp
 Return data by SMS.
@@ -127448,11 +135647,7 @@
 T{
 \fBclustershell\fP
 T}	T{
-.INDENT 0.0
-.TP
-.B requires
-clustershell
-.UNINDENT
+This roster resolves hostname in a pdsh/clustershell style.
 T}
 _
 T{
@@ -127570,6 +135765,18 @@
 .UNINDENT
 .sp
 This is the format that an inventory script needs to output to work with ansible, and thus here.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+[~]# salt\-ssh \-\-roster\-file /etc/salt/hosts salt.gtmanfred.com test.ping
+salt.gtmanfred.com:
+        True
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .sp
 Any of the [groups] or direct hostnames will return.  The \(aqall\(aq is special, and returns everything.
 .INDENT 0.0
@@ -127658,21 +135865,24 @@
 defaults to /etc/salt/roster
 .UNINDENT
 .SS salt.roster.clustershell
+.sp
+This roster resolves hostname in a pdsh/clustershell style.
 .INDENT 0.0
 .TP
-.B requires
-clustershell
+.B depends
+clustershell, \fI\%https://github.com/cea\-hpc/clustershell\fP
 .UNINDENT
 .sp
-\fI\%https://github.com/cea\-hpc/clustershell\fP
-.sp
-This roster resolves hostname in a pdsh/clustershell style.
-.sp
-When you want to use host globs for target matching, use \-\-roster clustershell.
+When you want to use host globs for target matching, use \fB\-\-roster clustershell\fP\&. For example:
 .INDENT 0.0
-.TP
-.B Example:
+.INDENT 3.5
+.sp
+.nf
+.ft C
 salt\-ssh \-\-roster clustershell \(aqserver_[1\-10,21\-30],test_server[5,7,9]\(aq test.ping
+.ft P
+.fi
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -127750,7 +135960,7 @@
 \fBSEE ALSO:\fP
 .INDENT 0.0
 .INDENT 3.5
-The full list of runners
+\fIThe full list of runners\fP
 .UNINDENT
 .UNINDENT
 .SS Full list of runner modules
@@ -127845,11 +136055,7 @@
 T{
 \fBnacl\fP
 T}	T{
-.INDENT 0.0
-.TP
-.B requires
-libnacl
-.UNINDENT
+This runner helps create encrypted passwords that can be included in pillars.
 T}
 _
 T{
@@ -128071,7 +136277,7 @@
 available to all internal apis via the runner system
 .INDENT 0.0
 .TP
-.B salt.runners.cloud.action(fun=None, cloudmap=None, instances=None, provider=None, instance=None, **kwargs)
+.B salt.runners.cloud.action(func=None, cloudmap=None, instances=None, provider=None, instance=None, **kwargs)
 Execute a single action on the given map/provider/instance
 .UNINDENT
 .INDENT 0.0
@@ -128664,7 +136870,7 @@
 .B backend
 Narrow fileserver backends to a subset of the enabled ones.
 .sp
-Changed in version 2015.5.0::: If all passed backends start with a minus sign (\fB\-\fP), then these
+Changed in version 2015.5.0: If all passed backends start with a minus sign (\fB\-\fP), then these
 backends will be excluded from the enabled backends. However, if
 there is a mix of backends with and without a minus sign (ex:
 \fBbackend=\-roots,git\fP) then the ones starting with a minus
@@ -128740,11 +136946,7 @@
 .INDENT 7.0
 .INDENT 3.5
 This will only operate on enabled backends (those configured in
-
-.nf
-:master_conf:\(gafileserver_backend\(ga
-.fi
-).
+\fBfileserver_backend\fP).
 .UNINDENT
 .UNINDENT
 .INDENT 7.0
@@ -128871,13 +137073,16 @@
 Module for making various web calls. Primarily designed for webhooks and the
 like, but also useful for basic http testing.
 .sp
-New in version 2015.5.
+New in version 2015.5.0.
 
 .INDENT 0.0
 .TP
 .B salt.runners.http.query(url, output=True, **kwargs)
 Query a resource, and decode the return data
 .sp
+New in version 2015.5.0.
+
+.sp
 CLI Example:
 .INDENT 7.0
 .INDENT 3.5
@@ -128897,6 +137102,9 @@
 .B salt.runners.http.update_ca_bundle(target=None, source=None, merge_files=None)
 Update the local CA bundle file from a URL
 .sp
+New in version 2015.5.0.
+
+.sp
 CLI Example:
 .INDENT 7.0
 .INDENT 3.5
@@ -129586,38 +137794,43 @@
 .UNINDENT
 .UNINDENT
 .SS salt.runners.nacl
+.sp
+This runner helps create encrypted passwords that can be included in pillars.
 .INDENT 0.0
 .TP
-.B requires
-libnacl
+.B depends
+libnacl, \fI\%https://github.com/saltstack/libnacl\fP
 .UNINDENT
 .sp
-\fI\%https://github.com/saltstack/libnacl\fP
-.sp
-This runner helps create encrypted passwords that can be included in pillars.
-This is often usefull if you wish to store your pillars in source control or
+This is often useful if you wish to store your pillars in source control or
 share your pillar data with others that you trust. I dont advise making your pillars public
 regardless if they are encrypted or not.
 .sp
 The following configurations can be defined in the master config
-so your users can create encrypted passwords using the runner nacl.
+so your users can create encrypted passwords using the runner nacl:
 .INDENT 0.0
 .INDENT 3.5
+.sp
+.nf
+.ft C
 cat /etc/salt/master.d/nacl.conf
 nacl.config:
-.INDENT 0.0
-.INDENT 3.5
-key: None
-keyfile: /root/.nacl
-.UNINDENT
-.UNINDENT
+    key: None
+    keyfile: /root/.nacl
+.ft P
+.fi
 .UNINDENT
 .UNINDENT
 .sp
 Now with the config in the master you can use the runner nacl like:
 .INDENT 0.0
 .INDENT 3.5
+.sp
+.nf
+.ft C
 salt\-run nacl.enc \(aqdata\(aq
+.ft P
+.fi
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
@@ -130355,7 +138568,7 @@
 More Orchestrate documentation
 .INDENT 0.0
 .IP \(bu 2
-Full Orchestrate Tutorial
+\fIFull Orchestrate Tutorial\fP
 .IP \(bu 2
 \fBDocs for the master\-side state module\fP
 .UNINDENT
@@ -131012,7 +139225,7 @@
 \fBNOTE:\fP
 .INDENT 0.0
 .INDENT 3.5
-This documentation has been moved here\&.
+This documentation has been moved \fIhere\fP\&.
 .UNINDENT
 .UNINDENT
 .SS File State Backups
@@ -131755,7 +139968,7 @@
 \fBNOTE:\fP
 .INDENT 0.0
 .INDENT 3.5
-This documentation has been moved here\&.
+This documentation has been moved \fIhere\fP\&.
 .UNINDENT
 .UNINDENT
 .SS Highstate data structure definitions
@@ -131867,7 +140080,7 @@
 .INDENT 3.5
 watch_in and require_in
 .sp
-Sometimes it is more convenient to use the watch_in or require_in syntax
+Sometimes it is more convenient to use the \fIwatch_in\fP or \fIrequire_in\fP syntax
 instead of extending another \fBSLS\fP file.
 .sp
 \fBState Requisites\fP
@@ -132417,7 +140630,7 @@
 \fBNOTE:\fP
 .INDENT 0.0
 .INDENT 3.5
-This documentation has been moved here\&.
+This documentation has been moved \fIhere\fP\&.
 .UNINDENT
 .UNINDENT
 .SS Ordering States
@@ -132570,12 +140783,12 @@
 user, group, and file are executed successfully.
 .SS Requisite Documentation
 .sp
-For detailed information on each of the individual requisites, please
-look here.
+For detailed information on each of the individual requisites, \fIplease
+look here.\fP
 .SS The Order Option
 .sp
 Before using the \fIorder\fP option, remember that the majority of state ordering
-should be done with a requisite\-declaration, and that a requisite
+should be done with a \fIrequisite\-declaration\fP, and that a requisite
 declaration will override an \fIorder\fP option, so a state with order option
 should not require or required by other states.
 .sp
@@ -132620,7 +140833,7 @@
 \fBNOTE:\fP
 .INDENT 0.0
 .INDENT 3.5
-This documentation has been moved here\&.
+This documentation has been moved \fIhere\fP\&.
 .UNINDENT
 .UNINDENT
 .SS State Providers
@@ -133556,7 +141769,7 @@
 
 configure\-apache2:
   file.managed:
-    \- path: /etc/apache2/apache2.conf
+    \- name: /etc/apache2/apache2.conf
     \- source: salt://apache2/apache2.conf
 .ft P
 .fi
@@ -133576,7 +141789,7 @@
 
 configure\-apache2:
   file.managed:
-    \- path: /etc/apache2/apache2.conf
+    \- name: /etc/apache2/apache2.conf
     \- source: salt://apache2/apache2.conf
     \- listen_in:
       \- service: apache2
@@ -133606,7 +141819,7 @@
 .ft C
 comment\-repo:
   file.replace:
-    \- path: /etc/yum.repos.d/fedora.repo
+    \- name: /etc/yum.repos.d/fedora.repo
     \- pattern: ^enabled=0
     \- repl: enabled=1
     \- check_cmd:
@@ -134380,7 +142593,7 @@
 same as one of Salt\(aqs default set of states, will take the place of the default
 state with the same name. Note that a state\(aqs default name is its filename
 (i.e. \fBfoo.py\fP becomes state \fBfoo\fP), but that its name can be overridden
-by using a __virtual__ function\&.
+by using a \fI__virtual__ function\fP\&.
 .SS Cross Calling Modules
 .sp
 As with Execution Modules, State Modules can also make use of the \fB__salt__\fP
@@ -135289,6 +143502,12 @@
 T}
 _
 T{
+\fBipmi\fP
+T}	T{
+Manage IPMI devices over LAN
+T}
+_
+T{
 \fBipset\fP
 T}	T{
 Management of ipsets
@@ -135762,6 +143981,12 @@
 T}
 _
 T{
+\fBtls\fP
+T}	T{
+Enforce state for SSL/TLS
+T}
+_
+T{
 \fBtomcat\fP
 T}	T{
 This state uses the manager webapp to manage Apache tomcat webapps
@@ -136216,7 +144441,7 @@
 Keep the archive in the minion\(aqs cache
 .UNINDENT
 .UNINDENT
-.SS salt.states.jboss7
+.SS salt.states.artifactory
 .sp
 This state downloads artifacts from artifactory.
 .INDENT 0.0
@@ -136460,8 +144685,15 @@
 State name
 .TP
 .B context
-The context to use. Set this to a file path, prefixed by \fB/files\fP, to
-avoid redundancy, e.g.:
+A file path, prefixed by \fB/files\fP\&. Should resolve to an actual file
+(not an arbitrary augeas path). This is used to avoid duplicating the
+file name for each item in the changes list (for example, \fBset bind 0.0.0.0\fP
+in the example below operates on the file specified by \fBcontext\fP). If
+\fBcontext\fP is not specified, a file path prefixed by \fB/files\fP should be
+included with the \fBset\fP command.
+.sp
+The file path is examined to determine if the
+specified changes are already present.
 .INDENT 7.0
 .INDENT 3.5
 .sp
@@ -137233,7 +145465,7 @@
 .SS salt.states.boto_dynamodb
 .SS Manage DynamoDB Tables
 .sp
-New in version 2015.5.
+New in version 2015.5.0.
 
 .sp
 Create and destroy DynamoDB tables. Be aware that this interacts with Amazon\(aqs
@@ -137927,18 +146159,16 @@
 A list of availability zones for this ELB.
 .TP
 .B listeners
+A list of listener lists; example:
+[
 .INDENT 7.0
-.TP
-.B A list of listener lists; example:
-.INDENT 7.0
-.TP
-.B [
+.INDENT 3.5
 [\(aq443\(aq, \(aqHTTPS\(aq, \(aqarn:aws:iam::1111111:server\-certificate/mycert\(aq],
 [\(aq8443\(aq, \(aq80\(aq, \(aqHTTPS\(aq, \(aqHTTP\(aq, \(aqarn:aws:iam::1111111:server\-certificate/mycert\(aq]
 .UNINDENT
+.UNINDENT
 .sp
 ]
-.UNINDENT
 .TP
 .B subnets
 A list of subnet IDs in your VPC to attach to your LoadBalancer.
@@ -139330,9 +147560,7 @@
 .fi
 .UNINDENT
 .UNINDENT
-.sp
-Should I use \fI\%cmd.run\fP or \fI\%cmd.wait\fP?
-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-
+.SS Should I use \fI\%cmd.run\fP or \fI\%cmd.wait\fP?
 .sp
 These two states are often confused. The important thing to remember about them
 is that \fI\%cmd.run\fP states are run each time the SLS
@@ -140640,7 +148868,7 @@
 <state_id>:
   debconf.set_file:
     \- source: salt://pathto/pkg.selections.jinja2
-    \- template: jinja2
+    \- template: jinja
     \- context:
         some_value: "false"
 .ft P
@@ -140784,6 +149012,7 @@
 my_service:
   docker.running:
     \- container: mysuperdocker
+    \- image: corp/mysuperdocker_img
     \- port_bindings:
         "5000/tcp":
             HostIp: ""
@@ -140799,7 +149028,7 @@
 The \fBport_bindings\fP argument above is a dictionary. The double
 indentation is required for PyYAML to load the data structure
 properly as a python dictionary. More information can be found
-here
+\fIhere\fP
 .UNINDENT
 .UNINDENT
 .IP \(bu 2
@@ -140904,7 +149133,7 @@
 .UNINDENT
 .TP
 .B volumes
-List of volumes
+List of volumes (see notes for the running function)
 .UNINDENT
 .sp
 For other parameters, see absolutely first the salt.modules.dockerio
@@ -141145,20 +149374,23 @@
 .B volumes
 List of volumes to mount or create in the container (like \fB\-v\fP of \fBdocker run\fP command),
 mapping host directory to container directory.
-To create a volume in the container:
+.sp
+To specify a volume in the container in terse list format:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 \- volumes:
-  \- "/var/log/service"
+  \- "/var/log/service" # container\-only volume
+  \- "/srv/timezone:/etc/timezone" # bound volume
+  \- "/usr/local/etc/passwd:/etc/passwd:ro" # read\-only bound volume
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
-For read\-write mounting, use the short form (note that the notion of
+You can also use the short dictionary form (note that the notion of
 source:target from docker is preserved):
 .INDENT 7.0
 .INDENT 3.5
@@ -141166,13 +149398,13 @@
 .nf
 .ft C
 \- volumes:
-  \- /var/log/service: /var/log/service
+  \- /var/log/service: /var/log/service # mandatory read\-write implied
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
-Or, to specify read\-only mounting, use the extended form:
+Or, alternatively, to specify read\-only mounting, use the extended form:
 .INDENT 7.0
 .INDENT 3.5
 .sp
@@ -141180,29 +149412,29 @@
 .ft C
 \- volumes:
   \- /home/user1:
-    bind: /mnt/vol2
-    ro: true
+      bind: /mnt/vol2
+      ro: True
   \- /var/www:
-    bind: /mnt/vol1
-    ro: false
+      bind: /mnt/vol1
+      ro: False
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
-Or (mostly for backwards compatibility) a dict style
+Or (for backwards compatibility) another dict style:
 .INDENT 7.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
 \- volumes:
-  /home/user1:
-    bind: /mnt/vol2
-    ro: true
-  /var/www:
-    bind: /mnt/vol1
-    ro: false
+    /home/user1:
+      bind: /mnt/vol2
+      ro: True
+    /var/www:
+      bind: /mnt/vol1
+      ro: False
 .ft P
 .fi
 .UNINDENT
@@ -141374,6 +149606,20 @@
 Ensure DRAC network is in a consistent state
 .INDENT 0.0
 .INDENT 3.5
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+my_network:
+  drac.network:
+    \- ip: 10.225.108.29
+    \- netmask: 255.255.255.224
+    \- gateway: 10.225.108.1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
@@ -141632,7 +149878,7 @@
 .INDENT 3.5
 The \fBdefaults\fP and \fBcontext\fP arguments require extra indentation (four
 spaces instead of the normal two) in order to create a nested dictionary.
-More information\&.
+\fIMore information\fP\&.
 .UNINDENT
 .UNINDENT
 .sp
@@ -143258,11 +151504,7 @@
 Filesystem path to the file to be edited.
 .TP
 .B pattern
-Python\(aqs 
-.nf
-\(garegular expression search<https://docs.python.org/2/library/re.html>\(ga_
-.fi
-\&.
+Python\(aqs \fI\%regular expression search\fP\&.
 .TP
 .B repl
 The replacement text.
@@ -143819,9 +152061,15 @@
 .TP
 .B https_user
 HTTP Basic Auth username for HTTPS (only) clones
+.sp
+New in version 2015.5.0.
+
 .TP
 .B https_pass
 HTTP Basic Auth password for HTTPS (only) clones
+.sp
+New in version 2015.5.0.
+
 .TP
 .B onlyif
 A command to run as a check, run the named command only if the command
@@ -144288,11 +152536,7 @@
 The behavior of this module is to create dashboards if they do not exist, to
 add rows if they do not exist in existing dashboards, and to update rows if
 they exist in dashboards. The module will not manage rows that are not defined,
-.INDENT 0.0
-.INDENT 3.5
 allowing users to manage their own custom rows.
-.UNINDENT
-.UNINDENT
 .INDENT 0.0
 .TP
 .B salt.states.grafana.dashboard_absent(name, hosts=None, profile=\(aqgrafana\(aq)
@@ -144734,14 +152978,11 @@
 .UNINDENT
 .sp
 The following parameters are optional:
-api_key
 .INDENT 7.0
-.INDENT 3.5
+.TP
+.B api_key
 The api key for Hipchat to use for authentication,
 if not specified in the configuration options of master or minion.
-.UNINDENT
-.UNINDENT
-.INDENT 7.0
 .TP
 .B api_version
 The api version for Hipchat to use,
@@ -145223,6 +153464,245 @@
 options present in file and not specified in sections will be deleted
 changes dict will contain the sections that changed
 .UNINDENT
+.SS salt.states.ipmi
+.SS Manage IPMI devices over LAN
+.sp
+The following configuration defaults can be defined in the
+minion, master config or pillar:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+ipmi.config:
+    api_host: 127.0.0.1
+    api_user: admin
+    api_pass: apassword
+    api_port: 623
+    api_kg: None
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Every call can override the config defaults:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+ensure myipmi system is set to network boot:
+    ipmi.boot_device:
+        \- name: network
+        \- api_host: myipmi.hostname.com
+        \- api_user: root
+        \- api_pass: apassword
+        \- api_kg: None
+
+ensure myipmi system is powered on:
+    ipmi.power:
+        \- name: boot
+        \- api_host: myipmi.hostname.com
+        \- api_user: root
+        \- api_pass: apassword
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.states.ipmi.boot_device(name=\(aqdefault\(aq, **kwargs)
+Request power state change
+.INDENT 7.0
+.TP
+.B name = \fBdefault\fP
+.INDENT 7.0
+.IP \(bu 2
+network \-\- Request network boot
+.IP \(bu 2
+hd \-\- Boot from hard drive
+.IP \(bu 2
+safe \-\- Boot from hard drive, requesting \(aqsafe mode\(aq
+.IP \(bu 2
+optical \-\- boot from CD/DVD/BD drive
+.IP \(bu 2
+setup \-\- Boot into setup utility
+.IP \(bu 2
+default \-\- remove any IPMI directed boot device request
+.UNINDENT
+.TP
+.B kwargs
+.INDENT 7.0
+.IP \(bu 2
+api_host=localhost
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.states.ipmi.power(name=\(aqpower_on\(aq, wait=300, **kwargs)
+Request power state change
+.INDENT 7.0
+.TP
+.B name
+.INDENT 7.0
+.TP
+.B Ensure power state one of:
+.INDENT 7.0
+.IP \(bu 2
+power_on \-\- system turn on
+.IP \(bu 2
+power_off \-\- system turn off (without waiting for OS)
+.IP \(bu 2
+shutdown \-\- request OS proper shutdown
+.IP \(bu 2
+reset \-\- reset (without waiting for OS)
+.IP \(bu 2
+boot \-\- If system is off, then \(aqon\(aq, else \(aqreset\(aq
+.UNINDENT
+.UNINDENT
+.TP
+.B wait
+wait X seconds for the job to complete before forcing.
+(defaults to 300 seconds)
+.TP
+.B kwargs
+.INDENT 7.0
+.IP \(bu 2
+api_host=localhost
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.states.ipmi.user_absent(name, channel=14, **kwargs)
+Remove user
+Delete all user (uid) records having the matching name.
+.INDENT 7.0
+.TP
+.B name
+string name of user to delete
+.TP
+.B channel
+channel to remove user access from defaults to 14 for auto.
+.TP
+.B kwargs
+.INDENT 7.0
+.IP \(bu 2
+api_host=localhost
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.TP
+.B salt.states.ipmi.user_present(name, uid, password, channel=14, callback=False, link_auth=True, ipmi_msg=True, privilege_level=\(aqadministrator\(aq, **kwargs)
+Ensure IPMI user and user privileges.
+.INDENT 7.0
+.TP
+.B name
+name of user (limit 16 bytes)
+.TP
+.B uid
+user id number (1 to 7)
+.TP
+.B password
+user password (limit 16 bytes)
+.TP
+.B channel
+ipmi channel defaults to 14 for auto
+.TP
+.B callback
+User Restricted to Callback
+.INDENT 7.0
+.TP
+.B False = User Privilege Limit is determined by the User Privilege Limit
+parameter privilege_level, for both callback and non\-callback connections.
+.TP
+.B True  = User Privilege Limit is determined by the privilege_level
+parameter for callback connections, but is restricted to Callback
+level for non\-callback connections. Thus, a user can only initiate
+a Callback when they \(aqcall in\(aq to the BMC, but once the callback
+connection has been made, the user could potentially establish a
+session as an Operator.
+.UNINDENT
+.TP
+.B link_auth
+User Link authentication
+True/False
+user name and password information will be used for link
+authentication, e.g. PPP CHAP) for the given channel. Link
+authentication itself is a global setting for the channel and is
+enabled/disabled via the serial/modem configuration parameters.
+.TP
+.B ipmi_msg
+User IPMI Messaginge
+True/False
+user name and password information will be used for IPMI
+Messaging. In this case, \(aqIPMI Messaging\(aq refers to the ability to
+execute generic IPMI commands that are not associated with a
+particular payload type. For example, if IPMI Messaging is disabled for
+a user, but that user is enabled for activatallow_authing the SOL
+payload type, then IPMI commands associated with SOL and session
+management, such as Get SOL Configuration Parameters and Close Session
+are available, but generic IPMI commands such as Get SEL Time are
+unavailable.)
+ipmi_msg
+.TP
+.B privilege_level
+.INDENT 7.0
+.IP \(bu 2
+callback
+.IP \(bu 2
+user
+.IP \(bu 2
+operator
+.IP \(bu 2
+administrator
+.IP \(bu 2
+proprietary
+.IP \(bu 2
+no_access
+.UNINDENT
+.TP
+.B kwargs
+.INDENT 7.0
+.IP \(bu 2
+api_host=localhost
+.IP \(bu 2
+api_user=admin
+.IP \(bu 2
+api_pass=
+.IP \(bu 2
+api_port=623
+.IP \(bu 2
+api_kg=None
+.UNINDENT
+.UNINDENT
+.UNINDENT
 .SS salt.states.ipset
 .SS Management of ipsets
 .sp
@@ -145581,6 +154061,9 @@
 that would normally be used for iptables, with one exception: \fB\-\-state\fP is
 specified as \fIconnstate\fP instead of \fIstate\fP (not to be confused with
 \fIctstate\fP).
+.sp
+Jump options that doesn\(aqt take arguments should be passed in with an empty
+string.
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -145635,6 +154118,9 @@
 that would normally be used for iptables, with one exception: \fB\-\-state\fP is
 specified as \fIconnstate\fP instead of \fIstate\fP (not to be confused with
 \fIctstate\fP).
+.sp
+Jump options that doesn\(aqt take arguments should be passed in with an empty
+string.
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -145670,6 +154156,9 @@
 that would normally be used for iptables, with one exception: \fB\-\-state\fP is
 specified as \fIconnstate\fP instead of \fIstate\fP (not to be confused with
 \fIctstate\fP).
+.sp
+Jump options that doesn\(aqt take arguments should be passed in with an empty
+string.
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -145697,6 +154186,9 @@
 .sp
 Manage JBoss 7 Application Server via CLI interface
 .sp
+New in version 2015.5.0.
+
+.sp
 This state uses jboss\-cli.sh script from JBoss installation and parses its output to determine execution result.
 .sp
 In order to run each state, jboss_config dictionary with the following properties must be passed:
@@ -146532,12 +155024,34 @@
 Ensure a Linux ACL is present
 .INDENT 0.0
 .INDENT 3.5
+.sp
+.nf
+.ft C
+root:
+  acl.present:
+    \- name: /root
+    \- acl_type: users
+    \- acl_name: damian
+    \- perms: rwx
+.ft P
+.fi
 .UNINDENT
 .UNINDENT
 .sp
 Ensure a Linux ACL does not exist
 .INDENT 0.0
 .INDENT 3.5
+.sp
+.nf
+.ft C
+root:
+  acl.absent:
+    \- name: /root
+    \- acl_type: user
+    \- acl_name: damian
+    \- perms: rwx
+.ft P
+.fi
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
@@ -146824,12 +155338,19 @@
 .SS Manage Linux Containers
 .INDENT 0.0
 .TP
-.B salt.states.lxc.absent(name)
+.B salt.states.lxc.absent(name, stop=False)
 Ensure a container is not present, destroying it if present
 .INDENT 7.0
 .TP
 .B name
 Name of the container to destroy
+.TP
+.B stop
+stop before destroying
+default: false
+.sp
+New in version 2015.5.2.
+
 .UNINDENT
 .INDENT 7.0
 .INDENT 3.5
@@ -146932,7 +155453,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.states.lxc.present(name, running=None, clone_from=None, snapshot=False, profile=None, template=None, options=None, image=None, config=None, fstype=None, size=None, backing=None, vgname=None, lvname=None)
+.B salt.states.lxc.present(name, running=None, clone_from=None, snapshot=False, profile=None, network_profile=None, template=None, options=None, image=None, config=None, fstype=None, size=None, backing=None, vgname=None, lvname=None)
 Changed in version 2015.5.0: The \fI\%lxc.created\fP state has been renamed
 to \fBlxc.present\fP, and the \fI\%lxc.cloned\fP
 state has been merged into this state.
@@ -146966,10 +155487,19 @@
 Use Copy On Write snapshots (LVM). Only supported with \fBclone_from\fP\&.
 .TP
 .B profile
-Profile to use in container creation (see the LXC Tutorial for more information). Values in a
+Profile to use in container creation (see the \fILXC Tutorial\fP for more information). Values in a
 profile will be overridden by the parameters listed below.
-.UNINDENT
-.sp
+.TP
+.B network_profile
+Network Profile to use in container creation
+(see the \fILXC Tutorial\fP
+for more information). Values in a profile will be overridden by
+the parameters listed below.
+.sp
+New in version 2015.5.2.
+
+.UNINDENT
+.sp
 \fBContainer Creation Arguments\fP
 .INDENT 7.0
 .TP
@@ -147019,7 +155549,7 @@
 .UNINDENT
 .UNINDENT
 .sp
-Remember to double\-indent the options, due to how PyYAML works\&.
+Remember to double\-indent the options, due to \fIhow PyYAML works\fP\&.
 .TP
 .B image
 A tar archive to use as the rootfs for the container. Conflicts with
@@ -149934,6 +158464,10 @@
 .TP
 .B skip_verify
 Skip the GPG verification check for the package to be installed
+.TP
+.B refresh
+Update the repo database of available packages prior to installing the
+requested package.
 .UNINDENT
 .sp
 Multiple Package Installation Options:
@@ -150082,7 +158616,7 @@
 .B kwargs
 Any keyword arguments to pass through to \fBpkg.upgrade\fP\&.
 .sp
-New in version 2015.5.
+New in version 2015.5.0.
 
 .UNINDENT
 .UNINDENT
@@ -151037,7 +159571,7 @@
 .INDENT 7.0
 .TP
 .B name
-The licnese key to ensure is absent
+The license key to ensure is absent
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
@@ -151048,7 +159582,7 @@
 .INDENT 7.0
 .TP
 .B name
-The licnese key to ensure is present
+The license key to ensure is present
 .UNINDENT
 .UNINDENT
 .SS salt.states.process
@@ -151570,17 +160104,29 @@
 .TP
 .B owner
 Initial owner permission to set on the VHost, if present
+.sp
+Deprecated since version Beryllium.
+
 .TP
 .B conf
 Initial conf string to apply to the VHost and user. Defaults to .*
+.sp
+Deprecated since version Beryllium.
+
 .TP
 .B write
 Initial write permissions to apply to the VHost and user.
 Defaults to .*
+.sp
+Deprecated since version Beryllium.
+
 .TP
 .B read
 Initial read permissions to apply to the VHost and user.
 Defaults to .*
+.sp
+Deprecated since version Beryllium.
+
 .TP
 .B runas
 Name of the user to run the command
@@ -151999,7 +160545,7 @@
 .sp
 This state is intended for use from the Salt Master. It provides access to
 sending commands down to minions as well as access to executing master\-side
-modules. These state functions wrap Salt\(aqs Python API\&.
+modules. These state functions wrap Salt\(aqs \fIPython API\fP\&.
 .sp
 \fBSEE ALSO:\fP
 .INDENT 0.0
@@ -152007,7 +160553,7 @@
 More Orchestrate documentation
 .INDENT 0.0
 .IP \(bu 2
-Full Orchestrate Tutorial
+\fIFull Orchestrate Tutorial\fP
 .IP \(bu 2
 \fBThe Orchestrate runner\fP
 .UNINDENT
@@ -152410,6 +160956,26 @@
 The range parameter must be a dictionary with the date strings
 using the dateutil format. Requires python\-dateutil.
 .TP
+.B once
+This will schedule a job to run once on the specified date.
+.TP
+.B once_fmt
+The default date format is ISO 8601 but can be overridden by
+also specifying the \fBonce_fmt\fP option.
+.TP
+.B enabled
+Whether the job should be enabled or disabled.  Value should be a boolean.
+.TP
+.B return_job
+Whether to return information to the Salt master upon job completion.
+.TP
+.B metadata
+Using the metadata parameter special values can be associated with
+a scheduled job.  These values are not used in the execution of the job,
+but can be used to search for specific jobs later if combined with the
+return_job parameter.  The metadata parameter must be specified as a
+dictionary, othewise it will be ignored.
+.TP
 .B returner
 The returner to use to return the results of the scheduled job.
 .TP
@@ -152758,14 +161324,15 @@
 .UNINDENT
 .sp
 The api key can be specified in the master or minion configuration like below:
-.. code\-block:: yaml
 .INDENT 0.0
 .INDENT 3.5
-.INDENT 0.0
-.TP
-.B slack:
-api_key: peWcBiMOS9HrZG15peWcBiMOS9HrZG15
-.UNINDENT
+.sp
+.nf
+.ft C
+slack:
+  api_key: peWcBiMOS9HrZG15peWcBiMOS9HrZG15
+.ft P
+.fi
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
@@ -152806,14 +161373,13 @@
 .UNINDENT
 .sp
 The following parameters are optional:
-api_key
 .INDENT 7.0
-.INDENT 3.5
+.TP
+.B api_key
 The api key for Slack to use for authentication,
 if not specified in the configuration options of master or minion.
 .UNINDENT
 .UNINDENT
-.UNINDENT
 .SS salt.states.smtp
 .SS Sending Messages via SMTP
 .sp
@@ -152867,7 +161433,7 @@
 .sp
 Splunk Search State Module
 .sp
-New in version 2015.5.
+New in version 2015.5.0.
 
 .sp
 This state is used to ensure presence of splunk searches.
@@ -153732,6 +162298,14 @@
 Whether or not to set the hardware clock to UTC (default is True)
 .UNINDENT
 .UNINDENT
+.SS salt.states.tls
+.SS Enforce state for SSL/TLS
+.INDENT 0.0
+.TP
+.B salt.states.tls.valid_certificate(name, weeks=0, days=0, hours=0, minutes=0, seconds=0)
+Verify that a TLS certificate is valid now and (optionally) will be valid
+for the time specified through weeks, days, hours, minutes, and seconds.
+.UNINDENT
 .SS salt.states.tomcat
 .sp
 This state uses the manager webapp to manage Apache tomcat webapps
@@ -154204,6 +162778,15 @@
 .B cwd
 Path to the working directory where "pip install" is executed.
 .TP
+.B user
+The user under which to run virtualenv and pip
+.TP
+.B no_chown: False
+When user is given, do not attempt to copy and chown
+a requirements file (needed if the requirements file refers to other
+files via relative paths, as the copy\-and\-chown procedure does not
+account for such files)
+.TP
 .B use_wheel
 False
 Prefer wheel archives (requires pip>=1.4)
@@ -154532,35 +163115,35 @@
 .TP
 .B salt.states.win_servermanager.removed(name)
 Remove the windows feature
-name:
 .INDENT 7.0
-.INDENT 3.5
+.TP
+.B name:
 short name of the feature (the right column in win_servermanager.list_available)
 .UNINDENT
-.UNINDENT
 .sp
-Note:
+\fBNOTE:\fP
+.INDENT 7.0
+.INDENT 3.5
 Some features require a reboot after uninstallation. If so the feature will not be completly uninstalled until
 the server is restarted.
+.UNINDENT
+.UNINDENT
+.sp
 Example:
+.sp
 Run \fBsalt MinionName win_servermanager.list_installed\fP to get a list of all features installed. Use the top
 name listed for each feature, not the indented one. Do not use the role or feature names mentioned in the
 PKGMGR documentation.
-.. code\-block:: yaml
 .INDENT 7.0
 .INDENT 3.5
-.INDENT 0.0
-.TP
-.B ISWebserverRole:
-.INDENT 7.0
-.TP
-.B win_servermanager.removed:
-.INDENT 7.0
-.IP \(bu 2
-name: Web\-Server
-.UNINDENT
-.UNINDENT
-.UNINDENT
+.sp
+.nf
+.ft C
+ISWebserverRole:
+  win_servermanager.removed:
+    \- name: Web\-Server
+.ft P
+.fi
 .UNINDENT
 .UNINDENT
 .UNINDENT
@@ -154959,7 +163542,7 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B salt.states.zcbuildout.installed(name, config=\(aqbuildout.cfg\(aq, quiet=False, parts=None, user=None, env=(), buildout_ver=None, test_release=False, distribute=None, new_st=None, offline=False, newest=False, python=\(aq/home/erik/virtualenv/docs/bin/python2\(aq, debug=False, verbose=False, unless=None, onlyif=None, use_vt=False, loglevel=\(aqdebug\(aq)
+.B salt.states.zcbuildout.installed(name, config=\(aqbuildout.cfg\(aq, quiet=False, parts=None, user=None, env=(), buildout_ver=None, test_release=False, distribute=None, new_st=None, offline=False, newest=False, python=\(aq/usr/bin/python2.7\(aq, debug=False, verbose=False, unless=None, onlyif=None, use_vt=False, loglevel=\(aqdebug\(aq)
 Install buildout in a specific directory
 .sp
 It is a thin wrapper to modules.buildout.buildout
@@ -155104,7 +163687,7 @@
 \fBSEE ALSO:\fP
 .INDENT 0.0
 .INDENT 3.5
-Full list of builtin modules
+\fIFull list of builtin modules\fP
 .UNINDENT
 .UNINDENT
 .sp
@@ -155492,7 +164075,7 @@
 .sp
 Salt includes a number of built\-in subsystems to generate top file data, they
 are listed listed at
-all\-salt.tops\&.
+\fIall\-salt.tops\fP\&.
 .sp
 The source for the built\-in Salt master tops can be found here:
 \fI\%https://github.com/saltstack/salt/blob/develop/salt/tops\fP
@@ -155832,24 +164415,28 @@
 specified by \fBdefault_include\fP\&.
 This folder is named \fBmaster.d\fP by
 default. Please look at
-\fI\%http://docs.saltstack.com/en/latest/ref/configuration/master.html#include\-configuration\fP
+\fBinclude\-configuration\fP
 for more information.
 .sp
-Example low data
-data = {
+Example low data:
 .INDENT 7.0
 .INDENT 3.5
-\(aqusername\(aq: \(aqsalt\(aq,
-\(aqpassword\(aq: \(aqsalt\(aq,
-\(aqfun\(aq: \(aqconfig.update_config\(aq,
-\(aqfile_name\(aq: \(aqgui\(aq,
-\(aqyaml_contents\(aq: {\(aqid\(aq: 1},
-\(aqclient\(aq: \(aqwheel\(aq,
-\(aqeauth\(aq: \(aqpam\(aq,
-.UNINDENT
-.UNINDENT
 .sp
+.nf
+.ft C
+data = {
+    \(aqusername\(aq: \(aqsalt\(aq,
+    \(aqpassword\(aq: \(aqsalt\(aq,
+    \(aqfun\(aq: \(aqconfig.update_config\(aq,
+    \(aqfile_name\(aq: \(aqgui\(aq,
+    \(aqyaml_contents\(aq: {\(aqid\(aq: 1},
+    \(aqclient\(aq: \(aqwheel\(aq,
+    \(aqeauth\(aq: \(aqpam\(aq,
 }
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -156118,8 +164705,7 @@
 .B salt.beacons.diskusage.beacon(config)
 Monitor the disk usage of the minion
 .sp
-Specify thresholds for for each load average
-and only emit a beacon if any of them are
+Specify thresholds for each disk and only emit a beacon if any of them are
 exceeded.
 .sp
 code_block:: yaml
@@ -156129,10 +164715,14 @@
 .TP
 .B beacons:
 .INDENT 7.0
+.TP
+.B diskusage:
+.INDENT 7.0
 .IP \(bu 2
-diskusage:
-\- /: 63%
-\- /mnt/nfs: 50%
+/: 63%
+.IP \(bu 2
+/mnt/nfs: 50%
+.UNINDENT
 .UNINDENT
 .UNINDENT
 .UNINDENT
@@ -156143,6 +164733,19 @@
 Watch files and translate the changes into salt events
 .INDENT 0.0
 .TP
+.B depends
+.INDENT 7.0
+.IP \(bu 2
+pyinotify Python module >= 0.9.5
+.UNINDENT
+.TP
+.B Caution
+Using generic mask options like open, access, ignored, and
+closed_nowrite with reactors can easily cause the reactor
+to loop on itself.
+.UNINDENT
+.INDENT 0.0
+.TP
 .B salt.beacons.inotify.beacon(config)
 Watch the configured files
 .sp
@@ -156165,32 +164768,54 @@
 .fi
 .UNINDENT
 .UNINDENT
+.sp
+The mask list can contain the following events (the default mask is create,
+delete, and modify):
+.INDENT 7.0
+.IP \(bu 2
+access            File accessed
+.IP \(bu 2
+attrib            File metadata changed
+.IP \(bu 2
+close_nowrite     Unwritable file closed
+.IP \(bu 2
+close_write       Writable file closed
+.IP \(bu 2
+create            File created in watched directory
+.IP \(bu 2
+delete            File deleted from watched directory
+.IP \(bu 2
+delete_self       Watched file or directory deleted
+.IP \(bu 2
+modify            File modified
+.IP \(bu 2
+moved_from        File moved out of watched directory
+.IP \(bu 2
+moved_to          File moved into watched directory
+.IP \(bu 2
+move_self         Watched file moved
+.IP \(bu 2
+open              File opened
+.UNINDENT
+.sp
+The mask can also contain the following options:
+.INDENT 7.0
+.IP \(bu 2
+dont_follow       Don\(aqt dereference symbolic links
+.IP \(bu 2
+excl_unlink       Omit events for children after they have been unlinked
+.IP \(bu 2
+oneshot           Remove watch after one event
+.IP \(bu 2
+onlydir           Operate only if name is directory
+.UNINDENT
 .INDENT 7.0
-.TP
-.B The mask can be a single option from:
-access
-attrib
-close_nowrite
-close_write
-create
-delete
-delete_self
-excl_unlink
-ignored
-modify
-moved_from
-moved_to
-move_self
-oneshot
-onlydir
-open
-unmount
 .TP
 .B recurse:
-Tell the beacon to recursively watch files in the directory
+Recursively watch files in the directory
 .TP
 .B auto_add:
-Automatically start adding files that are created in the watched directory
+Automatically start watching files that are created in the watched directory
 .UNINDENT
 .UNINDENT
 .SS salt.beacons.journald
@@ -156209,10 +164834,10 @@
 .nf
 .ft C
 beacons:
-    journald:
-        sshd:
-            SYSLOG_IDENTIFIER: sshd
-            PRIORITY: 6
+  journald:
+    sshd:
+      SYSLOG_IDENTIFIER: sshd
+      PRIORITY: 6
 .ft P
 .fi
 .UNINDENT
@@ -156226,7 +164851,7 @@
 .B salt.beacons.load.beacon(config)
 Emit the load averages of this host.
 .sp
-Specify thresholds for for each load average
+Specify thresholds for each load average
 and only emit a beacon if any of them are
 exceeded.
 .INDENT 7.0
@@ -156261,7 +164886,7 @@
 .B salt.beacons.network_info.beacon(config)
 Emit the network statistics of this host.
 .sp
-Specify thresholds for for each network stat
+Specify thresholds for each network stat
 and only emit a beacon if any of them are
 exceeded.
 .sp
@@ -156440,13 +165065,11 @@
     account_sid: "<account sid>"
     auth_token: "<auth token>"
     twilio_number: "+15555555555"
-    poll_interval: 10
+    interval: 10
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
-.sp
-poll_interval defaults to 10 seconds
 .UNINDENT
 .SS salt.beacons.wtmp
 .sp
@@ -156872,7 +165495,7 @@
 reduces the overall complexity and leads a user to both understand what will
 be included at a glance and where it is located.
 .sp
-In addition Formulas should
+In addition \fIFormulas\fP should
 be used as often as possible.
 .sp
 \fBNOTE:\fP
@@ -156887,7 +165510,7 @@
 .UNINDENT
 .SS Structuring Pillar Files
 .sp
-Pillars are used to store
+\fIPillars\fP are used to store
 secure and insecure data pertaining to minions. When designing the structure
 of the \fB/srv/pillar\fP directory, the pillars contained within
 should once again be focused on clear and concise data which users can easily
@@ -157138,7 +165761,7 @@
 .sp
 In the next example steps will be taken to begin addressing these issues.
 Starting with the addition of a map.jinja file (as noted in the
-Formula documentation), and
+\fIFormula documentation\fP), and
 modification of static values:
 .sp
 \fB/srv/salt/apache/map.jinja\fP:
@@ -158819,99 +167442,203 @@
 There are a number of ways to contribute to Salt development.
 .sp
 For details on how to contribute documentation improvements please review
-Writing Salt Documentation\&.
+\fIWriting Salt Documentation\fP\&.
 .SS Sending a GitHub pull request
 .sp
 Sending pull requests on GitHub is the preferred method for receiving
 contributions. The workflow advice below mirrors \fI\%GitHub\(aqs own guide\fP and is well worth reading.
 .INDENT 0.0
 .IP 1. 3
-Fork the \fI\%saltstack/salt\fP repository on GitHub.
+\fI\%Fork saltstack/salt\fP on GitHub.
 .IP 2. 3
 Make a local clone of your fork.
+.INDENT 3.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+git clone git@github.com:my\-account/salt.git
+cd salt
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .IP 3. 3
+Add \fI\%saltstack/salt\fP as a git remote.
+.INDENT 3.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+git remote add upstream https://github.com/saltstack/salt.git
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.IP 4. 3
 Create a new branch in your clone.
 .sp
-A branch should have one purpose. For example, "Fix bug X," or "Add feature
-Y." Multiple pull requests should be opened for unrelated changes.
+\fBNOTE:\fP
+.INDENT 3.0
+.INDENT 3.5
+A branch should have one purpose. For example, "Fix bug X," or "Add
+feature Y".  Multiple unrelated fixes and/or features should be
+isolated into separate branches.
+.UNINDENT
+.UNINDENT
 .sp
-Choose a name for your branch that describes its purpose.
+If you\(aqre working on a fix, create your branch from the oldest release
+branch having the bug.  See \fI\%Which Salt Branch?\fP\&.
 .INDENT 3.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-git checkout \-b fixed\-broken\-thing
+git fetch upstream
+git checkout \-b fix\-broken\-thing upstream/2015.5
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+If you\(aqre working on a feature, create your branch from the develop branch.
+.INDENT 3.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+git fetch upstream
+git checkout \-b add\-cool\-feature upstream/develop
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
-.IP 4. 3
-Make edits and changes locally.
 .IP 5. 3
-Commit changes to this new branch.
+Edit and commit changes to your branch.
+.INDENT 3.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+vim path/to/file1 path/to/file2
+git diff
+git add path/to/file1 path/to/file2
+git commit
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
 .sp
-Edit the necessary files in your Salt clone and remember to add them to
-your commit. Write a descriptive commit message.
+Write a short, descriptive commit title and a longer commit message if
+necessary.
+.sp
+\fBNOTE:\fP
+.INDENT 3.0
+.INDENT 3.5
+If your change fixes a bug or implements a feature already filed in the
+\fI\%issue tracker\fP, be sure to reference the issue
+number in the commit message body.
+.UNINDENT
+.UNINDENT
 .INDENT 3.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-git add path/to/file1
-git add path/to/file2
-git commit \-m "Fixed X in file1 and file2"
+fix broken things in file1 and file2
+
+Fixes #31337.  The issue is now eradicated from file1 and file2.
+
+# Please enter the commit message for your changes. Lines starting
+# with \(aq#\(aq will be ignored, and an empty message aborts the commit.
+# On branch fix\-broken\-thing
+# Changes to be committed:
+#       modified:   path/to/file1
+#       modified:   path/to/file2
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
 .sp
-If you get stuck \fI\%there are many introductory Git resources on
-help.github.com\fP\&.
+If you get stuck, there are many introductory Git resources on
+\fI\%http://help.github.com\fP\&.
 .IP 6. 3
-Push your locally\-committed changes to your GitHub fork.
+Push your locally\-committed changes to your GitHub fork,
+.sp
+\fBNOTE:\fP
+.INDENT 3.0
+.INDENT 3.5
+You may want to rebase before pushing to work out any potential
+conflicts.
+.UNINDENT
+.UNINDENT
 .INDENT 3.0
 .INDENT 3.5
 .sp
 .nf
 .ft C
-git push \-\-set\-upstream origin fixed\-broken\-thing
+git fetch upstream
+git rebase upstream/2015.5 fix\-broken\-thing
+git push \-\-set\-upstream origin fix\-broken\-thing
 .ft P
 .fi
 .UNINDENT
 .UNINDENT
-.IP 7. 3
-Go to your fork on the GitHub website & find your branch.
 .sp
-GitHub automatically displays a button with the text "Compare & pull
-request" for recently pushed branches.
+or,
+.INDENT 3.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+git fetch upstream
+git rebase upstream/develop add\-cool\-feature
+git push \-\-set\-upstream origin add\-cool\-feature
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.IP 7. 3
+Find the branch on your GitHub salt fork.
 .sp
-Otherwise click on the "Branches" tab at the top of your fork. A button
-with the text "New pull request" will be beside each branch.
+\fI\%https://github.com/my\-account/salt/branches/fix\-broken\-thing\fP
 .IP 8. 3
 Open a new pull request.
+.sp
+Click on \fBPull Request\fP on the right near the top of the page,
+.sp
+\fI\%https://github.com/my\-account/salt/pull/new/fix\-broken\-thing\fP
 .INDENT 3.0
 .IP 1. 3
-Click one of the pull request buttons from the previous step. GitHub
-will present a form and show a comparison of the changes in your pull
-request.
+If your branch is a fix for a release branch, choose that as the base
+branch (e.g. \fB2015.5\fP),
+.sp
+\fI\%https://github.com/my\-account/salt/compare/saltstack:2015.5...fix\-broken\-thing\fP
+.sp
+If your branch is a feature, choose \fBdevelop\fP as the base branch,
+.sp
+\fI\%https://github.com/my\-account/salt/compare/saltstack:develop...add\-cool\-feature\fP
 .IP 2. 3
-Write a descriptive comment, include links to any project issues
-related to the pull request.
+Review that the proposed changes are what you expect.
 .IP 3. 3
-Click "Create pull request".
+Write a descriptive comment.  Include links to related issues (e.g.
+\(aqFixes #31337.\(aq) in the comment field.
+.IP 4. 3
+Click \fBCreate pull request\fP\&.
 .UNINDENT
 .IP 9. 3
-The Salt repo managers will be notified of your pull request.
+Salt project members will review your pull request and automated tests will
+run on it.
 .sp
-If a reviewer asks for changes:
+If you recognize any test failures as being related to your proposed
+changes or if a reviewer asks for modifications:
 .INDENT 3.0
 .IP 1. 3
-Make the changes in your local clone on the same local branch.
+Make the new changes in your local clone on the same local branch.
 .IP 2. 3
-Push the branch to GitHub using the same command as before.
+Push the branch to GitHub again using the same commands as before.
 .IP 3. 3
-The new commits will be reflected in the pull request automatically.
+New and updated commits will be added to the pull request automatically.
 .IP 4. 3
 Feel free to add a comment to the discussion.
 .UNINDENT
@@ -158922,33 +167649,31 @@
 .INDENT 3.5
 Jenkins
 .sp
-Whenever you make a pull request against the main Salt repository your
-changes will be tested on a variety of operating systems and
-configurations. On average these tests take 30 minutes to run and once
-they are complete a PASS/FAIL message will be added to your pull
-request. This message contains a link to \fI\%http://jenkins.saltstack.com\fP
-where you can review the test results. This message will also generate an
-email which will be sent to the email address associated with your GitHub
-account informing you of these results. It should be noted that a test
-failure does not necessarily mean there is an issue in the associated pull
-request as the entire development branch is tested.
+Pull request against \fI\%saltstack/salt\fP are automatically tested on a
+variety of operating systems and configurations. On average these tests
+take 30 minutes.  Depending on your GitHub notification settings you may
+also receive an email message about the test results.
+.sp
+Test progress and results can be found at \fI\%http://jenkins.saltstack.com/\fP\&.
 .UNINDENT
 .UNINDENT
 .SS Which Salt branch?
 .sp
-GitHub will open pull requests against Salt\(aqs main branch named \fBdevelop\fP by
-default. Most contributors can keep the default options. This section is for
-advanced contributors.
-.sp
-Each pull request should address a single concern, as mentioned in the section
-above. For example, "Fix bug X," or "Add feature Y." And a pull request should
-be opened against the branch that corresponds to that concern.
+GitHub will open pull requests against Salt\(aqs main branch, \fBdevelop\fP, by
+default.  Ideally features should go into \fBdevelop\fP and bug fixes should go
+into the oldest supported release branch affected by the bug.  See
+\fI\%Sending a GitHub pull request\fP\&.
+.sp
+If you have a bug fix and have already forked your working branch from
+\fBdevelop\fP and do not know how to rebase your commits against another branch,
+then submit it to \fBdevelop\fP anyway and we\(aqll be sure to backport it to the
+correct place.
 .SS The current release branch
 .sp
 The current release branch is the most recent stable release. Pull requests
 containing bug fixes should be made against the release branch.
 .sp
-The branch name will be a date\-based name such as \fB2014.7\fP\&.
+The branch name will be a date\-based name such as \fB2015.5\fP\&.
 .sp
 Bug fixes are made on this branch so that minor releases can be cut from this
 branch without introducing surprises and new features. This approach maximizes
@@ -159170,7 +167895,7 @@
 .UNINDENT
 .UNINDENT
 .sp
-Note, release branches prior to \fB2014.7\fP will not be able to make use of
+Note, release branches prior to \fB2015.5\fP will not be able to make use of
 rebase and must use cherry\-picking instead.
 .IP 5. 3
 Push the back\-port branch to GitHub and open a new pull request.
@@ -159188,6 +167913,10 @@
 .UNINDENT
 .UNINDENT
 .UNINDENT
+.SS Issue and Pull Request Labeling System
+.sp
+SaltStack uses several labeling schemes to help facilitate code contributions
+and bug resolution. See the \fILabels and Milestones\fP documentation for more information.
 .SS Deprecating Code
 .sp
 Salt should remain backwards compatible, though sometimes, this backwards
@@ -160063,6 +168792,332 @@
 .UNINDENT
 .sp
 See \fBhere\fP for more information regarding the test suite.
+.SS Issue and Pull Request Labeling System
+.sp
+SaltStack uses several labeling schemes to help facilitate code contributions
+and bug resolution. See the \fILabels and Milestones\fP documentation for more information.
+.SS GitHub Labels and Milestones
+.sp
+SaltStack uses several labeling schemes, as well as applying milestones, to triage incoming issues and pull requests in
+the GitHub Issue Tracker. Most of the labels and milestones are used for internal tracking, but the following
+definitions might prove useful for the community to discover the best issues to help resolve.
+.SS Milestones
+.sp
+Milestones are most often applied to issues, as a milestone is assigned to every issue that has been triaged. However,
+milestones can also be applied to pull requests. SaltStack uses milestones to track bugs or features that should be
+included in the next major feature release, or even the next bug\-fix release, as well as what issues are ready to be
+worked on or what might be blocked. All incoming issues must have a milestone associated with them.
+.INDENT 0.0
+.TP
+.B Approved
+Used to indicate that this issue has all of the needed information and is ready to be worked on.
+.TP
+.B Blocked
+Used to indicate that the issue is not ready to be worked on yet. This typically applies to issues that have been
+labeled with “Info Needed”, “Question”, “Expected Behavior”, “Won’t Fix for Now”, etc.
+.TP
+.B Dot or Bug\-fix Release
+Used to help filter/identify what issues must be fixed before the release such as 2014.7.4 or 2015.2.3. This
+milestone is often used in conjunction with the \fBBlocker\fP label, but not always.
+.TP
+.B Feature Release
+Similar to the Dot or Bug\-fix Release milestone, but for upcoming feature releases such as Boron, Carbon, etc.
+This milestone is often used in conjunction with the \fBBlocker\fP label, but not always.
+.UNINDENT
+.SS Labels
+.sp
+Labels are used to facilitate the resolution of new pull requests and open issues. Most labels are confined to being
+applied to either issues or pull requests, though some labels may be applied to both.
+.SS Issue Labels
+.sp
+All incoming issues should be triaged with at least one label and a milestone. When a new issue comes in, it should be
+determined if the issue is a bug or a feature request, and either of those labels should be applied accordingly. Bugs
+and Feature Requests have differing labeling schemes, detailed below, where other labels are applied to them to further
+help contributors find issues to fix or implement.
+.sp
+There are some labels, such as \fBQuestion\fP or some of the "Status" labels that may be applied as "stand alone" labels
+in which more information may be needed or a decision must be reached on how to proceed. (See the "Bug Status Labels"
+section below.)
+.SS Features
+.sp
+The \fBFeature\fP label should be applied when a user is requesting entirely new functionality. This can include new
+functions, modules, states, modular systems, flags for existing functions, etc. Features \fIdo not\fP receive severity
+or priority labels, as those labels are only used for bugs. However, they may receive "Functional Area" labels or "ZD".
+.sp
+Feature request issues will be prioritized on an "as\-needed" basis using milestones during SaltStack\(aqs feature release
+and sprint planning processes.
+.SS Bugs
+.sp
+All bugs should have the \fBBug\fP label as well as a severity, priority, functional area, and a status, as applicable.
+.SS Severity
+.sp
+How severe is the bug? SaltStack uses four labels to determine the severity of a bug: \fBBlocker\fP, \fBCritical\fP,
+\fBHigh\fP, and \fBMedium\fP\&. This scale is intended to make the bug\-triage process as objective as possible.
+.INDENT 0.0
+.TP
+.B Blocker
+Should be used sparingly to indicate must\-have fixes for the impending release.
+.TP
+.B Critical
+Applied to bugs that have data loss, crashes, hanging, unresponsive system, etc.
+.TP
+.B High Severity
+Any bug report that contains incorrect functionality, bad functionality, a confusing user experience, etc.
+.TP
+.B Medium Severity
+Applied to bugs that are about cosmetic items, spelling, spacing, colors, etc.
+.UNINDENT
+.SS Priority
+.sp
+In addition to using a bug severity to classify issues, a priority is also assigned to each bug to give further
+granularity in searching for bugs to fix. In this way, a bug\(aqs priority is defined as follows:
+.INDENT 0.0
+.TP
+.B P1
+Very likely. Everyone will see the bug.
+.TP
+.B P2
+Somewhat likely. Most will see the bug, but a few will not.
+.TP
+.B P3
+Half will see the bug, about half will not.
+.TP
+.B P4
+Most will not see the bug. Usually a very specific use case or corner case.
+.UNINDENT
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+A bug\(aqs priority is relative to its functional area. If a bug report, for example, about \fBgitfs\fP includes details
+indicating that everyone who \fBgitfs\fP will run into this bug, then a \fBP1\fP label will be applied, even though
+Salt users who are not enabling \fBgitfs\fP will see the bug.
+.UNINDENT
+.UNINDENT
+.SS Functional Areas
+.sp
+All bugs should receive a "Functional Area" label to indicate what region of Salt the bug is mainly seen in. This will
+help internal developers as well as community members identify areas of expertise to find issues that can be fixed more
+easily. Functional Area labels can also be applied to Feature Requests.
+.sp
+Functional Area Labels, in alphabetical order, include:
+.INDENT 0.0
+.IP \(bu 2
+Core
+.IP \(bu 2
+Documentation
+.IP \(bu 2
+Execution Module
+.IP \(bu 2
+File Servers
+.IP \(bu 2
+Multi\-Master
+.IP \(bu 2
+Packaging
+.IP \(bu 2
+Pillar
+.IP \(bu 2
+Platform Mgmt.
+.IP \(bu 2
+RAET
+.IP \(bu 2
+Returners
+.IP \(bu 2
+Salt\-API
+.IP \(bu 2
+Salt\-Cloud
+.IP \(bu 2
+Salt\-SSH
+.IP \(bu 2
+Salt\-Syndic
+.IP \(bu 2
+State Module
+.IP \(bu 2
+Windows
+.IP \(bu 2
+ZMQ
+.UNINDENT
+.SS Bug Status Labels
+.sp
+Status lables are used to define and track the state a bug is in at any given time. Not all bugs will have a status
+label, but if a SaltStack employee is able to apply a status label, he or she will. Status labels are somewhat unique
+in the fact that they might be the only label on an issue, such as \fBPending Discussion\fP, \fBInfo Needed\fP, or
+\fBExpected Behavior\fP until further action can be taken.
+.INDENT 0.0
+.TP
+.B Cannot Reproduce
+Someone from the SaltStack team has tried to reproduce the bug with the given information but they are unable to
+replicate the problem. More information will need to be provided from the original issue\-filer before proceeding.
+.TP
+.B Confirmed
+A SaltStack engineer has confirmed the reported bug and provided a simple way to reproduce the failure.
+.TP
+.B Duplicate
+The issue has been reported already in another report. A link to the other bug report must be provided. At that
+point the new issue can be closed. Usually, the earliest bug on file is kept as that typically has the most
+discussion revolving around the issue, though not always. (This can be a "stand\-alone" label.)
+.TP
+.B Expected Behavior
+The issue reported is expected behavior and nothing needs to be fixed. (This can be a "stand\-alone" label.)
+.TP
+.B Fixed Pending Verification
+The bug has been fixed and a link to the applicable pull request(s) has been provided, but confirmation is being
+sought from the community member(s) involved in the bug to test and confirm the fix.
+.TP
+.B Info Needed
+More information about the issue is needed before proceeding such as a versions report, a sample state, the command
+the user was running, or the operating system the error was occurring on, etc. (This can be a "stand\-alone" label.)
+.TP
+.B Upstream Bug
+The reported bug is something that cannot be fixed in the Salt code base but is instead a bug in another library
+such a bug in ZMQ or Python. When an issue is labeled with \fBUpstream Bug\fP then a bug report in the upstream
+project must be filed (or found if a report already exists) and a link to the report must be provided to the issue
+in Salt for tracking purposes. (This can be a stand\-alone label.)
+.TP
+.B Won\(aqt Fix for Now
+The SaltStack team has acknowledged the issue at hand is legitimate, but made the call that it’s not something
+they’re able or willing to fix at this time. These issues may be revisited in the future.
+.UNINDENT
+.SS Other
+.sp
+There are a couple of other labels that are helpful in categorizing bugs that are not included in the categories above.
+These labels can either stand on their own such as \fBQuestion\fP or can be applied to bugs or feature requests as
+applicable.
+.INDENT 0.0
+.TP
+.B Low Hanging Fruit
+Applied to bugs that should be easy to fix. This is useful for new contributors to know where some simple things
+are to get involved in contributing to salt.
+.TP
+.B Question
+Used when the issue isn’t a bug nor a feature, but the user has a question about expected behavior, how something
+works, is misunderstanding a concept, etc. This label is typically applied on its own with \fBBlocked\fP milestone.
+.TP
+.B Regression
+Helps with additional filtering for bug fixing. If something previously worked and now does not work, as opposed to
+something that never worked in the first place, the issue should be treated with greater urgency.
+.TP
+.B ZD
+Stands for “Zendesk” and is used to help track bugs that customers are seeing as well as community members. Bugs
+with this label should be treated with greater urgency.
+.UNINDENT
+.SS Pull Request Labels
+.sp
+SaltStack also applies various labels to incoming pull requests. These are mainly used to help SaltStack engineers
+easily identify the nature the changes presented in a pull request and whether or not that pull request is ready to be
+reviewed and merged into the Salt codebase.
+.SS Type of Change
+.sp
+A "* Change" label is applied to each incoming pull request. The type of change label that is applied to a pull request
+is based on a scale that encompasses the number of lines affected by the change in conjunction with the area of code
+the change touches (i.e. core code areas vs. execution or state modules).
+.sp
+The conditions given for these labels are recommendations, as the pull request reviewer will also consult their
+intuition and experience regarding the magnitude of the impact of the proposed changes in the pull request.
+.sp
+Core code areas include: state compiler, crypto engine, master and minion, transport, pillar rendering, loader,
+transport layer, event system, salt.utils, client, cli, logging, netapi, runner engine, templating engine, top file
+compilation, file client, file server, mine, salt\-ssh, test runner, etc.
+.INDENT 0.0
+.IP \(bu 2
+.INDENT 2.0
+.TP
+.B Minor Change
+.INDENT 7.0
+.IP \(bu 2
+Less than 64 lines changed, or
+.IP \(bu 2
+Less than 8 core lines changed
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+.INDENT 2.0
+.TP
+.B Medium Change
+.INDENT 7.0
+.IP \(bu 2
+Less than 256 lines changed, or
+.IP \(bu 2
+Less than 64 core lines changed
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+.INDENT 2.0
+.TP
+.B Master Change
+.INDENT 7.0
+.IP \(bu 2
+More than 256 lines changed, or
+.IP \(bu 2
+More than 64 core lines changed
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+.INDENT 2.0
+.TP
+.B Expert Change
+.INDENT 7.0
+.IP \(bu 2
+Needs specialized, in\-depth review
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.SS Back\-port Labels
+.sp
+There are two labels that are used to keep track of what pull requests need to be back\-ported to an older release branch
+and which pull requests have already been back\-ported.
+.INDENT 0.0
+.TP
+.B Bugfix \- back\-port
+Indicates a pull request that needs to be back\-ported. Once the back\-port is completed, the back\-porting pull request
+is linked to the original pull request and this label is removed.
+.TP
+.B Bugfix \- [Done] back\-ported
+Indicates a pull request that has been back\-ported to another branch. The pull request that is responsible for the
+backport should be linked to this original pull request.
+.UNINDENT
+.SS Testing Labels
+.sp
+There are a couple of labels that the QA team uses to indicate the mergability of a pull request. If the pull request is
+legitimately passing or failing tests, then one or more of these labels may be applied.
+.INDENT 0.0
+.TP
+.B Lint
+If a pull request fails the test run, but the only failures are related pylint errors, this label will be applied to
+indicate that pylint needs to be fixed before proceeding.
+.TP
+.B Pending Changes
+Indicates that additional commits should be added to the original pull request before the pull request is merged
+into the codebase. These changes are unrelated to fixing tests and are generally needed to round out any unfinished
+pull requests.
+.TP
+.B Tests Passed
+Sometimes the Jenkins test run encounters problems, either tests that are known to have reliability issues or a
+test VM failed to build, but the problems are not related to the code changed in the pull request. This label is
+used to indicate that someone has reviewed the test failures and has deemed the failures to be non\-pertinent.
+.UNINDENT
+.SS Other Pull Request Labels
+.INDENT 0.0
+.TP
+.B Awesome
+Applied to pull requests that implemented a cool new feature or fixed a bug in an excellent way.
+.UNINDENT
+.SS Labels that Bridge Issues and Pull Requests
+.INDENT 0.0
+.TP
+.B Needs Testcase
+Used by SaltStack\(aqs QA team to realize where pain points are and to bring special attention to where some test
+coverage needs to occur, especially in areas that have regressed. This label can apply to issues or pull requests,
+which can also be open or closed. Once tests are written, the pull request containing the tests should be linked to
+the issue or pull request that originally had the \fBNeeds Testcase\fP label. At this point, the \fBNeeds Testcase\fP
+label must be removed to indicate that tests no longer need to be written.
+.TP
+.B Pending Discussion
+If this label is applied to an issue, the issue may or may not be a bug. Enough information was provided about the
+issue, but some other opinions on the issue are desirable before proceeding. (This can be a "stand\-alone" label.)
+If the label is applied to a pull request, this is used to signal that further discussion must occur before a
+decision is made to either merge the pull request into the code base or to close it all together.
+.UNINDENT
 .SS Logging Internals
 .sp
 TODO
@@ -160921,7 +169976,7 @@
 .SS Running Cloud Provider Tests
 .sp
 Salt\(aqs testing suite also includes integration tests to assess the successful
-creation and deletion of cloud instances using Salt\-Cloud for
+creation and deletion of cloud instances using \fISalt\-Cloud\fP for
 providers supported by Salt\-Cloud.
 .sp
 The cloud provider tests are off by default and run on sample configuration files
@@ -161050,7 +170105,7 @@
 running test environments, go to \fI\%http://jenkins.saltstack.com\fP\&.
 .SS Using Salt\-Cloud on Jenkins
 .sp
-For testing Salt on Jenkins, SaltStack uses Salt\-Cloud to
+For testing Salt on Jenkins, SaltStack uses \fISalt\-Cloud\fP to
 spin up virtual machines. The script using Salt\-Cloud to accomplish this is
 open source and can be found here: \fI\%https://github.com/saltstack/salt/blob/develop/tests/jenkins.py\fP
 .SS Writing Tests
@@ -161390,7 +170445,7 @@
 .UNINDENT
 .SS Cloud Provider Tests
 .sp
-Cloud provider integration tests are used to assess Salt\-Cloud\(aqs
+Cloud provider integration tests are used to assess \fISalt\-Cloud\fP\(aqs
 ability to create and destroy cloud instances for various supported cloud providers.
 Cloud provider tests inherit from the ShellCase Integration Class.
 .sp
@@ -162052,6 +171107,13 @@
 .sp
 # RAET
 # Reliable Asynchronous Event Transport Protocol
+.sp
+\fBSEE ALSO:\fP
+.INDENT 0.0
+.INDENT 3.5
+\fIRAET Overview\fP
+.UNINDENT
+.UNINDENT
 .SS Protocol
 .sp
 Layering:
@@ -162602,7 +171664,7 @@
 .SS Adding module documentation to the index
 .sp
 Each module type has an index listing all modules of that type. For example:
-all\-salt.modules, all\-salt.states, all\-salt.renderers\&.
+\fIall\-salt.modules\fP, \fIall\-salt.states\fP, \fIall\-salt.renderers\fP\&.
 New modules must be added to the index manually.
 .INDENT 0.0
 .IP 1. 3
@@ -162840,7 +171902,7 @@
 States. GitFS is a quick and natural way to use Formulas.
 .INDENT 0.0
 .IP 1. 3
-Install and configure GitFS\&.
+\fIInstall and configure GitFS\fP\&.
 .IP 2. 3
 Add one or more Formula repository URLs as remotes in the
 \fBgitfs_remotes\fP list in the Salt Master configuration file:
@@ -162989,15 +172051,15 @@
 .sp
 Salt Formulas are designed to work out of the box with no additional
 configuration. However, many Formula support additional configuration and
-customization through Pillar\&. Examples of available options can
+customization through \fIPillar\fP\&. Examples of available options can
 be found in a file named \fBpillar.example\fP in the root directory of each
 Formula repository.
 .SS Using Formula with your own states
 .sp
 Remember that Formula are regular Salt States and can be used with all Salt\(aqs
 normal state mechanisms. Formula can be required from other States with
-requisites\-require declarations, they can be modified using \fBextend\fP,
-they can made to watch other states with requisites\-watch\-in\&.
+\fIrequisites\-require\fP declarations, they can be modified using \fBextend\fP,
+they can made to watch other states with \fIrequisites\-watch\-in\fP\&.
 .sp
 The following example uses the stock \fI\%apache\-formula\fP alongside a
 custom state to create a vhost on a Debian/Ubuntu system and to reload the
@@ -163075,8 +172137,8 @@
 .SS Use a descriptive State ID
 .sp
 The ID of a state is used as a unique identifier that may be referenced via
-other states in requisites\&. It must be unique across the
-whole state tree (it is a key in a dictionary, after
+other states in \fIrequisites\fP\&. It must be unique across the
+whole state tree (\fIit is a key in a dictionary\fP, after
 all).
 .sp
 In addition a state ID should be descriptive and serve as a high\-level hint of
@@ -163109,14 +172171,14 @@
 .UNINDENT
 .sp
 Salt\(aqs state compiler will transform "short\-decs" into the longer format
-when compiling the human\-friendly highstate structure into the
-machine\-friendly lowstate structure\&.
+\fIwhen compiling the human\-friendly highstate structure into the
+machine\-friendly lowstate structure\fP\&.
 .SS Specify the \fBname\fP parameter
 .sp
 Use a unique and permanent identifier for the state ID and reserve \fBname\fP for
 data with variability.
 .sp
-The name declaration is a required parameter for all
+The \fIname declaration\fP is a required parameter for all
 state functions. The state ID will implicitly be used as \fBname\fP if it is not
 explicitly set in the state.
 .sp
@@ -163208,9 +172270,9 @@
 .IP \(bu 2
 Whatever the Jinja step produces must be valid YAML.
 .IP \(bu 2
-Whatever the YAML step produces must be a valid highstate data
-structure\&. (This is also true of the final step
-for any of the alternate renderers in Salt.)
+Whatever the YAML step produces must be a valid \fIhighstate data
+structure\fP\&. (This is also true of the final step
+for \fIany of the alternate renderers\fP in Salt.)
 .IP \(bu 2
 Highstate can be thought of as a human\-friendly data structure; easy to write
 and easy to read.
@@ -163456,7 +172518,7 @@
 .sp
 Using alternate renderers is very simple to do using Salt\(aqs "she\-bang" syntax
 at the top of the file. The Python renderer must simply return the correct
-highstate data structure\&. The following
+\fIhighstate data structure\fP\&. The following
 example is a state tree of two sls files, one simple and one complicated.
 .sp
 \fB/srv/salt/top.sls\fP:
@@ -163590,10 +172652,11 @@
 .sp
 .nf
 .ft C
-PHP:
-  engine: \(aqOn\(aq
-  short_open_tag: \(aqOff\(aq
-  error_reporting: \(aqE_ALL & ~E_DEPRECATED & ~E_STRICT\(aq
+php_ini:
+  PHP:
+    engine: \(aqOn\(aq
+    short_open_tag: \(aqOff\(aq
+    error_reporting: \(aqE_ALL & ~E_DEPRECATED & ~E_STRICT\(aq
 .ft P
 .fi
 .UNINDENT
@@ -163607,8 +172670,8 @@
 .ft C
 {% macro php_ini_serializer(data) %}
 {% for section_name, name_val_pairs in data.items() %}
-[{{ section }}]
-{% for name, val in name_val_pairs.items() %}
+[{{ section_name }}]
+{% for name, val in name_val_pairs.items() \-%}
 {{ name }} = "{{ val }}"
 {% endfor %}
 {% endfor %}
@@ -163912,7 +172975,7 @@
 .sp
 .nf
 .ft C
-{% load_yaml \(aqtomcat/defaults.yaml\(aq as server_xml_defaults %}
+{% import_yaml \(aqtomcat/defaults.yaml\(aq as server_xml_defaults %}
 {% set server_xml_final_values = salt.pillar.get(
     \(aqappX:server_xml_overrides\(aq,
     default=server_xml_defaults,
@@ -163960,7 +173023,7 @@
 .nf
 .ft C
 {# Load the map file. #}
-{% load_yaml \(aqapp/defaults.yaml\(aq as app_defaults %}
+{% import_yaml \(aqapp/defaults.yaml\(aq as app_defaults %}
 
 {# Extract the relevant subset for the app configured on the current
    machine (configured via a grain in this example). #}
@@ -164017,7 +173080,7 @@
 Apache configuration file or create vhosts.
 .sp
 If a formula is single\-purpose as in the example above, other formulas, and
-also other states can \fBinclude\fP and use that formula with requisites
+also other states can \fBinclude\fP and use that formula with \fIrequisites\fP
 without also including undesirable or unintended side\-effects.
 .sp
 The following is a best\-practice example for a reusable Apache formula. (This
@@ -164162,7 +173225,7 @@
 .SS Scripting
 .sp
 Remember that both State files and Pillar files can easily call out to Salt
-execution modules and have access to all the system
+\fIexecution modules\fP and have access to all the system
 grains as well.
 .INDENT 0.0
 .INDENT 3.5
@@ -164181,7 +173244,7 @@
 .UNINDENT
 .sp
 Jinja macros to encapsulate logic or conditionals are discouraged in favor of
-writing custom execution modules in Python.
+\fIwriting custom execution modules\fP in Python.
 .SS Repository structure
 .sp
 A basic Formula repository should have the following layout:
@@ -165067,1006 +174130,7135 @@
 See the \fBversion numbers\fP page for more
 information about the version numbering scheme.
 .SS Latest Stable Release
-.SS Salt 2014.7.0 Release Notes \- Codename Helium
 .sp
-This release is the largest Salt release ever, with more features and commits
-then any previous release of Salt. Everything from the new RAET transport to
-major updates in Salt Cloud and the merging of Salt API into the main project.
+\fB/topics/releases/2015.5.2\fP
+.SS Previous Releases
+.SS Salt 2015.5.0 Release Notes \- Codename Lithium
 .sp
-\fBIMPORTANT:\fP
+The 2015.5.0 feature release of Salt is focused on hardening Salt and mostly
+on improving existing systems. A few major additions are present, primarily
+the new Beacon system. Most enhancements have been focused around improving
+existing features and interfaces.
+.sp
+As usual the release notes are not exhaustive and primarily include the most
+notable additions and improvements. Hundreds of bugs have been fixed and many
+modules have been substantially updated and added.
+.sp
+\fBWARNING:\fP
 .INDENT 0.0
 .INDENT 3.5
-The Fedora/RHEL/CentOS \fBsalt\-master\fP package has been modified for this
-release. The following components of Salt have been broken out and placed
-into their own packages:
-.INDENT 0.0
-.IP \(bu 2
-salt\-syndic
-.IP \(bu 2
-salt\-cloud
-.IP \(bu 2
-salt\-ssh
-.UNINDENT
+In order to fix potential shell injection vulnerabilities in salt modules,
+a change has been made to the various \fBcmd\fP module functions. These
+functions now default to \fBpython_shell=False\fP, which means that the
+commands will not be sent to an actual shell.
 .sp
-When the \fBsalt\-master\fP package is upgraded, these components will be
-removed, and they will need to be manually installed.
-.UNINDENT
-.UNINDENT
+The largest side effect of this change is that "shellisms", such as pipes,
+will not work by default. The modules shipped with salt have been audited
+to fix any issues that might have arisen from this change.  Additionally,
+the \fBcmd\fP state module has been unaffected, and use of \fBcmd.run\fP in
+jinja is also unaffected. \fBcmd.run\fP calls on the CLI will also allow
+shellisms.
 .sp
-\fBIMPORTANT:\fP
-.INDENT 0.0
-.INDENT 3.5
-Compound/pillar matching have been temporarily disabled for the \fBmine\fP
-and \fBpublish\fP modules for this release due to the possibility of
-inferring pillar data using pillar glob matching. A proper fix is now in
-the 2014.7 branch and scheduled for the  2014.7.1 release, and compound
-matching and non\-globbing pillar matching will be re\-enabled at that point.
+However, custom execution modules which use shellisms in \fBcmd\fP calls
+will break, unless you pass \fBpython_shell=True\fP to these calls.
 .sp
-Compound and pillar matching for normal salt commands are unaffected.
+As a temporary workaround, you can set \fBcmd_safe: False\fP in your minion
+and master configs. This will revert the default, but is also less secure,
+as it will allow shell injection vulnerabilities to be written in custom
+code. We recommend you only set this setting for as long as it takes to
+resolve these issues in your custom code, then remove the override.
 .UNINDENT
 .UNINDENT
-.SS New Transport!
-.SS RAET Transport Option
-.sp
-This has been a HUGE amount of work, but the beta release of Salt with RAET is
-ready to go. RAET is a reliable queuing transport system that has been
-developed in partnership with a number of large enterprises to give Salt an
-alternative to ZeroMQ and a way to get Salt to scale well beyond tens of
-thousands of servers. Unlike ZeroMQ, RAET is completely asynchronous in every
-aspect of its operation and has been developed using the flow programming
-paradigm. This allows for many new capabilities to be added to Salt in the
-upcoming releases.
-.sp
-Please keep in mind that this is a beta release of RAET and we hope for bugs to
-be worked out, performance to be better realized and more in the 2015.5.0
-release.
-.sp
-Simply stated, users running Salt with RAET should expect some hiccups as we
-hammer out the update. This is a BETA release of Salt RAET.
-.sp
-For information about how to use Salt with RAET please see the
-\fBtutorial\fP\&.
-.SS Salt SSH Enhancements
-.sp
-Salt SSH has just entered a new league, with substantial updates and
-improvements to make salt\-ssh more reliable and easier then ever! From new
-features like the ansible roster and fileserver backends to the new pypi
-salt\-ssh installer to lowered deps and a swath of bugfixes, salt\-ssh is
-basically reborn!
-.SS Install salt\-ssh Using pip
-.sp
-Salt\-ssh is now pip\-installable!
-.sp
-\fI\%https://pypi.python.org/pypi/salt\-ssh/\fP
 .sp
-Pip will bring in all of the required deps, and while some deps are compiled,
-they all include pure python implementations, meaning that any compile errors
-which may be seen can be safely ignored.
+\fBNOTE:\fP
 .INDENT 0.0
 .INDENT 3.5
+Starting in this version of salt, \fBpillar_opts\fP defaults to False instead
+of True. This means that master opts will not be present in minion pillar,
+and as a result, \fBconfig.get\fP calls will not include master opts.
 .sp
-.nf
-.ft C
-pip install salt\-ssh
-.ft P
-.fi
+We recommend pillar is used for configuration options which need to make it
+to the minion.
 .UNINDENT
 .UNINDENT
-.SS Fileserver Backends
-.sp
-Salt\-ssh can now use the salt fileserver backend system. This allows for
-the gitfs, hgfs, s3, and many more ways to centrally store states to be easily
-used with salt\-ssh. This also allows for a distributed team to easily use
-a centralized source.
-.SS Saltfile Support
-.sp
-The new saltfile system makes it easy to have a user specific custom extended
-configuration.
-.SS Ext Pillar
-.sp
-Salt\-ssh can now use the external pillar system. Making it easier then ever
-to use salt\-ssh with teams.
-.SS No More sshpass
-.sp
-Thanks to the enhancements in the salt vt system, salt\-ssh no longer requires
-sshpass to send passwords to ssh. This also makes the manipulation of ssh
-calls substantially more flexible, allowing for intercepting ssh calls in
-a much more fluid way.
-.SS Pure Python Shim
+.SS Beacons
 .sp
-The salt\-ssh call originally used a shell script to discover what version of
-python to execute with and determine the state of the ssh code deployment.
-This shell script has been replaced with a pure python version making it easy
-to increase the capability of the code deployment without causing platform
-inconsistency issues with different shell interpreters.
-.SS Custom Module Delivery
-.sp
-Custom modules are now seamlessly delivered. This makes the deployment of
-custom grains, states, execution modules and returners a seamless process.
-.SS CP Module Support
-.sp
-Salt\-ssh now makes simple file transfers easier then ever! The \fIcp\fP
-module allows for files to be conveniently sent from the salt fileserver
-system down to systems.
-.SS More Thin Directory Options
-.sp
-Salt ssh functions by copying a subset of the salt code, or \fIsalt thin\fP down
-to the target system. In the past this was always transferred to /tmp/.salt
-and cached there for subsequent commands.
-.sp
-Now, salt thin can be sent to a random directory and removed when the call
-is complete with the \fI\-W\fP option. The new \fI\-W\fP option still uses a static
-location but will clean up that location when finished.
-.sp
-The default \fIsalt thin\fP location is now user defined, allowing multiple users
-to cleanly access the same systems.
-.SS State System Enhancements
-.SS New Imperative State Keyword "Listen"
-.sp
-The new \fBlisten\fP and \fBlisten_in\fP keywords allow for completely imperative
-states by calling the \fBmod_watch()\fP routine after all states have run instead
-of re\-ordering the states.
-.SS Mod Aggregate Runtime Manipulator
-.sp
-The new \fBmod_aggregate\fP system allows for the state system to rewrite the
-state data during execution. This allows for state definitions to be aggregated
-dynamically at runtime.
-.sp
-The best example is found in the \fBpkg\fP state. If
-\fBmod_aggregate\fP is turned on, then when the first pkg state is reached, the
-state system will scan all of the other running states for pkg states and take
-all other packages set for install and install them all at once in the first
-pkg state.
+The beacon system allows the minion to hook into system processes and
+continually translate external events into the salt event bus. The primary
+example of this is the \fBinotify\fP beacon. This beacon uses
+inotify to watch configured files or directories on the minion for changes,
+creation, deletion etc.
+.sp
+This allows for the changes to be sent up to the master where the reactor can
+respond to changes.
+.SS Sudo Minion Settings
+.sp
+It is now possible to run the minion as a non\-root user and for the minion to
+execute commands via sudo. Simply add \fIsudo_user: root\fP to the minion config,
+run the minion as a non\-root user and grant that user sudo rights to execute
+salt\-call.
+.SS Lazy Loader
+.sp
+The Lazy Loader is a significant overhaul of Salt\(aqs module loader system. The
+Lazy Loader will lazily load modules on access instead of all on start. In
+addition to a major performance improvement, this "sandboxes" modules so a
+bad/broken import of a single module will only affect jobs that require
+accessing the broken module. (:issue: \fI20274\fP)
+.SS Enhanced Active Directory Support
+.sp
+The eauth system for LDAP has been extended to support Microsoft Active
+Directory out of the box. This includes Active Directory and LDAP group support
+for eauth.
+.SS Salt LXC Enhancements
 .sp
-These runtime modifications make it easy to run groups of states together. In
-future versions, we hope to fill out the \fBmod_aggregate\fP system to build in
-more and more optimizations.
+The LXC systems have been overhauled to be more consistent and to fix many
+bugs.
 .sp
-For more documentation on \fBmod_aggregate\fP, see \fBthe documentation\fP\&.
-.SS New Requisites: onchanges and onfail
+This overhaul makes using LXC with Salt much easier and substantially improves
+the underlying capabilities of Salt\(aqs LXC integration.
+.SS Salt SSH
+.INDENT 0.0
+.IP \(bu 2
+Additional configuration options and command line flags have been added to
+configure the scan roster on the fly
+.IP \(bu 2
+Added support for \fBstate.single\fP in \fBsalt\-ssh\fP
+.IP \(bu 2
+Added support for \fBpublish.publish\fP, \fBpublish.full_data\fP, and
+\fBpublish.runner\fP in \fBsalt\-ssh\fP
+.IP \(bu 2
+Added support for \fBmine.get\fP in \fBsalt\-ssh\fP
+.UNINDENT
+.SS New Windows Installer
 .sp
-The new \fBonchanges\fP and \fBonchanges_in\fP requisites make a state apply only if
-there are changes in the required state. This is useful to execute post hooks
-after changes occur on a system.
+The new Windows installer changes how Salt is installed on Windows.
+The old installer used bbfreeze to create an isolated python environment to
+execute in. This made adding modules and python libraries difficult. The new
+installer sets up a more flexible python environment making it easy to manage
+the python install and add python modules.
 .sp
-The other new requisites, \fBonfail\fP, and \fBonfail_in\fP, allow for a state to run
-in reaction to the failure of another state.
+Instead of frozen packages, a full python implementation resides in the bin
+directory (\fBC:\esalt\ebin\fP). By executing pip or easy_install from within the
+Scripts directory (\fBC:\esalt\ebin\eScripts\fP) you can install any additional
+python modules you may need for your custom environment.
 .sp
-For more information about these new requisites, see the
-\fBrequisites documentation\fP\&.
-.SS Global onlyif and unless
+The .exe\(aqs that once resided at the root of the salt directory (\fBC:\esalt\fP)
+have been replaced by .bat files and should function the same way as the .exe\(aqs
+in previous versions.
 .sp
-The \fBonlyif\fP and \fBunless\fP options can now be used for any state declaration.
-.SS Use \fBnames\fP to expand and override values
+The new Windows Installer will not replace the minion config file and key if
+they already exist on the target system. Only the salt program files will be
+replaced. \fBC:\esalt\econf\fP and \fBC:\esalt\evar\fP will remain unchanged.
+.SS Removed Requests Dependency
 .sp
-The names declaration in Salt\(aqs state system can now
-override or add values to the expanded data structure. For example:
-.INDENT 0.0
-.INDENT 3.5
+The hard dependency on the requests library has been removed. Requests is still
+required by a number of cloud modules but is no longer required for normal Salt
+operations.
 .sp
-.nf
-.ft C
-my_users:
-  user.present:
-    \- names:
-      \- larry
-      \- curly
-      \- moe:
-        \- shell: /bin/zsh
-        \- groups:
-          \- wheel
-    \- shell: /bin/bash
-.ft P
-.fi
-.UNINDENT
-.UNINDENT
-.SS Major Features
-.SS Scheduler Additions
+This removal fixes issues that were introduced with requests and salt\-ssh, as
+well as issues users experienced from the many different packaging methods used
+by requests package maintainers.
+.SS Python 3 Updates
 .sp
-The Salt scheduler system has received MAJOR enhancements, allowing for
-cron\-like scheduling and much more granular timing routines. See \fBhere\fP for more info.
-.SS Red Hat 7 Family Support
+While Salt does not YET run on Python 3 it has been updated to INSTALL on
+Python 3, taking us one step closer. What remains is getting the test suite to
+the point where it can run on Python 3 so that we can verify compatibility.
+.SS RAET Additions
 .sp
-All the needed additions have been made to run Salt on RHEL 7 and derived OSes
-like CentOS and Scientific.
-.SS Fileserver Backends in salt\-call
+The RAET support continues to improve. RAET now supports multi\-master and many
+bugs and performance issues have been fixed. RAET is much closer to being a
+first class citizen.
+.SS Modified File Detection
 .sp
-Fileserver backends like gitfs can now be used without a salt master! Just add
-the fileserver backend configuration to the minion config and execute
-salt\-call. This has been a much\-requested feature and we are happy to finally
-bring it to our users.
-.SS Amazon Execution Modules
+A number of functions have been added to the RPM\-based package managers to
+detect and diff files that are modified from the original package installs.
+This can be found in the new pkg.modified functions.
+.SS Reactor Update
 .sp
-An entire family of execution modules further enhancing Salt\(aqs Amazon Cloud
-support. They include the following:
+Fix an infinite recursion problem for runner/wheel reactor jobs by passing a
+"user" (Reactor) to all jobs that the reactor starts. The reactor skips all
+events created by that username \-\- thereby only reacting to events not caused
+by itself. Because of this, runner and wheel executions from the runner will
+have user "Reactor" in the job cache.
+.SS Misc Fixes/Additions
 .INDENT 0.0
 .IP \(bu 2
-\fBAutoscale Groups\fP (includes \fBstate support\fP) \-\- related: \fBLaunch Control\fP states
+SDB driver for etcd. (:issue: \fI22043\fP)
 .IP \(bu 2
-\fBCloud Watch\fP (includes \fBstate support\fP)
+Add \fBonly_upgrade\fP argument to apt\-based \fBpkg.install\fP to only install a
+package version if the package is already installed. (Great for security
+updates!)
 .IP \(bu 2
-\fBElastic Cache\fP (includes \fBstate support\fP)
+Joyent now requires a \fBkeyname\fP to be specified in the provider
+configuration. This change was necessitated upstream by the 7.0+ API.
 .IP \(bu 2
-\fBElastic Load Balancer\fP (includes \fBstate support\fP)
+Add \fBargs\fP argument to \fBcmd.script_retcode\fP to match \fBcmd.script\fP in
+the \fBcmd module\fP\&. (:issue: \fI21122\fP)
 .IP \(bu 2
-\fBIAM Identity and Access Management\fP (includes \fBstate support\fP)
+Fixed bug where TCP keepalive was not being sent on the defined interval on
+the return port (4506) from minion to master. (:issue: \fI21465\fP)
 .IP \(bu 2
-\fBRoute53 DNS\fP (includes \fBstate support\fP)
+LocalClient may now optionally raise SaltClientError exceptions. If using
+this class directly, checking for and handling this exception is recommended.
+(:issue: \fI21501\fP)
 .IP \(bu 2
-\fBSecurity Groups\fP (includes \fBstate support\fP)
+The SAuth object is now a singleton, meaning authentication state is global
+(per master) on each minion. This reduces sign\-ins of minions from 3\->1 per
+startup.
 .IP \(bu 2
-\fBSimple Queue Service\fP (includes \fBstate support\fP)
+Nested outputter has been optimized, it is now much faster.
+.IP \(bu 2
+Extensive fileserver backend updates.
 .UNINDENT
-.SS LXC Runner Enhancements
-.sp
-BETA
-The Salt LXC management system has received a number of enhancements which make
-running an LXC cloud entirely from Salt an easy proposition.
-.SS Next Gen Docker Management
-.sp
-The Docker support in Salt has been increased at least ten fold. The Docker API
-is now completely exposed and Salt ships with Docker data tracking systems
-which make automating Docker deployments very easy.
-.SS Peer System Performance Improvements
-.sp
-The peer system communication routines have been refined to make the peer
-system substantially faster.
-.SS SDB
-.sp
-Encryption at rest for configs
-.SS GPG Renderer
-.sp
-Encrypted pillar at rest
-.SS OpenStack Expansion
-.sp
-Lots of new OpenStack stuff
-.SS Queues System
-.sp
-Ran change external queue systems into Salt events
-.SS Multi Master Failover Additions
-.sp
-Connecting to multiple masters is more dynamic then ever
-.SS Chef Execution Module
-.sp
-Managing Chef with Salt just got even easier!
-.SS salt\-api Project Merge
-.sp
-The \fBsalt\-api\fP project has been merged into Salt core and is now available as
-part of the regular \fBsalt\-master\fP package install. No API changes were made,
-the \fBsalt\-api\fP script and init scripts remain intact.
-.sp
-\fBsalt\-api\fP has always provided Yet Another Pluggable Interface to Salt (TM)
-in the form of "netapi" modules. These are modules that bind to a port and
-start a service. Like many of Salt\(aqs other module types, netapi modules often
-have library and configuration dependencies. See the documentation for each
-module for instructions.
-.sp
-\fBSEE ALSO:\fP
+.SS Deprecations
 .INDENT 0.0
+.IP \(bu 2
+Removed \fBparameter\fP keyword argument from \fBeselect.exec_action\fP execution
+module.
+.IP \(bu 2
+Removed \fBrunas\fP parameter from the following \fBpip\(ga\fP execution module
+functions: \fBinstall\fP, \fBuninstall\fP, \fBfreeze\fP, \fBlist_\fP,
+\fBlist_upgrades\fP, \fBupgrade_available\fP, \fBupgrade\fP\&. Please migrate to
+\fBuser\fP\&.
+.IP \(bu 2
+Removed \fBrunas\fP parameter from the following \fBpip\fP state module
+functions: \fBinstalled\fP, \fBremoved\fP, \fBuptodate\fP . Please migrate to
+\fBuser\fP\&.
+.IP \(bu 2
+Removed \fBquiet\fP option from all functions in \fBcmdmod\fP execution module.
+Please use \fBoutput_loglevel=quiet\fP instead.
+.IP \(bu 2
+Removed \fBparameter\fP argument from \fBeselect.set_\fP state. Please migrate to
+\fBmodule_parameter\fP or \fBaction_parameter\fP\&.
+.IP \(bu 2
+The \fBsalt_events\fP table schema has changed to include an additional field
+called \fBmaster_id\fP to distinguish between events flowing into a database
+from multiple masters. If \fBevent_return\fP is enabled in the master config,
+the database schema must first be updated to add the \fBmaster_id\fP field.
+This alteration can be accomplished as follows:
+.INDENT 2.0
 .INDENT 3.5
-The full list of netapi modules.
+\fBALTER TABLE salt_events ADD master_id VARCHAR(255) NOT NULL;\fP
 .UNINDENT
 .UNINDENT
-.SS Synchronous and Asynchronous Execution of Runner and Wheel Modules
-.sp
-\fBsalt.runner.RunnerClient\fP and \fBsalt.wheel.WheelClient\fP
-have both gained complimentary \fBcmd_sync\fP and \fBcmd_async\fP methods allowing
-for synchronous and asynchronous execution of any Runner or Wheel module
-function, all protected using Salt\(aqs external authentication
-system. \fBsalt\-api\fP benefits from this addition as well.
-.SS \fBrest_cherrypy\fP Additions
-.sp
-The \fBrest_cherrypy\fP netapi module
-provides the main REST API for Salt.
-.SS Web Hooks
-.sp
-This release of course includes the Web Hook additions from the most recent
-\fBsalt\-api\fP release, which allows external services to signal actions within a
-Salt infrastructure. External services such as Amazon SNS, Travis\-CI, or
-GitHub, as well as internal services that cannot or should not run a Salt
-minion daemon can be used as first\-class components in Salt\(aqs rich
-orchestration capabilities.
-.sp
-The raw HTTP request body is now available in the event data. This is sometimes
-required information for checking an HMAC signature in order to verify a HTTP
-request. As an example, Amazon or GitHub requests are signed this way.
-.SS Generating and Accepting Minion Keys
-.sp
-The \fB/key\fP convenience URL
-generates a public and private key for a minion, automatically pre\-accepts the
-public key on the Salt Master, and returns both keys as a tarball for download.
-.sp
-This allows for easily bootstrapping the key on a new minion with a single HTTP
-call, such as with a Kickstart script, all using regular shell tools.
+.UNINDENT
+.SS Known Issues
 .INDENT 0.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-curl \-sS http://salt\-api.example.com:8000/keys \e
-        \-d mid=jerry \e
-        \-d username=kickstart \e
-        \-d password=kickstart \e
-        \-d eauth=pam \e
-        \-o jerry\-salt\-keys.tar
-.ft P
-.fi
+.IP \(bu 2
+In multi\-master mode, a minion may become temporarily unresponsive if modules
+or pillars are refreshed at the same time that one or more masters are down.
+This can be worked around by setting \(aqauth_timeout\(aq and \(aqauth_tries\(aq down to
+shorter periods.
 .UNINDENT
+.SS Salt 2015.5.1 Release Notes
+.INDENT 0.0
+.TP
+.B release
+2015\-05\-20
 .UNINDENT
-.SS Fileserver Backend Enhancements
-.sp
-All of the fileserver backends have been overhauled to be faster, lighter, and
-more reliable. The VCS backends (\fBgitfs\fP,
-\fBhgfs\fP, and \fBsvnfs\fP)
-have also received a \fBlot\fP of new features.
-.sp
-Additionally, most config parameters for the VCS backends can now be configured
-on a per\-remote basis, allowing for global config parameters to be overridden
-for a specific gitfs/hgfs/svnfs remote.
-.SS New \fBgitfs\fP Features
-.SS Pygit2 and Dulwich
-.sp
-In addition to supporting GitPython, support for \fI\%pygit2\fP (0.20.3 and newer) and
-\fI\%dulwich\fP have been added. Provided a compatible version of \fI\%pygit2\fP is
-installed, it will now be the default provider. The config parameter
-\fBgitfs_provider\fP has been added to allow one to choose a specific
-provider for gitfs.
-.SS Mountpoints
-.sp
-Prior to this release, to serve a file from gitfs at a salt fileserver URL of
-\fBsalt://foo/bar/baz.txt\fP, it was necessary to ensure that the parent
-directories existed in the repository. A new config parameter
-\fBgitfs_mountpoint\fP allows gitfs remotes to be exposed starting at
-a user\-defined \fBsalt://\fP URL.
-.SS Environment Whitelisting/Blacklisting
-.sp
-By default, gitfs will expose all branches and tags as Salt fileserver
-environments. Two new config parameters, \fBgitfs_env_whitelist\fP, and
-\fBgitfs_env_blacklist\fP, allow more control over which branches and
-tags are exposed. More detailed information on how these two options work can
-be found in the Gitfs Walkthrough\&.
-.SS Expanded Authentication Support
-.sp
-As of \fI\%pygit2\fP 0.20.3, both http(s) and SSH key authentication are supported,
-and Salt now also supports both authentication methods when using \fI\%pygit2\fP\&. Keep
-in mind that \fI\%pygit2\fP 0.20.3 is not yet available on many platforms, so those
-who had been using authenticated git repositories with a passphraseless key
-should stick to GitPython if a new enough \fI\%pygit2\fP is not yet available for the
-platform on which the master is running.
-.sp
-A full explanation of how to use authentication can be found in the Gitfs
-Walkthrough\&.
-.SS New \fBhgfs\fP Features
-.SS Mountpoints
-.sp
-This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameter is called
-\fBhgfs_mountpoint\fP\&.
-.SS Environment Whitelisting/Blacklisting
-.sp
-This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameters are called
-\fBhgfs_env_whitelist\fP and \fBhgfs_env_blacklist\fP\&.
-.SS New \fBsvnfs\fP Features
-.SS Mountpoints
 .sp
-This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameter is called
-\fBsvnfs_mountpoint\fP\&.
-.SS Environment Whitelisting/Blacklisting
-.sp
-This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameters are called
-\fBsvnfs_env_whitelist\fP and \fBsvnfs_env_blacklist\fP\&.
-.SS Configurable Trunk/Branches/Tags Paths
-.sp
-Prior to this release, the paths where trunk, branches, and tags were located
-could only be in directores named "trunk", "branches", and "tags" directly
-under the root of the repository. Three new config parameters
-(\fBsvnfs_trunk\fP, \fBsvnfs_branches\fP, and
-\fBsvnfs_tags\fP) allow SVN repositories which are laid out
-differently to be used with svnfs.
-.SS New \fBminionfs\fP Features
-.SS Mountpoint
-.sp
-This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameter is called
-\fBminionfs_mountpoint\fP\&. The one major difference is that, as
-minionfs doesn\(aqt use multiple remotes (it just serves up files pushed to the
-master using \fBcp.push\fP) there is no such thing as a
-per\-remote configuration for \fBminionfs_mountpoint\fP\&.
-.SS Changing the Saltenv from Which Files are Served
-.sp
-A new config parameter (\fBminionfs_env\fP) allows minionfs files to
-be served from a Salt fileserver environment other than \fBbase\fP\&.
-.SS Minion Whitelisting/Blacklisting
-.sp
-By default, minionfs will expose the pushed files from all minions. Two new
-config parameters, \fBminionfs_whitelist\fP, and
-\fBminionfs_blacklist\fP, allow minionfs to be restricted to serve
-files from only the desired minions.
-.SS Pyobjects Renderer
+Version 2015.5.1 is a bugfix release for \fB2015.5.0\fP\&.
 .sp
-Salt now ships with with the \fBPyobjects Renderer\fP that allows for construction of States using pure
-Python with an idiomatic object interface.
-.SS New Modules
+Changes:
+.INDENT 0.0
+.IP \(bu 2
+salt.runners.cloud.action() has changed the \fIfun\fP keyword argument to \fIfunc\fP\&.
+Please update any calls to this function in the cloud runner.
+.UNINDENT
 .sp
-In addition to the Amazon modules mentioned above, there are also several other
-new execution modules:
+Extended Changelog Courtesy of Todd Stansell (\fI\%https://github.com/tjstansell/salt\-changelogs\fP):
 .INDENT 0.0
+.TP
+.B \fBPR\fP \fI\%#23989\fP: (\fIrallytime\fP) Backport \fI\%#23980\fP to 2015.5
+@ \fI2015\-05\-20T19:33:41Z\fP
+.INDENT 7.0
 .IP \(bu 2
-\fBOracle\fP
+\fBPR\fP \fI\%#23980\fP: (\fIiggy\fP) template: jinja2 \-> jinja | refs: \fI\%#23989\fP
 .IP \(bu 2
-\fBRandom\fP
+117ecb1 Merge pull request \fI\%#23989\fP from rallytime/\fI\%bp\-23980\fP
 .IP \(bu 2
-\fBRedis\fP
+8f8557c template: jinja2 \-> jinja
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#23988\fP: (\fIrallytime\fP) Backport \fI\%#23977\fP to 2015.5
+@ \fI2015\-05\-20T19:13:36Z\fP
+.INDENT 7.0
 .IP \(bu 2
-\fBAmazon Simple Queue Service\fP
+\fBPR\fP \fI\%#23977\fP: (\fIionutbalutoiu\fP) Fixed glance image_create | refs: \fI\%#23988\fP
 .IP \(bu 2
-\fBBlock Device Management\fP
+d4f1ba0 Merge pull request \fI\%#23988\fP from rallytime/\fI\%bp\-23977\fP
 .IP \(bu 2
-\fBCoreOS etcd\fP
+46fc7c6 Fixed glance image_create
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#23986\fP: (\fIbasepi\fP) [2015.5] Merge forward from 2014.7 to 2015.5
+@ \fI2015\-05\-20T18:41:33Z\fP
+.INDENT 7.0
 .IP \(bu 2
-\fBGenesis\fP
+\fBPR\fP \fI\%#23965\fP: (\fIhvnsweeting\fP) handle all exceptions gitpython can raise
 .IP \(bu 2
-\fBInfluxDB\fP
+9566e7d Merge pull request \fI\%#23986\fP from basepi/merge\-forward\-2015.5
 .IP \(bu 2
-\fBServer Density\fP
+0b78156 Merge remote\-tracking branch \(aqupstream/2014.7\(aq into merge\-forward\-2015.5
 .IP \(bu 2
-\fBTwilio Notifications\fP
+314e4db Merge pull request \fI\%#23965\fP from hvnsweeting/20147\-fix\-gitfs\-gitpython\-exception
 .IP \(bu 2
-\fBVarnish\fP
+2576301 handle all exception gitpython can raise
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#23985\fP: (\fIUtahDave\fP) Add 2014.7.5\-2 and 2015.5.0\-2 Windows installer download links
+@ \fI2015\-05\-20T18:32:44Z\fP
+.INDENT 7.0
 .IP \(bu 2
-\fBZNC IRC Bouncer\fP
+9d1130e Merge pull request \fI\%#23985\fP from UtahDave/2015.5local
 .IP \(bu 2
-\fBSMTP\fP
+10338d0 Add links to Windows 2015.5.0\-2 install downloads
+.IP \(bu 2
+b84f975 updated Windows 2014.7.5\-2 installer download link
 .UNINDENT
-.SS New Runners
-.INDENT 0.0
+.TP
+.B \fBPR\fP \fI\%#23983\fP: (\fIrallytime\fP) Versionadded tags for https_user and https_pass args new in 2015.5.0
+@ \fI2015\-05\-20T18:05:27Z\fP
+.INDENT 7.0
 .IP \(bu 2
-\fBMap/Reduce Style\fP
+ca7729d Merge pull request \fI\%#23983\fP from rallytime/versionadded_git_options
 .IP \(bu 2
-\fBQueue\fP
+14eae22 Versionadded tags for https_user and https_pass args new in 2015.5.0
 .UNINDENT
-.SS New External Pillars
-.INDENT 0.0
+.TP
+.B \fBPR\fP \fI\%#23970\fP: (\fIjayeshka\fP) adding system unit test case
+@ \fI2015\-05\-20T17:12:57Z\fP
+.INDENT 7.0
 .IP \(bu 2
-\fBCoreOS etcd\fP
+b06df57 Merge pull request \fI\%#23970\fP from jayeshka/system\-unit\-test
+.IP \(bu 2
+89eb008 adding system unit test case
 .UNINDENT
-.SS New Salt\-Cloud Providers
-.INDENT 0.0
+.TP
+.B \fBPR\fP \fI\%#23967\fP: (\fIjayeshka\fP) adding states/memcached unit test case
+@ \fI2015\-05\-20T17:12:26Z\fP
+.INDENT 7.0
 .IP \(bu 2
-\fBAliyun ECS Cloud\fP
+38d5f75 Merge pull request \fI\%#23967\fP from jayeshka/memcached\-states\-unit\-test
 .IP \(bu 2
-\fBLXC Containers\fP
+8ef9240 adding states/memcached unit test case
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#23966\fP: (\fIjayeshka\fP) adding states/modjk unit test case
+@ \fI2015\-05\-20T17:11:48Z\fP
+.INDENT 7.0
 .IP \(bu 2
-\fBProxmox (OpenVZ containers & KVM)\fP
+868e807 Merge pull request \fI\%#23966\fP from jayeshka/modjk\-states\-unit\-test
+.IP \(bu 2
+422a964 adding states/modjk unit test case
 .UNINDENT
-.SS Salt Call Change
-.sp
-When used with a returner, salt\-call now contacts a master if \fB\-\-local\fP
-is not specicified.
-.SS Deprecations
-.SS \fBsalt.modules.virtualenv_mod\fP
-.INDENT 0.0
+.TP
+.B \fBPR\fP \fI\%#23942\fP: (\fIjacobhammons\fP) Updates to sphinx saltstack2 doc theme
+@ \fI2015\-05\-20T15:43:54Z\fP
+.INDENT 7.0
 .IP \(bu 2
-Removed deprecated \fBmemoize\fP function from \fBsalt/utils/__init__.py\fP (deprecated)
+6316490 Merge pull request \fI\%#23942\fP from jacobhammons/2015.5
 .IP \(bu 2
-Removed deprecated \fBno_site_packages\fP argument from \fBcreate\fP function (deprecated)
+31023c8 Updates to sphinx saltstack2 doc theme
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#23874\fP: (\fIjoejulian\fP) Validate keyword arguments to be valid
+@ \fI2015\-05\-20T04:53:40Z\fP
+.INDENT 7.0
 .IP \(bu 2
-Removed deprecated \fBcheck_dns\fP argument from \fBminion_config\fP and \fBapply_minion_config\fP functions (deprecated)
+\fBISSUE\fP \fI\%#23872\fP: (\fIjoejulian\fP) create_ca_signed_cert can error if dereferenced dict is used for args | refs: \fI\%#23874\fP
 .IP \(bu 2
-Removed deprecated \fBOutputOptionsWithTextMixIn\fP class from \fBsalt/utils/parsers.py\fP (deprecated)
+587957b Merge pull request \fI\%#23874\fP from joejulian/2015.5_tls_validate_kwargs
 .IP \(bu 2
-Removed the following deprecated functions from \fBsalt/modules/ps.py\fP:
-\- \fBphysical_memory_usage\fP (deprecated)
-\- \fBvirtual_memory_usage\fP (deprecated)
-\- \fBcached_physical_memory\fP (deprecated)
-\- \fBphysical_memory_buffers\fP (deprecated)
+30102ac Fix py3 and ordering inconsistency problems.
 .IP \(bu 2
-Removed deprecated cloud arguments from \fBcloud_config\fP function in \fBsalt/config.py\fP:
-\- \fBvm_config\fP (deprecated)
-\- \fBvm_config_path\fP (deprecated)
+493f7ad Validate keyword arguments to be valid
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#23960\fP: (\fIrallytime\fP) Backport \fI\%#22114\fP to 2015.5
+@ \fI2015\-05\-20T04:37:09Z\fP
+.INDENT 7.0
 .IP \(bu 2
-Removed deprecated \fBlibcloud_version\fP function from \fBsalt/cloud/libcloudfuncs.py\fP (deprecated)
+\fBPR\fP \fI\%#22114\fP: (\fIdmyerscough\fP) Fixing KeyError when there are no additional pages | refs: \fI\%#23960\fP
 .IP \(bu 2
-Removed deprecated \fBCloudConfigMixIn\fP class from \fBsalt/utils/parsers.py\fP (deprecated)
+00c5c22 Merge pull request \fI\%#23960\fP from rallytime/\fI\%bp\-22114\fP
+.IP \(bu 2
+f3e1d63 Catch KeyError
+.IP \(bu 2
+306b1ea Fixing KeyError
+.IP \(bu 2
+6b2cda2 Fix PEP8 complaint
+.IP \(bu 2
+239e50f Fixing KeyError when there are no additional pages
 .UNINDENT
-.SS Previous Releases
-.SS Salt 2014.7.0 Release Notes \- Codename Helium
-.sp
-This release is the largest Salt release ever, with more features and commits
-then any previous release of Salt. Everything from the new RAET transport to
-major updates in Salt Cloud and the merging of Salt API into the main project.
-.sp
-\fBIMPORTANT:\fP
-.INDENT 0.0
-.INDENT 3.5
-The Fedora/RHEL/CentOS \fBsalt\-master\fP package has been modified for this
-release. The following components of Salt have been broken out and placed
-into their own packages:
-.INDENT 0.0
+.TP
+.B \fBPR\fP \fI\%#23961\fP: (\fIrallytime\fP) Backport \fI\%#23944\fP to 2015.5
+@ \fI2015\-05\-20T04:35:41Z\fP
+.INDENT 7.0
 .IP \(bu 2
-salt\-syndic
+\fBPR\fP \fI\%#23944\fP: (\fIryan\-lane\fP) Add missing loginclass argument to _changes call | refs: \fI\%#23961\fP
 .IP \(bu 2
-salt\-cloud
+4648b46 Merge pull request \fI\%#23961\fP from rallytime/\fI\%bp\-23944\fP
 .IP \(bu 2
-salt\-ssh
+970d19a Add missing loginclass argument to _changes call
 .UNINDENT
-.sp
-When the \fBsalt\-master\fP package is upgraded, these components will be
-removed, and they will need to be manually installed.
+.TP
+.B \fBPR\fP \fI\%#23948\fP: (\fIjfindlay\fP) augeas.change state now returns changes as a dict
+@ \fI2015\-05\-20T04:00:10Z\fP
+.INDENT 7.0
+.IP \(bu 2
+0cb5cd3 Merge pull request \fI\%#23948\fP from jfindlay/augeas_changes
+.IP \(bu 2
+f09b80a augeas.change state now returns changes as a dict
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#23957\fP: (\fIrallytime\fP) Backport \fI\%#23951\fP to 2015.5
+@ \fI2015\-05\-20T03:04:24Z\fP
+.INDENT 7.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23951\fP: (\fIryan\-lane\fP) Do not check perms in file.copy if preserve | refs: \fI\%#23957\fP
+.IP \(bu 2
+2d185f7 Merge pull request \fI\%#23957\fP from rallytime/\fI\%bp\-23951\fP
+.IP \(bu 2
+996b431 Update file.py
+.IP \(bu 2
+85d461f Do not check perms in file.copy if preserve
 .UNINDENT
 .UNINDENT
-.sp
-\fBIMPORTANT:\fP
 .INDENT 0.0
-.INDENT 3.5
-Compound/pillar matching have been temporarily disabled for the \fBmine\fP
-and \fBpublish\fP modules for this release due to the possibility of
-inferring pillar data using pillar glob matching. A proper fix is now in
-the 2014.7 branch and scheduled for the  2014.7.1 release, and compound
-matching and non\-globbing pillar matching will be re\-enabled at that point.
-.sp
-Compound and pillar matching for normal salt commands are unaffected.
+.IP \(bu 2
+\fBPR\fP \fI\%#23956\fP: (\fIrallytime\fP) Backport \fI\%#23906\fP to 2015.5
+@ \fI2015\-05\-20T03:04:14Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23839\fP: (\fIgladiatr72\fP) wonky loader syndrome
+| refs: \fI\%#23906\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23373\fP: (\fItnypex\fP) reactor/orchestrate race condition on salt[\(aqpillar.get\(aq]
+| refs: \fI\%#23906\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23906\fP: (\fIgladiatr72\fP) Added exception handler to trap the RuntimeError raised when
+| refs: \fI\%#23956\fP
 .UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+ebff1ff Merge pull request \fI\%#23956\fP from rallytime/\fI\%bp\-23906\fP
+.IP \(bu 2
+9d87fd3 add proper marker for format argument
+.IP \(bu 2
+197688e Added exception handler to trap the RuntimeError raised when Depends.enforce_dependency() class method fires unsuccessfully. There appears to be no synchronization within the Depends decorator class wrt the class global dependency_dict which results in incomplete population of any loader instantiation occuring at the time of one of these exceptions.
 .UNINDENT
-.SS New Transport!
-.SS RAET Transport Option
-.sp
-This has been a HUGE amount of work, but the beta release of Salt with RAET is
-ready to go. RAET is a reliable queuing transport system that has been
-developed in partnership with a number of large enterprises to give Salt an
-alternative to ZeroMQ and a way to get Salt to scale well beyond tens of
-thousands of servers. Unlike ZeroMQ, RAET is completely asynchronous in every
-aspect of its operation and has been developed using the flow programming
-paradigm. This allows for many new capabilities to be added to Salt in the
-upcoming releases.
-.sp
-Please keep in mind that this is a beta release of RAET and we hope for bugs to
-be worked out, performance to be better realized and more in the 2015.5.0
-release.
-.sp
-Simply stated, users running Salt with RAET should expect some hiccups as we
-hammer out the update. This is a BETA release of Salt RAET.
-.sp
-For information about how to use Salt with RAET please see the
-\fBtutorial\fP\&.
-.SS Salt SSH Enhancements
-.sp
-Salt SSH has just entered a new league, with substantial updates and
-improvements to make salt\-ssh more reliable and easier then ever! From new
-features like the ansible roster and fileserver backends to the new pypi
-salt\-ssh installer to lowered deps and a swath of bugfixes, salt\-ssh is
-basically reborn!
-.SS Install salt\-ssh Using pip
-.sp
-Salt\-ssh is now pip\-installable!
-.sp
-\fI\%https://pypi.python.org/pypi/salt\-ssh/\fP
-.sp
-Pip will bring in all of the required deps, and while some deps are compiled,
-they all include pure python implementations, meaning that any compile errors
-which may be seen can be safely ignored.
-.INDENT 0.0
-.INDENT 3.5
-.sp
+.IP \(bu 2
+\fBPR\fP \fI\%#23955\fP: (\fIrallytime\fP) Backport \fI\%#19305\fP to 2015.5
+@ \fI2015\-05\-20T03:03:55Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#19852\fP: (\fITaiSHiNet\fP) DigitalOcean APIv2 can\(aqt delete machines when there is only 1 page
+| refs: \fI\%#23955\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#19304\fP: (\fITaiSHiNet\fP) DigitalOcean API v2 cannot delete VMs on 2nd page
+| refs: \fI\%#19305\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#19305\fP: (\fITaiSHiNet\fP) Fixes droplet listing past page 1
+| refs: \fI\%#23955\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+da3f919 Merge pull request \fI\%#23955\fP from rallytime/\fI\%bp\-19305\fP
+.IP \(bu 2
+bbf2429 Fixes droplet listing past page 1
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23940\fP: (\fIbasepi\fP) [2015.5] Merge forward from 2014.7 to 2015.5
+@ \fI2015\-05\-19T22:37:58Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23820\fP: (\fIUtahDave\fP) 2014.7.5 schedule error
+| refs: \fI\%#23881\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22131\fP: (\fIquixoten\fP) "unexpected keyword argument \(aqmerge\(aq" on 2014.7.2 (salt\-ssh)
+| refs: \fI\%#23887\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23939\fP: (\fIbasepi\fP) Add extended changelog to 2014.7.6 release notes
+.IP \(bu 2
+\fBPR\fP \fI\%#23887\fP: (\fIbasepi\fP) [2014.7] Bring salt\-ssh pillar.get in line with mainline pillar.get
+.IP \(bu 2
+\fBPR\fP \fI\%#23881\fP: (\fIgarethgreenaway\fP) Fixes to schedule module in 2014.7
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+02a78fc Merge pull request \fI\%#23940\fP from basepi/merge\-forward\-2015.5
+.IP \(bu 2
+36f0065 Merge remote\-tracking branch \(aqupstream/2014.7\(aq into merge\-forward\-2015.5
+.INDENT 2.0
+.IP \(bu 2
+9133912 Merge pull request \fI\%#23939\fP from basepi/v2014.7.6release
+.INDENT 2.0
+.IP \(bu 2
+32b65dc Add extended changelog to 2014.7.6 release notes
+.UNINDENT
+.IP \(bu 2
+0031ca2 Merge pull request \fI\%#23881\fP from garethgreenaway/23820_2014_7_schedule_list_issue
+.INDENT 2.0
+.IP \(bu 2
+b207f2a Missing continue in the list function when deleting unused attributes.
+.UNINDENT
+.IP \(bu 2
+63bd21e Merge pull request \fI\%#23887\fP from basepi/salt\-ssh.pillar.get.22131
+.INDENT 2.0
+.IP \(bu 2
+bc84502 Bring salt\-ssh pillar.get in line with mainline pillar.get
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23932\fP: (\fIrallytime\fP) Backport \fI\%#23908\fP to 2015.5
+@ \fI2015\-05\-19T21:41:28Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23908\fP: (\fInleib\fP) fix connection function to mongo
+| refs: \fI\%#23932\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+ee4c01b Merge pull request \fI\%#23932\fP from rallytime/\fI\%bp\-23908\fP
+.IP \(bu 2
+5d520c9 fix connection function to mongo
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23931\fP: (\fIrallytime\fP) Backport \fI\%#23880\fP to 2015.5
+@ \fI2015\-05\-19T21:41:18Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23880\fP: (\fIbastiaanb\fP) if setting client_config_dir to \(aq~\(aq, expand path
+| refs: \fI\%#23931\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+70bd407 Merge pull request \fI\%#23931\fP from rallytime/\fI\%bp\-23880\fP
+.IP \(bu 2
+8ce59a2 if setting client_config_dir to \(aq~\(aq, expand path
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23898\fP: (\fIkiorky\fP) Lxc profiles
+| refs: \fI\%#23897\fP
+@ \fI2015\-05\-19T21:08:28Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23847\fP: (\fIkiorky\fP) lxc: systemd containers cant be seeded
+| refs: \fI\%#23806\fP \fI\%#23898\fP \fI\%#23897\fP \fI\%#23808\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23833\fP: (\fIkiorky\fP) lxc.set_dns fails intermittently
+| refs: \fI\%#23898\fP \fI\%#23807\fP \fI\%#23897\fP \fI\%#23808\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23772\fP: (\fIcheuschober\fP) lxc.init fails to bootstrap container
+| refs: \fI\%#23806\fP \fI\%#23898\fP \fI\%#23807\fP \fI\%#23897\fP \fI\%#23808\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23658\fP: (\fIarthurlogilab\fP) [salt\-cloud lxc] too verbose, shows host: True multiple times when starting
+| refs: \fI\%#23898\fP \fI\%#23897\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23657\fP: (\fIarthurlogilab\fP) [salt\-cloud lxc] NameError: global name \(aq__salt__\(aq is not defined
+| refs: \fI\%#23727\fP \fI\%#23898\fP \fI\%#23897\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23897\fP: (\fIkiorky\fP) Lxc seed and prof ports
+| refs: \fI\%#23898\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23808\fP: (\fIkiorky\fP) Lxc seed and prof ports
+| refs: \fI\%#23807\fP \fI\%#23897\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23807\fP: (\fIkiorky\fP) Lxc profiles
+| refs: \fI\%#23898\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23806\fP: (\fIkiorky\fP) Lxc seeding
+| refs: \fI\%#23807\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+5bdbf0a Merge pull request \fI\%#23898\fP from makinacorpus/lxc_profiles
+.IP \(bu 2
+d9051a0 lxc: systemd support
+.IP \(bu 2
+e8d674f lxc: chroot fallback toggle
+.IP \(bu 2
+e2887a0 lxc: sync func name with develop
+.IP \(bu 2
+e96e345 lxc more fixes (lxc.set_dns)
+.IP \(bu 2
+fdb6424 lxc: Fix salt config (no more a kwarg)
+.IP \(bu 2
+63e63fa repair salt cloud lxc api on develop
+.IP \(bu 2
+80eabe2 lxc salt cloud doc
+.IP \(bu 2
+73f229d lxc: unificate saltconfig/master/master_port
+.IP \(bu 2
+0bc1f08 lxc: refactor a bit saltcloud/lxc interface
+.IP \(bu 2
+7a80370 lxc: get networkprofile from saltcloud
+.IP \(bu 2
+47acb2e lxc: default net profile has now correct options
+.IP \(bu 2
+7eadf48 lxc: select the appropriate default bridge
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23922\fP: (\fIgarethgreenaway\fP) Fixes to debian_ip.py
+@ \fI2015\-05\-19T18:50:53Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23900\fP: (\fIhashi825\fP) salt ubuntu network building issue 2015.5.0
+| refs: \fI\%#23922\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+b818f72 Merge pull request \fI\%#23922\fP from garethgreenaway/23900_2015_5_bonding_interface_fixes
+.IP \(bu 2
+0bba536 Fixing issue reported when using bonded interfaces on Ubuntu.  Attributes should be bond\-, but the code was attempting to split just on 
 .nf
-.ft C
-pip install salt\-ssh
-.ft P
+bond_
 .fi
+\&.  Fix accounts for both, but the debian_ip.py module will write out bond attributes with bond\-
 .UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23925\fP: (\fIjpic\fP) Fixed wrong path in LXC cloud documentation
+@ \fI2015\-05\-19T18:23:56Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23924\fP: (\fIjpic\fP) Fixed wrong path in LXC cloud documentation
+| refs: \fI\%#23925\fP
 .UNINDENT
-.SS Fileserver Backends
-.sp
-Salt\-ssh can now use the salt fileserver backend system. This allows for
-the gitfs, hgfs, s3, and many more ways to centrally store states to be easily
-used with salt\-ssh. This also allows for a distributed team to easily use
-a centralized source.
-.SS Saltfile Support
-.sp
-The new saltfile system makes it easy to have a user specific custom extended
-configuration.
-.SS Ext Pillar
-.sp
-Salt\-ssh can now use the external pillar system. Making it easier then ever
-to use salt\-ssh with teams.
-.SS No More sshpass
-.sp
-Thanks to the enhancements in the salt vt system, salt\-ssh no longer requires
-sshpass to send passwords to ssh. This also makes the manipulation of ssh
-calls substantially more flexible, allowing for intercepting ssh calls in
-a much more fluid way.
-.SS Pure Python Shim
-.sp
-The salt\-ssh call originally used a shell script to discover what version of
-python to execute with and determine the state of the ssh code deployment.
-This shell script has been replaced with a pure python version making it easy
-to increase the capability of the code deployment without causing platform
-inconsistency issues with different shell interpreters.
-.SS Custom Module Delivery
-.sp
-Custom modules are now seamlessly delivered. This makes the deployment of
-custom grains, states, execution modules and returners a seamless process.
-.SS CP Module Support
-.sp
-Salt\-ssh now makes simple file transfers easier then ever! The \fIcp\fP
-module allows for files to be conveniently sent from the salt fileserver
-system down to systems.
-.SS More Thin Directory Options
-.sp
-Salt ssh functions by copying a subset of the salt code, or \fIsalt thin\fP down
-to the target system. In the past this was always transferred to /tmp/.salt
-and cached there for subsequent commands.
-.sp
-Now, salt thin can be sent to a random directory and removed when the call
-is complete with the \fI\-W\fP option. The new \fI\-W\fP option still uses a static
-location but will clean up that location when finished.
-.sp
-The default \fIsalt thin\fP location is now user defined, allowing multiple users
-to cleanly access the same systems.
-.SS State System Enhancements
-.SS New Imperative State Keyword "Listen"
-.sp
-The new \fBlisten\fP and \fBlisten_in\fP keywords allow for completely imperative
-states by calling the \fBmod_watch()\fP routine after all states have run instead
-of re\-ordering the states.
-.SS Mod Aggregate Runtime Manipulator
-.sp
-The new \fBmod_aggregate\fP system allows for the state system to rewrite the
-state data during execution. This allows for state definitions to be aggregated
-dynamically at runtime.
-.sp
-The best example is found in the \fBpkg\fP state. If
-\fBmod_aggregate\fP is turned on, then when the first pkg state is reached, the
-state system will scan all of the other running states for pkg states and take
-all other packages set for install and install them all at once in the first
-pkg state.
-.sp
-These runtime modifications make it easy to run groups of states together. In
-future versions, we hope to fill out the \fBmod_aggregate\fP system to build in
-more and more optimizations.
-.sp
-For more documentation on \fBmod_aggregate\fP, see \fBthe documentation\fP\&.
-.SS New Requisites: onchanges and onfail
-.sp
-The new \fBonchanges\fP and \fBonchanges_in\fP requisites make a state apply only if
-there are changes in the required state. This is useful to execute post hooks
-after changes occur on a system.
-.sp
-The other new requisites, \fBonfail\fP, and \fBonfail_in\fP, allow for a state to run
-in reaction to the failure of another state.
-.sp
-For more information about these new requisites, see the
-\fBrequisites documentation\fP\&.
-.SS Global onlyif and unless
-.sp
-The \fBonlyif\fP and \fBunless\fP options can now be used for any state declaration.
-.SS Use \fBnames\fP to expand and override values
-.sp
-The names declaration in Salt\(aqs state system can now
-override or add values to the expanded data structure. For example:
-.INDENT 0.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-my_users:
-  user.present:
-    \- names:
-      \- larry
-      \- curly
-      \- moe:
-        \- shell: /bin/zsh
-        \- groups:
-          \- wheel
-    \- shell: /bin/bash
-.ft P
-.fi
+.INDENT 2.0
+.IP \(bu 2
+b1c98a3 Merge pull request \fI\%#23925\fP from jpic/fix/wrong_lxc_path
+.IP \(bu 2
+a4bcd75 Fixed wrong path in LXC cloud documentation
 .UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23894\fP: (\fIwhiteinge\fP) Add __all__ attribute to Mock class for docs
+@ \fI2015\-05\-19T17:17:35Z\fP
+.INDENT 2.0
+.IP \(bu 2
+7f6a716 Merge pull request \fI\%#23894\fP from whiteinge/doc\-mock__all__
+.IP \(bu 2
+6eeca46 Add __all__ attribute to Mock class for docs
 .UNINDENT
-.SS Major Features
-.SS Scheduler Additions
-.sp
-The Salt scheduler system has received MAJOR enhancements, allowing for
-cron\-like scheduling and much more granular timing routines. See \fBhere\fP for more info.
-.SS Red Hat 7 Family Support
-.sp
-All the needed additions have been made to run Salt on RHEL 7 and derived OSes
-like CentOS and Scientific.
-.SS Fileserver Backends in salt\-call
-.sp
-Fileserver backends like gitfs can now be used without a salt master! Just add
-the fileserver backend configuration to the minion config and execute
-salt\-call. This has been a much\-requested feature and we are happy to finally
-bring it to our users.
-.SS Amazon Execution Modules
-.sp
-An entire family of execution modules further enhancing Salt\(aqs Amazon Cloud
-support. They include the following:
-.INDENT 0.0
 .IP \(bu 2
-\fBAutoscale Groups\fP (includes \fBstate support\fP) \-\- related: \fBLaunch Control\fP states
+\fBPR\fP \fI\%#23884\fP: (\fIjfindlay\fP) Fix locale.set_locale on debian
+@ \fI2015\-05\-19T15:51:22Z\fP
+.INDENT 2.0
 .IP \(bu 2
-\fBCloud Watch\fP (includes \fBstate support\fP)
+\fBISSUE\fP \fI\%#23767\fP: (\fIchrimi\fP) Salt system.locale fails on non existent default locale
+| refs: \fI\%#23884\fP
+.UNINDENT
+.INDENT 2.0
 .IP \(bu 2
-\fBElastic Cache\fP (includes \fBstate support\fP)
+8108a9b Merge pull request \fI\%#23884\fP from jfindlay/fix_locale
 .IP \(bu 2
-\fBElastic Load Balancer\fP (includes \fBstate support\fP)
+91c2d51 use append_if_not_found in locale.set_locale
 .IP \(bu 2
-\fBIAM Identity and Access Management\fP (includes \fBstate support\fP)
+e632603 (re)generate /etc/default/locale
+.UNINDENT
 .IP \(bu 2
-\fBRoute53 DNS\fP (includes \fBstate support\fP)
+\fBPR\fP \fI\%#23866\fP: (\fIjfindlay\fP) backport \fI\%#23834\fP, change portage.dep.strip_empty to list comprehension
+@ \fI2015\-05\-19T15:50:43Z\fP
+.INDENT 2.0
 .IP \(bu 2
-\fBSecurity Groups\fP (includes \fBstate support\fP)
+\fBPR\fP \fI\%#23834\fP: (\fIArabus\fP) Avoid deprecation warning from  portage.dep.strip_empty()
+| refs: \fI\%#23866\fP
+.UNINDENT
+.INDENT 2.0
 .IP \(bu 2
-\fBSimple Queue Service\fP (includes \fBstate support\fP)
+6bae12f Merge pull request \fI\%#23866\fP from jfindlay/flag_strip
+.IP \(bu 2
+aa032cc replace portage.dep.strip_empty() with list comprehension
+.IP \(bu 2
+7576872 Proper replacement for portage.dep.strip_empty() with list comprehension, pep8fix
+.IP \(bu 2
+2851a5c Switch portage.dep.strip_empty(...) to filter(None,...) to avoid deprecation warning and do essentially the same
 .UNINDENT
-.SS LXC Runner Enhancements
-.sp
-BETA
-The Salt LXC management system has received a number of enhancements which make
-running an LXC cloud entirely from Salt an easy proposition.
-.SS Next Gen Docker Management
-.sp
-The Docker support in Salt has been increased at least ten fold. The Docker API
-is now completely exposed and Salt ships with Docker data tracking systems
-which make automating Docker deployments very easy.
-.SS Peer System Performance Improvements
-.sp
-The peer system communication routines have been refined to make the peer
-system substantially faster.
-.SS SDB
-.sp
-Encryption at rest for configs
-.SS GPG Renderer
-.sp
-Encrypted pillar at rest
-.SS OpenStack Expansion
-.sp
-Lots of new OpenStack stuff
-.SS Queues System
-.sp
-Ran change external queue systems into Salt events
-.SS Multi Master Failover Additions
-.sp
-Connecting to multiple masters is more dynamic then ever
-.SS Chef Execution Module
-.sp
-Managing Chef with Salt just got even easier!
-.SS salt\-api Project Merge
-.sp
-The \fBsalt\-api\fP project has been merged into Salt core and is now available as
-part of the regular \fBsalt\-master\fP package install. No API changes were made,
-the \fBsalt\-api\fP script and init scripts remain intact.
-.sp
-\fBsalt\-api\fP has always provided Yet Another Pluggable Interface to Salt (TM)
-in the form of "netapi" modules. These are modules that bind to a port and
-start a service. Like many of Salt\(aqs other module types, netapi modules often
-have library and configuration dependencies. See the documentation for each
-module for instructions.
-.sp
-\fBSEE ALSO:\fP
-.INDENT 0.0
-.INDENT 3.5
-The full list of netapi modules.
+.IP \(bu 2
+\fBPR\fP \fI\%#23917\fP: (\fIcorywright\fP) Split debian bonding options on dash instead of underscore
+@ \fI2015\-05\-19T15:44:35Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23904\fP: (\fImbrgm\fP) Network config bonding section cannot be parsed when attribute names use dashes
+| refs: \fI\%#23917\fP
 .UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+a67a008 Merge pull request \fI\%#23917\fP from corywright/issue23904
+.IP \(bu 2
+c06f8cf Split debian bonding options on dash instead of underscore
 .UNINDENT
-.SS Synchronous and Asynchronous Execution of Runner and Wheel Modules
-.sp
-\fBsalt.runner.RunnerClient\fP and \fBsalt.wheel.WheelClient\fP
-have both gained complimentary \fBcmd_sync\fP and \fBcmd_async\fP methods allowing
-for synchronous and asynchronous execution of any Runner or Wheel module
-function, all protected using Salt\(aqs external authentication
-system. \fBsalt\-api\fP benefits from this addition as well.
-.SS \fBrest_cherrypy\fP Additions
-.sp
-The \fBrest_cherrypy\fP netapi module
-provides the main REST API for Salt.
-.SS Web Hooks
-.sp
-This release of course includes the Web Hook additions from the most recent
-\fBsalt\-api\fP release, which allows external services to signal actions within a
-Salt infrastructure. External services such as Amazon SNS, Travis\-CI, or
-GitHub, as well as internal services that cannot or should not run a Salt
-minion daemon can be used as first\-class components in Salt\(aqs rich
-orchestration capabilities.
-.sp
-The raw HTTP request body is now available in the event data. This is sometimes
-required information for checking an HMAC signature in order to verify a HTTP
-request. As an example, Amazon or GitHub requests are signed this way.
-.SS Generating and Accepting Minion Keys
-.sp
-The \fB/key\fP convenience URL
-generates a public and private key for a minion, automatically pre\-accepts the
-public key on the Salt Master, and returns both keys as a tarball for download.
-.sp
-This allows for easily bootstrapping the key on a new minion with a single HTTP
-call, such as with a Kickstart script, all using regular shell tools.
-.INDENT 0.0
-.INDENT 3.5
-.sp
-.nf
-.ft C
-curl \-sS http://salt\-api.example.com:8000/keys \e
-        \-d mid=jerry \e
-        \-d username=kickstart \e
-        \-d password=kickstart \e
-        \-d eauth=pam \e
-        \-o jerry\-salt\-keys.tar
-.ft P
-.fi
+.IP \(bu 2
+\fBPR\fP \fI\%#23909\fP: (\fIjayeshka\fP) \(aqstr\(aq object has no attribute \(aqcapitalized\(aq
+@ \fI2015\-05\-19T15:41:53Z\fP
+.INDENT 2.0
+.IP \(bu 2
+e8fcd09 Merge pull request \fI\%#23909\fP from jayeshka/file\-exe\-module
+.IP \(bu 2
+e422d9d \(aqstr\(aq object has no attribute \(aqcapitalized\(aq
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23903\fP: (\fIgarethgreenaway\fP) Adding docs for missing schedule state module parameters.
+@ \fI2015\-05\-19T06:29:34Z\fP
+.INDENT 2.0
+.IP \(bu 2
+c73bf38 Merge pull request \fI\%#23903\fP from garethgreenaway/missing_docs_schedule_state
+.IP \(bu 2
+acd8ab9 Adding docs for missing schedule state module parameters.
 .UNINDENT
 .UNINDENT
-.SS Fileserver Backend Enhancements
-.sp
-All of the fileserver backends have been overhauled to be faster, lighter, and
-more reliable. The VCS backends (\fBgitfs\fP,
-\fBhgfs\fP, and \fBsvnfs\fP)
-have also received a \fBlot\fP of new features.
-.sp
-Additionally, most config parameters for the VCS backends can now be configured
-on a per\-remote basis, allowing for global config parameters to be overridden
-for a specific gitfs/hgfs/svnfs remote.
-.SS New \fBgitfs\fP Features
-.SS Pygit2 and Dulwich
-.sp
-In addition to supporting GitPython, support for \fI\%pygit2\fP (0.20.3 and newer) and
-\fI\%dulwich\fP have been added. Provided a compatible version of \fI\%pygit2\fP is
-installed, it will now be the default provider. The config parameter
-\fBgitfs_provider\fP has been added to allow one to choose a specific
-provider for gitfs.
-.SS Mountpoints
-.sp
-Prior to this release, to serve a file from gitfs at a salt fileserver URL of
-\fBsalt://foo/bar/baz.txt\fP, it was necessary to ensure that the parent
-directories existed in the repository. A new config parameter
-\fBgitfs_mountpoint\fP allows gitfs remotes to be exposed starting at
-a user\-defined \fBsalt://\fP URL.
-.SS Environment Whitelisting/Blacklisting
-.sp
-By default, gitfs will expose all branches and tags as Salt fileserver
-environments. Two new config parameters, \fBgitfs_env_whitelist\fP, and
-\fBgitfs_env_blacklist\fP, allow more control over which branches and
-tags are exposed. More detailed information on how these two options work can
-be found in the Gitfs Walkthrough\&.
-.SS Expanded Authentication Support
-.sp
-As of \fI\%pygit2\fP 0.20.3, both http(s) and SSH key authentication are supported,
-and Salt now also supports both authentication methods when using \fI\%pygit2\fP\&. Keep
-in mind that \fI\%pygit2\fP 0.20.3 is not yet available on many platforms, so those
-who had been using authenticated git repositories with a passphraseless key
-should stick to GitPython if a new enough \fI\%pygit2\fP is not yet available for the
-platform on which the master is running.
-.sp
-A full explanation of how to use authentication can be found in the Gitfs
-Walkthrough\&.
-.SS New \fBhgfs\fP Features
-.SS Mountpoints
-.sp
-This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameter is called
-\fBhgfs_mountpoint\fP\&.
-.SS Environment Whitelisting/Blacklisting
-.sp
-This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameters are called
-\fBhgfs_env_whitelist\fP and \fBhgfs_env_blacklist\fP\&.
-.SS New \fBsvnfs\fP Features
-.SS Mountpoints
-.sp
-This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameter is called
-\fBsvnfs_mountpoint\fP\&.
-.SS Environment Whitelisting/Blacklisting
-.sp
-This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameters are called
-\fBsvnfs_env_whitelist\fP and \fBsvnfs_env_blacklist\fP\&.
-.SS Configurable Trunk/Branches/Tags Paths
-.sp
-Prior to this release, the paths where trunk, branches, and tags were located
-could only be in directores named "trunk", "branches", and "tags" directly
-under the root of the repository. Three new config parameters
-(\fBsvnfs_trunk\fP, \fBsvnfs_branches\fP, and
-\fBsvnfs_tags\fP) allow SVN repositories which are laid out
-differently to be used with svnfs.
-.SS New \fBminionfs\fP Features
-.SS Mountpoint
-.sp
-This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameter is called
-\fBminionfs_mountpoint\fP\&. The one major difference is that, as
-minionfs doesn\(aqt use multiple remotes (it just serves up files pushed to the
-master using \fBcp.push\fP) there is no such thing as a
-per\-remote configuration for \fBminionfs_mountpoint\fP\&.
-.SS Changing the Saltenv from Which Files are Served
-.sp
-A new config parameter (\fBminionfs_env\fP) allows minionfs files to
-be served from a Salt fileserver environment other than \fBbase\fP\&.
-.SS Minion Whitelisting/Blacklisting
-.sp
-By default, minionfs will expose the pushed files from all minions. Two new
-config parameters, \fBminionfs_whitelist\fP, and
-\fBminionfs_blacklist\fP, allow minionfs to be restricted to serve
-files from only the desired minions.
-.SS Pyobjects Renderer
-.sp
-Salt now ships with with the \fBPyobjects Renderer\fP that allows for construction of States using pure
-Python with an idiomatic object interface.
-.SS New Modules
-.sp
-In addition to the Amazon modules mentioned above, there are also several other
-new execution modules:
 .INDENT 0.0
 .IP \(bu 2
-\fBOracle\fP
+f7eb70c changed previous release to 2014.7.6
 .IP \(bu 2
-\fBRandom\fP
+608059f Merge branch \(aq2015.5\(aq of \fI\%https://github.com/jacobhammons/salt\fP into 2015.5
+.INDENT 2.0
 .IP \(bu 2
-\fBRedis\fP
+a56697b Merge branch \(aq2015.5\(aq of \fI\%https://github.com/saltstack/salt\fP into 2015.5
 .IP \(bu 2
-\fBAmazon Simple Queue Service\fP
+1c2af5c Merge branch \(aq2015.5\(aq of \fI\%https://github.com/saltstack/salt\fP into 2015.5
 .IP \(bu 2
-\fBBlock Device Management\fP
+ef58128 Merge branch \(aq2015.5\(aq of \fI\%https://github.com/saltstack/salt\fP into 2015.5
 .IP \(bu 2
-\fBCoreOS etcd\fP
+8664e8b Merge branch \(aq2015.5\(aq of \fI\%https://github.com/saltstack/salt\fP into 2015.5\-2
 .IP \(bu 2
-\fBGenesis\fP
+46eb265 saltstack2 sphinx theme updates
 .IP \(bu 2
-\fBInfluxDB\fP
+e7442d3 Merge branch \(aq2015.5\(aq of \fI\%https://github.com/saltstack/salt\fP into 2015.5
 .IP \(bu 2
-\fBServer Density\fP
+ee3c1bd missed one
 .IP \(bu 2
-\fBTwilio Notifications\fP
+3872921 More updates to sphinx2 theme
 .IP \(bu 2
-\fBVarnish\fP
+fcd4865 Merge branch \(aq2015.5\(aq of \fI\%https://github.com/saltstack/salt\fP into 2015.5
 .IP \(bu 2
-\fBZNC IRC Bouncer\fP
+8c32152 removed TOC numbering, additional tweaks to layout.html
 .IP \(bu 2
-\fBSMTP\fP
+73dfaef Merge branch \(aq2015.5\(aq of \fI\%https://github.com/saltstack/salt\fP into 2015.5
+.IP \(bu 2
+16d8a75 saltstack2 sphinx theme and build settings
+.UNINDENT
 .UNINDENT
-.SS New Runners
 .INDENT 0.0
 .IP \(bu 2
-\fBMap/Reduce Style\fP
+\fBPR\fP \fI\%#23806\fP: (\fIkiorky\fP) Lxc seeding
+| refs: \fI\%#23807\fP
+@ \fI2015\-05\-18T23:18:33Z\fP
+.INDENT 2.0
 .IP \(bu 2
-\fBQueue\fP
+\fBISSUE\fP \fI\%#23847\fP: (\fIkiorky\fP) lxc: systemd containers cant be seeded
+| refs: \fI\%#23806\fP \fI\%#23898\fP \fI\%#23897\fP \fI\%#23808\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23772\fP: (\fIcheuschober\fP) lxc.init fails to bootstrap container
+| refs: \fI\%#23806\fP \fI\%#23898\fP \fI\%#23807\fP \fI\%#23897\fP \fI\%#23808\fP
 .UNINDENT
-.SS New External Pillars
-.INDENT 0.0
+.INDENT 2.0
 .IP \(bu 2
-\fBCoreOS etcd\fP
+ff3cc7d Merge pull request \fI\%#23806\fP from makinacorpus/lxc_seeding
+.IP \(bu 2
+61b7aad runners/lxc: optim
 .UNINDENT
-.SS New Salt\-Cloud Providers
-.INDENT 0.0
 .IP \(bu 2
-\fBAliyun ECS Cloud\fP
+\fBPR\fP \fI\%#23892\fP: (\fIbasepi\fP) [2015.5] Merge forward from 2014.7 to 2015.5
+@ \fI2015\-05\-18T23:07:57Z\fP
+.INDENT 2.0
 .IP \(bu 2
-\fBLXC Containers\fP
+\fBPR\fP \fI\%#23891\fP: (\fIbasepi\fP) Update the release notes index page
 .IP \(bu 2
-\fBProxmox (OpenVZ containers & KVM)\fP
+\fBPR\fP \fI\%#23888\fP: (\fIbasepi\fP) Update the 2014.7.6 release notes with CVE details
+.IP \(bu 2
+\fBPR\fP \fI\%#23871\fP: (\fIrallytime\fP) Backport \fI\%#23848\fP to 2014.7
+.IP \(bu 2
+\fBPR\fP \fI\%#23848\fP: (\fIdumol\fP) Updated installation docs for SLES 12.
+| refs: \fI\%#23871\fP
 .UNINDENT
-.SS Salt Call Change
-.sp
-When used with a returner, salt\-call now contacts a master if \fB\-\-local\fP
-is not specicified.
-.SS Deprecations
-.SS \fBsalt.modules.virtualenv_mod\fP
-.INDENT 0.0
+.INDENT 2.0
 .IP \(bu 2
-Removed deprecated \fBmemoize\fP function from \fBsalt/utils/__init__.py\fP (deprecated)
+5f1a93d Merge pull request \fI\%#23892\fP from basepi/merge\-forward\-2015.5
 .IP \(bu 2
-Removed deprecated \fBno_site_packages\fP argument from \fBcreate\fP function (deprecated)
+c2eed77 Merge remote\-tracking branch \(aqupstream/2014.7\(aq into merge\-forward\-2015.5
 .IP \(bu 2
-Removed deprecated \fBcheck_dns\fP argument from \fBminion_config\fP and \fBapply_minion_config\fP functions (deprecated)
+17c5810 Merge pull request \fI\%#23891\fP from basepi/releasenotes
+.INDENT 2.0
 .IP \(bu 2
-Removed deprecated \fBOutputOptionsWithTextMixIn\fP class from \fBsalt/utils/parsers.py\fP (deprecated)
+dec153b Update the release notes index page
+.UNINDENT
 .IP \(bu 2
-Removed the following deprecated functions from \fBsalt/modules/ps.py\fP:
-\- \fBphysical_memory_usage\fP (deprecated)
-\- \fBvirtual_memory_usage\fP (deprecated)
-\- \fBcached_physical_memory\fP (deprecated)
-\- \fBphysical_memory_buffers\fP (deprecated)
+a93e58f Merge pull request \fI\%#23888\fP from basepi/v2014.7.6release
+.INDENT 2.0
 .IP \(bu 2
-Removed deprecated cloud arguments from \fBcloud_config\fP function in \fBsalt/config.py\fP:
-\- \fBvm_config\fP (deprecated)
-\- \fBvm_config_path\fP (deprecated)
+49921b6 Update the 2014.7.6 release notes with CVE details
+.UNINDENT
 .IP \(bu 2
-Removed deprecated \fBlibcloud_version\fP function from \fBsalt/cloud/libcloudfuncs.py\fP (deprecated)
+5073028 Merge pull request \fI\%#23871\fP from rallytime/\fI\%bp\-23848\fP
+.INDENT 2.0
 .IP \(bu 2
-Removed deprecated \fBCloudConfigMixIn\fP class from \fBsalt/utils/parsers.py\fP (deprecated)
+379c09c Updated for SLES 12.
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23875\fP: (\fIrallytime\fP) Backport \fI\%#23838\fP to 2015.5
+@ \fI2015\-05\-18T22:28:55Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23838\fP: (\fIgtmanfred\fP) add refresh_beacons and sync_beacons
+| refs: \fI\%#23875\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+66d1335 Merge pull request \fI\%#23875\fP from rallytime/\fI\%bp\-23838\fP
+.IP \(bu 2
+3174227 Add versionadded directives to new beacon saltutil functions
+.IP \(bu 2
+4a94b2c add refresh_beacons and sync_beacons
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23876\fP: (\fIrallytime\fP) Switch digital ocean tests to v2 driver
+@ \fI2015\-05\-18T22:17:13Z\fP
+.INDENT 2.0
+.IP \(bu 2
+d294cf2 Merge pull request \fI\%#23876\fP from rallytime/switch_digital_ocean_tests_v2
+.IP \(bu 2
+dce9b54 Remove extra line
+.IP \(bu 2
+4acf58e Switch digital ocean tests to v2 driver
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23882\fP: (\fIgarethgreenaway\fP) Fixes to scheduler in 2015.5
+@ \fI2015\-05\-18T22:09:24Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23792\fP: (\fIneogenix\fP) Salt Scheduler Incorrect Response (True, should be False)
+| refs: \fI\%#23882\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+b97a48c Merge pull request \fI\%#23882\fP from garethgreenaway/23792_2015_5_wrong_return_code
+.IP \(bu 2
+37dbde6 Job already exists in schedule, should return False.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23868\fP: (\fIbasepi\fP) [2015.5] Merge forward from 2014.7 to 2015.5
+@ \fI2015\-05\-18T18:35:54Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#20198\fP: (\fIjcftang\fP) virt.get_graphics, virt.get_nics are broken, in turn breaking other things
+| refs: \fI\%#23809\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23823\fP: (\fIgtmanfred\fP) add link local for ipv6
+.IP \(bu 2
+\fBPR\fP \fI\%#23810\fP: (\fIrallytime\fP) Backport \fI\%#23757\fP to 2014.7
+.IP \(bu 2
+\fBPR\fP \fI\%#23809\fP: (\fIrallytime\fP) Fix virtualport section of virt.get_nics loop
+.IP \(bu 2
+\fBPR\fP \fI\%#23802\fP: (\fIgtmanfred\fP) if it is ipv6 ip_to_int will fail
+.IP \(bu 2
+\fBPR\fP \fI\%#23757\fP: (\fIclan\fP) use abspath, do not eliminating symlinks
+| refs: \fI\%#23810\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23573\fP: (\fItechhat\fP) Scan all available networks for public and private IPs
+| refs: \fI\%#23802\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#21487\fP: (\fIrallytime\fP) Backport \fI\%#21469\fP to 2014.7
+| refs: \fI\%#23809\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#21469\fP: (\fIvdesjardins\fP) fixes \fI\%#20198\fP: virt.get_graphics and virt.get_nics calls in module virt
+| refs: \fI\%#21487\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+61c922e Merge pull request \fI\%#23868\fP from basepi/merge\-forward\-2015.5
+.IP \(bu 2
+c9ed233 Merge remote\-tracking branch \(aqupstream/2014.7\(aq into merge\-forward\-2015.5
+.IP \(bu 2
+aee00c8 Merge pull request \fI\%#23810\fP from rallytime/\fI\%bp\-23757\fP
+.INDENT 2.0
+.IP \(bu 2
+fb32c32 use abspath, do not eliminating symlinks
+.UNINDENT
+.IP \(bu 2
+6b3352b Merge pull request \fI\%#23809\fP from rallytime/virt_get_nics_fix
+.INDENT 2.0
+.IP \(bu 2
+0616fb7 Fix virtualport section of virt.get_nics loop
+.UNINDENT
+.IP \(bu 2
+188f03f Merge pull request \fI\%#23823\fP from gtmanfred/2014.7
+.INDENT 2.0
+.IP \(bu 2
+5ef006d add link local for ipv6
+.UNINDENT
+.IP \(bu 2
+f3ca682 Merge pull request \fI\%#23802\fP from gtmanfred/2014.7
+.INDENT 2.0
+.IP \(bu 2
+2da98b5 if it is ipv6 ip_to_int will fail
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23863\fP: (\fIrahulhan\fP) Adding states/timezone.py unit test
+@ \fI2015\-05\-18T17:02:19Z\fP
+.INDENT 2.0
+.IP \(bu 2
+433f873 Merge pull request \fI\%#23863\fP from rahulhan/states_timezone_unit_test
+.IP \(bu 2
+72fcabc Adding states/timezone.py unit test
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23862\fP: (\fIrahulhan\fP) Adding states/tomcat.py unit tests
+@ \fI2015\-05\-18T17:02:10Z\fP
+.INDENT 2.0
+.IP \(bu 2
+37b3ee5 Merge pull request \fI\%#23862\fP from rahulhan/states_tomcat_unit_test
+.IP \(bu 2
+65d7752 Adding states/tomcat.py unit tests
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23860\fP: (\fIrahulhan\fP) Adding states/test.py unit tests
+@ \fI2015\-05\-18T17:01:49Z\fP
+.INDENT 2.0
+.IP \(bu 2
+dde7207 Merge pull request \fI\%#23860\fP from rahulhan/states_test_unit_test
+.IP \(bu 2
+1f4cf86 Adding states/test.py unit tests
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23859\fP: (\fIrahulhan\fP) Adding states/sysrc.py unit tests
+@ \fI2015\-05\-18T17:01:46Z\fP
+.INDENT 2.0
+.IP \(bu 2
+3c9b813 Merge pull request \fI\%#23859\fP from rahulhan/states_sysrc_unit_test
+.IP \(bu 2
+6a903b0 Adding states/sysrc.py unit tests
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23812\fP: (\fIrallytime\fP) Backport \fI\%#23790\fP to 2015.5
+@ \fI2015\-05\-18T15:30:34Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23790\fP: (\fIaboe76\fP) updated suse spec file to version 2015.5.0
+| refs: \fI\%#23812\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+4cf30a7 Merge pull request \fI\%#23812\fP from rallytime/\fI\%bp\-23790\fP
+.IP \(bu 2
+3f65631 updated suse spec file to version 2015.5.0
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23811\fP: (\fIrallytime\fP) Backport \fI\%#23786\fP to 2015.5
+@ \fI2015\-05\-18T15:30:27Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23786\fP: (\fIkaithar\fP) Log the error generated that causes returns.mysql.returner to except.
+| refs: \fI\%#23811\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+c6f939a Merge pull request \fI\%#23811\fP from rallytime/\fI\%bp\-23786\fP
+.IP \(bu 2
+346f30b Log the error generated that causes returns.mysql.returner to except.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23850\fP: (\fIjayeshka\fP) adding sysbench unit test case
+@ \fI2015\-05\-18T15:28:04Z\fP
+.INDENT 2.0
+.IP \(bu 2
+ce60582 Merge pull request \fI\%#23850\fP from jayeshka/sysbench\-unit\-test
+.IP \(bu 2
+280abde adding sysbench unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23843\fP: (\fIThe\-Loeki\fP) Fix erroneous virtual:physical core grain detection
+@ \fI2015\-05\-18T15:24:22Z\fP
+.INDENT 2.0
+.IP \(bu 2
+060902f Merge pull request \fI\%#23843\fP from The\-Loeki/patch\-1
+.IP \(bu 2
+9e2cf60 Fix erroneous virtual:physical core grain detection
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23816\fP: (\fISnergster\fP) Doc for \fI\%#23685\fP Added prereq, caution, and additional mask information
+@ \fI2015\-05\-18T15:18:03Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23815\fP: (\fISnergster\fP) [beacons] inotify errors on subdir creation
+| refs: \fI\%#23816\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+3257a9b Merge pull request \fI\%#23816\fP from Snergster/23685\-doc\-fix
+.IP \(bu 2
+0fca49d Added prereq, caution, and additional mask information
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23832\fP: (\fIahus1\fP) make saltify provider use standard boostrap procedure
+@ \fI2015\-05\-18T02:18:29Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23829\fP: (\fIahus1\fP) make saltify provider use standard boostrap procedure
+| refs: \fI\%#23832\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+3df3b85 Merge pull request \fI\%#23832\fP from ahus1/ahus1_saltify_bootstrap_2015.5
+.IP \(bu 2
+f5b1734 fixing problem in unit test
+.IP \(bu 2
+cba47f6 make saltify to use standard boostrap procedure, therefore providing all options like master_sign_pub_file
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23791\fP: (\fIoptix2000\fP) Psutil compat
+@ \fI2015\-05\-16T04:05:54Z\fP
+.INDENT 2.0
+.IP \(bu 2
+8ec4fb2 Merge pull request \fI\%#23791\fP from optix2000/psutil_compat
+.IP \(bu 2
+5470cf5 Fix pylint errors and sloppy inline comments
+.IP \(bu 2
+64634b6 Update psutil.pid_list to use psutil.pids
+.IP \(bu 2
+5dd6d69 Fix imports that aren\(aqt in __all__
+.IP \(bu 2
+8a1da33 Fix test cases by mocking psutil_compat
+.IP \(bu 2
+558798d Fix net_io_counters deprecation issue
+.IP \(bu 2
+8140f92 Override unecessary pylint errors
+.IP \(bu 2
+7d02ad4 Fix some of the mock names for the new API
+.IP \(bu 2
+9b3023e Fix overloaded getters/setters. Fix line lengths
+.IP \(bu 2
+180eb87 Fix whitespace
+.IP \(bu 2
+f8edf72 Use new psutil API in ps module
+.IP \(bu 2
+e48982f Fix version checking in psutil_compat
+.IP \(bu 2
+93ee411 Create compatability psutil. psutil 3.0 drops 1.0 API, but we still support old psutil versions.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23782\fP: (\fIterminalmage\fP) Replace "command \-v" with "which" and get rid of spurious log messages
+@ \fI2015\-05\-16T04:03:10Z\fP
+.INDENT 2.0
+.IP \(bu 2
+405517b Merge pull request \fI\%#23782\fP from terminalmage/issue23772
+.IP \(bu 2
+0f6f239 More ignore_retcode to suppress spurious log msgs
+.IP \(bu 2
+b4c48e6 Ignore return code in lxc.attachable
+.IP \(bu 2
+08658c0 Replace "command \-v" with "which"
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23783\fP: (\fIbasepi\fP) [2015.5] Merge forward from 2014.7 to 2015.5
+@ \fI2015\-05\-15T21:38:51Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22959\fP: (\fIhighlyunavailable\fP) Windows Salt hangs if file.directory is trying to write to a drive that doesn\(aqt exist
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22332\fP: (\fIrallytime\fP) [salt\-ssh] Add a check for host in /etc/salt/roster
+| refs: \fI\%#23748\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#16424\fP: (\fIstanvit\fP) salt\-run cloud.create fails with saltify
+.IP \(bu 2
+\fBPR\fP \fI\%#23748\fP: (\fIbasepi\fP) [2014.7] Log salt\-ssh roster render errors more assertively and verbosely
+.IP \(bu 2
+\fBPR\fP \fI\%#23731\fP: (\fItwangboy\fP) Fixes \fI\%#22959\fP: Trying to add a directory to an unmapped drive in windows
+.IP \(bu 2
+\fBPR\fP \fI\%#23730\fP: (\fIrallytime\fP) Backport \fI\%#23729\fP to 2014.7
+.IP \(bu 2
+\fBPR\fP \fI\%#23729\fP: (\fIrallytime\fP) Partially merge \fI\%#23437\fP (grains fix)
+| refs: \fI\%#23730\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23688\fP: (\fItwangboy\fP) Added inet_pton to utils/validate/net.py for ip.set_static_ip in windows
+.IP \(bu 2
+\fBPR\fP \fI\%#23488\fP: (\fIcellscape\fP) LXC cloud fixes
+.IP \(bu 2
+\fBPR\fP \fI\%#23437\fP: (\fIcedwards\fP) Grains item patch
+| refs: \fI\%#23729\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+cb2eb40 Merge pull request \fI\%#23783\fP from basepi/merge\-forward\-2015.5
+.IP \(bu 2
+9df51ca __opts__.get
+.IP \(bu 2
+51d23ed Merge remote\-tracking branch \(aqupstream/2014.7\(aq into merge\-forward\-2015.5
+.INDENT 2.0
+.IP \(bu 2
+d9af0c3 Merge pull request \fI\%#23488\fP from cellscape/lxc\-cloud\-fixes
+.INDENT 2.0
+.IP \(bu 2
+64250a6 Remove profile from opts after creating LXC container
+.IP \(bu 2
+c4047d2 Set destroy=True in opts when destroying cloud instance
+.IP \(bu 2
+9e1311a Store instance names in opts when performing cloud action
+.IP \(bu 2
+934bc57 Correctly pass custom env to lxc\-attach
+.IP \(bu 2
+7fb85f7 Preserve test=True option in cloud states
+.IP \(bu 2
+9771b5a Fix detection of absent LXC container in cloud state
+.IP \(bu 2
+fb24f0c Report failure when failed to create/clone LXC container
+.IP \(bu 2
+2d9aa2b Avoid shadowing variables in lxc module
+.IP \(bu 2
+792e102 Allow to override profile options in lxc.cloud_init_interface
+.IP \(bu 2
+42bd64b Return changes on successful lxc.create from salt\-cloud
+.IP \(bu 2
+4409eab Return correct result when creating cloud LXC container
+.IP \(bu 2
+377015c Issue \fI\%#16424\fP: List all providers when creating salt\-cloud instance without profile
+.UNINDENT
+.IP \(bu 2
+808bbe1 Merge pull request \fI\%#23748\fP from basepi/salt\-ssh.roster.host.check
+.INDENT 2.0
+.IP \(bu 2
+bc53e04 Log entire exception for render errors in roster
+.IP \(bu 2
+753de6a Log render errors in roster to error level
+.IP \(bu 2
+e01a7a9 Always let the real YAML error through
+.UNINDENT
+.IP \(bu 2
+72cf360 Merge pull request \fI\%#23731\fP from twangboy/fix_22959
+.INDENT 2.0
+.IP \(bu 2
+88e5495 Fixes \fI\%#22959\fP: Trying to add a directory to an unmapped drive in windows
+.UNINDENT
+.IP \(bu 2
+2610195 Merge pull request \fI\%#23730\fP from rallytime/\fI\%bp\-23729\fP
+.INDENT 2.0
+.IP \(bu 2
+1877cae adding support for nested grains to grains.item
+.UNINDENT
+.IP \(bu 2
+3e9df88 Merge pull request \fI\%#23688\fP from twangboy/fix_23415
+.INDENT 2.0
+.IP \(bu 2
+6a91169 Fixed unused\-import pylint error
+.IP \(bu 2
+5e25b3f fixed pylint errors
+.IP \(bu 2
+1a96766 Added inet_pton to utils/validate/net.py for ip.set_static_ip in windows
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23781\fP: (\fIjfindlay\fP) fix unit test mock errors on arch
+@ \fI2015\-05\-15T19:40:07Z\fP
+.INDENT 2.0
+.IP \(bu 2
+982f873 Merge pull request \fI\%#23781\fP from jfindlay/fix_locale_tests
+.IP \(bu 2
+14c711e fix unit test mock errors on arch
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23740\fP: (\fIjfindlay\fP) Binary write
+@ \fI2015\-05\-15T18:10:44Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23566\fP: (\fIrks2286\fP) Salt\-cp corrupting the file after transfer to minion
+| refs: \fI\%#23740\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+916b1c4 Merge pull request \fI\%#23740\fP from jfindlay/binary_write
+.IP \(bu 2
+626930a update incorrect comment wording
+.IP \(bu 2
+a978f5c always use binary file write mode on windows
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23736\fP: (\fIjfindlay\fP) always load pip execution module
+@ \fI2015\-05\-15T18:10:16Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23682\fP: (\fIchrish42\fP) Pip module requires system pip, even when not used (with env_bin)
+| refs: \fI\%#23736\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+348645e Merge pull request \fI\%#23736\fP from jfindlay/fix_pip
+.IP \(bu 2
+b8867a8 update pip tests
+.IP \(bu 2
+040bbc4 only check pip version in one place
+.IP \(bu 2
+6c453a5 check for executable status of bin_env
+.IP \(bu 2
+3337257 always load the pip module as pip could be anywhere
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23770\fP: (\fIcellscape\fP) Fix cloud LXC container destruction
+@ \fI2015\-05\-15T17:38:59Z\fP
+.INDENT 2.0
+.IP \(bu 2
+10cedfb Merge pull request \fI\%#23770\fP from cellscape/fix\-cloud\-lxc\-destruction
+.IP \(bu 2
+4f6021c Fix cloud LXC container destruction
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23759\fP: (\fIlisa2lisa\fP) fixed the problem for not beable to revoke \fI\&.\fP, for more detail https…
+@ \fI2015\-05\-15T17:38:38Z\fP
+.INDENT 2.0
+.IP \(bu 2
+ddea822 Merge pull request \fI\%#23759\fP from lisa2lisa/iss23664
+.IP \(bu 2
+a29f161 fixed the problem for not beable to revoke \fI\&.\fP, for more detail \fI\%https://github.com/saltstack/salt/issues/23201\fP, fixed mysql cannot create user with pure digit password, for more info \fI\%https://github.com/saltstack/salt/issues/23664\fP
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23769\fP: (\fIcellscape\fP) Fix file_roots CA lookup in salt.utils.http.get_ca_bundle
+@ \fI2015\-05\-15T16:21:49Z\fP
+.INDENT 2.0
+.IP \(bu 2
+10615ff Merge pull request \fI\%#23769\fP from cellscape/utils\-http\-ca\-file\-roots
+.IP \(bu 2
+8e90f32 Fix file_roots CA lookup in salt.utils.http.get_ca_bundle
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23765\fP: (\fIjayeshka\fP) adding states/makeconf unit test case
+@ \fI2015\-05\-15T14:29:43Z\fP
+.INDENT 2.0
+.IP \(bu 2
+fd8a1b7 Merge pull request \fI\%#23765\fP from jayeshka/makeconf_states\-unit\-test
+.IP \(bu 2
+26e31af adding states/makeconf unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23760\fP: (\fIticosax\fP) [doc] document refresh argument
+@ \fI2015\-05\-15T14:23:47Z\fP
+.INDENT 2.0
+.IP \(bu 2
+ee13b08 Merge pull request \fI\%#23760\fP from ticosax/2015.5
+.IP \(bu 2
+e3ca859 document refresh argument
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23766\fP: (\fIjayeshka\fP) adding svn unit test case
+@ \fI2015\-05\-15T14:23:18Z\fP
+.INDENT 2.0
+.IP \(bu 2
+a017f72 Merge pull request \fI\%#23766\fP from jayeshka/svn\-unit\-test
+.IP \(bu 2
+19939cf adding svn unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23751\fP: (\fIrallytime\fP) Backport \fI\%#23737\fP to 2015.5
+@ \fI2015\-05\-15T03:58:37Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23734\fP: (\fIbradthurber\fP) 2015.5.0 modules/archive.py ZipFile instance has no attribute \(aq__exit__\(aq \- only python 2.6?
+| refs: \fI\%#23737\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23737\fP: (\fIbradthurber\fP) fix for 2015.5.0 modules/archive.py ZipFile instance has no attribute…
+| refs: \fI\%#23751\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+0ed9d45 Merge pull request \fI\%#23751\fP from rallytime/\fI\%bp\-23737\fP
+.IP \(bu 2
+8d1eb32 fix for 2015.5.0 modules/archive.py ZipFile instance has no attribute \(aq__exit__\(aq \- only python 2.6? \fI\%#23734\fP
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23710\fP: (\fIkiorky\fP) Get more useful output from stateful commands
+@ \fI2015\-05\-14T21:58:10Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23709\fP: (\fIkiorky\fP) cmdmod: enhancement is really needed for stateful commands
+| refs: \fI\%#23710\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+d73984e Merge pull request \fI\%#23710\fP from makinacorpus/i23709
+.IP \(bu 2
+c706909 Get more useful output from stateful commands
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23724\fP: (\fIrallytime\fP) Backport \fI\%#23609\fP to 2015.5
+@ \fI2015\-05\-14T19:34:22Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23609\fP: (\fIkaidokert\fP) file_map: chown created directories if not root \fI\%#23608\fP
+| refs: \fI\%#23724\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+cdf421b Merge pull request \fI\%#23724\fP from rallytime/\fI\%bp\-23609\fP
+.IP \(bu 2
+fe3a762 file_map: chmod created directories if not root
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23723\fP: (\fIrallytime\fP) Backport \fI\%#23568\fP to 2015.5
+@ \fI2015\-05\-14T19:34:11Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23568\fP: (\fItechhat\fP) Allow Salt Cloud to use either SCP or SFTP, as configured
+| refs: \fI\%#23723\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+94f9099 Merge pull request \fI\%#23723\fP from rallytime/\fI\%bp\-23568\fP
+.IP \(bu 2
+bbec34a Allow Salt Cloud to use either SCP or SFTP, as configured
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23725\fP: (\fIrallytime\fP) Backport \fI\%#23691\fP to 2015.5
+@ \fI2015\-05\-14T19:32:30Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23691\fP: (\fIdennisjac\fP) add initial configuration documentation for varstack pillar
+| refs: \fI\%#23725\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+137e5ee Merge pull request \fI\%#23725\fP from rallytime/\fI\%bp\-23691\fP
+.IP \(bu 2
+28a846e add initial configuration documentation for varstack pillar
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23722\fP: (\fIrallytime\fP) Backport \fI\%#23472\fP to 2015.5
+@ \fI2015\-05\-14T19:31:52Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23472\fP: (\fItechhat\fP) Allow neutron network list to be used as pillar data
+| refs: \fI\%#23722\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+0c00995 Merge pull request \fI\%#23722\fP from rallytime/\fI\%bp\-23472\fP
+.IP \(bu 2
+c3d0f39 Change versionadded tag for backport
+.IP \(bu 2
+023e88f Allow neutron network list to be used as pillar data
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23727\fP: (\fIjfindlay\fP) fix npm execution module stacktrace
+@ \fI2015\-05\-14T18:14:12Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23657\fP: (\fIarthurlogilab\fP) [salt\-cloud lxc] NameError: global name \(aq__salt__\(aq is not defined
+| refs: \fI\%#23727\fP \fI\%#23898\fP \fI\%#23897\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+cbf4ca8 Merge pull request \fI\%#23727\fP from jfindlay/npm_salt
+.IP \(bu 2
+05392f2 fix npm execution module stacktrace
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23718\fP: (\fIrahulhan\fP) Adding states/user.py unit tests
+@ \fI2015\-05\-14T17:15:38Z\fP
+.INDENT 2.0
+.IP \(bu 2
+ef536d5 Merge pull request \fI\%#23718\fP from rahulhan/states_user_unit_tests
+.IP \(bu 2
+aad27db Adding states/user.py unit tests
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23720\fP: (\fIbasepi\fP) [2015.5] Merge forward from 2014.7 to 2015.5
+@ \fI2015\-05\-14T17:13:02Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23604\fP: (\fIAzidburn\fP) service.dead on systemd Minion create an Error Message
+| refs: \fI\%#23607\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23548\fP: (\fIkkaig\fP) grains.list_present produces incorrect (?) output
+| refs: \fI\%#23674\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23403\fP: (\fIiamfil\fP) salt.runners.cloud.action fun parameter is replaced
+| refs: \fI\%#23680\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23680\fP: (\fIcachedout\fP) Rename kwarg in cloud runner
+.IP \(bu 2
+\fBPR\fP \fI\%#23674\fP: (\fIcachedout\fP) Handle lists correctly in grains.list_prsesent
+.IP \(bu 2
+\fBPR\fP \fI\%#23672\fP: (\fItwangboy\fP) Fix user present
+.IP \(bu 2
+\fBPR\fP \fI\%#23670\fP: (\fIrallytime\fP) Backport \fI\%#23607\fP to 2014.7
+.IP \(bu 2
+\fBPR\fP \fI\%#23607\fP: (\fIAzidburn\fP) Fix for \fI\%#23604\fP\&. No error reporting. Exitcode !=0 are ok
+| refs: \fI\%#23670\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+a529d74 Merge pull request \fI\%#23720\fP from basepi/merge\-forward\-2015.5
+.IP \(bu 2
+06a3ebd Merge remote\-tracking branch \(aqupstream/2014.7\(aq into merge\-forward\-2015.5
+.IP \(bu 2
+1b86460 Merge pull request \fI\%#23680\fP from cachedout/issue_23403
+.INDENT 2.0
+.IP \(bu 2
+d5986c2 Rename kwarg in cloud runner
+.UNINDENT
+.IP \(bu 2
+cd64af0 Merge pull request \fI\%#23674\fP from cachedout/issue_23548
+.INDENT 2.0
+.IP \(bu 2
+da8a2f5 Handle lists correctly in grains.list_prsesent
+.UNINDENT
+.IP \(bu 2
+d322a19 Merge pull request \fI\%#23672\fP from twangboy/fix_user_present
+.INDENT 2.0
+.IP \(bu 2
+731e7af Merge branch \(aq2014.7\(aq of \fI\%https://github.com/saltstack/salt\fP into fix_user_present
+.IP \(bu 2
+d6f70a4 Fixed user.present to create password in windows
+.UNINDENT
+.IP \(bu 2
+43f7025 Merge pull request \fI\%#23670\fP from rallytime/\fI\%bp\-23607\fP
+.INDENT 2.0
+.IP \(bu 2
+ed30dc4 Fix for \fI\%#23604\fP\&. No error reporting. Exitcode !=0 are ok
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23704\fP: (\fIjayeshka\fP) adding states/lvs_server unit test case
+@ \fI2015\-05\-14T14:22:10Z\fP
+.INDENT 2.0
+.IP \(bu 2
+13facbf Merge pull request \fI\%#23704\fP from jayeshka/lvs_server_states\-unit\-test
+.IP \(bu 2
+da323da adding states/lvs_server unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23703\fP: (\fIjayeshka\fP) adding states/lvs_service unit test case
+@ \fI2015\-05\-14T14:21:23Z\fP
+.INDENT 2.0
+.IP \(bu 2
+f95ca31 Merge pull request \fI\%#23703\fP from jayeshka/lvs_service_states\-unit\-test
+.IP \(bu 2
+66717c8 adding states/lvs_service unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23702\fP: (\fIjayeshka\fP) Remove superfluous return statement.
+@ \fI2015\-05\-14T14:20:42Z\fP
+.INDENT 2.0
+.IP \(bu 2
+07e987e Merge pull request \fI\%#23702\fP from jayeshka/fix_lvs_service
+.IP \(bu 2
+ecff218 fix lvs_service
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23686\fP: (\fIjfindlay\fP) remove superflous return statement
+@ \fI2015\-05\-14T14:20:18Z\fP
+.INDENT 2.0
+.IP \(bu 2
+39973d4 Merge pull request \fI\%#23686\fP from jfindlay/fix_lvs_server
+.IP \(bu 2
+5aaeb73 remove superflous return statement
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23690\fP: (\fIrallytime\fP) Backport \fI\%#23424\fP to 2015.5
+@ \fI2015\-05\-13T23:04:36Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23424\fP: (\fIjtand\fP) Added python_shell=True for refresh_db in pacman.py
+| refs: \fI\%#23690\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+be7c7ef Merge pull request \fI\%#23690\fP from rallytime/\fI\%bp\-23424\fP
+.IP \(bu 2
+94574b7 Added python_shell=True for refresh_db in pacman.py
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23681\fP: (\fIcachedout\fP) Start on 2015.5.1 release notes
+@ \fI2015\-05\-13T19:44:22Z\fP
+.INDENT 2.0
+.IP \(bu 2
+1a0db43 Merge pull request \fI\%#23681\fP from cachedout/2015_5_1_release_notes
+.IP \(bu 2
+bdbbfa6 Start on 2015.5.1 release notes
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23679\fP: (\fIjfindlay\fP) Merge \fI\%#23616\fP
+@ \fI2015\-05\-13T19:03:53Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23616\fP: (\fISnergster\fP) virtual returning none warning fixed in dev but missed in 2015.5
+| refs: \fI\%#23679\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+b54075a Merge pull request \fI\%#23679\fP from jfindlay/merge_23616
+.IP \(bu 2
+6e15e19 appease pylint\(aqs blank line strictures
+.IP \(bu 2
+8750680 virtual returning none warning fixed in dev but missed in 2015.5
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23675\fP: (\fIbasepi\fP) [2015.5] Merge forward from 2014.7 to 2015.5
+@ \fI2015\-05\-13T18:35:54Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23611\fP: (\fIhubez\fP) master_type set to \(aqfailover\(aq but \(aqmaster\(aq is not of type list but of type <type \(aqstr\(aq>
+| refs: \fI\%#23637\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23479\fP: (\fIdanielmorlock\fP) Typo in pkg.removed for Gentoo?
+| refs: \fI\%#23558\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23452\fP: (\fImichaelforge\fP) minion crashed with empty grain
+| refs: \fI\%#23639\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23411\fP: (\fIdr4Ke\fP) grains.append should work at any level of a grain
+| refs: \fI\%#23440\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23355\fP: (\fIdr4Ke\fP) salt\-ssh: \(aqsources: salt://\(aq files from \(aqpkg\(aq state are not included in salt_state.tgz
+| refs: \fI\%#23530\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23110\fP: (\fImartinhoefling\fP) Copying files from gitfs in file.recurse state fails
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23004\fP: (\fIb18\fP) 2014.7.5 \- Windows \- pkg.list_pkgs \- "nxlog" never shows up in output.
+| refs: \fI\%#23433\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22908\fP: (\fIkaranjad\fP) Add failhard option to salt orchestration
+| refs: \fI\%#23389\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22141\fP: (\fIDeshke\fP) grains.get_or_set_hash render error if hash begins with "%"
+| refs: \fI\%#23640\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23661\fP: (\fIrallytime\fP) Merge \fI\%#23640\fP with whitespace fix
+.IP \(bu 2
+\fBPR\fP \fI\%#23640\fP: (\fIcachedout\fP) Add warning to get_or_set_hash about reserved chars
+| refs: \fI\%#23661\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23639\fP: (\fIcachedout\fP) Handle exceptions raised by __virtual__
+.IP \(bu 2
+\fBPR\fP \fI\%#23637\fP: (\fIcachedout\fP) Convert str master to list
+.IP \(bu 2
+\fBPR\fP \fI\%#23606\fP: (\fItwangboy\fP) Fixed checkbox for starting service and actually starting it
+.IP \(bu 2
+\fBPR\fP \fI\%#23595\fP: (\fIrallytime\fP) Backport \fI\%#23549\fP to 2014.7
+.IP \(bu 2
+\fBPR\fP \fI\%#23594\fP: (\fIrallytime\fP) Backport \fI\%#23496\fP to 2014.7
+.IP \(bu 2
+\fBPR\fP \fI\%#23593\fP: (\fIrallytime\fP) Backport \fI\%#23442\fP to 2014.7
+.IP \(bu 2
+\fBPR\fP \fI\%#23592\fP: (\fIrallytime\fP) Backport \fI\%#23389\fP to 2014.7
+.IP \(bu 2
+\fBPR\fP \fI\%#23573\fP: (\fItechhat\fP) Scan all available networks for public and private IPs
+| refs: \fI\%#23802\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23558\fP: (\fIjfindlay\fP) reorder emerge command line
+.IP \(bu 2
+\fBPR\fP \fI\%#23554\fP: (\fIjleroy\fP) Debian: Hostname always updated
+.IP \(bu 2
+\fBPR\fP \fI\%#23551\fP: (\fIdr4Ke\fP) grains.append unit tests, related to \fI\%#23474\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23549\fP: (\fIvr\-jack\fP) Update __init__.py
+| refs: \fI\%#23595\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23537\fP: (\fIt0rrant\fP) Update changelog
+.IP \(bu 2
+\fBPR\fP \fI\%#23530\fP: (\fIdr4Ke\fP) salt\-ssh state: fix including all salt:// references
+.IP \(bu 2
+\fBPR\fP \fI\%#23496\fP: (\fImartinhoefling\fP) Fix for issue \fI\%#23110\fP
+| refs: \fI\%#23594\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23474\fP: (\fIdr4Ke\fP) Fix grains.append in nested dictionnary grains \fI\%#23411\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23442\fP: (\fIclan\fP) add directory itself to keep list
+| refs: \fI\%#23593\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23440\fP: (\fIdr4Ke\fP) fix grains.append in nested dictionnary grains \fI\%#23411\fP
+| refs: \fI\%#23474\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23433\fP: (\fItwangboy\fP) Obtain all software from the registry
+.IP \(bu 2
+\fBPR\fP \fI\%#23389\fP: (\fIcachedout\fP) Correct fail_hard typo
+| refs: \fI\%#23592\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+e480f13 Merge pull request \fI\%#23675\fP from basepi/merge\-forward\-2015.5
+.IP \(bu 2
+bd63548 Merge remote\-tracking branch \(aqupstream/2014.7\(aq into merge\-forward\-2015.5
+.INDENT 2.0
+.IP \(bu 2
+0f006ac Merge pull request \fI\%#23661\fP from rallytime/merge\-23640
+.INDENT 2.0
+.IP \(bu 2
+4427f42 Whitespace fix
+.IP \(bu 2
+dd91154 Add warning to get_or_set_hash about reserved chars
+.UNINDENT
+.IP \(bu 2
+84e2ef8 Merge pull request \fI\%#23639\fP from cachedout/issue_23452
+.INDENT 2.0
+.IP \(bu 2
+d418b49 Syntax error!
+.IP \(bu 2
+45b4015 Handle exceptions raised by __virtual__
+.UNINDENT
+.IP \(bu 2
+bd9b94b Merge pull request \fI\%#23637\fP from cachedout/issue_23611
+.INDENT 2.0
+.IP \(bu 2
+56cb1f5 Fix typo
+.IP \(bu 2
+f6fcf19 Convert str master to list
+.UNINDENT
+.IP \(bu 2
+f20c0e4 Merge pull request \fI\%#23595\fP from rallytime/\fI\%bp\-23549\fP
+.INDENT 2.0
+.IP \(bu 2
+6efcac0 Update __init__.py
+.UNINDENT
+.IP \(bu 2
+1acaf86 Merge pull request \fI\%#23594\fP from rallytime/\fI\%bp\-23496\fP
+.INDENT 2.0
+.IP \(bu 2
+d5ae1d2 Fix for issue \fI\%#23110\fP This resolves issues when the freshly created directory is removed by fileserver.update.
+.UNINDENT
+.IP \(bu 2
+2c221c7 Merge pull request \fI\%#23593\fP from rallytime/\fI\%bp\-23442\fP
+.INDENT 2.0
+.IP \(bu 2
+39869a1 check w/ low[\(aqname\(aq] only
+.IP \(bu 2
+304cc49 another fix for file defined w/ id, but require name
+.IP \(bu 2
+8814d41 add directory itself to keep list
+.UNINDENT
+.IP \(bu 2
+fadd1ef Merge pull request \fI\%#23606\fP from twangboy/fix_installer
+.INDENT 2.0
+.IP \(bu 2
+038331e Fixed checkbox for starting service and actually starting it
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+acdd3fc Fix lint
+.IP \(bu 2
+680e88f Merge remote\-tracking branch \(aqupstream/2014.7\(aq into merge\-forward\-2015.5
+.INDENT 2.0
+.IP \(bu 2
+10b3f0f Merge pull request \fI\%#23592\fP from rallytime/\fI\%bp\-23389\fP
+.INDENT 2.0
+.IP \(bu 2
+734cc43 Correct fail_hard typo
+.UNINDENT
+.IP \(bu 2
+cd34b9b Merge pull request \fI\%#23573\fP from techhat/novaquery
+.INDENT 2.0
+.IP \(bu 2
+f92db5e Linting
+.IP \(bu 2
+26e00d3 Scan all available networks for public and private IPs
+.UNINDENT
+.IP \(bu 2
+2a72cd7 Merge pull request \fI\%#23558\fP from jfindlay/fix_ebuild
+.INDENT 2.0
+.IP \(bu 2
+45404fb reorder emerge command line
+.UNINDENT
+.IP \(bu 2
+a664a3c Merge pull request \fI\%#23530\fP from dr4Ke/fix_salt\-ssh_to_include_pkg_sources
+.INDENT 2.0
+.IP \(bu 2
+5df6a80 fix pylint warning
+.IP \(bu 2
+d0549e5 salt\-ssh state: fix including all salt:// references
+.UNINDENT
+.IP \(bu 2
+55c3869 Merge pull request \fI\%#23433\fP from twangboy/list_pkgs_fix
+.INDENT 2.0
+.IP \(bu 2
+8ab5b1b Fix pylint error
+.IP \(bu 2
+2d11d65 Obtain all software from the registry
+.UNINDENT
+.IP \(bu 2
+755bed0 Merge pull request \fI\%#23554\fP from jleroy/debian\-hostname\-fix
+.INDENT 2.0
+.IP \(bu 2
+5ff749e Debian: Hostname always updated
+.UNINDENT
+.IP \(bu 2
+6ec87ce Merge pull request \fI\%#23551\fP from dr4Ke/grains.append_unit_tests
+.INDENT 2.0
+.IP \(bu 2
+ebff9df fix pylint errors
+.IP \(bu 2
+c495404 unit tests for grains.append module function
+.IP \(bu 2
+0c9a323 use MagickMock
+.IP \(bu 2
+c838a22 unit tests for grains.append module function
+.UNINDENT
+.IP \(bu 2
+e96c5c5 Merge pull request \fI\%#23474\fP from dr4Ke/fix_grains.append_nested
+.INDENT 2.0
+.IP \(bu 2
+a01a5bb grains.get, parameter delimititer, versionadded: 2014.7.6
+.IP \(bu 2
+b39f504 remove debugging output
+.IP \(bu 2
+b6e15e2 fix grains.append in nested dictionnary grains \fI\%#23411\fP
+.UNINDENT
+.IP \(bu 2
+ab7e1ae Merge pull request \fI\%#23537\fP from t0rrant/patch\-1
+.INDENT 2.0
+.IP \(bu 2
+8e03cc9 Update changelog
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23669\fP: (\fIrallytime\fP) Backport \fI\%#23586\fP to 2015.5
+@ \fI2015\-05\-13T18:27:11Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23586\fP: (\fILothiraldan\fP) Fix salt.state.file._unify_sources_and_hashes when sources is used without sources_hashes
+| refs: \fI\%#23669\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+0dad6be Merge pull request \fI\%#23669\fP from rallytime/\fI\%bp\-23586\fP
+.IP \(bu 2
+ef4c6ad Remove another unused import
+.IP \(bu 2
+73cfda7 Remove unused import
+.IP \(bu 2
+52b68d6 Use the zip_longest from six module for python 3 compatiblity
+.IP \(bu 2
+18d5ff9 Fix salt.state.file._unify_sources_and_hashes when sources is used without sources_hashes
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23662\fP: (\fIrallytime\fP) Merge \fI\%#23642\fP with pylint fix
+@ \fI2015\-05\-13T15:46:51Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23642\fP: (\fIcachedout\fP) Let saltmod handle lower\-level exceptions gracefully
+| refs: \fI\%#23662\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+fabef75 Merge pull request \fI\%#23662\fP from rallytime/merge\-23642
+.IP \(bu 2
+aa7bbd8 Remove unused import
+.IP \(bu 2
+9e66d4c Let saltmod handle lower\-level exceptions gracefully
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23622\fP: (\fIjfindlay\fP) merge \fI\%#23508\fP
+@ \fI2015\-05\-13T15:36:49Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23508\fP: (\fIcro\fP) Port mysql returner to postgres using jsonb datatype
+| refs: \fI\%#23622\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+072b927 Merge pull request \fI\%#23622\fP from jfindlay/pgjsonb
+.IP \(bu 2
+454322c appease pylint\(aqs proscription on blank line excess
+.IP \(bu 2
+57c6171 Get time with timezone correct also in job return.
+.IP \(bu 2
+e109d0f Get time with timezone correct.
+.IP \(bu 2
+21e06b9 Fix SQL, remove unneeded imports.
+.IP \(bu 2
+653f360 Stop making changes in 2 places.
+.IP \(bu 2
+d6daaa0 Typo.
+.IP \(bu 2
+7d748bf SSL is handled differently by Pg, so don\(aqt set it here.
+.IP \(bu 2
+cc7c377 Fill alter_time field in salt_events with current time with timezone.
+.IP \(bu 2
+43defe9 Port mysql module to Postgres using jsonb datatypes
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23651\fP: (\fIjayeshka\fP) adding solr unit test case
+@ \fI2015\-05\-13T15:26:15Z\fP
+.INDENT 2.0
+.IP \(bu 2
+c1bdd4d Merge pull request \fI\%#23651\fP from jayeshka/solr\-unit\-test
+.IP \(bu 2
+6e05148 adding solr unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23649\fP: (\fIjayeshka\fP) adding states/libvirt unit test case
+@ \fI2015\-05\-13T15:24:48Z\fP
+.INDENT 2.0
+.IP \(bu 2
+ee43411 Merge pull request \fI\%#23649\fP from jayeshka/libvirt_states\-unit\-test
+.IP \(bu 2
+0fb923a adding states/libvirt unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23648\fP: (\fIjayeshka\fP) adding states/linux_acl unit test case
+@ \fI2015\-05\-13T15:24:11Z\fP
+.INDENT 2.0
+.IP \(bu 2
+c7fc466 Merge pull request \fI\%#23648\fP from jayeshka/linux_acl_states\-unit\-test
+.IP \(bu 2
+3f0ab29 removed error.
+.IP \(bu 2
+11081c1 adding states/linux_acl unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23650\fP: (\fIjayeshka\fP) adding states/kmod unit test case
+@ \fI2015\-05\-13T15:09:18Z\fP
+.INDENT 2.0
+.IP \(bu 2
+4cba7ba Merge pull request \fI\%#23650\fP from jayeshka/kmod_states\-unit\-test
+.IP \(bu 2
+1987015 adding states/kmod unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23633\fP: (\fIjayeshka\fP) made changes to test_interfaces function.
+@ \fI2015\-05\-13T06:51:07Z\fP
+.INDENT 2.0
+.IP \(bu 2
+bc8faf1 Merge pull request \fI\%#23633\fP from jayeshka/win_network\-2015.5\-unit\-test
+.IP \(bu 2
+0936e1d made changes to test_interfaces function.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23619\fP: (\fIjfindlay\fP) fix kmod.present processing of module loading
+@ \fI2015\-05\-13T01:16:56Z\fP
+.INDENT 2.0
+.IP \(bu 2
+7df3579 Merge pull request \fI\%#23619\fP from jfindlay/fix_kmod_state
+.IP \(bu 2
+73facbf fix kmod.present processing of module loading
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23598\fP: (\fIrahulhan\fP) Adding states/win_dns_client.py unit tests
+@ \fI2015\-05\-12T21:47:36Z\fP
+.INDENT 2.0
+.IP \(bu 2
+d4f3095 Merge pull request \fI\%#23598\fP from rahulhan/states_win_dns_client_unit_test
+.IP \(bu 2
+d08d885 Adding states/win_dns_client.py unit tests
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23597\fP: (\fIrahulhan\fP) Adding states/vbox_guest.py unit tests
+@ \fI2015\-05\-12T21:46:30Z\fP
+.INDENT 2.0
+.IP \(bu 2
+811c6a1 Merge pull request \fI\%#23597\fP from rahulhan/states_vbox_guest_unit_test
+.IP \(bu 2
+6a2909e Removed errors
+.IP \(bu 2
+4cde78a Adding states/vbox_guest.py unit tests
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23615\fP: (\fIrallytime\fP) Backport \fI\%#23577\fP to 2015.5
+@ \fI2015\-05\-12T21:19:11Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23577\fP: (\fImsciciel\fP) Fix find and remove functions to pass database param
+| refs: \fI\%#23615\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+029ff11 Merge pull request \fI\%#23615\fP from rallytime/\fI\%bp\-23577\fP
+.IP \(bu 2
+6f74477 Fix find and remove functions to pass database param
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23603\fP: (\fIrahulhan\fP) Adding states/winrepo.py unit tests
+@ \fI2015\-05\-12T18:40:12Z\fP
+.INDENT 2.0
+.IP \(bu 2
+b858953 Merge pull request \fI\%#23603\fP from rahulhan/states_winrepo_unit_test
+.IP \(bu 2
+a66e7e7 Adding states/winrepo.py unit tests
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23602\fP: (\fIrahulhan\fP) Adding states/win_path.py unit tests
+@ \fI2015\-05\-12T18:39:37Z\fP
+.INDENT 2.0
+.IP \(bu 2
+3cbbd6d Merge pull request \fI\%#23602\fP from rahulhan/states_win_path_unit_test
+.IP \(bu 2
+122c29f Adding states/win_path.py unit tests
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23600\fP: (\fIrahulhan\fP) Adding states/win_network.py unit tests
+@ \fI2015\-05\-12T18:39:01Z\fP
+.INDENT 2.0
+.IP \(bu 2
+3c904e8 Merge pull request \fI\%#23600\fP from rahulhan/states_win_network_unit_test
+.IP \(bu 2
+b418404 removed lint error
+.IP \(bu 2
+1be8023 Adding states/win_network.py unit tests
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23599\fP: (\fIrahulhan\fP) Adding win_firewall.py unit tests
+@ \fI2015\-05\-12T18:37:49Z\fP
+.INDENT 2.0
+.IP \(bu 2
+10243a7 Merge pull request \fI\%#23599\fP from rahulhan/states_win_firewall_unit_test
+.IP \(bu 2
+6cda890 Adding win_firewall.py unit tests
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23601\fP: (\fIbasepi\fP) Add versionadded for jboss module/state
+@ \fI2015\-05\-12T17:22:59Z\fP
+.INDENT 2.0
+.IP \(bu 2
+e73071d Merge pull request \fI\%#23601\fP from basepi/jboss.version.added
+.IP \(bu 2
+0174c8f Add versionadded for jboss module/state
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23469\fP: (\fIs0undt3ch\fP) Call the windows specific function not the general one
+@ \fI2015\-05\-12T16:47:22Z\fP
+.INDENT 2.0
+.IP \(bu 2
+9beb7bc Merge pull request \fI\%#23469\fP from s0undt3ch/hotfix/call\-the\-win\-func
+.IP \(bu 2
+83e88a3 Call the windows specific function not the general one
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23583\fP: (\fIjayeshka\fP) adding states/ipset unit test case
+@ \fI2015\-05\-12T16:31:55Z\fP
+.INDENT 2.0
+.IP \(bu 2
+d2f0975 Merge pull request \fI\%#23583\fP from jayeshka/ipset_states\-unit\-test
+.IP \(bu 2
+4330cf4 adding states/ipset unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23582\fP: (\fIjayeshka\fP) adding states/keyboard unit test case
+@ \fI2015\-05\-12T16:31:17Z\fP
+.INDENT 2.0
+.IP \(bu 2
+82a47e8 Merge pull request \fI\%#23582\fP from jayeshka/keyboard_states\-unit\-test
+.IP \(bu 2
+fa94d7a adding states/keyboard unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23581\fP: (\fIjayeshka\fP) adding states/layman unit test case
+@ \fI2015\-05\-12T16:30:36Z\fP
+.INDENT 2.0
+.IP \(bu 2
+77e5b28 Merge pull request \fI\%#23581\fP from jayeshka/layman_states\-unit\-test
+.IP \(bu 2
+297b055 adding states/layman unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23580\fP: (\fIjayeshka\fP) adding smf unit test case
+@ \fI2015\-05\-12T16:29:58Z\fP
+.INDENT 2.0
+.IP \(bu 2
+cbe3282 Merge pull request \fI\%#23580\fP from jayeshka/smf\-unit\-test
+.IP \(bu 2
+4f97191 adding smf unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23572\fP: (\fIThe\-Loeki\fP) Fix regression of \fI\%#21355\fP introduced by \fI\%#21603\fP
+@ \fI2015\-05\-12T16:28:05Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#21603\fP: (\fIipmb\fP) ssh_auth.present fails on key without comment
+| refs: \fI\%#23572\fP \fI\%#23572\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#21355\fP: (\fIThe\-Loeki\fP) Fix for comments containing whitespaces
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+16a3338 Merge pull request \fI\%#23572\fP from The\-Loeki/ssh_auth_fix
+.IP \(bu 2
+d8248dd Fix regression of \fI\%#21355\fP introduced by \fI\%#21603\fP
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23565\fP: (\fIgarethgreenaway\fP) fix to aptpkg module
+@ \fI2015\-05\-12T16:25:46Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23490\fP: (\fIlichtamberg\fP)  salt.modules.aptpkg.upgrade should have default "dist_upgrade=False"
+| refs: \fI\%#23565\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+f843f89 Merge pull request \fI\%#23565\fP from garethgreenaway/2015_2_aptpkg_upgrade_default_to_upgrade
+.IP \(bu 2
+97ae514 aptpkg.upgrade should default to upgrade instead of dist_upgrade.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23550\fP: (\fIjfindlay\fP) additional mock for rh_ip_test test_build_bond
+@ \fI2015\-05\-12T15:17:16Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23473\fP: (\fIterminalmage\fP) unit.modules.rh_ip_test.RhipTestCase.test_build_bond is not properly mocked
+| refs: \fI\%#23550\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+c1157cd Merge pull request \fI\%#23550\fP from jfindlay/fix_rh_ip_test
+.IP \(bu 2
+e9b94d3 additional mock for rh_ip_test test_build_bond
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23552\fP: (\fIgarethgreenaway\fP) Fix for an issue caused by a previous pull request
+@ \fI2015\-05\-11T21:54:59Z\fP
+.INDENT 2.0
+.IP \(bu 2
+b593328 Merge pull request \fI\%#23552\fP from garethgreenaway/2015_5_returner_fix_broken_previous_pr
+.IP \(bu 2
+7d70e2b Passed argumentes in the call _fetch_profile_opts to were in the wrong order
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23547\fP: (\fIslinu3d\fP) Added AWS v4 signature support for 2015.5
+@ \fI2015\-05\-11T21:52:24Z\fP
+.INDENT 2.0
+.IP \(bu 2
+d0f9682 Merge pull request \fI\%#23547\fP from slinu3d/2015.5
+.IP \(bu 2
+f3bfdb5 Fixed urlparse and urlencode calls
+.IP \(bu 2
+802dbdb Added AWS v4 signature support for 2015.5
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23544\fP: (\fIbasepi\fP) [2015.5] Merge forward from 2014.7 to 2015.5
+@ \fI2015\-05\-11T18:02:06Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23159\fP: (\fIaneeshusa\fP) Unused validator
+.IP \(bu 2
+\fBISSUE\fP \fI\%#20518\fP: (\fIekle\fP) module s3.get does not support eu\-central\-1
+| refs: \fI\%#23467\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#563\fP: (\fIchutz\fP) pidfile support for minion and master daemons
+| refs: \fI\%#23460\fP \fI\%#23461\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23538\fP: (\fIcro\fP) Update date in LICENSE file
+.IP \(bu 2
+\fBPR\fP \fI\%#23505\fP: (\fIaneeshusa\fP) Remove unused ssh config validator. Fixes \fI\%#23159\fP\&.
+.IP \(bu 2
+\fBPR\fP \fI\%#23467\fP: (\fIslinu3d\fP) Added AWS v4 signature support
+.IP \(bu 2
+\fBPR\fP \fI\%#23460\fP: (\fIs0undt3ch\fP) [2014.7] Update to latest stable bootstrap script v2015.05.07
+.IP \(bu 2
+\fBPR\fP \fI\%#23444\fP: (\fItechhat\fP) Add create_attach_volume to nova driver
+.IP \(bu 2
+\fBPR\fP \fI\%#23439\fP: (\fItechhat\fP) Add wait_for_passwd_maxtries variable
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+06c6a1f Merge pull request \fI\%#23544\fP from basepi/merge\-forward\-2015.5
+.IP \(bu 2
+f8a36bc Merge remote\-tracking branch \(aqupstream/2014.7\(aq into merge\-forward\-2015.5
+.INDENT 2.0
+.IP \(bu 2
+b79fed3 Merge pull request \fI\%#23538\fP from cro/licupdate
+.INDENT 2.0
+.IP \(bu 2
+345efe2 Update date in LICENSE file
+.UNINDENT
+.IP \(bu 2
+a123a36 Merge pull request \fI\%#23505\fP from aneeshusa/remove\-unused\-ssh\-config\-validator
+.INDENT 2.0
+.IP \(bu 2
+90af167 Remove unused ssh config validator. Fixes \fI\%#23159\fP\&.
+.UNINDENT
+.IP \(bu 2
+ca2c21a Merge pull request \fI\%#23467\fP from slinu3d/2014.7
+.INDENT 2.0
+.IP \(bu 2
+0b4081d Fixed pylint error at line 363
+.IP \(bu 2
+5be5eb5 Fixed pylink errors
+.IP \(bu 2
+e64f374 Fixed lint errors
+.IP \(bu 2
+b9d1ac4 Added AWS v4 signature support
+.UNINDENT
+.IP \(bu 2
+e6f9eec Merge pull request \fI\%#23444\fP from techhat/novacreateattach
+.INDENT 2.0
+.IP \(bu 2
+ebdb7ea Add create_attach_volume to nova driver
+.UNINDENT
+.IP \(bu 2
+e331463 Merge pull request \fI\%#23460\fP from s0undt3ch/hotfix/bootstrap\-script\-2014.7
+.INDENT 2.0
+.IP \(bu 2
+edcd0c4 Update to latest stable bootstrap script v2015.05.07
+.UNINDENT
+.IP \(bu 2
+7a8ce1a Merge pull request \fI\%#23439\fP from techhat/maxtries
+.INDENT 2.0
+.IP \(bu 2
+0ad3ff2 Add wait_for_passwd_maxtries variable
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23470\fP: (\fItwangboy\fP) Fixed service.restart for salt\-minion
+@ \fI2015\-05\-11T17:54:47Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23426\fP: (\fItwangboy\fP) Can\(aqt restart salt\-minion on 64 bit windows (2015.5.0)
+| refs: \fI\%#23470\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+aa5b896 Merge pull request \fI\%#23470\fP from twangboy/fix_svc_restart
+.IP \(bu 2
+b3f284c Fixed tests
+.IP \(bu 2
+ad44d79 Fixed service.restart for salt\-minion
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23539\fP: (\fIrahulhan\fP) Adding states/virtualenv_mod.py unit tests
+@ \fI2015\-05\-11T17:02:31Z\fP
+.INDENT 2.0
+.IP \(bu 2
+67988b2 Merge pull request \fI\%#23539\fP from rahulhan/states_virtualenv_mod_unit_test
+.IP \(bu 2
+750bb07 Adding states/virtualenv_mod.py unit tests
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.IP \(bu 2
+6f0cf2e Merge remote\-tracking branch \(aqupstream/2015.2\(aq into 2015.5
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23244\fP: (\fIfreimer\fP) Caller not available in reactors
+| refs: \fI\%#23245\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23509\fP: (\fIkeesbos\fP) Catch the unset (empty/None) environment case
+.IP \(bu 2
+\fBPR\fP \fI\%#23423\fP: (\fIcachedout\fP) Remove jid_event from state.orch
+.IP \(bu 2
+\fBPR\fP \fI\%#23245\fP: (\fIfreimer\fP) Add Caller functionality to reactors.
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+c966196 Merge pull request \fI\%#23423\fP from cachedout/remove_jid_event_from_orch
+.INDENT 2.0
+.IP \(bu 2
+f81aab7 Remove jid_event from state.orch
+.UNINDENT
+.IP \(bu 2
+2bb09b7 Merge pull request \fI\%#23509\fP from keesbos/Catch_empty_environment
+.INDENT 2.0
+.IP \(bu 2
+6dedeac Catch the unset (empty/None) environment case
+.UNINDENT
+.IP \(bu 2
+6d42f30 Merge pull request \fI\%#23245\fP from freimer/issue_23244
+.INDENT 2.0
+.IP \(bu 2
+24cf6eb Add Caller functionality to reactors.
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23513\fP: (\fIgladiatr72\fP) short\-circuit auto\-failure of iptables.delete state
+@ \fI2015\-05\-11T15:18:33Z\fP
+.INDENT 2.0
+.IP \(bu 2
+c3f03d8 Merge pull request \fI\%#23513\fP from gladiatr72/RFC_stop_iptables.check_from_short\-circuiting_position\-only_delete_rule
+.IP \(bu 2
+c71714c short\-circuit auto\-failure of iptables.delete state if position argument is set without the other accoutrements that check_rule requires.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23534\fP: (\fIjayeshka\fP) adding states/ini_manage unit test case
+@ \fI2015\-05\-11T14:32:06Z\fP
+.INDENT 2.0
+.IP \(bu 2
+4e77f6f Merge pull request \fI\%#23534\fP from jayeshka/ini_manage_states\-unit\-test
+.IP \(bu 2
+831223c adding states/ini_manage unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23533\fP: (\fIjayeshka\fP) adding states/hipchat unit test case
+@ \fI2015\-05\-11T14:30:22Z\fP
+.INDENT 2.0
+.IP \(bu 2
+11ba9ed Merge pull request \fI\%#23533\fP from jayeshka/hipchat\-states\-unit\-test
+.IP \(bu 2
+41d14b3 adding states/hipchat unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23532\fP: (\fIjayeshka\fP) adding states/ipmi unit test case
+@ \fI2015\-05\-11T14:28:15Z\fP
+.INDENT 2.0
+.IP \(bu 2
+e542113 Merge pull request \fI\%#23532\fP from jayeshka/ipmi\-states\-unit\-test
+.IP \(bu 2
+fc3e64a adding states/ipmi unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23531\fP: (\fIjayeshka\fP) adding service unit test case
+@ \fI2015\-05\-11T14:27:12Z\fP
+.INDENT 2.0
+.IP \(bu 2
+9ba85fd Merge pull request \fI\%#23531\fP from jayeshka/service\-unit\-test
+.IP \(bu 2
+3ad5314 adding service unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23517\fP: (\fIgarethgreenaway\fP) fix to returners
+@ \fI2015\-05\-11T14:20:51Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23512\fP: (\fICode\-Vortex\fP) hipchat_returner / slack_returner not work correctly
+| refs: \fI\%#23517\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+32838cd Merge pull request \fI\%#23517\fP from garethgreenaway/23512_2015_5_returners_with_profiles
+.IP \(bu 2
+81e31e2 fix for returners that utilize profile attributes.  code in the if else statement was backwards. \fI\%#23512\fP
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23502\fP: (\fIrahulhan\fP) Adding states/win_servermanager.py unit tests
+@ \fI2015\-05\-08T19:47:18Z\fP
+.INDENT 2.0
+.IP \(bu 2
+6be7d8d Merge pull request \fI\%#23502\fP from rahulhan/states_win_servermanager_unit_test
+.IP \(bu 2
+2490074 Adding states/win_servermanager.py unit tests
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23495\fP: (\fIjayeshka\fP) adding seed unit test case
+@ \fI2015\-05\-08T17:30:38Z\fP
+.INDENT 2.0
+.IP \(bu 2
+6048578 Merge pull request \fI\%#23495\fP from jayeshka/seed\-unit\-test
+.IP \(bu 2
+3f134bc adding seed unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23494\fP: (\fIjayeshka\fP) adding sensors unit test case
+@ \fI2015\-05\-08T17:30:18Z\fP
+.INDENT 2.0
+.IP \(bu 2
+70bc3c1 Merge pull request \fI\%#23494\fP from jayeshka/sensors\-unit\-test
+.IP \(bu 2
+1fb48a3 adding sensors unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23493\fP: (\fIjayeshka\fP) adding states/incron unit test case
+@ \fI2015\-05\-08T17:29:59Z\fP
+.INDENT 2.0
+.IP \(bu 2
+b981b20 Merge pull request \fI\%#23493\fP from jayeshka/incron\-states\-unit\-test
+.IP \(bu 2
+cc7bc17 adding states/incron unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23492\fP: (\fIjayeshka\fP) adding states/influxdb_database unit test case
+@ \fI2015\-05\-08T17:29:51Z\fP
+.INDENT 2.0
+.IP \(bu 2
+4019c49 Merge pull request \fI\%#23492\fP from jayeshka/influxdb_database\-states\-unit\-test
+.IP \(bu 2
+e1fcac8 adding states/influxdb_database unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23491\fP: (\fIjayeshka\fP) adding states/influxdb_user unit test case
+@ \fI2015\-05\-08T16:24:07Z\fP
+.INDENT 2.0
+.IP \(bu 2
+d317a77 Merge pull request \fI\%#23491\fP from jayeshka/influxdb_user\-states\-unit\-test
+.IP \(bu 2
+9d4043f adding states/influxdb_user unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23477\fP: (\fIgalet\fP) LDAP auth: Escape filter value for group membership search
+@ \fI2015\-05\-07T22:04:48Z\fP
+.INDENT 2.0
+.IP \(bu 2
+e0b2a73 Merge pull request \fI\%#23477\fP from galet/ldap\-filter\-escaping
+.IP \(bu 2
+33038b9 LDAP auth: Escape filter value for group membership search
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23476\fP: (\fIcachedout\fP) Lint becaon
+@ \fI2015\-05\-07T19:55:36Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23431\fP: (\fIUtahDave\fP) Beacon fixes
+| refs: \fI\%#23476\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+e1719fe Merge pull request \fI\%#23476\fP from cachedout/lint_23431
+.IP \(bu 2
+8d1ff20 Lint becaon
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23431\fP: (\fIUtahDave\fP) Beacon fixes
+| refs: \fI\%#23476\fP
+@ \fI2015\-05\-07T19:53:47Z\fP
+.INDENT 2.0
+.IP \(bu 2
+1e299ed Merge pull request \fI\%#23431\fP from UtahDave/beacon_fixes
+.IP \(bu 2
+152f223 remove unused import
+.IP \(bu 2
+81198f9 fix interval logic and example
+.IP \(bu 2
+5504778 update to proper examples
+.IP \(bu 2
+6890439 fix list for mask
+.IP \(bu 2
+ee7b579 remove custom interval code.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23468\fP: (\fIrahulhan\fP) Adding states/win_system.py unit tests
+@ \fI2015\-05\-07T19:20:50Z\fP
+.INDENT 2.0
+.IP \(bu 2
+ea55c44 Merge pull request \fI\%#23468\fP from rahulhan/states_win_system_unit_test
+.IP \(bu 2
+33f8c12 Adding states/win_system.py unit tests
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23466\fP: (\fIUtahDave\fP) minor spelling fix
+@ \fI2015\-05\-07T19:19:06Z\fP
+.INDENT 2.0
+.IP \(bu 2
+e6e1114 Merge pull request \fI\%#23466\fP from UtahDave/2015.5local
+.IP \(bu 2
+b2c399a minor spelling fix
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23461\fP: (\fIs0undt3ch\fP) [2015.5] Update to latest stable bootstrap script v2015.05.07
+@ \fI2015\-05\-07T19:16:18Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#563\fP: (\fIchutz\fP) pidfile support for minion and master daemons
+| refs: \fI\%#23460\fP \fI\%#23461\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+4eeb1e6 Merge pull request \fI\%#23461\fP from s0undt3ch/hotfix/bootstrap\-script
+.IP \(bu 2
+638c63d Update to latest stable bootstrap script v2015.05.07
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23450\fP: (\fIjayeshka\fP) adding scsi unit test case
+@ \fI2015\-05\-07T19:00:28Z\fP
+.INDENT 2.0
+.IP \(bu 2
+8651278 Merge pull request \fI\%#23450\fP from jayeshka/scsi\-unit\-test
+.IP \(bu 2
+e7269ff adding scsi unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23449\fP: (\fIjayeshka\fP) adding s3 unit test case
+@ \fI2015\-05\-07T18:59:45Z\fP
+.INDENT 2.0
+.IP \(bu 2
+8b374ae Merge pull request \fI\%#23449\fP from jayeshka/s3\-unit\-test
+.IP \(bu 2
+85786bf adding s3 unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23448\fP: (\fIjayeshka\fP) adding states/keystone unit test case
+@ \fI2015\-05\-07T18:58:59Z\fP
+.INDENT 2.0
+.IP \(bu 2
+49b431c Merge pull request \fI\%#23448\fP from jayeshka/keystone\-states\-unit\-test
+.IP \(bu 2
+a3050eb adding states/keystone unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23447\fP: (\fIjayeshka\fP) adding states/grafana unit test case
+@ \fI2015\-05\-07T18:58:20Z\fP
+.INDENT 2.0
+.IP \(bu 2
+23d7e7e Merge pull request \fI\%#23447\fP from jayeshka/grafana\-states\-unit\-test
+.IP \(bu 2
+7e90a4a adding states/grafana unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23438\fP: (\fItechhat\fP) Gate requests import
+@ \fI2015\-05\-07T07:22:58Z\fP
+.INDENT 2.0
+.IP \(bu 2
+1fd0bc2 Merge pull request \fI\%#23438\fP from techhat/gaterequests
+.IP \(bu 2
+d5b15fc Gate requests import
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23429\fP: (\fIbasepi\fP) [2015.5] Merge forward from 2014.7 to 2015.5
+@ \fI2015\-05\-07T05:35:13Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#17245\fP: (\fItomashavlas\fP) localemod does not generate locale for Arch
+| refs: \fI\%#23307\fP \fI\%#23397\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23425\fP: (\fIbasepi\fP) [2014.7] Fix typo in FunctionWrapper
+.IP \(bu 2
+\fBPR\fP \fI\%#23422\fP: (\fIcro\fP) $HOME should not be used, some shells don\(aqt set it.
+.IP \(bu 2
+\fBPR\fP \fI\%#23414\fP: (\fIjfindlay\fP) 2015.2 \-> 2015.5
+.IP \(bu 2
+\fBPR\fP \fI\%#23409\fP: (\fIterminalmage\fP) Update Lithium docstrings in 2014.7 branch
+| refs: \fI\%#23410\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23404\fP: (\fIhvnsweeting\fP) saltapi cherrypy: initialize var when POST body is empty
+.IP \(bu 2
+\fBPR\fP \fI\%#23397\fP: (\fIjfindlay\fP) add more flexible whitespace to locale_gen search
+.IP \(bu 2
+\fBPR\fP \fI\%#23385\fP: (\fIrallytime\fP) Backport \fI\%#23346\fP to 2014.7
+.IP \(bu 2
+\fBPR\fP \fI\%#23346\fP: (\fIericfode\fP) Allow file_map in salt\-cloud to handle folders.
+| refs: \fI\%#23385\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+3c4f734 Merge pull request \fI\%#23429\fP from basepi/merge\-forward\-2015.5
+.IP \(bu 2
+7729834 Merge remote\-tracking branch \(aqupstream/2014.7\(aq into merge\-forward\-2015.5
+.IP \(bu 2
+644eb75 Merge pull request \fI\%#23422\fP from cro/gce_sh_home
+.INDENT 2.0
+.IP \(bu 2
+4ef9e6b Don\(aqt use $HOME to find user\(aqs directory, some shells don\(aqt set it
+.UNINDENT
+.IP \(bu 2
+ef17ab4 Merge pull request \fI\%#23425\fP from basepi/functionwrapper_typo
+.INDENT 2.0
+.IP \(bu 2
+c390737 Fix typo in FunctionWrapper
+.UNINDENT
+.IP \(bu 2
+1b13ec0 Merge pull request \fI\%#23385\fP from rallytime/\fI\%bp\-23346\fP
+.INDENT 2.0
+.IP \(bu 2
+9efc13c more linting fixes
+.IP \(bu 2
+cf131c9 cleaned up some pylint errors
+.IP \(bu 2
+f981699 added logic to sftp_file and file_map to allow folder uploads using file_map
+.UNINDENT
+.IP \(bu 2
+f8c7a62 Merge pull request \fI\%#23414\fP from jfindlay/update_branch
+.INDENT 2.0
+.IP \(bu 2
+8074d16 2015.2 \-> 2015.5
+.UNINDENT
+.IP \(bu 2
+54b3bd4 Merge pull request \fI\%#23404\fP from hvnsweeting/cherrypy\-post\-emptybody\-fix
+.INDENT 2.0
+.IP \(bu 2
+f85f8f9 initialize var when POST body is empty
+.UNINDENT
+.IP \(bu 2
+160f703 Merge pull request \fI\%#23409\fP from terminalmage/update\-lithium\-docstrings\-2014.7
+.INDENT 2.0
+.IP \(bu 2
+bc97d01 Fix sphinx typo
+.IP \(bu 2
+20006b0 Update Lithium docstrings in 2014.7 branch
+.UNINDENT
+.IP \(bu 2
+aa5fb0a Merge pull request \fI\%#23397\fP from jfindlay/fix_locale_gen
+.INDENT 2.0
+.IP \(bu 2
+0941fef add more flexible whitespace to locale_gen search
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23396\fP: (\fIbasepi\fP) [2015.2] Merge forward from 2014.7 to 2015.2
+@ \fI2015\-05\-06T21:42:35Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23294\fP: (\fIvariia\fP) file.replace fails to append if repl string partially available
+| refs: \fI\%#23350\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23026\fP: (\fIadelcast\fP) Incorrect salt\-syndic logfile and pidfile locations
+| refs: \fI\%#23341\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22742\fP: (\fIhvnsweeting\fP) salt\-master says: "This master address: \(aqsalt\(aq was previously resolvable but now fails to resolve!"
+| refs: \fI\%#23344\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#19114\fP: (\fIpykler\fP) salt\-ssh and gpg pillar renderer
+| refs: \fI\%#23272\fP \fI\%#23347\fP \fI\%#23188\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#17245\fP: (\fItomashavlas\fP) localemod does not generate locale for Arch
+| refs: \fI\%#23307\fP \fI\%#23397\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#580\fP: (\fIthatch45\fP) recursive watch not being caught
+| refs: \fI\%#23324\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#552\fP: (\fIjhutchins\fP) Support require and watch under the same state dec
+| refs: \fI\%#23324\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23368\fP: (\fIkaithar\fP) Backport \fI\%#23367\fP to 2014.7
+.IP \(bu 2
+\fBPR\fP \fI\%#23367\fP: (\fIkaithar\fP) Put the sed insert statement back in to the output.
+| refs: \fI\%#23368\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23350\fP: (\fIlorengordon\fP) Append/prepend: search for full line
+.IP \(bu 2
+\fBPR\fP \fI\%#23347\fP: (\fIbasepi\fP) [2014.7] Salt\-SSH Backport FunctionWrapper.__contains__
+.IP \(bu 2
+\fBPR\fP \fI\%#23344\fP: (\fIcachedout\fP) Explicitely set file_client on master
+.IP \(bu 2
+\fBPR\fP \fI\%#23341\fP: (\fIcachedout\fP) Fix syndic pid and logfile path
+.IP \(bu 2
+\fBPR\fP \fI\%#23324\fP: (\fIs0undt3ch\fP) [2014.7] Update to the latest stable release of the bootstrap script v2015.05.04
+.IP \(bu 2
+\fBPR\fP \fI\%#23318\fP: (\fIcellscape\fP) Honor seed argument in LXC container initializaton
+.IP \(bu 2
+\fBPR\fP \fI\%#23311\fP: (\fIcellscape\fP) Fix new container initialization in LXC runner
+| refs: \fI\%#23318\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23307\fP: (\fIjfindlay\fP) check for /etc/locale.gen
+.IP \(bu 2
+\fBPR\fP \fI\%#23272\fP: (\fIbasepi\fP) [2014.7] Allow salt\-ssh minion config overrides via master config and roster
+| refs: \fI\%#23347\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23188\fP: (\fIbasepi\fP) [2014.7] Work around bug in salt\-ssh in config.get for gpg renderer
+| refs: \fI\%#23272\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#18368\fP: (\fIbasepi\fP) Merge forward from 2014.7 to develop
+| refs: \fI\%#23367\fP \fI\%#23368\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#589\fP: (\fIepoelke\fP) add \-\-quiet and \-\-outfile options to saltkey
+| refs: \fI\%#23324\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#567\fP: (\fIbastichelaar\fP) Added upstart module
+| refs: \fI\%#23324\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#560\fP: (\fIUtahDave\fP) The runas feature that was added in 93423aa2e5e4b7de6452090b0039560d2b13...
+| refs: \fI\%#23324\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#504\fP: (\fISEJeff\fP) File state goodies
+| refs: \fI\%#23324\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+1fb8445 Merge pull request \fI\%#23396\fP from basepi/merge\-forward\-2015.2
+.IP \(bu 2
+2766c8c Fix typo in FunctionWrapper
+.IP \(bu 2
+fd09cda Merge remote\-tracking branch \(aqupstream/2014.7\(aq into merge\-forward\-2015.2
+.INDENT 2.0
+.IP \(bu 2
+0c76dd4 Merge pull request \fI\%#23368\fP from kaithar/\fI\%bp\-23367\fP
+.INDENT 2.0
+.IP \(bu 2
+577f419 Pylint fix
+.IP \(bu 2
+8d9acd1 Put the sed insert statement back in to the output.
+.UNINDENT
+.IP \(bu 2
+3493cc1 Merge pull request \fI\%#23350\fP from lorengordon/file.replace_assume_line
+.INDENT 2.0
+.IP \(bu 2
+b60e224 Append/prepend: search for full line
+.UNINDENT
+.IP \(bu 2
+7be5c48 Merge pull request \fI\%#23341\fP from cachedout/issue_23026
+.INDENT 2.0
+.IP \(bu 2
+e98e65e Fix tests
+.IP \(bu 2
+6011b43 Fix syndic pid and logfile path
+.UNINDENT
+.IP \(bu 2
+ea61abf Merge pull request \fI\%#23272\fP from basepi/salt\-ssh.minion.config.19114
+.INDENT 2.0
+.IP \(bu 2
+c223309 Add versionadded
+.IP \(bu 2
+be7407f Lint
+.IP \(bu 2
+c2c3375 Missing comma
+.IP \(bu 2
+8e3e8e0 Pass the minion_opts through the FunctionWrapper
+.IP \(bu 2
+cb69cd0 Match the master config template in the master config reference
+.IP \(bu 2
+87fc316 Add Salt\-SSH section to master config template
+.IP \(bu 2
+91dd9dc Add ssh_minion_opts to master config ref
+.IP \(bu 2
+c273ea1 Add minion config to salt\-ssh doc
+.IP \(bu 2
+a0b6b76 Add minion_opts to roster docs
+.IP \(bu 2
+5212c35 Accept minion_opts from the target information
+.IP \(bu 2
+e2099b6 Process \fIssh_minion_opts\fP from master config
+.IP \(bu 2
+3b64214 Revert "Work around bug in salt\-ssh in config.get for gpg renderer"
+.IP \(bu 2
+494953a Remove the strip (embracing multi\-line YAML dump)
+.IP \(bu 2
+fe87f0f Dump multi\-line yaml into the SHIM
+.IP \(bu 2
+b751a72 Inject local minion config into shim if available
+.UNINDENT
+.IP \(bu 2
+4f760dd Merge pull request \fI\%#23347\fP from basepi/salt\-ssh.functionwrapper.contains.19114
+.INDENT 2.0
+.IP \(bu 2
+30595e3 Backport FunctionWrapper.__contains__
+.UNINDENT
+.IP \(bu 2
+02658b1 Merge pull request \fI\%#23344\fP from cachedout/issue_22742
+.INDENT 2.0
+.IP \(bu 2
+5adc96c Explicitely set file_client on master
+.UNINDENT
+.IP \(bu 2
+ba7605d Merge pull request \fI\%#23318\fP from cellscape/honor\-seed\-argument
+.INDENT 2.0
+.IP \(bu 2
+228b1be Honor seed argument in LXC container initializaton
+.UNINDENT
+.IP \(bu 2
+4ac4509 Merge pull request \fI\%#23307\fP from jfindlay/fix_locale_gen
+.INDENT 2.0
+.IP \(bu 2
+101199a check for /etc/locale.gen
+.UNINDENT
+.IP \(bu 2
+f790f42 Merge pull request \fI\%#23324\fP from s0undt3ch/hotfix/bootstrap\-script\-2014.7
+.IP \(bu 2
+6643e47 Update to the latest stable release of the bootstrap script v2015.05.04
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.INDENT 0.0
+.IP \(bu 2
+23d4feb Merge remote\-tracking branch \(aqupstream/2015.2\(aq into 2015.5
+.UNINDENT
+.INDENT 0.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23412\fP: (\fIrahulhan\fP) Adding states/win_update.py unit tests
+@ \fI2015\-05\-06T18:31:09Z\fP
+.INDENT 2.0
+.IP \(bu 2
+b3c1672 Merge pull request \fI\%#23412\fP from rahulhan/states_win_update_unit_test
+.IP \(bu 2
+9bc1519 Removed unwanted imports
+.IP \(bu 2
+f12bfcf Adding states/win_update.py unit tests
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23413\fP: (\fIterminalmage\fP) Update manpages for 2015.2 \-> 2015.5
+@ \fI2015\-05\-06T17:12:57Z\fP
+.INDENT 2.0
+.IP \(bu 2
+f2d7646 Merge pull request \fI\%#23413\fP from terminalmage/update\-manpages
+.IP \(bu 2
+23fa440 Update manpages to reflect 2015.2 rename to 2015.5
+.IP \(bu 2
+0fdaa73 Fix missed docstring updates from 2015.2 \-> 2015.5
+.IP \(bu 2
+4fea5ba Add missing RST file
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23410\fP: (\fIterminalmage\fP) Update Lithium docstrings in 2015.2 branch
+@ \fI2015\-05\-06T15:53:52Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23409\fP: (\fIterminalmage\fP) Update Lithium docstrings in 2014.7 branch
+| refs: \fI\%#23410\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+bafbea7 Merge pull request \fI\%#23410\fP from terminalmage/update\-lithium\-docstrings\-2015.2
+.IP \(bu 2
+d395565 Update Lithium docstrings in 2015.2 branch
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23407\fP: (\fIjayeshka\fP) adding rsync unit test case
+@ \fI2015\-05\-06T15:52:23Z\fP
+.INDENT 2.0
+.IP \(bu 2
+02ef41a Merge pull request \fI\%#23407\fP from jayeshka/rsync\-unit\-test
+.IP \(bu 2
+a4dd836 adding rsync unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23406\fP: (\fIjayeshka\fP) adding states/lxc unit test case
+@ \fI2015\-05\-06T15:51:50Z\fP
+.INDENT 2.0
+.IP \(bu 2
+58ec2a2 Merge pull request \fI\%#23406\fP from jayeshka/lxc\-states\-unit\-test
+.IP \(bu 2
+32a0d03 adding states/lxc unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23395\fP: (\fIbasepi\fP) [2015.2] Add note to 2015.2.0 release notes about master opts in pillar
+@ \fI2015\-05\-05T22:15:20Z\fP
+.INDENT 2.0
+.IP \(bu 2
+8837d00 Merge pull request \fI\%#23395\fP from basepi/2015.2.0masteropts
+.IP \(bu 2
+b261c95 Add note to 2015.2.0 release notes about master opts in pillar
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23393\fP: (\fIbasepi\fP) [2015.2] Add warning about python_shell changes to 2015.2.0 release notes
+@ \fI2015\-05\-05T22:12:46Z\fP
+.INDENT 2.0
+.IP \(bu 2
+f79aed5 Merge pull request \fI\%#23393\fP from basepi/2015.2.0python_shell
+.IP \(bu 2
+b2f033f Add CLI note
+.IP \(bu 2
+48e7b3e Add warning about python_shell changes to 2015.2.0 release notes
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23380\fP: (\fIgladiatr72\fP) Fix for double output with static  salt cli/v2015.2
+@ \fI2015\-05\-05T21:44:28Z\fP
+.INDENT 2.0
+.IP \(bu 2
+a977776 Merge pull request \fI\%#23380\fP from gladiatr72/fix_for_double_output_with_static__salt_CLI/v2015.2
+.IP \(bu 2
+c47fdd7 Actually removed the \fBstatic\fP bits from below the else: fold this time.
+.IP \(bu 2
+4ee3679 Fix for incorrect output with salt CLI \-\-static option
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23379\fP: (\fIrahulhan\fP) Adding states/rabbitmq_cluster.py
+@ \fI2015\-05\-05T21:44:06Z\fP
+.INDENT 2.0
+.IP \(bu 2
+5c9543c Merge pull request \fI\%#23379\fP from rahulhan/states_rabbitmq_cluster_test
+.IP \(bu 2
+04c22d1 Adding states/rabbitmq_cluster.py
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23377\fP: (\fIrahulhan\fP) Adding states/xmpp.py unit tests
+@ \fI2015\-05\-05T21:43:35Z\fP
+.INDENT 2.0
+.IP \(bu 2
+430f080 Merge pull request \fI\%#23377\fP from rahulhan/states_xmpp_test
+.IP \(bu 2
+32923b5 Adding states/xmpp.py unit tests
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23335\fP: (\fIsteverweber\fP) 2015.2: include doc in master config for module_dirs
+@ \fI2015\-05\-05T21:28:58Z\fP
+.INDENT 2.0
+.IP \(bu 2
+8c057e6 Merge pull request \fI\%#23335\fP from steverweber/2015.2
+.IP \(bu 2
+5e3bae9 help installing python pysphere lib
+.IP \(bu 2
+97513b0 include module_dirs
+.IP \(bu 2
+36b1c87 include module_dirs
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23362\fP: (\fIjayeshka\fP) adding states/zk_concurrency unit test case
+@ \fI2015\-05\-05T15:50:06Z\fP
+.INDENT 2.0
+.IP \(bu 2
+1648253 Merge pull request \fI\%#23362\fP from jayeshka/zk_concurrency\-states\-unit\-test
+.IP \(bu 2
+f60dda4 adding states/zk_concurrency unit test case
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23363\fP: (\fIjayeshka\fP) adding riak unit test case
+@ \fI2015\-05\-05T14:23:05Z\fP
+.INDENT 2.0
+.IP \(bu 2
+1cdaeed Merge pull request \fI\%#23363\fP from jayeshka/riak\-unit\-test
+.IP \(bu 2
+f9da6db adding riak unit test case
+.UNINDENT
+.UNINDENT
+.SS Salt 2015.5.2 Release Notes
+.INDENT 0.0
+.TP
+.B release
+2015\-06\-10
+.UNINDENT
+.sp
+Version 2015.5.2 is a bugfix release for \fB2015.5.0\fP\&.
+.sp
+Extended Changelog Courtesy of Todd Stansell (\fI\%https://github.com/tjstansell/salt\-changelogs\fP):
+.INDENT 0.0
+.TP
+.B \fBPR\fP \fI\%#24346\fP: (\fIrallytime\fP) Backport \fI\%#24271\fP to 2015.5
+@ \fI2015\-06\-03T18:44:31Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24271\fP: (\fIrandybias\fP) Fixed the setup instructions
+.nf
+refs: \fI\%#24346\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+76927c9 Merge pull request \fI\%#24346\fP from rallytime/\fI\%bp\-24271\fP
+.IP \(bu 2
+04067b6 Fixed the setup instructions
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24345\fP: (\fIrallytime\fP) Backport \fI\%#24013\fP to 2015.5
+@ \fI2015\-06\-03T18:39:41Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#24012\fP: (\fIjbq\fP) Enabling a service does not create the appropriate rc.d symlinks on Ubuntu
+.nf
+refs: \fI\%#24013\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#24013\fP: (\fIjbq\fP) Fix enabling a service on Ubuntu \fI\%#24012\fP
+.nf
+refs: \fI\%#24345\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+4afa03d Merge pull request \fI\%#24345\fP from rallytime/\fI\%bp\-24013\fP
+.IP \(bu 2
+16e0732 Fix enabling a service on Ubuntu \fI\%#24012\fP
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24365\fP: (\fIjacobhammons\fP) Fixes for PDF build errors
+@ \fI2015\-06\-03T17:50:02Z\fP
+.INDENT 7.0
+.IP \(bu 2
+c3392c2 Merge pull request \fI\%#24365\fP from jacobhammons/DocFixes
+.IP \(bu 2
+0fc1902 Fixes for PDF build errors
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24313\fP: (\fInicholascapo\fP) Fix \fI\%#22991\fP Correctly set result when test=True
+@ \fI2015\-06\-03T14:49:18Z\fP
+.sp
+\fBISSUE\fP \fI\%#22991\fP: (\fInicholascapo\fP) npm.installed ignores test=True
+* ae681a4 Merge pull request \fI\%#24313\fP from nicholascapo/\fI\%fix\-22991\fP\-npm.installed\-test\-true
+* ac9644c Fix \fI\%#22991\fP npm.installed correctly set result on test=True
+.TP
+.B \fBPR\fP \fI\%#24312\fP: (\fInicholascapo\fP) Fix \fI\%#18966\fP: file.serialize supports test=True
+@ \fI2015\-06\-03T14:49:06Z\fP
+.sp
+\fBISSUE\fP \fI\%#18966\fP: (\fIbechtoldt\fP) file.serialize ignores test=True
+* d57a9a2 Merge pull request \fI\%#24312\fP from nicholascapo/\fI\%fix\-18966\fP\-file.serialize\-test\-true
+* e7328e7 Fix \fI\%#18966\fP file.serialize correctly set result on test=True
+.TP
+.B \fBPR\fP \fI\%#24302\fP: (\fIjfindlay\fP) fix pkg hold/unhold integration test
+@ \fI2015\-06\-03T03:27:43Z\fP
+.INDENT 7.0
+.IP \(bu 2
+6b694e3 Merge pull request \fI\%#24302\fP from jfindlay/pkg_tests
+.IP \(bu 2
+c2db0b1 fix pkg hold/unhold integration test
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24349\fP: (\fIrallytime\fP) Remove references to mount_points in ec2 docs
+@ \fI2015\-06\-03T01:54:09Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#14021\fP: (\fImathrawka\fP) EC2 doc mentions mount_point, but unable to use properly
+.nf
+refs: \fI\%#24349\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+aca8447 Merge pull request \fI\%#24349\fP from rallytime/\fI\%fix\-14021\fP
+.IP \(bu 2
+a235b11 Remove references to mount_points in ec2 docs
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24328\fP: (\fIdr4Ke\fP) Fix state grains silently fails 2015.5
+@ \fI2015\-06\-02T15:18:46Z\fP
+.sp
+\fBISSUE\fP \fI\%#24319\fP: (\fIdr4Ke\fP) grains state shouldn\(aqt fail silently
+* 88a997e Merge pull request \fI\%#24328\fP from dr4Ke/fix_state_grains_silently_fails_2015.5
+* 8a63d1e fix state grains silently fails \fI\%#24319\fP
+.INDENT 7.0
+.IP \(bu 2
+ca1af20 grains state: add some tests
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24310\fP: (\fItechhat\fP) Add warning about destroying maps
+@ \fI2015\-06\-02T03:01:28Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#24036\fP: (\fIarthurlogilab\fP) [salt\-cloud] Protect against passing command line arguments as names for the \-\-destroy command in map files
+.nf
+refs: \fI\%#24310\fP
+.fi
+.sp
+.TP
+.B \fBISSUE\fP \fI\%#9772\fP: (\fIs0undt3ch\fP) Delete VM\(aqs in a map does not delete them all
+.nf
+refs: \fI\%#24310\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+7dcd9bb Merge pull request \fI\%#24310\fP from techhat/mapwarning
+.IP \(bu 2
+ca535a6 Add warning about destroying maps
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24281\fP: (\fIsteverweber\fP) Ipmi docfix
+@ \fI2015\-06\-01T17:45:36Z\fP
+.INDENT 7.0
+.IP \(bu 2
+02bfb25 Merge pull request \fI\%#24281\fP from steverweber/ipmi_docfix
+.IP \(bu 2
+dd36f2c yaml formating
+.IP \(bu 2
+f6deef3 include api_kg kwarg in ipmi state
+.IP \(bu 2
+a7d4e97 doc cleanup
+.IP \(bu 2
+0ded2fd save more cleanup to doc
+.IP \(bu 2
+08872f2 fix name api_key to api_kg
+.IP \(bu 2
+165a387 doc fix add api_kg kwargs
+.IP \(bu 2
+1ec7888 cleanup docs
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24287\fP: (\fIjfindlay\fP) fix pkg test on ubuntu 12.04 for realz
+@ \fI2015\-06\-01T14:16:37Z\fP
+.INDENT 7.0
+.IP \(bu 2
+73cd2cb Merge pull request \fI\%#24287\fP from jfindlay/pkg_test
+.IP \(bu 2
+98944d8 fix pkg test on ubuntu 12.04 for realz
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24279\fP: (\fIrallytime\fP) Backport \fI\%#24263\fP to 2015.5
+@ \fI2015\-06\-01T04:29:34Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24263\fP: (\fIcdarwin\fP) Correct usage of import_yaml in formula documentation
+.nf
+refs: \fI\%#24279\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+02017a0 Merge pull request \fI\%#24279\fP from rallytime/\fI\%bp\-24263\fP
+.IP \(bu 2
+beff7c7 Correct usage of import_yaml in formula documentation
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24277\fP: (\fIrallytime\fP) Put a space between after_jump commands
+@ \fI2015\-06\-01T04:28:26Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#24226\fP: (\fIc4urself\fP) iptables state needs to keep ordering of flags
+.nf
+refs: \fI\%#24277\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+2ba696d Merge pull request \fI\%#24277\fP from rallytime/fix_iptables_jump
+.IP \(bu 2
+e2d1606 Move after_jump split out of loop
+.IP \(bu 2
+d14f130 Remove extra loop
+.IP \(bu 2
+42ed532 Put a space between after_jump commands
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24262\fP: (\fIbasepi\fP) More dictupdate after \fI\%#24142\fP
+@ \fI2015\-05\-31T04:09:37Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24142\fP: (\fIbasepi\fP) Optimize dictupdate.update and add \fI\%#24097\fP functionality
+.nf
+refs: \fI\%#24262\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#24097\fP: (\fIkiorky\fP) Optimize dictupdate
+.nf
+refs: \fI\%#24142\fP \fI\%#24142\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+113eba3 Merge pull request \fI\%#24262\fP from basepi/dictupdatefix
+.IP \(bu 2
+0c4832c Raise a typeerror if non\-dict types
+.IP \(bu 2
+be21aaa Pylint
+.IP \(bu 2
+bb8a6c6 More optimization
+.IP \(bu 2
+c933249 py3 compat
+.IP \(bu 2
+ff6b2a7 Further optimize dictupdate.update()
+.IP \(bu 2
+c73f5ba Remove unused valtype
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24269\fP: (\fIkiorky\fP) zfs: Fix spurious retcode hijacking in virtual
+@ \fI2015\-05\-30T17:47:49Z\fP
+.INDENT 7.0
+.IP \(bu 2
+785d5a1 Merge pull request \fI\%#24269\fP from makinacorpus/zfs
+.IP \(bu 2
+0bf23ce zfs: Fix spurious retcode hijacking in virtual
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24257\fP: (\fIjfindlay\fP) fix pkg mod integration test on ubuntu 12.04
+@ \fI2015\-05\-29T23:09:00Z\fP
+.INDENT 7.0
+.IP \(bu 2
+3d885c0 Merge pull request \fI\%#24257\fP from jfindlay/pkg_tests
+.IP \(bu 2
+9508924 fix pkg mod integration test on ubuntu 12.04
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24260\fP: (\fIbasepi\fP) Fix some typos from \fI\%#24080\fP
+@ \fI2015\-05\-29T22:54:58Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#23657\fP: (\fIarthurlogilab\fP) [salt\-cloud lxc] NameError: global name \(aq__salt__\(aq is not defined
+.nf
+refs: \fI\%#24080\fP \fI\%#23982\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#24080\fP: (\fIkiorky\fP) Lxc consistency2
+.nf
+refs: \fI\%#24260\fP \fI\%#23982\fP \fI\%#24066\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#24066\fP: (\fIkiorky\fP) Merge forward 2015.5 \-> develop
+.nf
+refs: \fI\%#23982\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#24065\fP: (\fIkiorky\fP) continue to fix \fI\%#23883\fP
+.nf
+refs: \fI\%#24080\fP \fI\%#24066\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#23982\fP: (\fIkiorky\fP) lxc: path support
+.nf
+refs: \fI\%#24080\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+08a1075 Merge pull request \fI\%#24260\fP from basepi/lxctypos24080
+.IP \(bu 2
+0fa1ad3 Fix another lxc typo
+.IP \(bu 2
+669938f s/you ll/you\(aqll/
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24080\fP: (\fIkiorky\fP) Lxc consistency2
+.nf
+refs: \fI\%#24260\fP \fI\%#23982\fP \fI\%#24066\fP
+.fi
+.sp
+.sp
+@ \fI2015\-05\-29T22:51:54Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#23657\fP: (\fIarthurlogilab\fP) [salt\-cloud lxc] NameError: global name \(aq__salt__\(aq is not defined
+.nf
+refs: \fI\%#24080\fP \fI\%#23982\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#24066\fP: (\fIkiorky\fP) Merge forward 2015.5 \-> develop
+.nf
+refs: \fI\%#23982\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#24065\fP: (\fIkiorky\fP) continue to fix \fI\%#23883\fP
+.nf
+refs: \fI\%#24080\fP \fI\%#24066\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#23982\fP: (\fIkiorky\fP) lxc: path support
+.nf
+refs: \fI\%#24080\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+75590cf Merge pull request \fI\%#24080\fP from makinacorpus/lxc_consistency2
+.IP \(bu 2
+81f8067 lxc: fix old lxc test
+.IP \(bu 2
+458f506 seed: lint
+.IP \(bu 2
+96b8d55 Fix seed.mkconfig yamldump
+.IP \(bu 2
+76ddb68 lxc/applynet: conservative
+.IP \(bu 2
+ce7096f variable collision
+.IP \(bu 2
+8a8b28d lxc: lint
+.IP \(bu 2
+458b18b more lxc docs
+.IP \(bu 2
+ef1f952 lxc docs: typos
+.IP \(bu 2
+d67a43d more lxc docs
+.IP \(bu 2
+608da5e modules/lxc: merge resolution
+.IP \(bu 2
+27c4689 modules/lxc: more consistent comparsion
+.IP \(bu 2
+07c365a lxc: merge conflict spotted
+.IP \(bu 2
+9993915 modules/lxc: rework settings for consistency
+.IP \(bu 2
+ce11d83 lxc: Global doc refresh
+.IP \(bu 2
+61ed2f5 clouds/lxc: profile key is conflicting
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24247\fP: (\fIrallytime\fP) Backport \fI\%#24220\fP to 2015.5
+@ \fI2015\-05\-29T21:40:01Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#24210\fP: (\fIdamonnk\fP) salt\-cloud vsphere.py should allow key_filename param
+.nf
+refs: \fI\%#24220\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#24220\fP: (\fIdjcrabhat\fP) adding key_filename param to vsphere provider
+.nf
+refs: \fI\%#24247\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+da14f3b Merge pull request \fI\%#24247\fP from rallytime/\fI\%bp\-24220\fP
+.IP \(bu 2
+0b1041d adding key_filename param to vsphere provider
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24254\fP: (\fIrallytime\fP) Add deprecation warning to Digital Ocean v1 Driver
+@ \fI2015\-05\-29T21:39:25Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#22731\fP: (\fIdmyerscough\fP) Decommission DigitalOcean APIv1 and have users use the new DigitalOcean APIv2
+.nf
+refs: \fI\%#24254\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+21d6126 Merge pull request \fI\%#24254\fP from rallytime/add_deprecation_warning_digitalocean
+.IP \(bu 2
+cafe37b Add note to docs about deprecation
+.IP \(bu 2
+ea0f1e0 Add deprecation warning to digital ocean driver to move to digital_ocean_v2
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24252\fP: (\fIaboe76\fP) Updated suse spec to 2015.5.1
+@ \fI2015\-05\-29T21:38:45Z\fP
+.INDENT 7.0
+.IP \(bu 2
+dac055d Merge pull request \fI\%#24252\fP from aboe76/opensuse_package
+.IP \(bu 2
+0ad617d Updated suse spec to 2015.5.1
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24251\fP: (\fIgarethgreenaway\fP) Returners broken in 2015.5
+@ \fI2015\-05\-29T21:37:52Z\fP
+.INDENT 7.0
+.IP \(bu 2
+49e7fe8 Merge pull request \fI\%#24251\fP from garethgreenaway/2015_5_returner_brokenness
+.IP \(bu 2
+5df6b52 The code calling cfg as a function vs treating it as a dictionary and using get is currently backwards causing returners to fail when used from the CLI and in scheduled jobs.
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24255\fP: (\fIrallytime\fP) Clarify digital ocean documentation and mention v1 driver deprecation
+@ \fI2015\-05\-29T21:37:07Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#21498\fP: (\fIrallytime\fP) Clarify Digital Ocean Documentation
+.nf
+refs: \fI\%#24255\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+bfb9461 Merge pull request \fI\%#24255\fP from rallytime/clarify_digital_ocean_driver_docs
+.IP \(bu 2
+8d51f75 Clarify digital ocean documentation and mention v1 driver deprecation
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24232\fP: (\fIrallytime\fP) Backport \fI\%#23308\fP to 2015.5
+@ \fI2015\-05\-29T21:36:46Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#23308\fP: (\fIthusoy\fP) Don\(aqt merge: Add missing jump arguments to iptables module
+.nf
+refs: \fI\%#24232\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+41f5756 Merge pull request \fI\%#24232\fP from rallytime/\fI\%bp\-23308\fP
+.IP \(bu 2
+2733f66 Import string
+.IP \(bu 2
+9097cca Add missing jump arguments to iptables module
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24245\fP: (\fISacro\fP) Unset PYTHONHOME when starting the service
+@ \fI2015\-05\-29T20:00:31Z\fP
+.INDENT 7.0
+.IP \(bu 2
+a95982c Merge pull request \fI\%#24245\fP from Sacro/patch\-2
+.IP \(bu 2
+6632d06 Unset PYTHONHOME when starting the service
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24121\fP: (\fIhvnsweeting\fP) deprecate setting user permission in rabbitmq_vhost.present
+@ \fI2015\-05\-29T15:55:40Z\fP
+.INDENT 7.0
+.IP \(bu 2
+1504c76 Merge pull request \fI\%#24121\fP from hvnsweeting/rabbitmq\-host\-deprecate\-set\-permission
+.IP \(bu 2
+2223158 deprecate setting user permission in rabbitmq_host.present
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24179\fP: (\fImerll\fP) Changing user and group only possible for existing ids.
+@ \fI2015\-05\-29T15:52:43Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24169\fP: (\fImerll\fP) Changing user and group only possible for existing ids.
+.nf
+refs: \fI\%#24179\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+ba02f65 Merge pull request \fI\%#24179\fP from Precis/fix\-file\-uid\-gid\-2015.0
+.IP \(bu 2
+ee4c9d5 Use ids if user or group is not present.
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24229\fP: (\fImsteed\fP) Fix auth failure on syndic with external_auth
+@ \fI2015\-05\-29T15:04:06Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#24147\fP: (\fIpaclat\fP) Syndication issues when using authentication on master of masters.
+.nf
+refs: \fI\%#24229\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+9bfb066 Merge pull request \fI\%#24229\fP from msteed/issue\-24147
+.IP \(bu 2
+482d1cf Fix auth failure on syndic with external_auth
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24234\fP: (\fIjayeshka\fP) adding states/quota unit test case.
+@ \fI2015\-05\-29T14:14:27Z\fP
+.INDENT 7.0
+.IP \(bu 2
+19fa43c Merge pull request \fI\%#24234\fP from jayeshka/quota\-states\-unit\-test
+.IP \(bu 2
+c233565 adding states/quota unit test case.
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24217\fP: (\fIjfindlay\fP) disable intermittently failing tests
+@ \fI2015\-05\-29T03:08:39Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#40\fP: (\fIthatch45\fP) Clean up timeouts
+.nf
+refs: \fI\%#22857\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#23623\fP: (\fIjfindlay\fP) Fix /jobs endpoint\(aqs return
+.nf
+refs: \fI\%#24217\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#22857\fP: (\fIjacksontj\fP) Fix /jobs endpoint\(aqs return
+.nf
+refs: \fI\%#23623\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+e15142c Merge pull request \fI\%#24217\fP from jfindlay/disable_bad_tests
+.IP \(bu 2
+6b62804 disable intermittently failing tests
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24199\fP: (\fIryan\-lane\fP) Various fixes for boto_route53 and boto_elb
+@ \fI2015\-05\-29T03:02:41Z\fP
+.INDENT 7.0
+.IP \(bu 2
+ce8e43b Merge pull request \fI\%#24199\fP from lyft/route53\-fix\-elb
+.IP \(bu 2
+d8dc9a7 Better unit tests for boto_elb state
+.IP \(bu 2
+62f214b Remove cnames_present test
+.IP \(bu 2
+7b9ae82 Lint fix
+.IP \(bu 2
+b74b0d1 Various fixes for boto_route53 and boto_elb
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24142\fP: (\fIbasepi\fP) Optimize dictupdate.update and add \fI\%#24097\fP functionality
+.nf
+refs: \fI\%#24262\fP
+.fi
+.sp
+.sp
+@ \fI2015\-05\-29T03:00:56Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24097\fP: (\fIkiorky\fP) Optimize dictupdate
+.nf
+refs: \fI\%#24142\fP \fI\%#24142\fP
+.fi
+.sp
+.UNINDENT
+.sp
+\fBPR\fP \fI\%#21968\fP: (\fIryanwohara\fP) Verifying the key has a value before using it.
+* a43465d Merge pull request \fI\%#24142\fP from basepi/dictupdate24097
+* 5c6e210 Deepcopy on merge_recurse
+.INDENT 7.0
+.IP \(bu 2
+a13c84a Fix None check from \fI\%#21968\fP
+.IP \(bu 2
+9ef2c64 Add docstring
+.IP \(bu 2
+8579429 Add in recursive_update from \fI\%#24097\fP
+.IP \(bu 2
+8599143 if key not in dest, don\(aqt recurse
+.IP \(bu 2
+d8a84b3 Rename klass to valtype
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24208\fP: (\fIjayeshka\fP) adding states/ports unit test case.
+@ \fI2015\-05\-28T23:06:33Z\fP
+.INDENT 7.0
+.IP \(bu 2
+526698b Merge pull request \fI\%#24208\fP from jayeshka/ports\-states\-unit\-test
+.IP \(bu 2
+657b709 adding states/ports unit test case.
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24219\fP: (\fIjfindlay\fP) find zfs without modinfo
+@ \fI2015\-05\-28T21:07:26Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#20635\fP: (\fIdennisjac\fP) 2015.2.0rc1: zfs errors in log after update
+.nf
+refs: \fI\%#24219\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+d00945f Merge pull request \fI\%#24219\fP from jfindlay/zfs_check
+.IP \(bu 2
+15d4019 use the salt loader in the zfs mod
+.IP \(bu 2
+5599b67 try to search for zfs if modinfo is unavailable
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24190\fP: (\fImsteed\fP) Fix issue 23815
+@ \fI2015\-05\-28T20:10:34Z\fP
+.sp
+\fBISSUE\fP \fI\%#23815\fP: (\fISnergster\fP) [beacons] inotify errors on subdir creation
+* 3dc4b85 Merge pull request \fI\%#24190\fP from msteed/issue\-23815
+* 086a1a9 lint
+.INDENT 7.0
+.IP \(bu 2
+65de62f fix \fI\%#23815\fP
+.IP \(bu 2
+d04e916 spelling
+.IP \(bu 2
+db9f682 add inotify beacon unit tests
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24211\fP: (\fIrallytime\fP) Backport \fI\%#24205\fP to 2015.5
+@ \fI2015\-05\-28T18:28:15Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24205\fP: (\fIhazelesque\fP) Docstring fix in salt.modules.yumpkg.hold
+.nf
+refs: \fI\%#24211\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+436634b Merge pull request \fI\%#24211\fP from rallytime/\fI\%bp\-24205\fP
+.IP \(bu 2
+23284b5 Docstring fix in salt.modules.yumpkg.hold
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24212\fP: (\fIterminalmage\fP) Clarify error in rendering template for top file
+@ \fI2015\-05\-28T18:26:20Z\fP
+.INDENT 7.0
+.IP \(bu 2
+cc58624 Merge pull request \fI\%#24212\fP from terminalmage/clarify\-error\-msg
+.IP \(bu 2
+ca807fb Clarify error in rendering template for top file
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24213\fP: (\fIThe\-Loeki\fP) ShouldFix _\- troubles in debian_ip
+@ \fI2015\-05\-28T18:24:39Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#23904\fP: (\fImbrgm\fP) Network config bonding section cannot be parsed when attribute names use dashes
+.nf
+refs: \fI\%#23917\fP
+.fi
+.sp
+.TP
+.B \fBISSUE\fP \fI\%#23900\fP: (\fIhashi825\fP) salt ubuntu network building issue 2015.5.0
+.nf
+refs: \fI\%#23922\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#23922\fP: (\fIgarethgreenaway\fP) Fixes to debian_ip.py
+.nf
+refs: \fI\%#24213\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#23917\fP: (\fIcorywright\fP) Split debian bonding options on dash instead of underscore
+.nf
+refs: \fI\%#24213\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+9825160 Merge pull request \fI\%#24213\fP from The\-Loeki/patch\-3
+.IP \(bu 2
+a68d515 ShouldFix _\- troubles in debian_ip
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24214\fP: (\fIbasepi\fP) 2015.5.1release
+@ \fI2015\-05\-28T16:23:57Z\fP
+.INDENT 7.0
+.IP \(bu 2
+071751d Merge pull request \fI\%#24214\fP from basepi/2015.5.1release
+.IP \(bu 2
+e5ba31b 2015.5.1 release date
+.IP \(bu 2
+768494c Update latest release in docs
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24202\fP: (\fIrallytime\fP) Backport \fI\%#24186\fP to 2015.5
+@ \fI2015\-05\-28T05:16:48Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24186\fP: (\fIthcipriani\fP) Update salt vagrant provisioner info
+.nf
+refs: \fI\%#24202\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+c2f1fdb Merge pull request \fI\%#24202\fP from rallytime/\fI\%bp\-24186\fP
+.IP \(bu 2
+db793dd Update salt vagrant provisioner info
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24192\fP: (\fIrallytime\fP) Backport \fI\%#20474\fP to 2015.5
+@ \fI2015\-05\-28T05:16:18Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#20474\fP: (\fIdjcrabhat\fP) add sudo, sudo_password params to vsphere deploy to allow for non\-root deploys
+.nf
+refs: \fI\%#24192\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+8a085a2 Merge pull request \fI\%#24192\fP from rallytime/\fI\%bp\-20474\fP
+.IP \(bu 2
+fd3c783 add sudo, sudo_password params to deploy to allow for non\-root deploys
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24184\fP: (\fIrallytime\fP) Backport \fI\%#24129\fP to 2015.5
+@ \fI2015\-05\-28T05:15:08Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24129\fP: (\fIpengyao\fP) Wheel client doc
+.nf
+refs: \fI\%#24184\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+7cc535b Merge pull request \fI\%#24184\fP from rallytime/\fI\%bp\-24129\fP
+.IP \(bu 2
+722a662 fixed a typo
+.IP \(bu 2
+565eb46 Add cmd doc for WheelClient
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24183\fP: (\fIrallytime\fP) Backport \fI\%#19320\fP to 2015.5
+@ \fI2015\-05\-28T05:14:36Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#19320\fP: (\fIclan\fP) add \(aqstate_output_profile\(aq option for profile output
+.nf
+refs: \fI\%#24183\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+eb0af70 Merge pull request \fI\%#24183\fP from rallytime/\fI\%bp\-19320\fP
+.IP \(bu 2
+55db1bf sate_output_profile default to True
+.IP \(bu 2
+9919227 fix type: statei \-> state
+.IP \(bu 2
+0549ca6 add \(aqstate_output_profile\(aq option for profile output
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24201\fP: (\fIwhiteinge\fP) Add list of client libraries for the rest_cherrypy module to the top\-level documentation
+@ \fI2015\-05\-28T02:12:09Z\fP
+.INDENT 7.0
+.IP \(bu 2
+1b5bf23 Merge pull request \fI\%#24201\fP from whiteinge/rest_cherrypy\-client\-libs
+.IP \(bu 2
+5f71802 Add list of client libraries for the rest_cherrypy module
+.IP \(bu 2
+28fc77f Fix rest_cherrypy config example indentation
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24195\fP: (\fIrallytime\fP) Merge \fI\%#24185\fP with a couple of fixes
+@ \fI2015\-05\-27T22:18:37Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24185\fP: (\fIjacobhammons\fP) Fixes for doc build errors
+.nf
+refs: \fI\%#24195\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+3307ec2 Merge pull request \fI\%#24195\fP from rallytime/merge\-24185
+.IP \(bu 2
+d8daa9d Merge \fI\%#24185\fP with a couple of fixes
+.IP \(bu 2
+634d56b Fixed pylon error
+.IP \(bu 2
+0689815 Fixes for doc build errors
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24166\fP: (\fIjayeshka\fP) adding states/pkgng unit test case.
+@ \fI2015\-05\-27T20:27:49Z\fP
+.INDENT 7.0
+.IP \(bu 2
+7e400bc Merge pull request \fI\%#24166\fP from jayeshka/pkgng\-states\-unit\-test
+.IP \(bu 2
+2234bb0 adding states/pkgng unit test case.
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24189\fP: (\fIbasepi\fP) [2015.5] Merge forward from 2014.7 to 2015.5
+@ \fI2015\-05\-27T20:26:31Z\fP
+.sp
+\fBPR\fP \fI\%#24178\fP: (\fIrallytime\fP) Backport \fI\%#24118\fP to 2014.7, too.
+\fBPR\fP \fI\%#24159\fP: (\fIrallytime\fP) Fill out modules/keystone.py CLI Examples
+\fBPR\fP \fI\%#24158\fP: (\fIrallytime\fP) Fix test_valid_docs test for tls module
+\fBPR\fP \fI\%#24118\fP: (\fItrevor\-h\fP) removed deprecated pymongo usage
+.INDENT 7.0
+.INDENT 3.5
+.nf
+refs: \fI\%#24139\fP \fI\%#24178\fP
+.fi
+.sp
+.UNINDENT
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+9fcda79 Merge pull request \fI\%#24189\fP from basepi/merge\-forward\-2015.5
+.IP \(bu 2
+8839e9c Merge remote\-tracking branch \(aqupstream/2014.7\(aq into merge\-forward\-2015.5
+.IP \(bu 2
+9d7331c Merge pull request \fI\%#24178\fP from rallytime/\fI\%bp\-24118\fP
+.INDENT 2.0
+.IP \(bu 2
+e2217a0 removed deprecated pymongo usage as no longer functional with pymongo > 3.x
+.UNINDENT
+.IP \(bu 2
+4e8c503 Merge pull request \fI\%#24159\fP from rallytime/keystone_doc_examples
+.INDENT 2.0
+.IP \(bu 2
+dadac8d Fill out modules/keystone.py CLI Examples
+.UNINDENT
+.IP \(bu 2
+fc10ee8 Merge pull request \fI\%#24158\fP from rallytime/fix_doc_error
+.INDENT 2.0
+.IP \(bu 2
+49a517e Fix test_valid_docs test for tls module
+.UNINDENT
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24181\fP: (\fIjtand\fP) Fixed error where file was evaluated as a symlink in test_absent
+@ \fI2015\-05\-27T18:26:28Z\fP
+.INDENT 7.0
+.IP \(bu 2
+2303dec Merge pull request \fI\%#24181\fP from jtand/file_test
+.IP \(bu 2
+5f0e601 Fixed error where file was evaluated as a symlink in test_absent
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24180\fP: (\fIterminalmage\fP) Skip libvirt tests if not running as root
+@ \fI2015\-05\-27T18:18:47Z\fP
+.INDENT 7.0
+.IP \(bu 2
+a162768 Merge pull request \fI\%#24180\fP from terminalmage/fix\-libvirt\-test
+.IP \(bu 2
+72e7416 Skip libvirt tests if not running as root
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24165\fP: (\fIjayeshka\fP) adding states/portage_config unit test case.
+@ \fI2015\-05\-27T17:15:08Z\fP
+.INDENT 7.0
+.IP \(bu 2
+1fbc5b2 Merge pull request \fI\%#24165\fP from jayeshka/portage_config\-states\-unit\-test
+.IP \(bu 2
+8cf1505 adding states/portage_config unit test case.
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24164\fP: (\fIjayeshka\fP) adding states/pecl unit test case.
+@ \fI2015\-05\-27T17:14:26Z\fP
+.INDENT 7.0
+.IP \(bu 2
+4747856 Merge pull request \fI\%#24164\fP from jayeshka/pecl\-states\-unit\-test
+.IP \(bu 2
+563a5b3 adding states/pecl unit test case.
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24160\fP: (\fIThe\-Loeki\fP) small enhancement to data module; pop()
+@ \fI2015\-05\-27T17:03:10Z\fP
+.INDENT 7.0
+.IP \(bu 2
+cdaaa19 Merge pull request \fI\%#24160\fP from The\-Loeki/patch\-1
+.IP \(bu 2
+2175ff3 doc & merge fix
+.IP \(bu 2
+eba382c small enhancement to data module; pop()
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24153\fP: (\fItechhat\fP) Batch mode sometimes improperly builds lists of minions to process
+@ \fI2015\-05\-27T16:21:53Z\fP
+.INDENT 7.0
+.IP \(bu 2
+4a8dbc7 Merge pull request \fI\%#24153\fP from techhat/batchlist
+.IP \(bu 2
+467ba64 Make sure that minion IDs are strings
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24167\fP: (\fIjayeshka\fP) adding states/pagerduty unit test case.
+@ \fI2015\-05\-27T16:14:01Z\fP
+.INDENT 7.0
+.IP \(bu 2
+ed8ccf5 Merge pull request \fI\%#24167\fP from jayeshka/pagerduty\-states\-unit\-test
+.IP \(bu 2
+1af8c83 adding states/pagerduty unit test case.
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24156\fP: (\fIbasepi\fP) [2015.5] Merge forward from 2014.7 to 2015.5
+@ \fI2015\-05\-27T15:05:01Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#23464\fP: (\fItibold\fP) cmd_iter_no_block() blocks
+.nf
+refs: \fI\%#24093\fP
+.fi
+.sp
+.UNINDENT
+.sp
+\fBPR\fP \fI\%#24125\fP: (\fIhvnsweeting\fP) Fix rabbitmq test mode
+\fBPR\fP \fI\%#24093\fP: (\fImsteed\fP) Make LocalClient.cmd_iter_no_block() not block
+\fBPR\fP \fI\%#24008\fP: (\fIdavidjb\fP) Correct reST formatting for states.cmd documentation
+\fBPR\fP \fI\%#23933\fP: (\fIjacobhammons\fP) sphinx saltstack2 doc theme
+* b9507d1 Merge pull request \fI\%#24156\fP from basepi/merge\-forward\-2015.5
+* e52b5ab Remove stray >>>>>
+.INDENT 7.0
+.IP \(bu 2
+7dfbd92 Merge remote\-tracking branch \(aqupstream/2014.7\(aq into merge\-forward\-2015.5
+.INDENT 2.0
+.IP \(bu 2
+c0d32e0 Merge pull request \fI\%#24125\fP from hvnsweeting/fix\-rabbitmq\-test\-mode
+.INDENT 2.0
+.IP \(bu 2
+71862c6 enhance log
+.IP \(bu 2
+28e2594 change according to new output of rabbitmq module functions
+.IP \(bu 2
+cd0212e processes and returns better output for rabbitmq module
+.UNINDENT
+.IP \(bu 2
+39a8f30 Merge pull request \fI\%#24093\fP from msteed/issue\-23464
+.INDENT 2.0
+.IP \(bu 2
+fd35903 Fix failing test
+.IP \(bu 2
+41b344c Make LocalClient.cmd_iter_no_block() not block
+.UNINDENT
+.IP \(bu 2
+5bffd30 Merge pull request \fI\%#24008\fP from davidjb/2014.7
+.INDENT 2.0
+.IP \(bu 2
+8b8d029 Correct reST formatting for documentation
+.UNINDENT
+.IP \(bu 2
+1aa0420 Merge pull request \fI\%#23933\fP from jacobhammons/2014.7
+.IP \(bu 2
+a3613e6 removed numbering from doc TOC
+.IP \(bu 2
+78b737c removed 2015.* release from release notes, updated index page to remove PDF/epub links
+.IP \(bu 2
+e867f7d Changed build settings to use saltstack2 theme and update release versions.
+.IP \(bu 2
+81ed9c9 sphinx saltstack2 doc theme
+.UNINDENT
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24145\fP: (\fIjfindlay\fP) attempt to decode win update package
+@ \fI2015\-05\-26T23:20:20Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#24102\fP: (\fIbormotov\fP) win_update encondig problems
+.nf
+refs: \fI\%#24145\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+05745fa Merge pull request \fI\%#24145\fP from jfindlay/win_update_encoding
+.IP \(bu 2
+cc5e17e attempt to decode win update package
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24123\fP: (\fIkiorky\fP) fix service enable/disable change
+@ \fI2015\-05\-26T21:24:19Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#24122\fP: (\fIkiorky\fP) service.dead is no more stateful: services does not handle correctly enable/disable change state
+.nf
+refs: \fI\%#24123\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+7024789 Merge pull request \fI\%#24123\fP from makinacorpus/ss
+.IP \(bu 2
+2e2e1d2 fix service enable/disable change
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24146\fP: (\fIrallytime\fP) Fixes the boto_vpc_test failure on CentOS 5 tests
+@ \fI2015\-05\-26T20:15:19Z\fP
+.INDENT 7.0
+.IP \(bu 2
+51c3cec Merge pull request \fI\%#24146\fP from rallytime/fix_centos_boto_failure
+.IP \(bu 2
+ac0f97d Fixes the boto_vpc_test failure on CentOS 5 tests
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24144\fP: (\fItwangboy\fP) Compare Keys ignores all newlines and carriage returns
+@ \fI2015\-05\-26T19:25:48Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#24052\fP: (\fItwangboy\fP) v2015.5.1 Changes the way it interprets the minion_master.pub file
+.nf
+refs: \fI\%#24089\fP \fI\%#24144\fP
+.fi
+.sp
+.TP
+.B \fBISSUE\fP \fI\%#23566\fP: (\fIrks2286\fP) Salt\-cp corrupting the file after transfer to minion
+.nf
+refs: \fI\%#24144\fP \fI\%#23740\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#23740\fP: (\fIjfindlay\fP) Binary write
+.nf
+refs: \fI\%#24144\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+1c91a21 Merge pull request \fI\%#24144\fP from twangboy/fix_24052
+.IP \(bu 2
+c197b41 Compare Keys removing all newlines and carriage returns
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24139\fP: (\fIrallytime\fP) Backport \fI\%#24118\fP to 2015.5
+@ \fI2015\-05\-26T18:24:27Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24118\fP: (\fItrevor\-h\fP) removed deprecated pymongo usage
+.nf
+refs: \fI\%#24139\fP \fI\%#24178\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+0841667 Merge pull request \fI\%#24139\fP from rallytime/\fI\%bp\-24118\fP
+.IP \(bu 2
+4bb519b removed deprecated pymongo usage as no longer functional with pymongo > 3.x
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24138\fP: (\fIrallytime\fP) Backport \fI\%#24116\fP to 2015.5
+@ \fI2015\-05\-26T18:23:51Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24116\fP: (\fIawdrius\fP) Fixed typo in chown username (ending dot) that fails the command.
+.nf
+refs: \fI\%#24138\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+742eca2 Merge pull request \fI\%#24138\fP from rallytime/\fI\%bp\-24116\fP
+.IP \(bu 2
+7f08641 Fixed typo in chown username (ending dot) that fails the command.
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24137\fP: (\fIrallytime\fP) Backport \fI\%#24105\fP to 2015.5
+@ \fI2015\-05\-26T18:23:40Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24105\fP: (\fIcedwards\fP) Updated some beacon\-specific documentation formatting
+.nf
+refs: \fI\%#24137\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+e01536d Merge pull request \fI\%#24137\fP from rallytime/\fI\%bp\-24105\fP
+.IP \(bu 2
+f0778a0 Updated some beacon\-specific documentation formatting
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24136\fP: (\fIrallytime\fP) Backport \fI\%#24104\fP to 2015.5
+@ \fI2015\-05\-26T15:58:47Z\fP
+.sp
+\fBISSUE\fP \fI\%#23364\fP: (\fIpruiz\fP) Unable to destroy host using proxmox cloud: There was an error destroying machines: 501 Server Error: Method \(aqDELETE /nodes/pmx1/openvz/openvz/100\(aq not implemented
+\fBPR\fP \fI\%#24104\fP: (\fIpruiz\fP) Only try to stop a VM if it\(aqs not already stopped. (fixes \fI\%#23364\fP)
+.INDENT 7.0
+.INDENT 3.5
+.nf
+refs: \fI\%#24136\fP
+.fi
+.sp
+.UNINDENT
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+89cdf97 Merge pull request \fI\%#24136\fP from rallytime/\fI\%bp\-24104\fP
+.IP \(bu 2
+c538884 Only try to stop a VM if it\(aqs not already stopped. (fixes \fI\%#23364\fP)
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24135\fP: (\fIrallytime\fP) Backport \fI\%#24083\fP to 2015.5
+@ \fI2015\-05\-26T15:58:27Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24083\fP: (\fIswdream\fP) fix code block syntax
+.nf
+refs: \fI\%#24135\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+67c4373 Merge pull request \fI\%#24135\fP from rallytime/\fI\%bp\-24083\fP
+.IP \(bu 2
+e1d06f9 fix code block syntax
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24131\fP: (\fIjayeshka\fP) adding states/mysql_user unit test case
+@ \fI2015\-05\-26T15:58:10Z\fP
+.INDENT 7.0
+.IP \(bu 2
+a83371e Merge pull request \fI\%#24131\fP from jayeshka/mysql_user\-states\-unit\-test
+.IP \(bu 2
+ed1ef69 adding states/mysql_user unit test case
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24130\fP: (\fIjayeshka\fP) adding states/ntp unit test case
+@ \fI2015\-05\-26T15:57:29Z\fP
+.INDENT 7.0
+.IP \(bu 2
+1dc1d2a Merge pull request \fI\%#24130\fP from jayeshka/ntp\-states\-unit\-test
+.IP \(bu 2
+ede4a9f adding states/ntp unit test case
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24128\fP: (\fIjayeshka\fP) adding states/openstack_config unit test case
+@ \fI2015\-05\-26T15:56:08Z\fP
+.INDENT 7.0
+.IP \(bu 2
+3943417 Merge pull request \fI\%#24128\fP from jayeshka/openstack_config\-states\-unit\-test
+.IP \(bu 2
+ca09e0f adding states/openstack_config unit test case
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24127\fP: (\fIjayeshka\fP) adding states/npm unit test case
+@ \fI2015\-05\-26T15:55:18Z\fP
+.INDENT 7.0
+.IP \(bu 2
+23f25c4 Merge pull request \fI\%#24127\fP from jayeshka/npm\-states\-unit\-test
+.IP \(bu 2
+c3ecabb adding states/npm unit test case
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24077\fP: (\fIanlutro\fP) Change how state_verbose output is filtered
+@ \fI2015\-05\-26T15:41:11Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#24009\fP: (\fIhvnsweeting\fP) state_verbose False summary is wrong
+.nf
+refs: \fI\%#24077\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+07488a4 Merge pull request \fI\%#24077\fP from alprs/fix\-outputter_highstate_nonverbose_count
+.IP \(bu 2
+7790408 Change how state_verbose output is filtered
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24119\fP: (\fIjfindlay\fP) Update contrib docs
+@ \fI2015\-05\-26T15:37:01Z\fP
+.INDENT 7.0
+.IP \(bu 2
+224820f Merge pull request \fI\%#24119\fP from jfindlay/update_contrib_docs
+.IP \(bu 2
+fa2d411 update example release branch in contrib docs
+.IP \(bu 2
+a0b76b5 clarify git rebase instructions
+.IP \(bu 2
+3517e00 fix contribution docs link typos
+.IP \(bu 2
+651629c backport dev contrib doc updates to 2015.5
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#23928\fP: (\fIjoejulian\fP) Add the ability to replace existing certificates
+@ \fI2015\-05\-25T19:47:26Z\fP
+.INDENT 7.0
+.IP \(bu 2
+5488c4a Merge pull request \fI\%#23928\fP from joejulian/2015.5_tls_module_replace_existing
+.IP \(bu 2
+4a4cbdd Add the ability to replace existing certificates
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24078\fP: (\fIjfindlay\fP) if a charmap is not supplied, set it to the codeset
+@ \fI2015\-05\-25T19:39:19Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#23221\fP: (\fIReiner030\fP) Debian Jessie: locale.present not working again
+.nf
+refs: \fI\%#24078\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+dd90ef0 Merge pull request \fI\%#24078\fP from jfindlay/locale_charmap
+.IP \(bu 2
+5eb97f0 if a charmap is not supplied, set it to the codeset
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24088\fP: (\fIjfindlay\fP) pkg module integration tests
+@ \fI2015\-05\-25T19:39:02Z\fP
+.INDENT 7.0
+.IP \(bu 2
+9cec5d3 Merge pull request \fI\%#24088\fP from jfindlay/pkg_tests
+.IP \(bu 2
+f1bd5ec adding pkg module integration tests
+.IP \(bu 2
+739b2ef rework yumpkg refresh_db so args are not mandatory
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24089\fP: (\fIjfindlay\fP) allow override of binary file mode on windows
+@ \fI2015\-05\-25T19:38:44Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#24052\fP: (\fItwangboy\fP) v2015.5.1 Changes the way it interprets the minion_master.pub file
+.nf
+refs: \fI\%#24089\fP \fI\%#24144\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+517552c Merge pull request \fI\%#24089\fP from jfindlay/binary_write
+.IP \(bu 2
+b2259a6 allow override of binary file mode on windows
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24092\fP: (\fIjfindlay\fP) collect scattered contents edits, ensure it\(aqs a str
+@ \fI2015\-05\-25T19:38:10Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#23973\fP: (\fImschiff\fP) state file.managed: setting contents_pillar to a pillar which is a list throws exception instead giving descriptive error message
+.nf
+refs: \fI\%#24092\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+121ab9f Merge pull request \fI\%#24092\fP from jfindlay/file_state
+.IP \(bu 2
+cfa0f13 collect scattered contents edits, ensure it\(aqs a str
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24112\fP: (\fIThe\-Loeki\fP) thin_gen breaks when thinver doesn\(aqt exist
+@ \fI2015\-05\-25T19:37:47Z\fP
+.INDENT 7.0
+.IP \(bu 2
+84e65de Merge pull request \fI\%#24112\fP from The\-Loeki/patch\-1
+.IP \(bu 2
+34646ea thin_gen breaks when thinver doesn\(aqt exist
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24108\fP: (\fIjayeshka\fP) adding states/mysql_query unit test case
+@ \fI2015\-05\-25T12:30:48Z\fP
+.INDENT 7.0
+.IP \(bu 2
+ec509ed Merge pull request \fI\%#24108\fP from jayeshka/mysql_query\-states\-unit\-test
+.IP \(bu 2
+ec50450 adding states/mysql_query unit test case
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24110\fP: (\fIjayeshka\fP) adding varnish unit test case
+@ \fI2015\-05\-25T12:30:21Z\fP
+.INDENT 7.0
+.IP \(bu 2
+f2e5d6c Merge pull request \fI\%#24110\fP from jayeshka/varnish\-unit\-test
+.IP \(bu 2
+e119889 adding varnish unit test case
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24109\fP: (\fIjayeshka\fP) adding states/mysql_grants unit test case
+@ \fI2015\-05\-25T12:29:53Z\fP
+.INDENT 7.0
+.IP \(bu 2
+4fca2b4 Merge pull request \fI\%#24109\fP from jayeshka/mysql_grants\-states\-unit\-test
+.IP \(bu 2
+11a93cb adding states/mysql_grants unit test case
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24028\fP: (\fInleib\fP) send a disable message to disable puppet
+@ \fI2015\-05\-25T04:02:11Z\fP
+.INDENT 7.0
+.IP \(bu 2
+6b43c9a Merge pull request \fI\%#24028\fP from nleib/2015.5
+.IP \(bu 2
+15f24b4 update format of string in disabled msg
+.IP \(bu 2
+7690e5b remove trailing whitespaces
+.IP \(bu 2
+56a9720 Update puppet.py
+.IP \(bu 2
+9686391 Update puppet.py
+.IP \(bu 2
+33f3d68 send a disable message to disable puppet
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24100\fP: (\fIjfindlay\fP) adding states/file unit test case
+@ \fI2015\-05\-24T05:17:54Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#23963\fP: (\fIjayeshka\fP) adding states/file unit test case
+.nf
+refs: \fI\%#24100\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+52c9aca Merge pull request \fI\%#24100\fP from jfindlay/merge_23963
+.IP \(bu 2
+7d59deb adding states/file unit test case
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24098\fP: (\fIgalet\fP) Systemd not recognized properly on Oracle Linux 7
+@ \fI2015\-05\-24T04:07:31Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#21446\fP: (\fIdpheasant\fP) check for systemd on Oracle Linux
+.nf
+refs: \fI\%#24098\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+0eb9f15 Merge pull request \fI\%#24098\fP from galet/2015.5
+.IP \(bu 2
+4d6ab21 Systemd not recognized properly on Oracle Linux 7
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24090\fP: (\fIjfindlay\fP) adding states/mount unit test case
+@ \fI2015\-05\-22T23:02:57Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24062\fP: (\fIjayeshka\fP) adding states/mount unit test case
+.nf
+refs: \fI\%#24090\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+8e04db7 Merge pull request \fI\%#24090\fP from jfindlay/merge_24062
+.IP \(bu 2
+a81a922 adding states/mount unit test case
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24086\fP: (\fIrallytime\fP) Backport \fI\%#22806\fP to 2015.5
+@ \fI2015\-05\-22T21:18:20Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#22574\fP: (\fIunicolet\fP) error when which is not available
+.nf
+refs: \fI\%#22806\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#22806\fP: (\fIjfindlay\fP) use cmd.run_all instead of cmd.run_stdout
+.nf
+refs: \fI\%#24086\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+c0079f5 Merge pull request \fI\%#24086\fP from rallytime/\fI\%bp\-22806\fP
+.IP \(bu 2
+f728f55 use cmd.run_all instead of cmd.run_stdout
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24024\fP: (\fIjayeshka\fP) adding states/mongodb_user unit test case
+@ \fI2015\-05\-22T20:53:19Z\fP
+.INDENT 7.0
+.IP \(bu 2
+09de253 Merge pull request \fI\%#24024\fP from jayeshka/mongodb_user\-states\-unit\-test
+.IP \(bu 2
+f31dc92 resolved errors
+.IP \(bu 2
+d038b1f adding states/mongodb_user unit test case
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24065\fP: (\fIkiorky\fP) continue to fix \fI\%#23883\fP
+.nf
+refs: \fI\%#24080\fP \fI\%#24066\fP
+.fi
+.sp
+.sp
+@ \fI2015\-05\-22T18:59:21Z\fP
+.sp
+\fBISSUE\fP \fI\%#23883\fP: (\fIkaithar\fP) max_event_size seems broken
+* bfd812c Merge pull request \fI\%#24065\fP from makinacorpus/real23883
+* 028282e continue to fix \fI\%#23883\fP
+.TP
+.B \fBPR\fP \fI\%#24029\fP: (\fIkiorky\fP) Fix providers handling
+@ \fI2015\-05\-22T16:56:06Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#24017\fP: (\fIarthurlogilab\fP) [salt\-cloud openstack] TypeError: unhashable type: \(aqdict\(aq on map creation
+.nf
+refs: \fI\%#24029\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+429adfe Merge pull request \fI\%#24029\fP from makinacorpus/fixproviders
+.IP \(bu 2
+412b39b Fix providers handling
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#23936\fP: (\fIjfindlay\fP) remove unreachable returns in file state
+@ \fI2015\-05\-22T16:26:49Z\fP
+.INDENT 7.0
+.IP \(bu 2
+a42cccc Merge pull request \fI\%#23936\fP from jfindlay/file_state
+.IP \(bu 2
+ac29c0c also validate file.recurse source parameter
+.IP \(bu 2
+57f7388 remove unreachable returns in file state
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24063\fP: (\fIjayeshka\fP) removed tuple index error
+@ \fI2015\-05\-22T14:58:20Z\fP
+.INDENT 7.0
+.IP \(bu 2
+8b69b41 Merge pull request \fI\%#24063\fP from jayeshka/mount\-states\-module
+.IP \(bu 2
+b9745d5 removed tuple index error
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24057\fP: (\fIrallytime\fP) Backport \fI\%#22572\fP to 2015.5
+@ \fI2015\-05\-22T05:36:25Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#22572\fP: (\fIThe\-Loeki\fP) Small docfix for GitPillar
+.nf
+refs: \fI\%#24057\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+02ac4aa Merge pull request \fI\%#24057\fP from rallytime/\fI\%bp\-22572\fP
+.IP \(bu 2
+49aad84 Small docfix for GitPillar
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24040\fP: (\fIrallytime\fP) Backport \fI\%#24027\fP to 2015.5
+@ \fI2015\-05\-21T23:43:54Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#23088\fP: (\fIwfhg\fP) Segfault when adding a Zypper repo on SLES 11.3
+.nf
+refs: \fI\%#24027\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#24027\fP: (\fIwfhg\fP) Add baseurl to salt.modules.zypper.mod_repo
+.nf
+refs: \fI\%#24040\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+82de059 Merge pull request \fI\%#24040\fP from rallytime/\fI\%bp\-24027\fP
+.IP \(bu 2
+37d25d8 Added baseurl as alias for url and mirrorlist in salt.modules.zypper.mod_repo.
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24039\fP: (\fIrallytime\fP) Backport \fI\%#24015\fP to 2015.5
+@ \fI2015\-05\-21T23:43:25Z\fP
+.INDENT 7.0
+.TP
+.B \fBPR\fP \fI\%#24015\fP: (\fIYanChii\fP) minor improvement of solarisips docs & fix typos
+.nf
+refs: \fI\%#24039\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+d909781 Merge pull request \fI\%#24039\fP from rallytime/\fI\%bp\-24015\fP
+.IP \(bu 2
+6bfaa94 minor improovement of solarisips docs & fix typos
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24038\fP: (\fIrallytime\fP) Backport \fI\%#19599\fP to 2015.5
+@ \fI2015\-05\-21T23:43:10Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#19598\fP: (\fIfayetted\fP) ssh_auth.present test=true incorectly reports changes will be made
+.nf
+refs: \fI\%#19599\fP
+.fi
+.sp
+.TP
+.B \fBPR\fP \fI\%#19599\fP: (\fIfayetted\fP) Fix ssh_auth test mode, compare lines not just key
+.nf
+refs: \fI\%#24038\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+4a0f254 Merge pull request \fI\%#24038\fP from rallytime/\fI\%bp\-19599\fP
+.IP \(bu 2
+ea00d3e Fix ssh_auth test mode, compare lines not just key
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24046\fP: (\fIrallytime\fP) Remove key management test from digital ocean cloud tests
+@ \fI2015\-05\-21T22:32:04Z\fP
+.INDENT 7.0
+.IP \(bu 2
+42b87f1 Merge pull request \fI\%#24046\fP from rallytime/remove_key_test
+.IP \(bu 2
+1d031ca Remove key management test from digital ocean cloud tests
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24044\fP: (\fIcro\fP) Remove spurious log message, fix typo in doc
+@ \fI2015\-05\-21T22:31:49Z\fP
+.INDENT 7.0
+.IP \(bu 2
+eff54b1 Merge pull request \fI\%#24044\fP from cro/pgjsonb
+.IP \(bu 2
+de06633 Remove spurious log message, fix typo in doc
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24001\fP: (\fImsteed\fP) issue \fI\%#23883\fP
+@ \fI2015\-05\-21T20:32:30Z\fP
+.sp
+\fBISSUE\fP \fI\%#23883\fP: (\fIkaithar\fP) max_event_size seems broken
+* ac32000 Merge pull request \fI\%#24001\fP from msteed/issue\-23883
+* bea97a8 issue \fI\%#23883\fP
+.TP
+.B \fBPR\fP \fI\%#23995\fP: (\fIkiorky\fP) Lxc path pre
+@ \fI2015\-05\-21T17:26:03Z\fP
+.INDENT 7.0
+.IP \(bu 2
+f7fae26 Merge pull request \fI\%#23995\fP from makinacorpus/lxc_path_pre
+.IP \(bu 2
+319282a lint
+.IP \(bu 2
+1dc67e5 lxc: versionadded
+.IP \(bu 2
+fcad7cb lxc: states improvments
+.IP \(bu 2
+644bd72 lxc: more consistence for profiles
+.IP \(bu 2
+139372c lxc: remove merge cruft
+.IP \(bu 2
+725b046 lxc: Repair merge
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24032\fP: (\fIkartiksubbarao\fP) Update augeas_cfg.py
+@ \fI2015\-05\-21T17:03:42Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#16383\fP: (\fIinterjection\fP) salt.states.augeas.change example from docs fails with exception
+.nf
+refs: \fI\%#24032\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+26d6851 Merge pull request \fI\%#24032\fP from kartiksubbarao/augeas_insert_16383
+.IP \(bu 2
+3686dcd Update augeas_cfg.py
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24025\fP: (\fIjayeshka\fP) adding timezone unit test case
+@ \fI2015\-05\-21T16:50:53Z\fP
+.INDENT 7.0
+.IP \(bu 2
+55c9245 Merge pull request \fI\%#24025\fP from jayeshka/timezone\-unit\-test
+.IP \(bu 2
+1ec33e2 removed assertion error
+.IP \(bu 2
+16ecb28 adding timezone unit test case
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24023\fP: (\fIjayeshka\fP) adding states/mongodb_database unit test case
+@ \fI2015\-05\-21T16:49:17Z\fP
+.INDENT 7.0
+.IP \(bu 2
+e243617 Merge pull request \fI\%#24023\fP from jayeshka/mongodb_database\-states\-unit\-test
+.IP \(bu 2
+5a9ac7e adding states/mongodb_database unit test case
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24022\fP: (\fIjayeshka\fP) adding states/modjk_worker unit test case
+@ \fI2015\-05\-21T16:48:29Z\fP
+.INDENT 7.0
+.IP \(bu 2
+b377bd9 Merge pull request \fI\%#24022\fP from jayeshka/modjk_worker\-states\-unit\-test
+.IP \(bu 2
+05c0a98 adding states/modjk_worker unit test case
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#24005\fP: (\fImsteed\fP) issue \fI\%#23776\fP
+@ \fI2015\-05\-21T01:55:34Z\fP
+.sp
+\fBISSUE\fP \fI\%#23776\fP: (\fIenblde\fP) Presence change events constantly reporting all minions as new in 2015.5
+* 701c51b Merge pull request \fI\%#24005\fP from msteed/issue\-23776
+* 62e67d8 issue \fI\%#23776\fP
+.TP
+.B \fBPR\fP \fI\%#23996\fP: (\fIneogenix\fP) iptables state generates a 0 position which is invalid in iptables cli \fI\%#23950\fP
+@ \fI2015\-05\-20T22:44:27Z\fP
+.INDENT 7.0
+.TP
+.B \fBISSUE\fP \fI\%#23950\fP: (\fIneogenix\fP) iptables state generates a 0 position which is invalid in iptables cli
+.nf
+refs: \fI\%#23996\fP
+.fi
+.sp
+.UNINDENT
+.INDENT 7.0
+.IP \(bu 2
+17b7c0b Merge pull request \fI\%#23996\fP from neogenix/2015.5\-23950
+.IP \(bu 2
+ad417a5 fix for \fI\%#23950\fP
+.UNINDENT
+.TP
+.B \fBPR\fP \fI\%#23994\fP: (\fIrallytime\fP) Skip the gpodder pkgrepo test for Ubuntu 15 \- they don\(aqt have vivid ppa up yet
+@ \fI2015\-05\-20T21:18:21Z\fP
+.INDENT 7.0
+.IP \(bu 2
+4cb8773 Merge pull request \fI\%#23994\fP from rallytime/skip_test_ubuntu_15
+.IP \(bu 2
+9e0ec07 Skip the gpodder pkgrepo test \- they don\(aqt have vivid ppa up yet
+.UNINDENT
+.UNINDENT
+.SS Salt 2014.7.0 Release Notes \- Codename Helium
+.sp
+This release is the largest Salt release ever, with more features and commits
+then any previous release of Salt. Everything from the new RAET transport to
+major updates in Salt Cloud and the merging of Salt API into the main project.
+.sp
+\fBIMPORTANT:\fP
+.INDENT 0.0
+.INDENT 3.5
+The Fedora/RHEL/CentOS \fBsalt\-master\fP package has been modified for this
+release. The following components of Salt have been broken out and placed
+into their own packages:
+.INDENT 0.0
+.IP \(bu 2
+salt\-syndic
+.IP \(bu 2
+salt\-cloud
+.IP \(bu 2
+salt\-ssh
+.UNINDENT
+.sp
+When the \fBsalt\-master\fP package is upgraded, these components will be
+removed, and they will need to be manually installed.
+.UNINDENT
+.UNINDENT
+.sp
+\fBIMPORTANT:\fP
+.INDENT 0.0
+.INDENT 3.5
+Compound/pillar matching have been temporarily disabled for the \fBmine\fP
+and \fBpublish\fP modules for this release due to the possibility of
+inferring pillar data using pillar glob matching. A proper fix is now in
+the 2014.7 branch and scheduled for the  2014.7.1 release, and compound
+matching and non\-globbing pillar matching will be re\-enabled at that point.
+.sp
+Compound and pillar matching for normal salt commands are unaffected.
+.UNINDENT
+.UNINDENT
+.SS New Transport!
+.SS RAET Transport Option
+.sp
+This has been a HUGE amount of work, but the beta release of Salt with RAET is
+ready to go. RAET is a reliable queuing transport system that has been
+developed in partnership with a number of large enterprises to give Salt an
+alternative to ZeroMQ and a way to get Salt to scale well beyond tens of
+thousands of servers. Unlike ZeroMQ, RAET is completely asynchronous in every
+aspect of its operation and has been developed using the flow programming
+paradigm. This allows for many new capabilities to be added to Salt in the
+upcoming releases.
+.sp
+Please keep in mind that this is a beta release of RAET and we hope for bugs to
+be worked out, performance to be better realized and more in the 2015.5.0
+release.
+.sp
+Simply stated, users running Salt with RAET should expect some hiccups as we
+hammer out the update. This is a BETA release of Salt RAET.
+.sp
+For information about how to use Salt with RAET please see the
+\fBtutorial\fP\&.
+.SS Salt SSH Enhancements
+.sp
+Salt SSH has just entered a new league, with substantial updates and
+improvements to make salt\-ssh more reliable and easier then ever! From new
+features like the ansible roster and fileserver backends to the new pypi
+salt\-ssh installer to lowered deps and a swath of bugfixes, salt\-ssh is
+basically reborn!
+.SS Install salt\-ssh Using pip
+.sp
+Salt\-ssh is now pip\-installable!
+.sp
+\fI\%https://pypi.python.org/pypi/salt\-ssh/\fP
+.sp
+Pip will bring in all of the required deps, and while some deps are compiled,
+they all include pure python implementations, meaning that any compile errors
+which may be seen can be safely ignored.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+pip install salt\-ssh
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Fileserver Backends
+.sp
+Salt\-ssh can now use the salt fileserver backend system. This allows for
+the gitfs, hgfs, s3, and many more ways to centrally store states to be easily
+used with salt\-ssh. This also allows for a distributed team to easily use
+a centralized source.
+.SS Saltfile Support
+.sp
+The new saltfile system makes it easy to have a user specific custom extended
+configuration.
+.SS Ext Pillar
+.sp
+Salt\-ssh can now use the external pillar system. Making it easier then ever
+to use salt\-ssh with teams.
+.SS No More sshpass
+.sp
+Thanks to the enhancements in the salt vt system, salt\-ssh no longer requires
+sshpass to send passwords to ssh. This also makes the manipulation of ssh
+calls substantially more flexible, allowing for intercepting ssh calls in
+a much more fluid way.
+.SS Pure Python Shim
+.sp
+The salt\-ssh call originally used a shell script to discover what version of
+python to execute with and determine the state of the ssh code deployment.
+This shell script has been replaced with a pure python version making it easy
+to increase the capability of the code deployment without causing platform
+inconsistency issues with different shell interpreters.
+.SS Custom Module Delivery
+.sp
+Custom modules are now seamlessly delivered. This makes the deployment of
+custom grains, states, execution modules and returners a seamless process.
+.SS CP Module Support
+.sp
+Salt\-ssh now makes simple file transfers easier then ever! The \fIcp\fP
+module allows for files to be conveniently sent from the salt fileserver
+system down to systems.
+.SS More Thin Directory Options
+.sp
+Salt ssh functions by copying a subset of the salt code, or \fIsalt thin\fP down
+to the target system. In the past this was always transferred to /tmp/.salt
+and cached there for subsequent commands.
+.sp
+Now, salt thin can be sent to a random directory and removed when the call
+is complete with the \fI\-W\fP option. The new \fI\-W\fP option still uses a static
+location but will clean up that location when finished.
+.sp
+The default \fIsalt thin\fP location is now user defined, allowing multiple users
+to cleanly access the same systems.
+.SS State System Enhancements
+.SS New Imperative State Keyword "Listen"
+.sp
+The new \fBlisten\fP and \fBlisten_in\fP keywords allow for completely imperative
+states by calling the \fBmod_watch()\fP routine after all states have run instead
+of re\-ordering the states.
+.SS Mod Aggregate Runtime Manipulator
+.sp
+The new \fBmod_aggregate\fP system allows for the state system to rewrite the
+state data during execution. This allows for state definitions to be aggregated
+dynamically at runtime.
+.sp
+The best example is found in the \fBpkg\fP state. If
+\fBmod_aggregate\fP is turned on, then when the first pkg state is reached, the
+state system will scan all of the other running states for pkg states and take
+all other packages set for install and install them all at once in the first
+pkg state.
+.sp
+These runtime modifications make it easy to run groups of states together. In
+future versions, we hope to fill out the \fBmod_aggregate\fP system to build in
+more and more optimizations.
+.sp
+For more documentation on \fBmod_aggregate\fP, see \fBthe documentation\fP\&.
+.SS New Requisites: onchanges and onfail
+.sp
+The new \fBonchanges\fP and \fBonchanges_in\fP requisites make a state apply only if
+there are changes in the required state. This is useful to execute post hooks
+after changes occur on a system.
+.sp
+The other new requisites, \fBonfail\fP, and \fBonfail_in\fP, allow for a state to run
+in reaction to the failure of another state.
+.sp
+For more information about these new requisites, see the
+\fBrequisites documentation\fP\&.
+.SS Global onlyif and unless
+.sp
+The \fBonlyif\fP and \fBunless\fP options can now be used for any state declaration.
+.SS Use \fBnames\fP to expand and override values
+.sp
+The \fInames declaration\fP in Salt\(aqs state system can now
+override or add values to the expanded data structure. For example:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+my_users:
+  user.present:
+    \- names:
+      \- larry
+      \- curly
+      \- moe:
+        \- shell: /bin/zsh
+        \- groups:
+          \- wheel
+    \- shell: /bin/bash
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Major Features
+.SS Scheduler Additions
+.sp
+The Salt scheduler system has received MAJOR enhancements, allowing for
+cron\-like scheduling and much more granular timing routines. See \fBhere\fP for more info.
+.SS Red Hat 7 Family Support
+.sp
+All the needed additions have been made to run Salt on RHEL 7 and derived OSes
+like CentOS and Scientific.
+.SS Fileserver Backends in salt\-call
+.sp
+Fileserver backends like gitfs can now be used without a salt master! Just add
+the fileserver backend configuration to the minion config and execute
+salt\-call. This has been a much\-requested feature and we are happy to finally
+bring it to our users.
+.SS Amazon Execution Modules
+.sp
+An entire family of execution modules further enhancing Salt\(aqs Amazon Cloud
+support. They include the following:
+.INDENT 0.0
+.IP \(bu 2
+\fBAutoscale Groups\fP (includes \fBstate support\fP) \-\- related: \fBLaunch Control\fP states
+.IP \(bu 2
+\fBCloud Watch\fP (includes \fBstate support\fP)
+.IP \(bu 2
+\fBElastic Cache\fP (includes \fBstate support\fP)
+.IP \(bu 2
+\fBElastic Load Balancer\fP (includes \fBstate support\fP)
+.IP \(bu 2
+\fBIAM Identity and Access Management\fP (includes \fBstate support\fP)
+.IP \(bu 2
+\fBRoute53 DNS\fP (includes \fBstate support\fP)
+.IP \(bu 2
+\fBSecurity Groups\fP (includes \fBstate support\fP)
+.IP \(bu 2
+\fBSimple Queue Service\fP (includes \fBstate support\fP)
+.UNINDENT
+.SS LXC Runner Enhancements
+.sp
+BETA
+The Salt LXC management system has received a number of enhancements which make
+running an LXC cloud entirely from Salt an easy proposition.
+.SS Next Gen Docker Management
+.sp
+The Docker support in Salt has been increased at least ten fold. The Docker API
+is now completely exposed and Salt ships with Docker data tracking systems
+which make automating Docker deployments very easy.
+.SS Peer System Performance Improvements
+.sp
+The peer system communication routines have been refined to make the peer
+system substantially faster.
+.SS SDB
+.sp
+Encryption at rest for configs
+.SS GPG Renderer
+.sp
+Encrypted pillar at rest
+.SS OpenStack Expansion
+.sp
+Lots of new OpenStack stuff
+.SS Queues System
+.sp
+Ran change external queue systems into Salt events
+.SS Multi Master Failover Additions
+.sp
+Connecting to multiple masters is more dynamic then ever
+.SS Chef Execution Module
+.sp
+Managing Chef with Salt just got even easier!
+.SS salt\-api Project Merge
+.sp
+The \fBsalt\-api\fP project has been merged into Salt core and is now available as
+part of the regular \fBsalt\-master\fP package install. No API changes were made,
+the \fBsalt\-api\fP script and init scripts remain intact.
+.sp
+\fBsalt\-api\fP has always provided Yet Another Pluggable Interface to Salt (TM)
+in the form of "netapi" modules. These are modules that bind to a port and
+start a service. Like many of Salt\(aqs other module types, netapi modules often
+have library and configuration dependencies. See the documentation for each
+module for instructions.
+.sp
+\fBSEE ALSO:\fP
+.INDENT 0.0
+.INDENT 3.5
+\fIThe full list of netapi modules.\fP
+.UNINDENT
+.UNINDENT
+.SS Synchronous and Asynchronous Execution of Runner and Wheel Modules
+.sp
+\fBsalt.runner.RunnerClient\fP and \fBsalt.wheel.WheelClient\fP
+have both gained complimentary \fBcmd_sync\fP and \fBcmd_async\fP methods allowing
+for synchronous and asynchronous execution of any Runner or Wheel module
+function, all protected using Salt\(aqs \fIexternal authentication\fP
+system. \fBsalt\-api\fP benefits from this addition as well.
+.SS \fBrest_cherrypy\fP Additions
+.sp
+The \fBrest_cherrypy\fP netapi module
+provides the main REST API for Salt.
+.SS Web Hooks
+.sp
+This release of course includes the Web Hook additions from the most recent
+\fBsalt\-api\fP release, which allows external services to signal actions within a
+Salt infrastructure. External services such as Amazon SNS, Travis\-CI, or
+GitHub, as well as internal services that cannot or should not run a Salt
+minion daemon can be used as first\-class components in Salt\(aqs rich
+orchestration capabilities.
+.sp
+The raw HTTP request body is now available in the event data. This is sometimes
+required information for checking an HMAC signature in order to verify a HTTP
+request. As an example, Amazon or GitHub requests are signed this way.
+.SS Generating and Accepting Minion Keys
+.sp
+The \fB/key\fP convenience URL
+generates a public and private key for a minion, automatically pre\-accepts the
+public key on the Salt Master, and returns both keys as a tarball for download.
+.sp
+This allows for easily bootstrapping the key on a new minion with a single HTTP
+call, such as with a Kickstart script, all using regular shell tools.
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+curl \-sS http://salt\-api.example.com:8000/keys \e
+        \-d mid=jerry \e
+        \-d username=kickstart \e
+        \-d password=kickstart \e
+        \-d eauth=pam \e
+        \-o jerry\-salt\-keys.tar
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SS Fileserver Backend Enhancements
+.sp
+All of the fileserver backends have been overhauled to be faster, lighter, and
+more reliable. The VCS backends (\fBgitfs\fP,
+\fBhgfs\fP, and \fBsvnfs\fP)
+have also received a \fBlot\fP of new features.
+.sp
+Additionally, most config parameters for the VCS backends can now be configured
+on a per\-remote basis, allowing for global config parameters to be overridden
+for a specific gitfs/hgfs/svnfs remote.
+.SS New \fBgitfs\fP Features
+.SS Pygit2 and Dulwich
+.sp
+In addition to supporting GitPython, support for \fI\%pygit2\fP (0.20.3 and newer) and
+\fI\%dulwich\fP have been added. Provided a compatible version of \fI\%pygit2\fP is
+installed, it will now be the default provider. The config parameter
+\fBgitfs_provider\fP has been added to allow one to choose a specific
+provider for gitfs.
+.SS Mountpoints
+.sp
+Prior to this release, to serve a file from gitfs at a salt fileserver URL of
+\fBsalt://foo/bar/baz.txt\fP, it was necessary to ensure that the parent
+directories existed in the repository. A new config parameter
+\fBgitfs_mountpoint\fP allows gitfs remotes to be exposed starting at
+a user\-defined \fBsalt://\fP URL.
+.SS Environment Whitelisting/Blacklisting
+.sp
+By default, gitfs will expose all branches and tags as Salt fileserver
+environments. Two new config parameters, \fBgitfs_env_whitelist\fP, and
+\fBgitfs_env_blacklist\fP, allow more control over which branches and
+tags are exposed. More detailed information on how these two options work can
+be found in the \fIGitfs Walkthrough\fP\&.
+.SS Expanded Authentication Support
+.sp
+As of \fI\%pygit2\fP 0.20.3, both http(s) and SSH key authentication are supported,
+and Salt now also supports both authentication methods when using \fI\%pygit2\fP\&. Keep
+in mind that \fI\%pygit2\fP 0.20.3 is not yet available on many platforms, so those
+who had been using authenticated git repositories with a passphraseless key
+should stick to GitPython if a new enough \fI\%pygit2\fP is not yet available for the
+platform on which the master is running.
+.sp
+A full explanation of how to use authentication can be found in the \fIGitfs
+Walkthrough\fP\&.
+.SS New \fBhgfs\fP Features
+.SS Mountpoints
+.sp
+This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameter is called
+\fBhgfs_mountpoint\fP\&.
+.SS Environment Whitelisting/Blacklisting
+.sp
+This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameters are called
+\fBhgfs_env_whitelist\fP and \fBhgfs_env_blacklist\fP\&.
+.SS New \fBsvnfs\fP Features
+.SS Mountpoints
+.sp
+This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameter is called
+\fBsvnfs_mountpoint\fP\&.
+.SS Environment Whitelisting/Blacklisting
+.sp
+This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameters are called
+\fBsvnfs_env_whitelist\fP and \fBsvnfs_env_blacklist\fP\&.
+.SS Configurable Trunk/Branches/Tags Paths
+.sp
+Prior to this release, the paths where trunk, branches, and tags were located
+could only be in directores named "trunk", "branches", and "tags" directly
+under the root of the repository. Three new config parameters
+(\fBsvnfs_trunk\fP, \fBsvnfs_branches\fP, and
+\fBsvnfs_tags\fP) allow SVN repositories which are laid out
+differently to be used with svnfs.
+.SS New \fBminionfs\fP Features
+.SS Mountpoint
+.sp
+This feature works exactly like its \fI\%gitfs counterpart\fP\&. The new config parameter is called
+\fBminionfs_mountpoint\fP\&. The one major difference is that, as
+minionfs doesn\(aqt use multiple remotes (it just serves up files pushed to the
+master using \fBcp.push\fP) there is no such thing as a
+per\-remote configuration for \fBminionfs_mountpoint\fP\&.
+.SS Changing the Saltenv from Which Files are Served
+.sp
+A new config parameter (\fBminionfs_env\fP) allows minionfs files to
+be served from a Salt fileserver environment other than \fBbase\fP\&.
+.SS Minion Whitelisting/Blacklisting
+.sp
+By default, minionfs will expose the pushed files from all minions. Two new
+config parameters, \fBminionfs_whitelist\fP, and
+\fBminionfs_blacklist\fP, allow minionfs to be restricted to serve
+files from only the desired minions.
+.SS Pyobjects Renderer
+.sp
+Salt now ships with with the \fBPyobjects Renderer\fP that allows for construction of States using pure
+Python with an idiomatic object interface.
+.SS New Modules
+.sp
+In addition to the Amazon modules mentioned above, there are also several other
+new execution modules:
+.INDENT 0.0
+.IP \(bu 2
+\fBOracle\fP
+.IP \(bu 2
+\fBRandom\fP
+.IP \(bu 2
+\fBRedis\fP
+.IP \(bu 2
+\fBAmazon Simple Queue Service\fP
+.IP \(bu 2
+\fBBlock Device Management\fP
+.IP \(bu 2
+\fBCoreOS etcd\fP
+.IP \(bu 2
+\fBGenesis\fP
+.IP \(bu 2
+\fBInfluxDB\fP
+.IP \(bu 2
+\fBServer Density\fP
+.IP \(bu 2
+\fBTwilio Notifications\fP
+.IP \(bu 2
+\fBVarnish\fP
+.IP \(bu 2
+\fBZNC IRC Bouncer\fP
+.IP \(bu 2
+\fBSMTP\fP
+.UNINDENT
+.SS New Runners
+.INDENT 0.0
+.IP \(bu 2
+\fBMap/Reduce Style\fP
+.IP \(bu 2
+\fBQueue\fP
+.UNINDENT
+.SS New External Pillars
+.INDENT 0.0
+.IP \(bu 2
+\fBCoreOS etcd\fP
+.UNINDENT
+.SS New Salt\-Cloud Providers
+.INDENT 0.0
+.IP \(bu 2
+\fBAliyun ECS Cloud\fP
+.IP \(bu 2
+\fBLXC Containers\fP
+.IP \(bu 2
+\fBProxmox (OpenVZ containers & KVM)\fP
+.UNINDENT
+.SS Salt Call Change
+.sp
+When used with a returner, salt\-call now contacts a master if \fB\-\-local\fP
+is not specicified.
+.SS Deprecations
+.SS \fBsalt.modules.virtualenv_mod\fP
+.INDENT 0.0
+.IP \(bu 2
+Removed deprecated \fBmemoize\fP function from \fBsalt/utils/__init__.py\fP (deprecated)
+.IP \(bu 2
+Removed deprecated \fBno_site_packages\fP argument from \fBcreate\fP function (deprecated)
+.IP \(bu 2
+Removed deprecated \fBcheck_dns\fP argument from \fBminion_config\fP and \fBapply_minion_config\fP functions (deprecated)
+.IP \(bu 2
+Removed deprecated \fBOutputOptionsWithTextMixIn\fP class from \fBsalt/utils/parsers.py\fP (deprecated)
+.IP \(bu 2
+Removed the following deprecated functions from \fBsalt/modules/ps.py\fP:
+\- \fBphysical_memory_usage\fP (deprecated)
+\- \fBvirtual_memory_usage\fP (deprecated)
+\- \fBcached_physical_memory\fP (deprecated)
+\- \fBphysical_memory_buffers\fP (deprecated)
+.IP \(bu 2
+Removed deprecated cloud arguments from \fBcloud_config\fP function in \fBsalt/config.py\fP:
+\- \fBvm_config\fP (deprecated)
+\- \fBvm_config_path\fP (deprecated)
+.IP \(bu 2
+Removed deprecated \fBlibcloud_version\fP function from \fBsalt/cloud/libcloudfuncs.py\fP (deprecated)
+.IP \(bu 2
+Removed deprecated \fBCloudConfigMixIn\fP class from \fBsalt/utils/parsers.py\fP (deprecated)
+.UNINDENT
+.SS Salt 2014.7.1 Release Notes
+.INDENT 0.0
+.TP
+.B release
+2015\-01\-12
+.UNINDENT
+.sp
+Version 2014.7.1 is a bugfix release for \fB2014.7.0\fP\&.  The changes include:
+.INDENT 0.0
+.IP \(bu 2
+Fixed gitfs serving symlinks in \fBfile.recurse\fP states (\fI\%issue 17700\fP)
+.IP \(bu 2
+Fixed holding of multiple packages (YUM) when combined with version pinning
+(\fI\%issue 18468\fP)
+.IP \(bu 2
+Fixed use of Jinja templates in masterless mode with non\-roots fileserver
+backend (\fI\%issue 17963\fP)
+.IP \(bu 2
+Re\-enabled pillar and compound matching for mine and publish calls. Note that
+pillar globbing is still disabled for those modes, for security reasons.
+(\fI\%issue 17194\fP)
+.IP \(bu 2
+Fix for \fBtty: True\fP in salt\-ssh (\fI\%issue 16847\fP)
+.IP \(bu 2
+Fix for supervisord states when supervisor not installed to system python
+(\fI\%issue 18044\fP)
+.IP \(bu 2
+Fix for logging when \fBlog_level=\(aqquiet\(aq\fP for \fBcmd.run\fP (\fI\%issue 19479\fP)
+.UNINDENT
+.SS Salt 2014.7.2 Release Notes
+.INDENT 0.0
+.TP
+.B release
+TBA
+.UNINDENT
+.sp
+Version 2014.7.2 is a bugfix release for \fB2014.7.0\fP\&.  The changes include:
+.INDENT 0.0
+.IP \(bu 2
+Fix erroneous warnings for systemd service enabled check (\fI\%issue 19606\fP)
+.IP \(bu 2
+Fix FreeBSD kernel module loading, listing, and persistence
+\fBkmod\fP (\fI\%issue 197151\fP, \fI\%issue 19682\fP)
+.IP \(bu 2
+Allow case\-sensitive npm package names in the \fBnpm state\fP\&.  This may break behavior for people expecting the state
+to lowercase their npm package names for them.  The \fBnpm module\fP was never affected by mandatory lowercasing.
+(\fI\%issue 20329\fP)
+.IP \(bu 2
+Deprecate the \fBactivate\fP parameter for pip.install for both the
+\fBmodule\fP and the \fBstate\fP\&.
+If \fBbin_env\fP is given and points to a virtualenv, there is no need to
+activate that virtualenv in a shell for pip to install to the virtualenv.
+.IP \(bu 2
+Fix a file\-locking bug in gitfs (\fI\%issue 18839\fP)
+.UNINDENT
+.SS Salt 2014.7.3 Release Notes
+.INDENT 0.0
+.TP
+.B release
+TBA
+.UNINDENT
+.sp
+Version 2014.7.3 is a bugfix release for \fB2014.7.0\fP\&.
+.sp
+Changes:
+.INDENT 0.0
+.IP \(bu 2
+Multi\-master minions mode no longer route fileclient operations asymetrically.
+This fixes the source of many multi\-master bugs where the minion would
+become unrepsonsive from one or more masters.
+.IP \(bu 2
+Fix bug wherein network.iface could produce stack traces.
+.IP \(bu 2
+net.arp will no longer be made available unless arp is installed on the
+system.
+.IP \(bu 2
+Major performance improvements to Saltnado
+.IP \(bu 2
+Allow KVM module to operate under KVM itself or VMWare Fusion
+.IP \(bu 2
+Various fixes to the Windows installation scripts
+.IP \(bu 2
+Fix issue where the syndic would not correctly propogate loads to the master
+job cache.
+.IP \(bu 2
+Improve error handling on invalid /etc/network/interfaces file in salt
+networking modules
+.IP \(bu 2
+Fix bug where a reponse status was not checked for in fileclient.get_url
+.IP \(bu 2
+Enable eauth when running salt in batch mode
+.IP \(bu 2
+Increase timeout in Boto Route53 module
+.IP \(bu 2
+Fix bugs with Salt\(aqs \(aqtar\(aq module option parsing
+.IP \(bu 2
+Fix parsing of NTP servers on Windows
+.IP \(bu 2
+Fix issue with blockdev tuning not reporting changes correctly
+.IP \(bu 2
+Update to the latest Salt bootstrap script
+.IP \(bu 2
+Update Linode salt\-cloud driver to use either linode\-python or
+apache\-libcloud
+.IP \(bu 2
+Fix for s3.query function to return correct headers
+.IP \(bu 2
+Fix for s3.head returning None for files that exist
+.IP \(bu 2
+Fix the disable function in win_service module so that the service is
+disabled correctly
+.IP \(bu 2
+Fix race condition between master and minion when making a directory when
+both daemons are on the same host
+.IP \(bu 2
+Fix an issue where file.recurse would fail at the root of an svn repo
+when the repo has a mountpoint
+.IP \(bu 2
+Fix an issue where file.recurse would fail at the root of an hgfs repo
+when the repo has a mountpoint
+.IP \(bu 2
+Fix an issue where file.recurse would fail at the root of an gitfs repo
+when the repo has a mountpoint
+.IP \(bu 2
+Add status.master capability for Windows.
+.IP \(bu 2
+Various fixes to ssh_known_hosts
+.IP \(bu 2
+Various fixes to states.network bonding for Debian
+.IP \(bu 2
+The debian_ip.get_interfaces module no longer removes nameservers.
+.IP \(bu 2
+Better integration between grains.virtual and systemd\-detect\-virt and
+virt\-what
+.IP \(bu 2
+Fix traceback in sysctl.present state output
+.IP \(bu 2
+Fix for issue where mount.mounted would fail when superopts were not a part
+of mount.active (extended=True). Also mount.mounted various fixes for Solaris
+and FreeBSD.
+.IP \(bu 2
+Fix error where datetimes were not correctly safeguarded before being passed
+into msgpack.
+.IP \(bu 2
+Fix file.replace regressions.  If the pattern is not found, and if dry run is False,
+and if \fIbackup\fP is False, and if a pre\-existing file exists with extension \fI\&.bak\fP,
+then that backup file will be overwritten. This backup behavior is a result of how \fIfileinput\fP
+works. Fixing it requires either passing through the file twice (the
+first time only to search for content and set a flag), or rewriting
+\fIfile.replace\fP so it doesn\(aqt use \fIfileinput\fP
+.IP \(bu 2
+VCS filreserver fixes/optimizations
+.IP \(bu 2
+Catch fileserver configuration errors on master start
+.IP \(bu 2
+Raise errors on invalid gitfs configurations
+.IP \(bu 2
+set_locale when locale file does not exist (Redhat family)
+.IP \(bu 2
+Fix to correctly count active devices when created mdadm array with spares
+.IP \(bu 2
+Fix to correctly target minions in batch mode
+.IP \(bu 2
+Support \fI\%ssh://\fP urls using the gitfs dulwhich backend
+.IP \(bu 2
+New fileserver runner
+.IP \(bu 2
+Fix various bugs with argument parsing to the publish module.
+.IP \(bu 2
+Fix disk.usage for Synology OS
+.IP \(bu 2
+Fix issue with tags occurring twice with docker.pulled
+.IP \(bu 2
+Fix incorrect key error in SMTP returner
+.IP \(bu 2
+Fix condition which would remount loopback filesystems on every state run
+.IP \(bu 2
+Remove requsites from listens after they are called in the state system
+.IP \(bu 2
+Make system implementation of service.running aware of legacy service calls
+.IP \(bu 2
+Fix issue where publish.publish would not handle duplicate responses gracefully.
+.IP \(bu 2
+Accept Kali Linux for aptpkg salt execution module
+.IP \(bu 2
+Fix bug where cmd.which could not handle a dirname as an argument
+.IP \(bu 2
+Fix issue in ps.pgrep where exceptions were thrown on Windows.
+.UNINDENT
+.sp
+Known issues:
+.INDENT 0.0
+.IP \(bu 2
+In multimaster mode, a minion may become temporarily unresponsive
+if modules or pillars are refreshed at the same time that one
+or more masters are down. This can be worked around by setting
+\(aqauth_timeout\(aq and \(aqauth_tries\(aq down to shorter periods.
+.UNINDENT
+.SS Salt 2014.7.4 Release Notes
+.INDENT 0.0
+.TP
+.B release
+TBA
+.UNINDENT
+.sp
+Version 2014.7.4 is a bugfix release for \fB2014.7.0\fP\&.
+.sp
+Changes:
+.INDENT 0.0
+.IP \(bu 2
+Multi\-master minions mode no longer route fileclient operations asymetrically.
+This fixes the source of many multi\-master bugs where the minion would
+become unrepsonsive from one or more masters.
+.IP \(bu 2
+Fix bug wherein network.iface could produce stack traces.
+.IP \(bu 2
+net.arp will no longer be made available unless arp is installed on the
+system.
+.IP \(bu 2
+Major performance improvements to Saltnado
+.IP \(bu 2
+Allow KVM module to operate under KVM itself or VMWare Fusion
+.IP \(bu 2
+Various fixes to the Windows installation scripts
+.IP \(bu 2
+Fix issue where the syndic would not correctly propogate loads to the master
+job cache.
+.IP \(bu 2
+Improve error handling on invalid /etc/network/interfaces file in salt
+networking modules
+.IP \(bu 2
+Fix bug where a reponse status was not checked for in fileclient.get_url
+.IP \(bu 2
+Enable eauth when running salt in batch mode
+.IP \(bu 2
+Increase timeout in Boto Route53 module
+.IP \(bu 2
+Fix bugs with Salt\(aqs \(aqtar\(aq module option parsing
+.IP \(bu 2
+Fix parsing of NTP servers on Windows
+.IP \(bu 2
+Fix issue with blockdev tuning not reporting changes correctly
+.IP \(bu 2
+Update to the latest Salt bootstrap script
+.IP \(bu 2
+Update Linode salt\-cloud driver to use either linode\-python or
+apache\-libcloud
+.IP \(bu 2
+Fix for s3.query function to return correct headers
+.IP \(bu 2
+Fix for s3.head returning None for files that exist
+.IP \(bu 2
+Fix the disable function in win_service module so that the service is
+disabled correctly
+.IP \(bu 2
+Fix race condition between master and minion when making a directory when
+both daemons are on the same host
+.IP \(bu 2
+Fix an issue where file.recurse would fail at the root of an svn repo
+when the repo has a mountpoint
+.IP \(bu 2
+Fix an issue where file.recurse would fail at the root of an hgfs repo
+when the repo has a mountpoint
+.IP \(bu 2
+Fix an issue where file.recurse would fail at the root of an gitfs repo
+when the repo has a mountpoint
+.IP \(bu 2
+Add status.master capability for Windows.
+.IP \(bu 2
+Various fixes to ssh_known_hosts
+.IP \(bu 2
+Various fixes to states.network bonding for Debian
+.IP \(bu 2
+The debian_ip.get_interfaces module no longer removes nameservers.
+.IP \(bu 2
+Better integration between grains.virtual and systemd\-detect\-virt and
+virt\-what
+.IP \(bu 2
+Fix traceback in sysctl.present state output
+.IP \(bu 2
+Fix for issue where mount.mounted would fail when superopts were not a part
+of mount.active (extended=True). Also mount.mounted various fixes for Solaris
+and FreeBSD.
+.IP \(bu 2
+Fix error where datetimes were not correctly safeguarded before being passed
+into msgpack.
+.IP \(bu 2
+Fix file.replace regressions.  If the pattern is not found, and if dry run is False,
+and if \fIbackup\fP is False, and if a pre\-existing file exists with extension \fI\&.bak\fP,
+then that backup file will be overwritten. This backup behavior is a result of how \fIfileinput\fP
+works. Fixing it requires either passing through the file twice (the
+first time only to search for content and set a flag), or rewriting
+\fIfile.replace\fP so it doesn\(aqt use \fIfileinput\fP
+.IP \(bu 2
+VCS filreserver fixes/optimizations
+.IP \(bu 2
+Catch fileserver configuration errors on master start
+.IP \(bu 2
+Raise errors on invalid gitfs configurations
+.IP \(bu 2
+set_locale when locale file does not exist (Redhat family)
+.IP \(bu 2
+Fix to correctly count active devices when created mdadm array with spares
+.IP \(bu 2
+Fix to correctly target minions in batch mode
+.IP \(bu 2
+Support \fI\%ssh://\fP urls using the gitfs dulwhich backend
+.IP \(bu 2
+New fileserver runner
+.IP \(bu 2
+Fix various bugs with argument parsing to the publish module.
+.IP \(bu 2
+Fix disk.usage for Synology OS
+.IP \(bu 2
+Fix issue with tags occurring twice with docker.pulled
+.IP \(bu 2
+Fix incorrect key error in SMTP returner
+.IP \(bu 2
+Fix condition which would remount loopback filesystems on every state run
+.IP \(bu 2
+Remove requsites from listens after they are called in the state system
+.IP \(bu 2
+Make system implementation of service.running aware of legacy service calls
+.IP \(bu 2
+Fix issue where publish.publish would not handle duplicate responses gracefully.
+.IP \(bu 2
+Accept Kali Linux for aptpkg salt execution module
+.IP \(bu 2
+Fix bug where cmd.which could not handle a dirname as an argument
+.IP \(bu 2
+Fix issue in ps.pgrep where exceptions were thrown on Windows.
+.UNINDENT
+.sp
+Known issues:
+.INDENT 0.0
+.IP \(bu 2
+In multimaster mode, a minion may become temporarily unresponsive
+if modules or pillars are refreshed at the same time that one
+or more masters are down. This can be worked around by setting
+\(aqauth_timeout\(aq and \(aqauth_tries\(aq down to shorter periods.
+.IP \(bu 2
+There are known issues with batch mode operating on the incorrect number of minions.
+This bug can be patched with the change in \fI\%Pull Request #22464\fP\&.
+.IP \(bu 2
+The \fIfun\fP, \fIstate\fP, and \fIunless\fP keywords are missing from the state internals, which
+can cause problems running some states. This bug can be patched with the change in
+\fI\%Pull Request #22365\fP\&.
+.UNINDENT
+.SS Salt 2014.7.5 Release Notes
+.INDENT 0.0
+.TP
+.B release
+2015\-04\-16
+.UNINDENT
+.sp
+Version 2014.7.5 is a bugfix release for \fB2014.7.0\fP\&.
+.sp
+Changes:
+.INDENT 0.0
+.IP \(bu 2
+Fixed a key error bug in salt\-cloud
+.IP \(bu 2
+Updated man pages to better match documentation
+.IP \(bu 2
+Fixed bug concerning high CPU usage with salt\-ssh
+.IP \(bu 2
+Fixed bugs with remounting cvfs and fuse filesystems
+.IP \(bu 2
+Fixed bug with alowing requisite tracking of entire sls files
+.IP \(bu 2
+Fixed bug with aptpkg.mod_repo returning OK even if apt\-add\-repository fails
+.IP \(bu 2
+Increased frequency of ssh terminal output checking
+.IP \(bu 2
+Fixed malformed locale string in localmod module
+.IP \(bu 2
+Fixed checking of available version of package when accept_keywords were changed
+.IP \(bu 2
+Fixed bug to make git.latest work with empty repositories
+.IP \(bu 2
+Added **kwargs to service.mod_watch which removes warnings about \fIenable\fP and \fI__reqs__\fP not being supported by the function
+.IP \(bu 2
+Improved state comments to not grow so quickly on failed requisites
+.IP \(bu 2
+Added force argument to service to trigger force_reload
+.IP \(bu 2
+Fixed bug to andle pkgrepo keyids that have been converted to int
+.IP \(bu 2
+Fixed module.portage_config bug with appending accept_keywords
+.IP \(bu 2
+Fixed bug to correctly report disk usage on windows minion
+.IP \(bu 2
+Added the ability to specify key prefix for S3 ext_pillar
+.IP \(bu 2
+Fixed issues with batch mode operating on the incorrect number of minions
+.IP \(bu 2
+Fixed a bug with the proxmox cloud provider stacktracing on disk definition
+.IP \(bu 2
+Fixed a bug with the changes dictionary in the file state
+.IP \(bu 2
+Fixed the TCP keep alive settings to work better with SREQ caching
+.IP \(bu 2
+Fixed many bugs within the iptables state and module
+.IP \(bu 2
+Fixed bug with states by adding \fIfun\fP, \fIstate\fP, and \fIunless\fP to the state runtime internal keywords listing
+.IP \(bu 2
+Added ability to eAuth against Active Directory
+.IP \(bu 2
+Fixed some salt\-ssh issues when running on Fedora 21
+.IP \(bu 2
+Fixed grains.get_or_set_hash to work with multiple entries under same key
+.IP \(bu 2
+Added better explanations and more examples of how the Reactor calls functions to docs
+.IP \(bu 2
+Fixed bug to not pass \fIex_config_drive\fP to libcloud unless it\(aqs explicitly enabled
+.IP \(bu 2
+Fixed bug with pip.install on windows
+.IP \(bu 2
+Fixed bug where puppet.run always returns a 0 retcode
+.IP \(bu 2
+Fixed race condition bug with minion scheduling via pillar
+.IP \(bu 2
+Made efficiency improvements and bug fixes to the windows installer
+.IP \(bu 2
+Updated environment variables to fix bug with pygit2 when running salt as non\-root user
+.IP \(bu 2
+Fixed cas behavior on data module \-\- data.cas was not saving changes
+.IP \(bu 2
+Fixed GPG rendering error
+.IP \(bu 2
+Fixed strace error in virt.query
+.IP \(bu 2
+Fixed stacktrace when running chef\-solo command
+.IP \(bu 2
+Fixed possible bug wherein uncaught exceptions seem to make zmq3 tip over when threading is involved
+.IP \(bu 2
+Fixed argument passing to the reactor
+.IP \(bu 2
+Fixed glibc caching to prevent bug where salt\-minion getaddrinfo in dns_check() never got updated nameservers
+.UNINDENT
+.sp
+Known issues:
+.INDENT 0.0
+.IP \(bu 2
+In multimaster mode, a minion may become temporarily unresponsive
+if modules or pillars are refreshed at the same time that one
+or more masters are down. This can be worked around by setting
+\(aqauth_timeout\(aq and \(aqauth_tries\(aq down to shorter periods.
+.UNINDENT
+.SS Salt 2014.7.6 Release Notes
+.INDENT 0.0
+.TP
+.B release
+2015\-05\-18
+.UNINDENT
+.sp
+Version 2014.7.6 is a bugfix release for \fB2014.7.0\fP\&.
+.sp
+This release is a security release. A minor issue was found, as cited below:
+.INDENT 0.0
+.IP \(bu 2
+CVE\-2015\-4017 \-\- Certificates are not verified when connecting to server in
+the Aliyun and Proxmox modules
+.UNINDENT
+.sp
+Only users of the Aliyun or Proxmox cloud modules are at risk. The
+vulnerability does not exist in the latest 2015.5.0 release of Salt.
+.sp
+Changes:
+.INDENT 0.0
+.IP \(bu 2
+salt.runners.cloud.action() has changed the \fIfun\fP keyword argument to \fIfunc\fP\&.
+Please update any calls to this function in the cloud runner.
+.UNINDENT
+.sp
+Extended Changelog Courtesy of Todd Stansell (\fI\%https://github.com/tjstansell/salt\-changelogs\fP):
+.INDENT 0.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23810\fP: (\fIrallytime\fP) Backport \fI\%#23757\fP to 2014.7
+@ \fI2015\-05\-18T15:30:21Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23757\fP: (\fIclan\fP) use abspath, do not eliminating symlinks
+| refs: \fI\%#23810\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+aee00c8 Merge pull request \fI\%#23810\fP from rallytime/\fI\%bp\-23757\fP
+.IP \(bu 2
+fb32c32 use abspath, do not eliminating symlinks
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23809\fP: (\fIrallytime\fP) Fix virtualport section of virt.get_nics loop
+@ \fI2015\-05\-18T15:30:09Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#20198\fP: (\fIjcftang\fP) virt.get_graphics, virt.get_nics are broken, in turn breaking other things
+| refs: \fI\%#23809\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#21487\fP: (\fIrallytime\fP) Backport \fI\%#21469\fP to 2014.7
+| refs: \fI\%#23809\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#21469\fP: (\fIvdesjardins\fP) fixes \fI\%#20198\fP: virt.get_graphics and virt.get_nics calls in module virt
+| refs: \fI\%#21487\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+6b3352b Merge pull request \fI\%#23809\fP from rallytime/virt_get_nics_fix
+.IP \(bu 2
+0616fb7 Fix virtualport section of virt.get_nics loop
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23823\fP: (\fIgtmanfred\fP) add link local for ipv6
+@ \fI2015\-05\-17T12:48:25Z\fP
+.INDENT 2.0
+.IP \(bu 2
+188f03f Merge pull request \fI\%#23823\fP from gtmanfred/2014.7
+.IP \(bu 2
+5ef006d add link local for ipv6
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23802\fP: (\fIgtmanfred\fP) if it is ipv6 ip_to_int will fail
+@ \fI2015\-05\-16T04:06:59Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23573\fP: (\fItechhat\fP) Scan all available networks for public and private IPs
+| refs: \fI\%#23802\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+f3ca682 Merge pull request \fI\%#23802\fP from gtmanfred/2014.7
+.IP \(bu 2
+2da98b5 if it is ipv6 ip_to_int will fail
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23488\fP: (\fIcellscape\fP) LXC cloud fixes
+@ \fI2015\-05\-15T18:09:35Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#16424\fP: (\fIstanvit\fP) salt\-run cloud.create fails with saltify
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+d9af0c3 Merge pull request \fI\%#23488\fP from cellscape/lxc\-cloud\-fixes
+.IP \(bu 2
+64250a6 Remove profile from opts after creating LXC container
+.IP \(bu 2
+c4047d2 Set destroy=True in opts when destroying cloud instance
+.IP \(bu 2
+9e1311a Store instance names in opts when performing cloud action
+.IP \(bu 2
+934bc57 Correctly pass custom env to lxc\-attach
+.IP \(bu 2
+7fb85f7 Preserve test=True option in cloud states
+.IP \(bu 2
+9771b5a Fix detection of absent LXC container in cloud state
+.IP \(bu 2
+fb24f0c Report failure when failed to create/clone LXC container
+.IP \(bu 2
+2d9aa2b Avoid shadowing variables in lxc module
+.IP \(bu 2
+792e102 Allow to override profile options in lxc.cloud_init_interface
+.IP \(bu 2
+42bd64b Return changes on successful lxc.create from salt\-cloud
+.IP \(bu 2
+4409eab Return correct result when creating cloud LXC container
+.IP \(bu 2
+377015c Issue \fI\%#16424\fP: List all providers when creating salt\-cloud instance without profile
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23748\fP: (\fIbasepi\fP) [2014.7] Log salt\-ssh roster render errors more assertively and verbosely
+@ \fI2015\-05\-14T22:38:10Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22332\fP: (\fIrallytime\fP) [salt\-ssh] Add a check for host in /etc/salt/roster
+| refs: \fI\%#23748\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+808bbe1 Merge pull request \fI\%#23748\fP from basepi/salt\-ssh.roster.host.check
+.IP \(bu 2
+bc53e04 Log entire exception for render errors in roster
+.IP \(bu 2
+753de6a Log render errors in roster to error level
+.IP \(bu 2
+e01a7a9 Always let the real YAML error through
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23731\fP: (\fItwangboy\fP) Fixes \fI\%#22959\fP: Trying to add a directory to an unmapped drive in windows
+@ \fI2015\-05\-14T21:59:14Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22959\fP: (\fIhighlyunavailable\fP) Windows Salt hangs if file.directory is trying to write to a drive that doesn\(aqt exist
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+72cf360 Merge pull request \fI\%#23731\fP from twangboy/fix_22959
+.IP \(bu 2
+88e5495 Fixes \fI\%#22959\fP: Trying to add a directory to an unmapped drive in windows
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23730\fP: (\fIrallytime\fP) Backport \fI\%#23729\fP to 2014.7
+@ \fI2015\-05\-14T21:58:34Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23729\fP: (\fIrallytime\fP) Partially merge \fI\%#23437\fP (grains fix)
+| refs: \fI\%#23730\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23437\fP: (\fIcedwards\fP) Grains item patch
+| refs: \fI\%#23729\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+2610195 Merge pull request \fI\%#23730\fP from rallytime/\fI\%bp\-23729\fP
+.IP \(bu 2
+1877cae adding support for nested grains to grains.item
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23688\fP: (\fItwangboy\fP) Added inet_pton to utils/validate/net.py for ip.set_static_ip in windows
+@ \fI2015\-05\-14T16:15:56Z\fP
+.INDENT 2.0
+.IP \(bu 2
+3e9df88 Merge pull request \fI\%#23688\fP from twangboy/fix_23415
+.IP \(bu 2
+6a91169 Fixed unused\-import pylint error
+.IP \(bu 2
+5e25b3f fixed pylint errors
+.IP \(bu 2
+1a96766 Added inet_pton to utils/validate/net.py for ip.set_static_ip in windows
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23680\fP: (\fIcachedout\fP) Rename kwarg in cloud runner
+@ \fI2015\-05\-13T19:44:02Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23403\fP: (\fIiamfil\fP) salt.runners.cloud.action fun parameter is replaced
+| refs: \fI\%#23680\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+1b86460 Merge pull request \fI\%#23680\fP from cachedout/issue_23403
+.IP \(bu 2
+d5986c2 Rename kwarg in cloud runner
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23674\fP: (\fIcachedout\fP) Handle lists correctly in grains.list_prsesent
+@ \fI2015\-05\-13T18:34:58Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23548\fP: (\fIkkaig\fP) grains.list_present produces incorrect (?) output
+| refs: \fI\%#23674\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+cd64af0 Merge pull request \fI\%#23674\fP from cachedout/issue_23548
+.IP \(bu 2
+da8a2f5 Handle lists correctly in grains.list_prsesent
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23672\fP: (\fItwangboy\fP) Fix user present
+@ \fI2015\-05\-13T18:30:09Z\fP
+.INDENT 2.0
+.IP \(bu 2
+d322a19 Merge pull request \fI\%#23672\fP from twangboy/fix_user_present
+.IP \(bu 2
+731e7af Merge branch \(aq2014.7\(aq of \fI\%https://github.com/saltstack/salt\fP into fix_user_present
+.IP \(bu 2
+d6f70a4 Fixed user.present to create password in windows
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23670\fP: (\fIrallytime\fP) Backport \fI\%#23607\fP to 2014.7
+@ \fI2015\-05\-13T18:27:17Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23604\fP: (\fIAzidburn\fP) service.dead on systemd Minion create an Error Message
+| refs: \fI\%#23607\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23607\fP: (\fIAzidburn\fP) Fix for \fI\%#23604\fP\&. No error reporting. Exitcode !=0 are ok
+| refs: \fI\%#23670\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+43f7025 Merge pull request \fI\%#23670\fP from rallytime/\fI\%bp\-23607\fP
+.IP \(bu 2
+ed30dc4 Fix for \fI\%#23604\fP\&. No error reporting. Exitcode !=0 are ok
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23661\fP: (\fIrallytime\fP) Merge \fI\%#23640\fP with whitespace fix
+@ \fI2015\-05\-13T15:47:30Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22141\fP: (\fIDeshke\fP) grains.get_or_set_hash render error if hash begins with "%"
+| refs: \fI\%#23640\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23640\fP: (\fIcachedout\fP) Add warning to get_or_set_hash about reserved chars
+| refs: \fI\%#23661\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+0f006ac Merge pull request \fI\%#23661\fP from rallytime/merge\-23640
+.IP \(bu 2
+4427f42 Whitespace fix
+.IP \(bu 2
+dd91154 Add warning to get_or_set_hash about reserved chars
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23639\fP: (\fIcachedout\fP) Handle exceptions raised by __virtual__
+@ \fI2015\-05\-13T15:11:12Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23452\fP: (\fImichaelforge\fP) minion crashed with empty grain
+| refs: \fI\%#23639\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+84e2ef8 Merge pull request \fI\%#23639\fP from cachedout/issue_23452
+.IP \(bu 2
+d418b49 Syntax error!
+.IP \(bu 2
+45b4015 Handle exceptions raised by __virtual__
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23637\fP: (\fIcachedout\fP) Convert str master to list
+@ \fI2015\-05\-13T15:08:19Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23611\fP: (\fIhubez\fP) master_type set to \(aqfailover\(aq but \(aqmaster\(aq is not of type list but of type <type \(aqstr\(aq>
+| refs: \fI\%#23637\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+bd9b94b Merge pull request \fI\%#23637\fP from cachedout/issue_23611
+.IP \(bu 2
+56cb1f5 Fix typo
+.IP \(bu 2
+f6fcf19 Convert str master to list
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23595\fP: (\fIrallytime\fP) Backport \fI\%#23549\fP to 2014.7
+@ \fI2015\-05\-12T21:19:40Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23549\fP: (\fIvr\-jack\fP) Update __init__.py
+| refs: \fI\%#23595\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+f20c0e4 Merge pull request \fI\%#23595\fP from rallytime/\fI\%bp\-23549\fP
+.IP \(bu 2
+6efcac0 Update __init__.py
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23594\fP: (\fIrallytime\fP) Backport \fI\%#23496\fP to 2014.7
+@ \fI2015\-05\-12T21:19:34Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23110\fP: (\fImartinhoefling\fP) Copying files from gitfs in file.recurse state fails
+.IP \(bu 2
+\fBPR\fP \fI\%#23496\fP: (\fImartinhoefling\fP) Fix for issue \fI\%#23110\fP
+| refs: \fI\%#23594\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+1acaf86 Merge pull request \fI\%#23594\fP from rallytime/\fI\%bp\-23496\fP
+.IP \(bu 2
+d5ae1d2 Fix for issue \fI\%#23110\fP This resolves issues when the freshly created directory is removed by fileserver.update.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23593\fP: (\fIrallytime\fP) Backport \fI\%#23442\fP to 2014.7
+@ \fI2015\-05\-12T21:19:26Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23442\fP: (\fIclan\fP) add directory itself to keep list
+| refs: \fI\%#23593\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+2c221c7 Merge pull request \fI\%#23593\fP from rallytime/\fI\%bp\-23442\fP
+.IP \(bu 2
+39869a1 check w/ low[\(aqname\(aq] only
+.IP \(bu 2
+304cc49 another fix for file defined w/ id, but require name
+.IP \(bu 2
+8814d41 add directory itself to keep list
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23606\fP: (\fItwangboy\fP) Fixed checkbox for starting service and actually starting it
+@ \fI2015\-05\-12T21:18:50Z\fP
+.INDENT 2.0
+.IP \(bu 2
+fadd1ef Merge pull request \fI\%#23606\fP from twangboy/fix_installer
+.IP \(bu 2
+038331e Fixed checkbox for starting service and actually starting it
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23592\fP: (\fIrallytime\fP) Backport \fI\%#23389\fP to 2014.7
+@ \fI2015\-05\-12T16:44:42Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22908\fP: (\fIkaranjad\fP) Add failhard option to salt orchestration
+| refs: \fI\%#23389\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23389\fP: (\fIcachedout\fP) Correct fail_hard typo
+| refs: \fI\%#23592\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+10b3f0f Merge pull request \fI\%#23592\fP from rallytime/\fI\%bp\-23389\fP
+.IP \(bu 2
+734cc43 Correct fail_hard typo
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23573\fP: (\fItechhat\fP) Scan all available networks for public and private IPs
+| refs: \fI\%#23802\fP
+@ \fI2015\-05\-12T15:22:22Z\fP
+.INDENT 2.0
+.IP \(bu 2
+cd34b9b Merge pull request \fI\%#23573\fP from techhat/novaquery
+.IP \(bu 2
+f92db5e Linting
+.IP \(bu 2
+26e00d3 Scan all available networks for public and private IPs
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23558\fP: (\fIjfindlay\fP) reorder emerge command line
+@ \fI2015\-05\-12T15:17:46Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23479\fP: (\fIdanielmorlock\fP) Typo in pkg.removed for Gentoo?
+| refs: \fI\%#23558\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+2a72cd7 Merge pull request \fI\%#23558\fP from jfindlay/fix_ebuild
+.IP \(bu 2
+45404fb reorder emerge command line
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23530\fP: (\fIdr4Ke\fP) salt\-ssh state: fix including all salt:// references
+@ \fI2015\-05\-12T15:13:43Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23355\fP: (\fIdr4Ke\fP) salt\-ssh: \(aqsources: salt://\(aq files from \(aqpkg\(aq state are not included in salt_state.tgz
+| refs: \fI\%#23530\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+a664a3c Merge pull request \fI\%#23530\fP from dr4Ke/fix_salt\-ssh_to_include_pkg_sources
+.IP \(bu 2
+5df6a80 fix pylint warning
+.IP \(bu 2
+d0549e5 salt\-ssh state: fix including all salt:// references
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23433\fP: (\fItwangboy\fP) Obtain all software from the registry
+@ \fI2015\-05\-11T22:47:52Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23004\fP: (\fIb18\fP) 2014.7.5 \- Windows \- pkg.list_pkgs \- "nxlog" never shows up in output.
+| refs: \fI\%#23433\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+55c3869 Merge pull request \fI\%#23433\fP from twangboy/list_pkgs_fix
+.IP \(bu 2
+8ab5b1b Fix pylint error
+.IP \(bu 2
+2d11d65 Obtain all software from the registry
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23554\fP: (\fIjleroy\fP) Debian: Hostname always updated
+@ \fI2015\-05\-11T21:57:00Z\fP
+.INDENT 2.0
+.IP \(bu 2
+755bed0 Merge pull request \fI\%#23554\fP from jleroy/debian\-hostname\-fix
+.IP \(bu 2
+5ff749e Debian: Hostname always updated
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23551\fP: (\fIdr4Ke\fP) grains.append unit tests, related to \fI\%#23474\fP
+@ \fI2015\-05\-11T21:54:25Z\fP
+.INDENT 2.0
+.IP \(bu 2
+6ec87ce Merge pull request \fI\%#23551\fP from dr4Ke/grains.append_unit_tests
+.IP \(bu 2
+ebff9df fix pylint errors
+.IP \(bu 2
+c495404 unit tests for grains.append module function
+.IP \(bu 2
+0c9a323 use MagickMock
+.IP \(bu 2
+c838a22 unit tests for grains.append module function
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23474\fP: (\fIdr4Ke\fP) Fix grains.append in nested dictionnary grains \fI\%#23411\fP
+@ \fI2015\-05\-11T18:00:21Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23411\fP: (\fIdr4Ke\fP) grains.append should work at any level of a grain
+| refs: \fI\%#23440\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23440\fP: (\fIdr4Ke\fP) fix grains.append in nested dictionnary grains \fI\%#23411\fP
+| refs: \fI\%#23474\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+e96c5c5 Merge pull request \fI\%#23474\fP from dr4Ke/fix_grains.append_nested
+.IP \(bu 2
+a01a5bb grains.get, parameter delimititer, versionadded: 2014.7.6
+.IP \(bu 2
+b39f504 remove debugging output
+.IP \(bu 2
+b6e15e2 fix grains.append in nested dictionnary grains \fI\%#23411\fP
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23537\fP: (\fIt0rrant\fP) Update changelog
+@ \fI2015\-05\-11T17:02:16Z\fP
+.INDENT 2.0
+.IP \(bu 2
+ab7e1ae Merge pull request \fI\%#23537\fP from t0rrant/patch\-1
+.IP \(bu 2
+8e03cc9 Update changelog
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23538\fP: (\fIcro\fP) Update date in LICENSE file
+@ \fI2015\-05\-11T15:19:25Z\fP
+.INDENT 2.0
+.IP \(bu 2
+b79fed3 Merge pull request \fI\%#23538\fP from cro/licupdate
+.IP \(bu 2
+345efe2 Update date in LICENSE file
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23505\fP: (\fIaneeshusa\fP) Remove unused ssh config validator. Fixes \fI\%#23159\fP\&.
+@ \fI2015\-05\-09T13:24:15Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23159\fP: (\fIaneeshusa\fP) Unused validator
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+a123a36 Merge pull request \fI\%#23505\fP from aneeshusa/remove\-unused\-ssh\-config\-validator
+.IP \(bu 2
+90af167 Remove unused ssh config validator. Fixes \fI\%#23159\fP\&.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23467\fP: (\fIslinu3d\fP) Added AWS v4 signature support
+@ \fI2015\-05\-08T14:36:19Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#20518\fP: (\fIekle\fP) module s3.get does not support eu\-central\-1
+| refs: \fI\%#23467\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+ca2c21a Merge pull request \fI\%#23467\fP from slinu3d/2014.7
+.IP \(bu 2
+0b4081d Fixed pylint error at line 363
+.IP \(bu 2
+5be5eb5 Fixed pylink errors
+.IP \(bu 2
+e64f374 Fixed lint errors
+.IP \(bu 2
+b9d1ac4 Added AWS v4 signature support
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23444\fP: (\fItechhat\fP) Add create_attach_volume to nova driver
+@ \fI2015\-05\-07T19:51:32Z\fP
+.INDENT 2.0
+.IP \(bu 2
+e6f9eec Merge pull request \fI\%#23444\fP from techhat/novacreateattach
+.IP \(bu 2
+ebdb7ea Add create_attach_volume to nova driver
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23460\fP: (\fIs0undt3ch\fP) [2014.7] Update to latest stable bootstrap script v2015.05.07
+@ \fI2015\-05\-07T19:10:54Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#563\fP: (\fIchutz\fP) pidfile support for minion and master daemons
+| refs: \fI\%#23460\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+e331463 Merge pull request \fI\%#23460\fP from s0undt3ch/hotfix/bootstrap\-script\-2014.7
+.IP \(bu 2
+edcd0c4 Update to latest stable bootstrap script v2015.05.07
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23439\fP: (\fItechhat\fP) Add wait_for_passwd_maxtries variable
+@ \fI2015\-05\-07T07:28:56Z\fP
+.INDENT 2.0
+.IP \(bu 2
+7a8ce1a Merge pull request \fI\%#23439\fP from techhat/maxtries
+.IP \(bu 2
+0ad3ff2 Add wait_for_passwd_maxtries variable
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23422\fP: (\fIcro\fP) $HOME should not be used, some shells don\(aqt set it.
+@ \fI2015\-05\-06T21:02:36Z\fP
+.INDENT 2.0
+.IP \(bu 2
+644eb75 Merge pull request \fI\%#23422\fP from cro/gce_sh_home
+.IP \(bu 2
+4ef9e6b Don\(aqt use $HOME to find user\(aqs directory, some shells don\(aqt set it
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23425\fP: (\fIbasepi\fP) [2014.7] Fix typo in FunctionWrapper
+@ \fI2015\-05\-06T20:38:03Z\fP
+.INDENT 2.0
+.IP \(bu 2
+ef17ab4 Merge pull request \fI\%#23425\fP from basepi/functionwrapper_typo
+.IP \(bu 2
+c390737 Fix typo in FunctionWrapper
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23385\fP: (\fIrallytime\fP) Backport \fI\%#23346\fP to 2014.7
+@ \fI2015\-05\-06T20:12:29Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23346\fP: (\fIericfode\fP) Allow file_map in salt\-cloud to handle folders.
+| refs: \fI\%#23385\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+1b13ec0 Merge pull request \fI\%#23385\fP from rallytime/\fI\%bp\-23346\fP
+.IP \(bu 2
+9efc13c more linting fixes
+.IP \(bu 2
+cf131c9 cleaned up some pylint errors
+.IP \(bu 2
+f981699 added logic to sftp_file and file_map to allow folder uploads using file_map
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23414\fP: (\fIjfindlay\fP) 2015.2 \-> 2015.5
+@ \fI2015\-05\-06T20:04:02Z\fP
+.INDENT 2.0
+.IP \(bu 2
+f8c7a62 Merge pull request \fI\%#23414\fP from jfindlay/update_branch
+.IP \(bu 2
+8074d16 2015.2 \-> 2015.5
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23404\fP: (\fIhvnsweeting\fP) saltapi cherrypy: initialize var when POST body is empty
+@ \fI2015\-05\-06T17:35:56Z\fP
+.INDENT 2.0
+.IP \(bu 2
+54b3bd4 Merge pull request \fI\%#23404\fP from hvnsweeting/cherrypy\-post\-emptybody\-fix
+.IP \(bu 2
+f85f8f9 initialize var when POST body is empty
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23409\fP: (\fIterminalmage\fP) Update Lithium docstrings in 2014.7 branch
+@ \fI2015\-05\-06T16:20:46Z\fP
+.INDENT 2.0
+.IP \(bu 2
+160f703 Merge pull request \fI\%#23409\fP from terminalmage/update\-lithium\-docstrings\-2014.7
+.IP \(bu 2
+bc97d01 Fix sphinx typo
+.IP \(bu 2
+20006b0 Update Lithium docstrings in 2014.7 branch
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23397\fP: (\fIjfindlay\fP) add more flexible whitespace to locale_gen search
+@ \fI2015\-05\-06T03:44:11Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#17245\fP: (\fItomashavlas\fP) localemod does not generate locale for Arch
+| refs: \fI\%#23307\fP \fI\%#23397\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+aa5fb0a Merge pull request \fI\%#23397\fP from jfindlay/fix_locale_gen
+.IP \(bu 2
+0941fef add more flexible whitespace to locale_gen search
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23368\fP: (\fIkaithar\fP) Backport \fI\%#23367\fP to 2014.7
+@ \fI2015\-05\-05T21:42:26Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23367\fP: (\fIkaithar\fP) Put the sed insert statement back in to the output.
+| refs: \fI\%#23368\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#18368\fP: (\fIbasepi\fP) Merge forward from 2014.7 to develop
+| refs: \fI\%#23367\fP \fI\%#23368\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+0c76dd4 Merge pull request \fI\%#23368\fP from kaithar/\fI\%bp\-23367\fP
+.IP \(bu 2
+577f419 Pylint fix
+.IP \(bu 2
+8d9acd1 Put the sed insert statement back in to the output.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23350\fP: (\fIlorengordon\fP) Append/prepend: search for full line
+@ \fI2015\-05\-05T21:42:11Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23294\fP: (\fIvariia\fP) file.replace fails to append if repl string partially available
+| refs: \fI\%#23350\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+3493cc1 Merge pull request \fI\%#23350\fP from lorengordon/file.replace_assume_line
+.IP \(bu 2
+b60e224 Append/prepend: search for full line
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23341\fP: (\fIcachedout\fP) Fix syndic pid and logfile path
+@ \fI2015\-05\-05T21:29:10Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23026\fP: (\fIadelcast\fP) Incorrect salt\-syndic logfile and pidfile locations
+| refs: \fI\%#23341\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+7be5c48 Merge pull request \fI\%#23341\fP from cachedout/issue_23026
+.IP \(bu 2
+e98e65e Fix tests
+.IP \(bu 2
+6011b43 Fix syndic pid and logfile path
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23272\fP: (\fIbasepi\fP) [2014.7] Allow salt\-ssh minion config overrides via master config and roster
+| refs: \fI\%#23347\fP
+@ **
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#19114\fP: (\fIpykler\fP) salt\-ssh and gpg pillar renderer
+| refs: \fI\%#23188\fP \fI\%#23272\fP \fI\%#23347\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23188\fP: (\fIbasepi\fP) [2014.7] Work around bug in salt\-ssh in config.get for gpg renderer
+| refs: \fI\%#23272\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+ea61abf Merge pull request \fI\%#23272\fP from basepi/salt\-ssh.minion.config.19114
+.IP \(bu 2
+c223309 Add versionadded
+.IP \(bu 2
+be7407f Lint
+.IP \(bu 2
+c2c3375 Missing comma
+.IP \(bu 2
+8e3e8e0 Pass the minion_opts through the FunctionWrapper
+.IP \(bu 2
+cb69cd0 Match the master config template in the master config reference
+.IP \(bu 2
+87fc316 Add Salt\-SSH section to master config template
+.IP \(bu 2
+91dd9dc Add ssh_minion_opts to master config ref
+.IP \(bu 2
+c273ea1 Add minion config to salt\-ssh doc
+.IP \(bu 2
+a0b6b76 Add minion_opts to roster docs
+.IP \(bu 2
+5212c35 Accept minion_opts from the target information
+.IP \(bu 2
+e2099b6 Process \fIssh_minion_opts\fP from master config
+.IP \(bu 2
+3b64214 Revert "Work around bug in salt\-ssh in config.get for gpg renderer"
+.IP \(bu 2
+494953a Remove the strip (embracing multi\-line YAML dump)
+.IP \(bu 2
+fe87f0f Dump multi\-line yaml into the SHIM
+.IP \(bu 2
+b751a72 Inject local minion config into shim if available
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23347\fP: (\fIbasepi\fP) [2014.7] Salt\-SSH Backport FunctionWrapper.__contains__
+@ \fI2015\-05\-05T14:13:21Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#19114\fP: (\fIpykler\fP) salt\-ssh and gpg pillar renderer
+| refs: \fI\%#23188\fP \fI\%#23272\fP \fI\%#23347\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23272\fP: (\fIbasepi\fP) [2014.7] Allow salt\-ssh minion config overrides via master config and roster
+| refs: \fI\%#23347\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23188\fP: (\fIbasepi\fP) [2014.7] Work around bug in salt\-ssh in config.get for gpg renderer
+| refs: \fI\%#23272\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+4f760dd Merge pull request \fI\%#23347\fP from basepi/salt\-ssh.functionwrapper.contains.19114
+.IP \(bu 2
+30595e3 Backport FunctionWrapper.__contains__
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23344\fP: (\fIcachedout\fP) Explicitely set file_client on master
+@ \fI2015\-05\-04T23:21:48Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22742\fP: (\fIhvnsweeting\fP) salt\-master says: "This master address: \(aqsalt\(aq was previously resolvable but now fails to resolve!"
+| refs: \fI\%#23344\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+02658b1 Merge pull request \fI\%#23344\fP from cachedout/issue_22742
+.IP \(bu 2
+5adc96c Explicitely set file_client on master
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23318\fP: (\fIcellscape\fP) Honor seed argument in LXC container initializaton
+@ \fI2015\-05\-04T20:58:12Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23311\fP: (\fIcellscape\fP) Fix new container initialization in LXC runner
+| refs: \fI\%#23318\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+ba7605d Merge pull request \fI\%#23318\fP from cellscape/honor\-seed\-argument
+.IP \(bu 2
+228b1be Honor seed argument in LXC container initializaton
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23307\fP: (\fIjfindlay\fP) check for /etc/locale.gen
+@ \fI2015\-05\-04T20:56:32Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#17245\fP: (\fItomashavlas\fP) localemod does not generate locale for Arch
+| refs: \fI\%#23307\fP \fI\%#23397\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+4ac4509 Merge pull request \fI\%#23307\fP from jfindlay/fix_locale_gen
+.IP \(bu 2
+101199a check for /etc/locale.gen
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23324\fP: (\fIs0undt3ch\fP) [2014.7] Update to the latest stable release of the bootstrap script v2015.05.04
+@ \fI2015\-05\-04T16:28:30Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#580\fP: (\fIthatch45\fP) recursive watch not being caught
+| refs: \fI\%#23324\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#552\fP: (\fIjhutchins\fP) Support require and watch under the same state dec
+| refs: \fI\%#23324\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#589\fP: (\fIepoelke\fP) add \-\-quiet and \-\-outfile options to saltkey
+| refs: \fI\%#23324\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#567\fP: (\fIbastichelaar\fP) Added upstart module
+| refs: \fI\%#23324\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#560\fP: (\fIUtahDave\fP) The runas feature that was added in 93423aa2e5e4b7de6452090b0039560d2b13...
+| refs: \fI\%#23324\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#504\fP: (\fISEJeff\fP) File state goodies
+| refs: \fI\%#23324\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+f790f42 Merge pull request \fI\%#23324\fP from s0undt3ch/hotfix/bootstrap\-script\-2014.7
+.IP \(bu 2
+6643e47 Update to the latest stable release of the bootstrap script v2015.05.04
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23329\fP: (\fIcro\fP) Require requests to verify cert when talking to aliyun and proxmox cloud providers
+@ \fI2015\-05\-04T16:18:17Z\fP
+.INDENT 2.0
+.IP \(bu 2
+5487367 Merge pull request \fI\%#23329\fP from cro/cloud_verify_cert
+.IP \(bu 2
+860d4b7 Turn on ssl verify for requests.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23311\fP: (\fIcellscape\fP) Fix new container initialization in LXC runner
+| refs: \fI\%#23318\fP
+@ \fI2015\-05\-04T09:55:29Z\fP
+.INDENT 2.0
+.IP \(bu 2
+ea20176 Merge pull request \fI\%#23311\fP from cellscape/fix\-salt\-cloud\-lxc\-init
+.IP \(bu 2
+76fbb34 Fix new container initialization in LXC runner
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23298\fP: (\fIchris\-prince\fP) Fixed issue \fI\%#18880\fP in 2014.7 branch
+@ \fI2015\-05\-03T15:49:41Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#18880\fP: (\fIjohtso\fP) npm installed breaks when a module is missing
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+c399b8f Merge pull request \fI\%#23298\fP from chris\-prince/2014.7
+.IP \(bu 2
+0fa25db Fixed issue \fI\%#18880\fP in 2014.7 branch
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23292\fP: (\fIrallytime\fP) Merge \fI\%#23151\fP with pylint fixes
+@ \fI2015\-05\-02T03:54:12Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23148\fP: (\fIcr1st1p\fP) virt \- error handling bogus if machine image location is wrong
+.IP \(bu 2
+\fBPR\fP \fI\%#23151\fP: (\fIcr1st1p\fP) Fixes \fI\%#23148\fP
+| refs: \fI\%#23292\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+16ecefd Merge pull request \fI\%#23292\fP from rallytime/merge\-23151
+.IP \(bu 2
+8ff852a Merge \fI\%#23151\fP with pylint fixes
+.IP \(bu 2
+8ffa12e Fixes \fI\%#23148\fP
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23274\fP: (\fIbasepi\fP) [2014.7] Reduce salt\-ssh debug log verbosity
+@ \fI2015\-05\-01T20:19:23Z\fP
+.INDENT 2.0
+.IP \(bu 2
+ce24315 Merge pull request \fI\%#23274\fP from basepi/salt\-ssh.debug.verbosity
+.IP \(bu 2
+ecee6c6 Log stdout and stderr to trace
+.IP \(bu 2
+08f54d7 Log stdout and stderr to trace as well
+.IP \(bu 2
+9b9c30f Reduce salt\-ssh debug log verbosity
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23261\fP: (\fIrallytime\fP) Fix tornado websocket event handler registration
+@ \fI2015\-05\-01T18:20:31Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22605\fP: (\fImavenAtHouzz\fP) Tornado websockets event Handlers registration are incorrect
+| refs: \fI\%#23261\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+7b55e43 Merge pull request \fI\%#23261\fP from rallytime/\fI\%fix\-22605\fP
+.IP \(bu 2
+4950fbf Fix tornado websocket event handler registration
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23258\fP: (\fIteizz\fP) TCP keepalives on the ret side, Revisited.
+@ \fI2015\-05\-01T16:13:49Z\fP
+.INDENT 2.0
+.IP \(bu 2
+83ef7cb Merge pull request \fI\%#23258\fP from teizz/ret_keepalive_2014_7_5
+.IP \(bu 2
+0b9fb6f The fixes by cachedout which were backported into 2015_2 were missing a single parameter thus not setting up the TCP keepalive for the ZeroMQ Channel by default.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23241\fP: (\fItechhat\fP) Move iptables log options after the jump
+@ \fI2015\-05\-01T01:31:59Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23224\fP: (\fItwellspring\fP) iptables.append \-\-log parameters must be after \-\-jump LOG
+| refs: \fI\%#23241\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+8de3c83 Merge pull request \fI\%#23241\fP from techhat/issue23224
+.IP \(bu 2
+87f7948 Move iptables log options after the jump
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23228\fP: (\fIrallytime\fP) Backport \fI\%#23171\fP to 2014.7
+@ \fI2015\-04\-30T21:09:45Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23171\fP: (\fIskizunov\fP) Bugfix: \(aqclean_proc_dir\(aq is broken
+| refs: \fI\%#23228\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+f20210e Merge pull request \fI\%#23228\fP from rallytime/\fI\%bp\-23171\fP
+.IP \(bu 2
+e670e99 Bugfix: \(aqclean_proc_dir\(aq is broken
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23227\fP: (\fIrallytime\fP) Backport \fI\%#22808\fP to 2014.7
+@ \fI2015\-04\-30T21:09:14Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22703\fP: (\fIXiol\fP) salt\-ssh does not work with list matcher
+| refs: \fI\%#22808\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#22808\fP: (\fIbasepi\fP) [2015.2] Add list targeting to salt\-ssh flat roster
+| refs: \fI\%#23227\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+721cc28 Merge pull request \fI\%#23227\fP from rallytime/\fI\%bp\-22808\fP
+.IP \(bu 2
+d208a00 Dict, not list
+.IP \(bu 2
+a3f529e It\(aqs already been converted to a list
+.IP \(bu 2
+dd57f2d Add list targeting to salt\-ssh flat roster
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22823\fP: (\fIhvnsweeting\fP) 22822 file directory clean
+@ \fI2015\-04\-30T15:25:51Z\fP
+.INDENT 2.0
+.IP \(bu 2
+82c22af Merge pull request \fI\%#22823\fP from hvnsweeting/22822\-file\-directory\-clean
+.IP \(bu 2
+c749c27 fix lint \- remove unnecessary parenthesis
+.IP \(bu 2
+cb3dfee refactor
+.IP \(bu 2
+8924b5a refactor: use relpath instead of do it manually
+.IP \(bu 2
+d3060a5 refactor
+.IP \(bu 2
+5759a0e bugfix: fix file.directory clean=True when it require parent dir
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22977\fP: (\fIbersace\fP) Fix fileserver backends __opts__ overwritten by _pillar
+@ \fI2015\-04\-30T15:24:56Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22941\fP: (\fIbersace\fP) \fI_pillar\fP func breaks fileserver globals
+| refs: \fI\%#22977\fP \fI\%#22942\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#22942\fP: (\fIbersace\fP) Fix fileserver backends global overwritten by _pillar
+| refs: \fI\%#22977\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+f6c0728 Merge pull request \fI\%#22977\fP from bersace/fix\-fileserver\-backends\-pillar\-side\-effect
+.IP \(bu 2
+5f451f6 Fix fileserver backends __opts__ overwritten by _pillar
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23180\fP: (\fIjfindlay\fP) fix typos from 36841bdd in masterapi.py
+@ \fI2015\-04\-30T15:22:41Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23166\fP: (\fIclaudiupopescu\fP) "Error in function _minion_event" resulting in modules not loaded
+| refs: \fI\%#23180\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+34206f7 Merge pull request \fI\%#23180\fP from jfindlay/remote_event
+.IP \(bu 2
+72066e1 fix typos from 36841bdd in masterapi.py
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23176\fP: (\fIjfindlay\fP) copy standard cmd.run* kwargs into cmd.run_chroot
+@ \fI2015\-04\-30T15:22:12Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23153\fP: (\fIcr1st1p\fP) cmdmod : run_chroot \- broken in 2014.7.5 \- missing kwargs
+| refs: \fI\%#23176\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+b6b8216 Merge pull request \fI\%#23176\fP from jfindlay/run_chroot
+.IP \(bu 2
+7dc3417 copy standard cmd.run* kwargs into cmd.run_chroot
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23193\fP: (\fIjoejulian\fP) supervisord.mod_watch should accept sfun
+@ \fI2015\-04\-30T04:34:21Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23192\fP: (\fIjoejulian\fP) supervisord mod_watch does not accept sfun
+| refs: \fI\%#23193\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+effacbe Merge pull request \fI\%#23193\fP from joejulian/2014.7_supervisord_accept_sfun
+.IP \(bu 2
+efb59f9 supervisord.mod_watch should accept sfun
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23188\fP: (\fIbasepi\fP) [2014.7] Work around bug in salt\-ssh in config.get for gpg renderer
+| refs: \fI\%#23272\fP
+@ \fI2015\-04\-30T04:34:10Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#19114\fP: (\fIpykler\fP) salt\-ssh and gpg pillar renderer
+| refs: \fI\%#23188\fP \fI\%#23272\fP \fI\%#23347\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+72fe88e Merge pull request \fI\%#23188\fP from basepi/salt\-ssh.function.wrapper.gpg.19114
+.IP \(bu 2
+d73979e Work around bug in salt\-ssh in config.get for gpg renderer
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23154\fP: (\fIcachedout\fP) Re\-establish channel on interruption in fileclient
+@ \fI2015\-04\-29T16:18:59Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#21480\fP: (\fImsciciel\fP) TypeError: string indices must be integers, not str
+| refs: \fI\%#23154\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+168508e Merge pull request \fI\%#23154\fP from cachedout/refresh_channel
+.IP \(bu 2
+9f8dd80 Re\-establish channel on interruption in fileclient
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23146\fP: (\fIrallytime\fP) Backport \fI\%#20779\fP to 2014.7
+@ \fI2015\-04\-28T20:45:06Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#20647\fP: (\fIryan\-lane\fP) file.serialize fails to serialize due to ordered dicts
+| refs: \fI\%#20779\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#20779\fP: (\fIcachedout\fP) Use declared yaml options
+| refs: \fI\%#23146\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+3b53e04 Merge pull request \fI\%#23146\fP from rallytime/\fI\%bp\-20779\fP
+.IP \(bu 2
+ffd1849 compare OrderedDicts in serializer unit test
+.IP \(bu 2
+a221706 Just change serialize
+.IP \(bu 2
+a111798 Use declared yaml options
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23145\fP: (\fIrallytime\fP) Backport \fI\%#23089\fP to 2014.7
+@ \fI2015\-04\-28T20:44:56Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#23089\fP: (\fIcachedout\fP) Stringify version number before lstrip
+| refs: \fI\%#23145\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+8bb4664 Merge pull request \fI\%#23145\fP from rallytime/\fI\%bp\-23089\fP
+.IP \(bu 2
+93c41af Stringify version number before lstrip
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23144\fP: (\fIrallytime\fP) Backport \fI\%#23124\fP to 2014.7
+@ \fI2015\-04\-28T20:44:46Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#16188\fP: (\fIdrawks\fP) salt.modules.parted has various functions with bogus input validation.
+| refs: \fI\%#23124\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23124\fP: (\fIether42\fP) fix parsing the output of parted in parted.list_()
+| refs: \fI\%#23144\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+c85d36f Merge pull request \fI\%#23144\fP from rallytime/\fI\%bp\-23124\fP\-2014\-7
+.IP \(bu 2
+6b64da7 fix parsing the output of parted
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23120\fP: (\fIterminalmage\fP) Don\(aqt run os.path.relpath() if repo doesn\(aqt have a "root" param set
+@ \fI2015\-04\-28T15:46:54Z\fP
+.INDENT 2.0
+.IP \(bu 2
+a27b158 Merge pull request \fI\%#23120\fP from terminalmage/fix\-gitfs\-relpath
+.IP \(bu 2
+1860fff Don\(aqt run os.path.relpath() if repo doesn\(aqt have a "root" param set
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23132\fP: (\fIclinta\fP) Backport b27c176
+@ \fI2015\-04\-28T15:00:30Z\fP
+.INDENT 2.0
+.IP \(bu 2
+fcba607 Merge pull request \fI\%#23132\fP from clinta/patch\-2
+.IP \(bu 2
+a824d72 Backport b27c176
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23114\fP: (\fIrallytime\fP) Adjust ZeroMQ 4 docs to reflect changes to Ubuntu 12 packages
+@ \fI2015\-04\-28T03:59:24Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#18476\fP: (\fIAuha\fP) Upgrading salt on my master caused dependency issues
+| refs: \fI\%#23114\fP \fI\%#18610\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#18610\fP: (\fIrallytime\fP) Make ZMQ 4 installation docs for ubuntu more clear
+| refs: \fI\%#23114\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+b0f4b28 Merge pull request \fI\%#23114\fP from rallytime/remove_ubuntu_zmq4_docs
+.IP \(bu 2
+f6cc7c8 Adjust ZeroMQ 4 docs to reflect changes to Ubuntu 12 packages
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23108\fP: (\fIrallytime\fP) Backport \fI\%#23097\fP to 2014.7
+@ \fI2015\-04\-28T03:58:05Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23085\fP: (\fIxenophonf\fP) Use "s3fs" (not "s3") in fileserver_roots
+| refs: \fI\%#23097\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#23097\fP: (\fIrallytime\fP) Change s3 to s3fs in fileserver_roots docs example
+| refs: \fI\%#23108\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+399857f Merge pull request \fI\%#23108\fP from rallytime/\fI\%bp\-23097\fP
+.IP \(bu 2
+fa88984 Change s3 to s3fs in fileserver_roots docs example
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23112\fP: (\fIbasepi\fP) [2014.7] Backport \fI\%#22199\fP to fix mysql returner save_load errors
+@ \fI2015\-04\-28T03:55:44Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22171\fP: (\fIbasepi\fP) We should only call returner.save_load once per jid
+| refs: \fI\%#22199\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#22199\fP: (\fIbasepi\fP) [2015.2] Put a bandaid on the save_load duplicate issue (mysql returner)
+| refs: \fI\%#23112\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+5541537 Merge pull request \fI\%#23112\fP from basepi/mysql_returner_save_load
+.IP \(bu 2
+0127012 Put a bandaid on the save_load duplicate issue
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23113\fP: (\fIrallytime\fP) Revert "Backport \fI\%#22895\fP to 2014.7"
+@ \fI2015\-04\-28T03:27:29Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#22925\fP: (\fIrallytime\fP) Backport \fI\%#22895\fP to 2014.7
+| refs: \fI\%#23113\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#22895\fP: (\fIaletourneau\fP) pam_tally counter was not reset to 0 after a succesfull login
+| refs: \fI\%#22925\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+dfe2066 Merge pull request \fI\%#23113\fP from saltstack/revert\-22925\-\fI\%bp\-22895\fP
+.IP \(bu 2
+b957ea8 Revert "Backport \fI\%#22895\fP to 2014.7"
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23094\fP: (\fIterminalmage\fP) pygit2: disable cleaning of stale refs for authenticated remotes
+@ \fI2015\-04\-27T20:51:28Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23013\fP: (\fImarkusr815\fP) gitfs regression with authenticated repos
+| refs: \fI\%#23094\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+21515f3 Merge pull request \fI\%#23094\fP from terminalmage/issue23013
+.IP \(bu 2
+aaf7b04 pygit2: disable cleaning of stale refs for authenticated remotes
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23048\fP: (\fIjfindlay\fP) py\-2.6 compat for utils/boto.py ElementTree exception
+@ \fI2015\-04\-25T16:56:45Z\fP
+.INDENT 2.0
+.IP \(bu 2
+d45aa21 Merge pull request \fI\%#23048\fP from jfindlay/ET_error
+.IP \(bu 2
+64c42cc py\-2.6 compat for utils/boto.py ElementTree exception
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23025\fP: (\fIjfindlay\fP) catch exceptions on bad system locales/encodings
+@ \fI2015\-04\-25T16:56:30Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22981\fP: (\fIsyphernl\fP) Locale state throwing traceback when generating not (yet) existing locale
+| refs: \fI\%#23025\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+d25a5c1 Merge pull request \fI\%#23025\fP from jfindlay/fix_sys_locale
+.IP \(bu 2
+9c4d62b catch exceptions on bad system locales/encodings
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22932\fP: (\fIhvnsweeting\fP) bugfix: also manipulate dir_mode when source not defined
+@ \fI2015\-04\-25T16:54:58Z\fP
+.INDENT 2.0
+.IP \(bu 2
+5e44b59 Merge pull request \fI\%#22932\fP from hvnsweeting/file\-append\-bugfix
+.IP \(bu 2
+3f368de do not use assert in execution module
+.IP \(bu 2
+9d4fd4a bugfix: also manipulate dir_mode when source not defined
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23055\fP: (\fIjfindlay\fP) prevent ps module errors on accessing dead procs
+@ \fI2015\-04\-24T22:39:49Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#23021\fP: (\fIether42\fP) ps.pgrep raises NoSuchProcess
+| refs: \fI\%#23055\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+c2416a4 Merge pull request \fI\%#23055\fP from jfindlay/fix_ps
+.IP \(bu 2
+c2dc7ad prevent ps module errors on accessing dead procs
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23031\fP: (\fIjfindlay\fP) convert exception e.message to just e
+@ \fI2015\-04\-24T18:38:13Z\fP
+.INDENT 2.0
+.IP \(bu 2
+bfd9158 Merge pull request \fI\%#23031\fP from jfindlay/exception
+.IP \(bu 2
+856bad1 convert exception e.message to just e
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23015\fP: (\fIhvnsweeting\fP) if status of service is stop, there is not an error with it
+@ \fI2015\-04\-24T14:35:10Z\fP
+.INDENT 2.0
+.IP \(bu 2
+7747f33 Merge pull request \fI\%#23015\fP from hvnsweeting/set\-non\-error\-lvl\-for\-service\-status\-log
+.IP \(bu 2
+92ea163 if status of service is stop, there is not an error with it
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#23000\fP: (\fIjfindlay\fP) set systemd service killMode to process for minion
+@ \fI2015\-04\-24T03:42:39Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22993\fP: (\fIjetpak\fP) salt\-minion restart causes all spawned daemons to die on centos7 (systemd)
+| refs: \fI\%#23000\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+2e09789 Merge pull request \fI\%#23000\fP from jfindlay/systemd_kill
+.IP \(bu 2
+3d575e2 set systemd service killMode to process for minion
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22999\fP: (\fIjtand\fP) Added retry_dns to minion doc.
+@ \fI2015\-04\-24T03:30:24Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22707\fP: (\fIarthurlogilab\fP) retry_dns of master configuration is missing from the  documentation
+| refs: \fI\%#22999\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+b5c059a Merge pull request \fI\%#22999\fP from jtand/fix_22707
+.IP \(bu 2
+8486e17 Added retry_dns to minion doc.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22990\fP: (\fItechhat\fP) Use the proper cloud conf variable
+@ \fI2015\-04\-23T17:48:07Z\fP
+.INDENT 2.0
+.IP \(bu 2
+27dc877 Merge pull request \fI\%#22990\fP from techhat/2014.7
+.IP \(bu 2
+d33bcbc Use the proper cloud conf variable
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22976\fP: (\fImultani\fP) Improve state_output documentation
+@ \fI2015\-04\-23T12:24:22Z\fP
+.INDENT 2.0
+.IP \(bu 2
+13dff65 Merge pull request \fI\%#22976\fP from multani/fix/state\-output\-doc
+.IP \(bu 2
+19efd41 Improve state_output documentation
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22955\fP: (\fIterminalmage\fP) Fix regression introduced yesterday in dockerio module
+@ \fI2015\-04\-22T18:56:39Z\fP
+.INDENT 2.0
+.IP \(bu 2
+89fa185 Merge pull request \fI\%#22955\fP from terminalmage/dockerio\-run\-fix
+.IP \(bu 2
+b4472ad Fix regression introduced yesterday in dockerio module
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22954\fP: (\fIrallytime\fP) Backport \fI\%#22909\fP to 2014.7
+@ \fI2015\-04\-22T18:56:20Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#22909\fP: (\fImguegan\fP) Fix compatibility with pkgin > 0.7
+| refs: \fI\%#22954\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+46ef227 Merge pull request \fI\%#22954\fP from rallytime/\fI\%bp\-22909\fP
+.IP \(bu 2
+70c1cd3 Fix compatibility with pkgin > 0.7
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22856\fP: (\fIjfindlay\fP) increase timeout and decrease tries for route53 records
+@ \fI2015\-04\-22T16:47:01Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#18720\fP: (\fIReiner030\fP) timeouts when setting Route53 records
+| refs: \fI\%#22856\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+c9ae593 Merge pull request \fI\%#22856\fP from jfindlay/route53_timeout
+.IP \(bu 2
+ba4a786 add route53 record sync wait, default=False
+.IP \(bu 2
+ea2fd50 increase timeout and tries for route53 records
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22946\fP: (\fIs0undt3ch\fP) Test with a more recent pip version to avoid a traceback
+@ \fI2015\-04\-22T16:25:17Z\fP
+.INDENT 2.0
+.IP \(bu 2
+a178d44 Merge pull request \fI\%#22946\fP from s0undt3ch/2014.7
+.IP \(bu 2
+bc87749 Test with a more recent pip version to avoid a traceback
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22945\fP: (\fIgarethgreenaway\fP) Fixes to scheduler
+@ \fI2015\-04\-22T16:25:00Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22571\fP: (\fIBoomerB\fP) same error message as on issue \fI\%#18504\fP
+| refs: \fI\%#22945\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+de339be Merge pull request \fI\%#22945\fP from garethgreenaway/22571_2014_7_schedule_pillar_refresh_seconds_exceptions
+.IP \(bu 2
+bfa6d25 Fixing a reported issue when using a scheduled job from pillar with splay.  _seconds element that acted as a backup of the actual seconds was being removed when pillar was refreshed and causing exceptions.  This fix moves some splay related code out of the if else condition so it\(aqs checked whether the job is in the job queue or not.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22887\fP: (\fIhvnsweeting\fP) fix \fI\%#18843\fP
+@ \fI2015\-04\-22T15:47:05Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#18843\fP: (\fIcalvinhp\fP) State user.present will fail to create home if user exists and homedir doesn\(aqt
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+12d2b91 Merge pull request \fI\%#22887\fP from hvnsweeting/18843\-fix\-user\-present\-home
+.IP \(bu 2
+7fe7b08 run user.chhome once to avoid any side\-effect when run it twice
+.IP \(bu 2
+19de995 clarify the usage of home arg
+.IP \(bu 2
+d6dc09a enhance doc, as usermod on ubuntu 12.04 will not CREATE home
+.IP \(bu 2
+0ce4d7f refactor: force to use boolean
+.IP \(bu 2
+849d19e log debug the creating dir process
+.IP \(bu 2
+c4e95b9 fix \fI\%#18843\fP: usermod won\(aqt create a dir if old home does not exist
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22930\fP: (\fIjfindlay\fP) localemod.gen_locale now always returns a boolean
+@ \fI2015\-04\-22T15:37:39Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#21140\fP: (\fIholms\fP) locale.present state executed successfully, although originally fails
+| refs: \fI\%#22930\fP \fI\%#22829\fP
+.IP \(bu 2
+\fBISSUE\fP \fI\%#2417\fP: (\fIffa\fP) Module standards
+| refs: \fI\%#22829\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#22829\fP: (\fIF30\fP) Always return a boolean in gen_locale()
+| refs: \fI\%#22930\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+b7de7bd Merge pull request \fI\%#22930\fP from jfindlay/localegen_bool
+.IP \(bu 2
+399399f localemod.gen_locale now always returns a boolean
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22933\fP: (\fIhvnsweeting\fP) add test for \fI\%#18843\fP
+@ \fI2015\-04\-22T15:27:18Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#18843\fP: (\fIcalvinhp\fP) State user.present will fail to create home if user exists and homedir doesn\(aqt
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+11bcf14 Merge pull request \fI\%#22933\fP from hvnsweeting/18843\-test
+.IP \(bu 2
+b13db32 add test for \fI\%#18843\fP
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22925\fP: (\fIrallytime\fP) Backport \fI\%#22895\fP to 2014.7
+| refs: \fI\%#23113\fP
+@ \fI2015\-04\-22T02:30:26Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#22895\fP: (\fIaletourneau\fP) pam_tally counter was not reset to 0 after a succesfull login
+| refs: \fI\%#22925\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+6890752 Merge pull request \fI\%#22925\fP from rallytime/\fI\%bp\-22895\fP
+.IP \(bu 2
+3852d96 Pylint fix
+.IP \(bu 2
+90f7829 Fixed pylint issues
+.IP \(bu 2
+5ebf159 Cleaned up pull request
+.IP \(bu 2
+a08ac47 pam_tally counter was not reset to 0 after a succesfull login
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22914\fP: (\fIcachedout\fP) Call proper returner function in jobs.list_jobs
+@ \fI2015\-04\-22T00:49:01Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22790\fP: (\fIwhiteinge\fP) jobs.list_jobs runner tracebacks on \(aqmissing\(aq argument
+| refs: \fI\%#22914\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+eca37eb Merge pull request \fI\%#22914\fP from cachedout/issue_22790
+.IP \(bu 2
+d828d6f Call proper returner function in jobs.list_jobs
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22918\fP: (\fIJaseFace\fP) Add a note to the git_pillar docs stating that GitPython is the only currently supported provider
+@ \fI2015\-04\-22T00:48:26Z\fP
+.INDENT 2.0
+.IP \(bu 2
+44f3409 Merge pull request \fI\%#22918\fP from JaseFace/git\-pillar\-provider\-doc\-note
+.IP \(bu 2
+0aee5c2 Add a note to the git_pillar docs stating that GitPython is the only currently supported provider
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22907\fP: (\fItechhat\fP) Properly merge cloud configs to create profiles
+@ \fI2015\-04\-21T22:02:44Z\fP
+.INDENT 2.0
+.IP \(bu 2
+31c461f Merge pull request \fI\%#22907\fP from techhat/cloudconfig
+.IP \(bu 2
+3bf4e66 Properly merge cloud configs to create profiles
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22894\fP: (\fI0xf10e\fP) Fix issue \fI\%#22782\fP
+@ \fI2015\-04\-21T18:55:18Z\fP
+.INDENT 2.0
+.IP \(bu 2
+f093975 Merge pull request \fI\%#22894\fP from 0xf10e/2014.7
+.IP \(bu 2
+58fa24c Clarify doc on kwarg \(aqroles\(aq for user_present().
+.IP \(bu 2
+f0ae2eb Improve readability by renaming tenant_role
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22902\fP: (\fIrallytime\fP) Change state example to use proper kwarg
+@ \fI2015\-04\-21T18:50:47Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#12003\fP: (\fIMarkusMuellerAU\fP) [state.dockerio] docker.run TypeError: run() argument after ** must be a mapping, not str
+| refs: \fI\%#22902\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+c802ba7 Merge pull request \fI\%#22902\fP from rallytime/docker_doc_fix
+.IP \(bu 2
+8f70346 Change state example to use proper kwarg
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22898\fP: (\fIterminalmage\fP) dockerio: better error message for native exec driver
+@ \fI2015\-04\-21T18:02:58Z\fP
+.INDENT 2.0
+.IP \(bu 2
+81771a7 Merge pull request \fI\%#22898\fP from terminalmage/issue12003
+.IP \(bu 2
+c375309 dockerio: better error message for native exec driver
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22897\fP: (\fIrallytime\fP) Add param documentation for file.replace state
+@ \fI2015\-04\-21T17:31:04Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22825\fP: (\fIpaolodina\fP) Issue using file.replace in state file
+| refs: \fI\%#22897\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+e2ec4ec Merge pull request \fI\%#22897\fP from rallytime/\fI\%fix\-22825\fP
+.IP \(bu 2
+9c51630 Add param documentation for file.replace state
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22850\fP: (\fIbersace\fP) Fix pillar and salt fileserver mixed
+@ \fI2015\-04\-21T17:04:33Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22844\fP: (\fIbersace\fP) LocalClient file cache confuse pillar and state files
+| refs: \fI\%#22850\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+fd53889 Merge pull request \fI\%#22850\fP from bersace/fix\-pillar\-salt\-mixed
+.IP \(bu 2
+31b98e7 Initialize state file client after pillar loading
+.IP \(bu 2
+f6bebb7 Use saltenv
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22818\fP: (\fItwangboy\fP) Added documentation regarding pip in windows
+@ \fI2015\-04\-21T03:58:59Z\fP
+.INDENT 2.0
+.IP \(bu 2
+1380fec Merge pull request \fI\%#22818\fP from twangboy/upd_pip_docs
+.IP \(bu 2
+cb999c7 Update pip.py
+.IP \(bu 2
+3cc5c97 Added documentation regarding pip in windows
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22872\fP: (\fIrallytime\fP) Prevent stacktrace on os.path.exists in hosts module
+@ \fI2015\-04\-21T02:54:40Z\fP
+.INDENT 2.0
+.IP \(bu 2
+b2bf17f Merge pull request \fI\%#22872\fP from rallytime/fix_hosts_stacktrace
+.IP \(bu 2
+c88a1ea Prevent stacktrace on os.path.exists in hosts module
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22853\fP: (\fIs0undt3ch\fP) Don\(aqt assume package installation order.
+@ \fI2015\-04\-21T02:42:41Z\fP
+.INDENT 2.0
+.IP \(bu 2
+03af523 Merge pull request \fI\%#22853\fP from s0undt3ch/2014.7
+.IP \(bu 2
+b62df62 Don\(aqt assume package installation order.
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22877\fP: (\fIs0undt3ch\fP) Don\(aqt fail on \fImake clean\fP just because the directory does not exist
+@ \fI2015\-04\-21T02:40:47Z\fP
+.INDENT 2.0
+.IP \(bu 2
+9211e36 Merge pull request \fI\%#22877\fP from s0undt3ch/hotfix/clean\-docs\-fix
+.IP \(bu 2
+95d6887 Don\(aqt fail on \fImake clean\fP just because the directory does not exist
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22873\fP: (\fIthatch45\fP) Type check the version since it will often be numeric
+@ \fI2015\-04\-21T02:38:11Z\fP
+.INDENT 2.0
+.IP \(bu 2
+5bdbd08 Merge pull request \fI\%#22873\fP from thatch45/type_check
+.IP \(bu 2
+53b8376 Type check the version since it will often be numeric
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22870\fP: (\fItwangboy\fP) Added ability to send a version with a space in it
+@ \fI2015\-04\-20T23:18:28Z\fP
+.INDENT 2.0
+.IP \(bu 2
+c965b0a Merge pull request \fI\%#22870\fP from twangboy/fix_installer_again
+.IP \(bu 2
+3f180cf Added ability to send a version with a space in it
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22863\fP: (\fIrallytime\fP) Backport \fI\%#20974\fP to 2014.7
+@ \fI2015\-04\-20T19:29:37Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBPR\fP \fI\%#20974\fP: (\fIJohannesEbke\fP) Fix expr_match usage in salt.utils.check_whitelist_blacklist
+| refs: \fI\%#22863\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+2973eb1 Merge pull request \fI\%#22863\fP from rallytime/\fI\%bp\-20974\fP
+.IP \(bu 2
+14913a4 Fix expr_match usage in salt.utils.check_whitelist_blacklist
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22578\fP: (\fIhvnsweeting\fP) gracefully handle when salt\-minion cannot decrypt key
+@ \fI2015\-04\-20T15:24:45Z\fP
+.INDENT 2.0
+.IP \(bu 2
+c45b92b Merge pull request \fI\%#22578\fP from hvnsweeting/2014\-7\-fix\-compile\-pillar
+.IP \(bu 2
+f75b24a gracefully handle when salt\-minion cannot decrypt key
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22800\fP: (\fIterminalmage\fP) Improve error logging for pygit2 SSH\-based remotes
+@ \fI2015\-04\-18T17:18:55Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#21979\fP: (\fIyrdevops\fP) gitfs: error message not descriptive enough when libgit2 was compiled without libssh2
+| refs: \fI\%#22800\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+900c7a5 Merge pull request \fI\%#22800\fP from terminalmage/issue21979
+.IP \(bu 2
+8f1c008 Clarify that for pygit2, receiving 0 objects means repo is up\-to\-date
+.IP \(bu 2
+98885f7 Add information about libssh2 requirement for pygit2 ssh auth
+.IP \(bu 2
+09468d2 Fix incorrect log message
+.IP \(bu 2
+2093bf8 Adjust loglevels for gitfs errors
+.IP \(bu 2
+9d394df Improve error logging for pygit2 SSH\-based remotes
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22813\fP: (\fItwangboy\fP) Updated instructions for building salt
+@ \fI2015\-04\-18T04:10:07Z\fP
+.INDENT 2.0
+.IP \(bu 2
+e99f2fd Merge pull request \fI\%#22813\fP from twangboy/win_doc_fix
+.IP \(bu 2
+adc421a Fixed some formatting issues
+.IP \(bu 2
+8901b3b Updated instructions for building salt
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22810\fP: (\fIbasepi\fP) [2014.7] More msgpack gating for salt\-ssh
+@ \fI2015\-04\-17T22:28:24Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22708\fP: (\fIBilge\fP) salt\-ssh file.accumulated error: NameError: global name \(aqmsgpack\(aq is not defined
+| refs: \fI\%#22810\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+fe1de89 Merge pull request \fI\%#22810\fP from basepi/salt\-ssh.more.msgpack.gating
+.IP \(bu 2
+d4da8e6 Gate msgpack in salt/modules/saltutil.py
+.IP \(bu 2
+02303b2 Gate msgpack in salt/modules/data.py
+.IP \(bu 2
+d7e8741 Gate salt.states.file.py msgpack
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22803\fP: (\fIrallytime\fP) Allow map file to work with softlayer
+@ \fI2015\-04\-17T20:34:42Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#17144\fP: (\fIxpender\fP) salt\-cloud \-m fails with softlayer
+| refs: \fI\%#22803\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+11df71e Merge pull request \fI\%#22803\fP from rallytime/\fI\%fix\-17144\fP
+.IP \(bu 2
+ce88b6a Allow map file to work with softlayer
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22807\fP: (\fIrallytime\fP) Add 2014.7.5 links to windows installation docs
+@ \fI2015\-04\-17T20:32:13Z\fP
+.INDENT 2.0
+.IP \(bu 2
+cd43a95 Merge pull request \fI\%#22807\fP from rallytime/windows_docs_update
+.IP \(bu 2
+5931a58 Replace all 4s with 5s
+.IP \(bu 2
+eadaead Add 2014.7.5 links to windows installation docs
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22795\fP: (\fIrallytime\fP) Added release note for 2014.7.5 release
+@ \fI2015\-04\-17T18:05:36Z\fP
+.INDENT 2.0
+.IP \(bu 2
+0b295e2 Merge pull request \fI\%#22795\fP from rallytime/release_notes
+.IP \(bu 2
+fde1fee Remove extra line
+.IP \(bu 2
+b19b95d Added release note for 2014.7.5 release
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22759\fP: (\fItwangboy\fP) Final edits to the batch files for running salt
+@ \fI2015\-04\-17T04:31:15Z\fP
+.INDENT 2.0
+.IP \(bu 2
+\fBISSUE\fP \fI\%#22740\fP: (\fIlorengordon\fP) New Windows installer assumes salt is installed to the current directory
+| refs: \fI\%#22759\fP
+.IP \(bu 2
+\fBPR\fP \fI\%#22754\fP: (\fItwangboy\fP) Removed redundant \e and "
+| refs: \fI\%#22759\fP
+.UNINDENT
+.INDENT 2.0
+.IP \(bu 2
+3c91459 Merge pull request \fI\%#22759\fP from twangboy/fix_bat_one_last_time
+.IP \(bu 2
+075f82e Final edits to the batch files for running salt
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22760\fP: (\fIthatch45\fP) Fix issues with the syndic
+@ \fI2015\-04\-17T04:30:48Z\fP
+.INDENT 2.0
+.IP \(bu 2
+20d3f2b Merge pull request \fI\%#22760\fP from thatch45/syndic_fix
+.IP \(bu 2
+e2db624 Fix issues with the syndic not resolving the master when the interface is set
+.UNINDENT
+.IP \(bu 2
+\fBPR\fP \fI\%#22762\fP: (\fItwangboy\fP) Fixed version not showing in Add/Remove Programs
+@ \fI2015\-04\-17T04:29:46Z\fP
+.INDENT 2.0
+.IP \(bu 2
+54c4584 Merge pull request \fI\%#22762\fP from twangboy/fix_installer
+.IP \(bu 2
+4d25af8 Fixed version not showing in Add/Remove Programs
+.UNINDENT
 .UNINDENT
 .SS Salt 2014.1.0 Release Notes \- Codename Hydrogen
 .sp
@@ -170012,7 +185204,7 @@
 .sp
 7d5aca4633bc22f59045f59e82f43b56
 .sp
-For instructions on how to set up Salt please see the installation
+For instructions on how to set up Salt please see the \fIinstallation\fP
 instructions.
 .SS New Features
 .SS Salt Run
@@ -170120,12 +185312,12 @@
 .sp
 9a925da04981e65a0f237f2e77ddab37
 .sp
-For instructions on how to set up Salt please see the installation
+For instructions on how to set up Salt please see the \fIinstallation\fP
 instructions.
 .SS New Features
 .SS Salt Syndic
 .sp
-The new Syndic interface allows a master to be
+The new \fISyndic interface\fP allows a master to be
 commanded via another higher level salt master. This is a powerful solution
 allowing a master control structure to exist, allowing salt to scale to much
 larger levels then before.
@@ -170223,7 +185415,7 @@
 .sp
 \fI\%https://pypi.python.org/packages/source/s/salt/salt\-0.9.2.tar.gz\fP
 .sp
-For instructions on how to set up Salt please see the installation
+For instructions on how to set up Salt please see the \fIinstallation\fP
 instructions.
 .SS New Features
 .SS Salt\-Call Additions
@@ -170295,7 +185487,7 @@
 .sp
 \fI\%https://pypi.python.org/packages/source/s/salt/salt\-0.9.3.tar.gz\fP
 .sp
-For instructions on how to set up Salt please see the installation
+For instructions on how to set up Salt please see the \fIinstallation\fP
 instructions.
 .SS New Features
 .SS WAN Support
@@ -170630,7 +185822,7 @@
 .sp
 \fI\%https://pypi.python.org/packages/source/s/salt/salt\-0.9.4.tar.gz\fP
 .sp
-For instructions on how to set up Salt please see the installation
+For instructions on how to set up Salt please see the \fIinstallation\fP
 instructions.
 .SS New Features
 .SS Failhard State Option
@@ -172410,7 +187602,7 @@
 If the Minion id is not configured explicitly (using the \fBid\fP
 parameter), Salt will determine the id based on the hostname. Exactly how this
 is determined varies a little between operating systems and is described in
-detail here\&.
+detail \fIhere\fP\&.
 .SS I\(aqm trying to manage packages/services but I get an error saying that the state is not available. Why?
 .sp
 Salt detects the Minion\(aqs operating system and assigns the correct package or
@@ -172629,7 +187821,7 @@
 .TP
 .B Auto\-Order
 The evaluation of states in the order that they are defined in a SLS
-file. \fISee also\fP: ordering\&.
+file. \fISee also\fP: \fIordering\fP\&.
 .TP
 .B Bootstrap
 A stand\-alone Salt project which can download and install a Salt master
@@ -172637,34 +187829,34 @@
 .TP
 .B Compound Matcher
 A combination of many target definitions that can be combined with
-boolean operators. \fISee also\fP: targeting\&.
+boolean operators. \fISee also\fP: \fItargeting\fP\&.
 .TP
 .B EAuth
 Shorthand for \(aqexternal authentication\(aq. A system for calling to a
 system outside of Salt in order to authenticate users and determine if
 they are allowed to issue particular commands to Salt. \fISee also\fP:
-external auth\&.
+\fIexternal auth\fP\&.
 .TP
 .B Environment
 A directory tree containing state files which can be applied to
-minions. \fISee also\fP: top file\&.
+minions. \fISee also\fP: \fItop file\fP\&.
 .TP
 .B Execution Module
 A Python module that contains execution functions which directly
 perform various system\-management tasks on a server. Salt ships with a
 number of execution modules but users can also write their own
-execution modules to perform specialized tasks. \fISee also\fP: the
-list of execution modules\&.
+execution modules to perform specialized tasks. \fISee also\fP: \fIthe
+list of execution modules\fP\&.
 .TP
 .B Execution Function
 A Python function inside an Execution Module that may take arguments
-and performs specific system\-management tasks. \fISee also\fP: the
-list of execution modules\&.
+and performs specific system\-management tasks. \fISee also\fP: \fIthe
+list of execution modules\fP\&.
 .TP
 .B External Job Cache
 An external data\-store that can archive information about jobs that
 have been run. A default returner. \fISee also\fP:
-\fBext_job_cache\fP, the list of returners\&.
+\fBext_job_cache\fP, \fIthe list of returners\fP\&.
 .TP
 .B External Pillar
 A module that accepts arbitrary arguments and returns a dictionary.
@@ -172673,17 +187865,17 @@
 .B Event
 A notice emitted onto an event bus. Events are often driven by requests
 for actions to occur on a minion or master and the results of those
-actions. \fISee also\fP: Salt Reactor\&.
+actions. \fISee also\fP: \fISalt Reactor\fP\&.
 .TP
 .B File Server
 A local or remote location for storing both Salt\-specific files such as
 top files or SLS files as well as files that can be distributed to
-minions, such as system configuration files. \fISee also\fP: Salt\(aqs
-file server\&.
+minions, such as system configuration files. \fISee also\fP: \fISalt\(aqs
+file server\fP\&.
 .TP
 .B Grain
 A key\-value pair which contains a fact about a system, such as its
-hostname, network addresses. \fISee also\fP: targeting with grains\&.
+hostname, network addresses. \fISee also\fP: \fItargeting with grains\fP\&.
 .TP
 .B Halite
 The Salt GUI. \fISee also\fP: \fI\%Halite\fP\&.
@@ -172702,15 +187894,15 @@
 .TP
 .B Highdata
 The data structure in a SLS file the represents a set of state
-declarations. \fISee also\fP: state layers\&.
+declarations. \fISee also\fP: \fIstate layers\fP\&.
 .TP
 .B Highstate
 The collection of states to be applied to a system. \fISee also\fP:
-state layers\&.
+\fIstate layers\fP\&.
 .TP
 .B Low State
 The collection of processed states after requisites and order are
-evaluated. \fISee also\fP: state layers\&.
+evaluated. \fISee also\fP: \fIstate layers\fP\&.
 .TP
 .B Master
 A central Salt daemon which from which commands can be issued to
@@ -172727,7 +187919,7 @@
 .B Mine
 A facility to collect arbitrary data from minions and store that data
 on the master. This data is then available to all other minions.
-[Sometimes referred to as Salt Mine.] \fISee also\fP: Salt Mine\&.
+[Sometimes referred to as Salt Mine.] \fISee also\fP: \fISalt Mine\fP\&.
 .TP
 .B Minion
 A server running a Salt minion daemon which can listen to commands from
@@ -172744,26 +187936,26 @@
 .TP
 .B Node Group
 A pre\-defined group of minions declared in the master configuration
-file. \fISee also\fP: targeting\&.
+file. \fISee also\fP: \fItargeting\fP\&.
 .TP
 .B Outputter
 A formatter for defining the characteristics of output data from a Salt
-command. \fISee also\fP: list of outputters\&.
+command. \fISee also\fP: \fIlist of outputters\fP\&.
 .TP
 .B Overstate
 A system by which a Master can issue function calls to minions in a
-deterministic order. \fISee also\fP: overstate\&.
+deterministic order. \fISee also\fP: \fIoverstate\fP\&.
 .TP
 .B Peer Communication
 The ability for minions to communicate directly with other minions
 instead of brokering commands through the Salt master. \fISee also\fP:
-peer communication\&.
+\fIpeer communication\fP\&.
 .TP
 .B Pillar
 A simple key\-value store for user\-defined data to be made available to
 a minion. Often used to store and distribute sensitive data to minions.
-\fISee also\fP: Pillar, list of Pillar
-modules\&.
+\fISee also\fP: \fIPillar\fP, \fIlist of Pillar
+modules\fP\&.
 .TP
 .B Proxy Minion
 A minion which can control devices that are unable to run a Salt minion
@@ -172776,29 +187968,29 @@
 .TP
 .B Reactor
 An interface for listening to events and defining actions that Salt
-should taken upon receipt of given events. \fISee also\fP: Reactor\&.
+should taken upon receipt of given events. \fISee also\fP: \fIReactor\fP\&.
 .TP
 .B Render Pipe
 Allows SLS files to be rendered by multiple renderers, with each
 renderer receiving the output of the previous. \fISee also\fP:
-composing renderers\&.
+\fIcomposing renderers\fP\&.
 .TP
 .B Renderer
 Responsible for translating a given data serialization format such as
 YAML or JSON into a Python data structure that can be consumed by Salt.
-\fISee also\fP: list of renderers\&.
+\fISee also\fP: \fIlist of renderers\fP\&.
 .TP
 .B Returner
 Allows for the results of a Salt command to be sent to a given
 data\-store such as a database or log file for archival. \fISee also\fP:
-list of returners\&.
+\fIlist of returners\fP\&.
 .TP
 .B Roster
 A flat\-file list of target hosts. (Currently only used by salt\-ssh.)
 .TP
 .B Runner Module
-A module containing a set of runner functions. \fISee also\fP: list
-of runner modules\&.
+A module containing a set of runner functions. \fISee also\fP: \fIlist
+of runner modules\fP\&.
 .TP
 .B Runner Function
 A function which is is called by the \fBsalt\-run\fP command and
@@ -172807,7 +187999,7 @@
 .TP
 .B Salt Cloud
 A suite of tools used to create and deploy systems on many hosted cloud
-providers. \fISee also\fP: salt\-cloud\&.
+providers. \fISee also\fP: \fIsalt\-cloud\fP\&.
 .TP
 .B Salt SSH
 A configuration management and remote orchestration system that does
@@ -172831,11 +188023,11 @@
 .B State Declaration
 A data structure which contains a unique ID and describes one or more
 states of a system such as ensuring that a package is installed or a
-user is defined. \fISee also\fP: highstate structure\&.
+user is defined. \fISee also\fP: \fIhighstate structure\fP\&.
 .TP
 .B State Module
 A module which contains a set of state functions. \fISee also\fP:
-list of state modules\&.
+\fIlist of state modules\fP\&.
 .TP
 .B State Function
 A function contained inside a \fI\%state module\fP which
@@ -172850,16 +188042,16 @@
 .TP
 .B Syndic
 A forwarder which can relay messages between tiered masters. \fBSee
-also\fP: Syndic\&.
+also\fP: \fISyndic\fP\&.
 .TP
 .B Target
 Minion(s) to which a given salt command will apply. \fISee also\fP:
-targeting\&.
+\fItargeting\fP\&.
 .TP
 .B Top File
 Determines which SLS files should be applied to various systems and
 organizes those groups of systems into environments. \fISee also\fP:
-top file, list of master top modules\&.
+\fItop file\fP, \fIlist of master top modules\fP\&.
 .TP
 .B Worker
 A master process which can send notices and receive replies from
diff -Nru salt-2015.5.2+ds/doc/man/salt-api.1 salt-2015.5.3+ds/doc/man/salt-api.1
--- salt-2015.5.2+ds/doc/man/salt-api.1	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/man/salt-api.1	2015-07-07 20:42:37.000000000 +0000
@@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "SALT-API" "1" "May 06, 2015" "2015.5.0" "Salt"
+.TH "SALT-API" "1" "June 26, 2015" "2015.5.2" "Salt"
 .SH NAME
 salt-api \- salt-api Command
 .
diff -Nru salt-2015.5.2+ds/doc/man/salt-call.1 salt-2015.5.3+ds/doc/man/salt-call.1
--- salt-2015.5.2+ds/doc/man/salt-call.1	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/man/salt-call.1	2015-07-07 20:42:37.000000000 +0000
@@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "SALT-CALL" "1" "May 06, 2015" "2015.5.0" "Salt"
+.TH "SALT-CALL" "1" "June 26, 2015" "2015.5.2" "Salt"
 .SH NAME
 salt-call \- salt-call Documentation
 .
@@ -44,7 +44,20 @@
 .SH DESCRIPTION
 .sp
 The salt\-call command is used to run module functions locally on a minion
-instead of executing them from the master.
+instead of executing them from the master. Salt\-call is used to run a
+\fIStandalone Minion\fP, and was originally
+created for \fItroubleshooting\fP\&.
+.sp
+The Salt Master is contacted to retrieve state files and other resources
+during execution unless the \fB\-\-local\fP option is specified.
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+\fBsalt\-call\fP commands execute from the current user\(aqs shell
+context, while \fBsalt\fP commands execute from the system\(aqs default context.
+.UNINDENT
+.UNINDENT
 .SH OPTIONS
 .INDENT 0.0
 .TP
diff -Nru salt-2015.5.2+ds/doc/man/salt-cloud.1 salt-2015.5.3+ds/doc/man/salt-cloud.1
--- salt-2015.5.2+ds/doc/man/salt-cloud.1	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/man/salt-cloud.1	2015-07-07 20:42:37.000000000 +0000
@@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "SALT-CLOUD" "1" "May 06, 2015" "2015.5.0" "Salt"
+.TH "SALT-CLOUD" "1" "June 26, 2015" "2015.5.2" "Salt"
 .SH NAME
 salt-cloud \- Salt Cloud Command
 .
@@ -141,12 +141,6 @@
 .UNINDENT
 .INDENT 0.0
 .TP
-.B \-Q, \-\-query
-Execute a query and print out information about all cloud VMs. Can be used
-in conjunction with \-m to display only information about the specified map.
-.UNINDENT
-.INDENT 0.0
-.TP
 .B \-u, \-\-update\-bootstrap
 Update salt\-bootstrap to the latest develop version on GitHub.
 .UNINDENT
diff -Nru salt-2015.5.2+ds/doc/man/salt-cp.1 salt-2015.5.3+ds/doc/man/salt-cp.1
--- salt-2015.5.2+ds/doc/man/salt-cp.1	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/man/salt-cp.1	2015-07-07 20:42:37.000000000 +0000
@@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "SALT-CP" "1" "May 06, 2015" "2015.5.0" "Salt"
+.TH "SALT-CP" "1" "June 26, 2015" "2015.5.2" "Salt"
 .SH NAME
 salt-cp \- salt-cp Documentation
 .
diff -Nru salt-2015.5.2+ds/doc/man/salt-key.1 salt-2015.5.3+ds/doc/man/salt-key.1
--- salt-2015.5.2+ds/doc/man/salt-key.1	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/man/salt-key.1	2015-07-07 20:42:37.000000000 +0000
@@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "SALT-KEY" "1" "May 06, 2015" "2015.5.0" "Salt"
+.TH "SALT-KEY" "1" "June 26, 2015" "2015.5.2" "Salt"
 .SH NAME
 salt-key \- salt-key Documentation
 .
diff -Nru salt-2015.5.2+ds/doc/man/salt-master.1 salt-2015.5.3+ds/doc/man/salt-master.1
--- salt-2015.5.2+ds/doc/man/salt-master.1	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/man/salt-master.1	2015-07-07 20:42:37.000000000 +0000
@@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "SALT-MASTER" "1" "May 06, 2015" "2015.5.0" "Salt"
+.TH "SALT-MASTER" "1" "June 26, 2015" "2015.5.2" "Salt"
 .SH NAME
 salt-master \- salt-master Documentation
 .
diff -Nru salt-2015.5.2+ds/doc/man/salt-minion.1 salt-2015.5.3+ds/doc/man/salt-minion.1
--- salt-2015.5.2+ds/doc/man/salt-minion.1	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/man/salt-minion.1	2015-07-07 20:42:37.000000000 +0000
@@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "SALT-MINION" "1" "May 06, 2015" "2015.5.0" "Salt"
+.TH "SALT-MINION" "1" "June 26, 2015" "2015.5.2" "Salt"
 .SH NAME
 salt-minion \- salt-minion Documentation
 .
diff -Nru salt-2015.5.2+ds/doc/man/salt-run.1 salt-2015.5.3+ds/doc/man/salt-run.1
--- salt-2015.5.2+ds/doc/man/salt-run.1	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/man/salt-run.1	2015-07-07 20:42:37.000000000 +0000
@@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "SALT-RUN" "1" "May 06, 2015" "2015.5.0" "Salt"
+.TH "SALT-RUN" "1" "June 26, 2015" "2015.5.2" "Salt"
 .SH NAME
 salt-run \- salt-run Documentation
 .
diff -Nru salt-2015.5.2+ds/doc/man/salt-ssh.1 salt-2015.5.3+ds/doc/man/salt-ssh.1
--- salt-2015.5.2+ds/doc/man/salt-ssh.1	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/man/salt-ssh.1	2015-07-07 20:42:37.000000000 +0000
@@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "SALT-SSH" "1" "May 06, 2015" "2015.5.0" "Salt"
+.TH "SALT-SSH" "1" "June 26, 2015" "2015.5.2" "Salt"
 .SH NAME
 salt-ssh \- salt-ssh Documentation
 .
diff -Nru salt-2015.5.2+ds/doc/man/salt-syndic.1 salt-2015.5.3+ds/doc/man/salt-syndic.1
--- salt-2015.5.2+ds/doc/man/salt-syndic.1	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/man/salt-syndic.1	2015-07-07 20:42:37.000000000 +0000
@@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "SALT-SYNDIC" "1" "May 06, 2015" "2015.5.0" "Salt"
+.TH "SALT-SYNDIC" "1" "June 26, 2015" "2015.5.2" "Salt"
 .SH NAME
 salt-syndic \- salt-syndic Documentation
 .
diff -Nru salt-2015.5.2+ds/doc/man/salt-unity.1 salt-2015.5.3+ds/doc/man/salt-unity.1
--- salt-2015.5.2+ds/doc/man/salt-unity.1	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/man/salt-unity.1	2015-07-07 20:42:37.000000000 +0000
@@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "SALT-UNITY" "1" "May 06, 2015" "2015.5.0" "Salt"
+.TH "SALT-UNITY" "1" "June 26, 2015" "2015.5.2" "Salt"
 .SH NAME
 salt-unity \- salt-unity Command
 .
diff -Nru salt-2015.5.2+ds/doc/ref/cli/salt-call.rst salt-2015.5.3+ds/doc/ref/cli/salt-call.rst
--- salt-2015.5.2+ds/doc/ref/cli/salt-call.rst	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/cli/salt-call.rst	2015-07-01 21:33:42.000000000 +0000
@@ -13,7 +13,17 @@
 ===========
 
 The salt-call command is used to run module functions locally on a minion
-instead of executing them from the master.
+instead of executing them from the master. Salt-call is used to run a
+:ref:`Standalone Minion <tutorial-standalone-minion>`, and was originally
+created for :ref:`troubleshooting <troubleshooting-minion-salt-call>`.
+
+The Salt Master is contacted to retrieve state files and other resources
+during execution unless the ``--local`` option is specified.
+
+.. note::
+
+    ``salt-call`` commands execute from the current user's shell
+    context, while ``salt`` commands execute from the system's default context.
 
 Options
 =======
diff -Nru salt-2015.5.2+ds/doc/ref/cli/salt-cloud.rst salt-2015.5.3+ds/doc/ref/cli/salt-cloud.rst
--- salt-2015.5.2+ds/doc/ref/cli/salt-cloud.rst	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/cli/salt-cloud.rst	2015-07-01 21:33:42.000000000 +0000
@@ -87,11 +87,6 @@
     for this influx of vm creation. When creating large groups of VMs watch the
     cloud provider carefully.
 
-.. option:: -Q, --query
-
-    Execute a query and print out information about all cloud VMs. Can be used
-    in conjunction with -m to display only information about the specified map.
-
 .. option:: -u, --update-bootstrap
 
     Update salt-bootstrap to the latest develop version on GitHub.
diff -Nru salt-2015.5.2+ds/doc/ref/configuration/master.rst salt-2015.5.3+ds/doc/ref/configuration/master.rst
--- salt-2015.5.2+ds/doc/ref/configuration/master.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/configuration/master.rst	2015-07-07 20:42:37.000000000 +0000
@@ -337,11 +337,11 @@
 ``enable_gpu_grains``
 ---------------------
 
-Default: ``False``
+Default: ``True``
 
-The master can take a while to start up when lspci and/or dmidecode is used
-to populate the grains for the master. Enable if you want to see GPU hardware
-data for your master.
+Enable GPU hardware data for your master. Be aware that the master can
+take a while to start up when lspci and/or dmidecode is used to populate the
+grains for the master.
 
 .. conf_master:: job_cache
 
@@ -2432,3 +2432,15 @@
 
     win_gitrepos:
       - 'https://github.com/saltstack/salt-winrepo.git'
+
+To specify a specific revision of the repository, preface the
+repository location with a commit ID:
+
+.. code-block:: yaml
+
+    win_gitrepos:
+      - '<commit_id> https://github.com/saltstack/salt-winrepo.git'
+
+Replacing ``<commit_id>`` with the ID from GitHub. Specifying a commit
+ID is useful if you need to revert to a previous version if an error
+is introduced in the latest version.
diff -Nru salt-2015.5.2+ds/doc/ref/configuration/minion.rst salt-2015.5.3+ds/doc/ref/configuration/minion.rst
--- salt-2015.5.2+ds/doc/ref/configuration/minion.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/configuration/minion.rst	2015-07-07 20:42:37.000000000 +0000
@@ -82,30 +82,41 @@
 
 .. versionadded:: 2014.7.0
 
-Default: ``str``
+Default: ``standard``
 
-The type of the :conf_minion:`master` variable. Can be either ``func`` or
-``failover``.
+The type of the :conf_minion:`master` variable. Can be ``standard``, ``failover`` or
+``func``.
 
-If the master needs to be dynamically assigned by executing a function instead
-of reading in the static master value, set this to ``func``. This can be used
-to manage the minion's master setting from an execution module. By simply
-changing the algorithm in the module to return a new master ip/fqdn, restart
-the minion and it will connect to the new master.
+.. code-block:: yaml
 
+    master_type: failover
+
+If this option is set to ``failover``, :conf_minion:`master` must be a list of
+master addresses. The minion will then try each master in the order specified
+in the list until it successfully connects.  :conf_minion:`master_alive_interval`
+must also be set, this determines how often the minion will verify the presence
+of the master.
 
 .. code-block:: yaml
 
     master_type: func
 
-If this option is set to ``failover``, :conf_minion:`master` must be a list of
-master addresses. The minion will then try each master in the order specified
-in the list until it successfully connects.
+If the master needs to be dynamically assigned by executing a function instead
+of reading in the static master value, set this to ``func``. This can be used
+to manage the minion's master setting from an execution module. By simply
+changing the algorithm in the module to return a new master ip/fqdn, restart
+the minion and it will connect to the new master.
 
+``master_alive_interval``
+-------------------------
 
 .. code-block:: yaml
 
-    master_type: failover
+    master_alive_interval: 30
+
+Configures how often, in seconds, the minion will verify that the current
+master is alive and responding.  The minion will try to establish a connection
+to the next master in the list if it finds the existing one is dead.
 
 ``master_shuffle``
 ------------------
@@ -164,6 +175,22 @@
 
     user: root
 
+.. conf_minion:: sudo_user
+
+``sudo_user``
+--------
+
+Default: ``''``
+
+Setting ``sudo_user`` will cause salt to run all execution modules under an
+sudo to the user given in ``sudo_user``.  The user under which the salt minion
+process itself runs will still be that provided in :conf_minion:`user` above,
+but all execution modules run by the minion will be rerouted through sudo.
+
+.. code-block:: yaml
+
+    sudo_user: saltadm
+
 .. conf_minion:: pidfile
 
 ``pidfile``
@@ -289,6 +316,22 @@
 
     cache_jobs: False
 
+.. conf_minion:: grains_cache
+
+``grains_cache``
+----------------
+
+Default: ``False``
+
+The minion can locally cache grain data instead of refreshing the data
+each time the grain is referenced. By default this feature is disabled,
+to enable set grains_cache to ``True``.
+
+.. code-block:: yaml
+
+    cache_jobs: False
+
+
 .. conf_minion:: sock_dir
 
 ``sock_dir``
@@ -415,21 +458,6 @@
 
     recon_randomize: True
 
-.. conf_minion:: dns_check
-
-``dns_check``
--------------
-
-Default: ``True``
-
-When healing, a dns_check is run. This is to make sure that the originally
-resolved dns has not changed. If this is something that does not happen in your
-environment, set this value to ``False``.
-
-.. code-block:: yaml
-
-    dns_check: True
-
 .. conf_minion:: cache_sreqs
 
 ``cache_sreqs``
diff -Nru salt-2015.5.2+ds/doc/ref/file_server/index.rst salt-2015.5.3+ds/doc/ref/file_server/index.rst
--- salt-2015.5.2+ds/doc/ref/file_server/index.rst	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/file_server/index.rst	2015-07-01 21:33:42.000000000 +0000
@@ -24,6 +24,21 @@
 is used by the Salt state system, salt-cp, and can be used to distribute files
 presented by the Salt file server.
 
+Escaping Special Characters
+```````````````````````````
+
+The ``salt://`` url format can potentially contain a query string, for example
+``salt://dir/file.txt?saltenv=base``. You can prevent the fileclient/fileserver from
+interpreting ``?`` as the initial token of a query string by referencing the file
+with ``salt://|`` rather than ``salt://``.
+
+.. code-block:: yaml
+
+    /etc/marathon/conf/?checkpoint:
+      file.managed:
+        - source: salt://|hw/config/?checkpoint
+        - makedirs: True
+
 Environments
 ````````````
 
diff -Nru salt-2015.5.2+ds/doc/ref/modules/all/index.rst salt-2015.5.3+ds/doc/ref/modules/all/index.rst
--- salt-2015.5.2+ds/doc/ref/modules/all/index.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/modules/all/index.rst	2015-07-07 20:42:37.000000000 +0000
@@ -44,6 +44,7 @@
     bsd_shadow
     btrfs
     cassandra
+    cassandra_cql
     chef
     chocolatey
     cloud
@@ -55,6 +56,7 @@
     cpan
     cron
     cyg
+    cytest
     daemontools
     darwin_sysctl
     data
@@ -90,7 +92,6 @@
     freebsdpkg
     freebsdports
     freebsdservice
-    fsutils
     gem
     genesis
     gentoo_service
@@ -118,6 +119,7 @@
     influx
     ini_manage
     introspect
+    ipmi
     ipset
     iptables
     jboss7
@@ -155,6 +157,7 @@
     mount
     munin
     mysql
+    nacl
     nagios
     netbsd_sysctl
     netbsdservice
@@ -255,6 +258,7 @@
     sysmod
     sysrc
     system
+    system_profiler
     systemd
     test
     test_virtual
diff -Nru salt-2015.5.2+ds/doc/ref/modules/all/salt.modules.cassandra_cql.rst salt-2015.5.3+ds/doc/ref/modules/all/salt.modules.cassandra_cql.rst
--- salt-2015.5.2+ds/doc/ref/modules/all/salt.modules.cassandra_cql.rst	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/modules/all/salt.modules.cassandra_cql.rst	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,6 @@
+==========================
+salt.modules.cassandra_cql
+==========================
+
+.. automodule:: salt.modules.cassandra_cql
+    :members:
\ No newline at end of file
diff -Nru salt-2015.5.2+ds/doc/ref/modules/all/salt.modules.cytest.rst salt-2015.5.3+ds/doc/ref/modules/all/salt.modules.cytest.rst
--- salt-2015.5.2+ds/doc/ref/modules/all/salt.modules.cytest.rst	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/modules/all/salt.modules.cytest.rst	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,6 @@
+===================
+salt.modules.cytest
+===================
+
+.. automodule:: salt.modules.cytest
+    :members:
\ No newline at end of file
diff -Nru salt-2015.5.2+ds/doc/ref/modules/all/salt.modules.fsutils.rst salt-2015.5.3+ds/doc/ref/modules/all/salt.modules.fsutils.rst
--- salt-2015.5.2+ds/doc/ref/modules/all/salt.modules.fsutils.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/modules/all/salt.modules.fsutils.rst	1970-01-01 00:00:00.000000000 +0000
@@ -1,6 +0,0 @@
-====================
-salt.modules.fsutils
-====================
-
-.. automodule:: salt.modules.fsutils
-    :members:
\ No newline at end of file
diff -Nru salt-2015.5.2+ds/doc/ref/modules/all/salt.modules.ipmi.rst salt-2015.5.3+ds/doc/ref/modules/all/salt.modules.ipmi.rst
--- salt-2015.5.2+ds/doc/ref/modules/all/salt.modules.ipmi.rst	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/modules/all/salt.modules.ipmi.rst	2015-07-07 20:42:37.000000000 +0000
@@ -0,0 +1,6 @@
+=================
+salt.modules.ipmi
+=================
+
+.. automodule:: salt.modules.ipmi
+    :members:
\ No newline at end of file
diff -Nru salt-2015.5.2+ds/doc/ref/modules/all/salt.modules.nacl.rst salt-2015.5.3+ds/doc/ref/modules/all/salt.modules.nacl.rst
--- salt-2015.5.2+ds/doc/ref/modules/all/salt.modules.nacl.rst	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/modules/all/salt.modules.nacl.rst	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,6 @@
+=================
+salt.modules.nacl
+=================
+
+.. automodule:: salt.modules.nacl
+    :members:
\ No newline at end of file
diff -Nru salt-2015.5.2+ds/doc/ref/modules/all/salt.modules.system_profiler.rst salt-2015.5.3+ds/doc/ref/modules/all/salt.modules.system_profiler.rst
--- salt-2015.5.2+ds/doc/ref/modules/all/salt.modules.system_profiler.rst	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/modules/all/salt.modules.system_profiler.rst	2015-07-07 20:42:37.000000000 +0000
@@ -0,0 +1,6 @@
+============================
+salt.modules.system_profiler
+============================
+
+.. automodule:: salt.modules.system_profiler
+    :members:
\ No newline at end of file
diff -Nru salt-2015.5.2+ds/doc/ref/pillar/all/index.rst salt-2015.5.3+ds/doc/ref/pillar/all/index.rst
--- salt-2015.5.2+ds/doc/ref/pillar/all/index.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/pillar/all/index.rst	2015-07-07 20:42:37.000000000 +0000
@@ -17,7 +17,6 @@
     django_orm
     ec2_pillar
     etcd_pillar
-    file_encode
     file_tree
     foreman
     git_pillar
diff -Nru salt-2015.5.2+ds/doc/ref/states/all/index.rst salt-2015.5.3+ds/doc/ref/states/all/index.rst
--- salt-2015.5.2+ds/doc/ref/states/all/index.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/states/all/index.rst	2015-07-07 20:42:37.000000000 +0000
@@ -63,6 +63,7 @@
     influxdb_database
     influxdb_user
     ini_manage
+    ipmi
     ipset
     iptables
     jboss7
@@ -142,6 +143,7 @@
     sysrc
     test
     timezone
+    tls
     tomcat
     user
     vbox_guest
diff -Nru salt-2015.5.2+ds/doc/ref/states/all/salt.states.artifactory.rst salt-2015.5.3+ds/doc/ref/states/all/salt.states.artifactory.rst
--- salt-2015.5.2+ds/doc/ref/states/all/salt.states.artifactory.rst	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/states/all/salt.states.artifactory.rst	2015-07-01 21:33:42.000000000 +0000
@@ -1,6 +1,6 @@
-========================
-salt.states.jboss7
-========================
+=======================
+salt.states.artifactory
+=======================
 
 .. automodule:: salt.states.artifactory
     :members:
\ No newline at end of file
diff -Nru salt-2015.5.2+ds/doc/ref/states/all/salt.states.ipmi.rst salt-2015.5.3+ds/doc/ref/states/all/salt.states.ipmi.rst
--- salt-2015.5.2+ds/doc/ref/states/all/salt.states.ipmi.rst	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/states/all/salt.states.ipmi.rst	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,6 @@
+================
+salt.states.ipmi
+================
+
+.. automodule:: salt.states.ipmi
+    :members:
\ No newline at end of file
diff -Nru salt-2015.5.2+ds/doc/ref/states/all/salt.states.tls.rst salt-2015.5.3+ds/doc/ref/states/all/salt.states.tls.rst
--- salt-2015.5.2+ds/doc/ref/states/all/salt.states.tls.rst	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/states/all/salt.states.tls.rst	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,6 @@
+===============
+salt.states.tls
+===============
+
+.. automodule:: salt.states.tls
+    :members:
diff -Nru salt-2015.5.2+ds/doc/ref/states/requisites.rst salt-2015.5.3+ds/doc/ref/states/requisites.rst
--- salt-2015.5.2+ds/doc/ref/states/requisites.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/ref/states/requisites.rst	2015-07-07 20:42:37.000000000 +0000
@@ -508,7 +508,7 @@
 
  configure-apache2:
    file.managed:
-     - path: /etc/apache2/apache2.conf
+     - name: /etc/apache2/apache2.conf
      - source: salt://apache2/apache2.conf
 
 This example will cause apache2 to be restarted when the apache2.conf file is
@@ -522,7 +522,7 @@
 
  configure-apache2:
    file.managed:
-     - path: /etc/apache2/apache2.conf
+     - name: /etc/apache2/apache2.conf
      - source: salt://apache2/apache2.conf
      - listen_in:
        - service: apache2
@@ -547,7 +547,7 @@
 
     comment-repo:
       file.replace:
-        - path: /etc/yum.repos.d/fedora.repo
+        - name: /etc/yum.repos.d/fedora.repo
         - pattern: ^enabled=0
         - repl: enabled=1
         - check_cmd:
diff -Nru salt-2015.5.2+ds/doc/topics/cloud/gogrid.rst salt-2015.5.3+ds/doc/topics/cloud/gogrid.rst
--- salt-2015.5.2+ds/doc/topics/cloud/gogrid.rst	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/cloud/gogrid.rst	2015-07-07 20:42:37.000000000 +0000
@@ -29,6 +29,14 @@
       apikey: asdff7896asdh789
       sharedsecret: saltybacon
 
+.. note::
+
+    A Note about using Map files with GoGrid:
+
+    Due to limitations in the GoGrid API, instances cannot be provisioned in parallel
+    with the GoGrid driver. Map files will work with GoGrid, but the ``-P``
+    argument should not be used on maps referencing GoGrid instances.
+
 
 Profiles
 ========
diff -Nru salt-2015.5.2+ds/doc/topics/cloud/index.html salt-2015.5.3+ds/doc/topics/cloud/index.html
--- salt-2015.5.2+ds/doc/topics/cloud/index.html	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/cloud/index.html	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,13 @@
+
+<row class="intro-row">
+    <div class="col-sm-4">
+        <div class="intro-text">Provision systems on cloud providers / hypervisors and immediately bring them under management.</div>
+    </div>
+
+    <div class="col-sm-8">
+        <div class="embed-responsive embed-responsive-4by3">
+            <iframe class="embed-responsive-item" src="https://www.youtube.com/embed/fs0UFjvWA_c"></iframe>
+        </div>
+    </div>
+
+</row>
\ No newline at end of file
diff -Nru salt-2015.5.2+ds/doc/topics/cloud/index.rst salt-2015.5.3+ds/doc/topics/cloud/index.rst
--- salt-2015.5.2+ds/doc/topics/cloud/index.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/cloud/index.rst	2015-07-07 20:42:37.000000000 +0000
@@ -4,19 +4,130 @@
 Salt Cloud
 ==========
 
+.. raw:: html
+ :file: index.html
+
 Getting Started
 ===============
 
-.. toctree::
-    :maxdepth: 3
+Salt Cloud is built-in to Salt and is configured on and executed from your Salt Master.
 
-    Installing salt cloud <install/index>
+Define a Profile
+----------------
+
+The first step is to add the credentials for your cloud provider. Credentials
+and provider settings are stored in provider configuration files.
+Provider configurations contain the details needed to connect, and any global options that you want set on
+your cloud minions (such as the location of your Salt Master).
+
+On your Salt Master, browse to ``/etc/salt/cloud.providers.d/`` and create a file called ``<provider>.provider.conf``,
+replacing ``<provider>`` with ``ec2``, ``softlayer``, and so on. The name helps you identify the contents, and is not
+important as long as the file ends in ``.conf``.
+
+Next, browse to the :ref:`Provider specifics <cloud-provider-specifics>` and add any required settings for your
+provider to this file. Here is an example for Amazon EC2:
+
+.. code-block:: yaml
+
+    my-ec2:
+      provider: ec2
+      # Set the EC2 access credentials (see below)
+      #
+      id: 'HJGRYCILJLKJYG'
+      key: 'kdjgfsgm;woormgl/aserigjksjdhasdfgn'
+      # Make sure this key is owned by root with permissions 0400.
+      #
+      private_key: /etc/salt/my_test_key.pem
+      keyname: my_test_key
+      securitygroup: default
+      # Optional: Set up the location of the Salt Master
+      #
+      minion:
+        master: saltmaster.example.com
+
+The required configuration varies between providers so make sure you read the provider specifics.
+
+List Cloud Provider Options
+---------------------------
+
+You can now query the cloud provider you configured for available locations,
+images, and sizes. This information is used when you set up VM profiles.
+
+.. code-block:: bash
+
+    salt-cloud --list-locations <provider_name>  # my-ec2 in the previous example
+    salt-cloud --list-images <provider_name>
+    salt-cloud --list-sizes <provider_name>
+
+Replace ``<provider_name>`` with the name of the provider configuration you defined.
+
+Create VM Profiles
+------------------
+
+On your Salt Master, browse to ``/etc/salt/cloud.profiles.d/`` and create a file called ``<provider>.profiles.conf``,
+replacing ``<provider>`` with ``ec2``, ``softlayer``, and so on. The file must end in ``.conf``.
+
+You can now add any custom profiles you'd like to define to this file. Here are a few examples:
+
+.. code-block:: yaml
+
+    micro_ec2:
+      provider: my-ec2
+      image: ami-d514f291
+      size: t1.micro
+
+    medium_ec2:
+      provider: my-ec2
+      image: ami-d514f291
+      size: m3.medium
+
+    large_ec2:
+      provider: my-ec2
+      image: ami-d514f291
+      size: m3.large
+
+Notice that the ``provider`` in our profile matches the provider name that we defined? That is how Salt Cloud
+knows how to connect to create a VM with these attributes.
+
+Create VMs
+----------
+
+VMs are created by calling ``salt-cloud`` with the following options:
+
+.. code-block:: bash
+
+    salt-cloud -p <profile> <name1> <name2> ...
+
+For example:
+
+.. code-block:: bash
+
+    salt-cloud -p micro_ec2 minion1 minion2
+
+Destroy VMs
+-----------
+
+Add a ``-d`` and the minion name you provided to destroy:
+
+.. code-block:: bash
+
+    salt-cloud -d minion1 minion2
+
+Query VMs
+---------
+
+You can view details about the VMs you've created using ``--query``:
+
+.. code-block:: bash
+
+    salt-cloud --query
 
 Using Salt Cloud
 ================
 .. toctree::
     :maxdepth: 3
 
+    Command Line Reference <../../ref/cli/salt-cloud>
     Basic <basic>
     Profiles <profiles>
     Maps <map>
@@ -25,9 +136,11 @@
 
 Core Configuration
 ==================
+
 .. toctree::
     :maxdepth: 3
 
+    Installing salt cloud <install/index>
     Core Configuration <config>
 
 Windows Configuration
@@ -60,9 +173,15 @@
         Getting Started With Rackspace <rackspace>
         Getting Started With SoftLayer <softlayer>
         Getting Started With Vexxhost <vexxhost>
+        Getting Started With vSphere <vsphere>
+
+
+
+
 
 Miscellaneous Options
 =====================
+
 .. toctree::
     :maxdepth: 3
 
diff -Nru salt-2015.5.2+ds/doc/topics/cloud/linode.rst salt-2015.5.3+ds/doc/topics/cloud/linode.rst
--- salt-2015.5.2+ds/doc/topics/cloud/linode.rst	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/cloud/linode.rst	2015-07-07 20:42:37.000000000 +0000
@@ -61,6 +61,7 @@
       provider: my-linode-config
       size: Linode 1024
       image: Arch Linux 2013.06
+      location: london
 
 Sizes can be obtained using the ``--list-sizes`` option for the ``salt-cloud``
 command:
@@ -121,6 +122,31 @@
     ...SNIP...
 
 
+Locations can be obtained using the ``--list-locations`` option for the ``salt-cloud``
+command:
+
+.. code-block:: bash
+
+    # salt-cloud --list-locations my-linode-config
+    my-linode-config:
+        ----------
+        linode:
+            ----------
+            Atlanta, GA, USA:
+                ----------
+                abbreviation:
+                    atlanta
+                id:
+                    4
+            Dallas, TX, USA:
+                ----------
+                abbreviation:
+                    dallas
+                id:
+                    2
+    ...SNIP...
+
+
 Cloning
 =======
 
diff -Nru salt-2015.5.2+ds/doc/topics/cloud/map.rst salt-2015.5.3+ds/doc/topics/cloud/map.rst
--- salt-2015.5.2+ds/doc/topics/cloud/map.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/cloud/map.rst	2015-07-01 21:33:42.000000000 +0000
@@ -39,6 +39,12 @@
 
     $ salt-cloud -m /path/to/mapfile -P
 
+.. note::
+
+    Due to limitations in the GoGrid API, instances cannot be provisioned in parallel
+    with the GoGrid driver. Map files will work with GoGrid, but the ``-P``
+    argument should not be used on maps referencing GoGrid instances.
+
 A map file can also be enforced to represent the total state of a cloud
 deployment by using the ``--hard`` option. When using the hard option any vms
 that exist but are not specified in the map file will be destroyed:
diff -Nru salt-2015.5.2+ds/doc/topics/cloud/vsphere.rst salt-2015.5.3+ds/doc/topics/cloud/vsphere.rst
--- salt-2015.5.2+ds/doc/topics/cloud/vsphere.rst	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/cloud/vsphere.rst	2015-07-07 20:42:37.000000000 +0000
@@ -0,0 +1,121 @@
+============================
+Getting Started With vSphere
+============================
+
+.. note::
+
+    .. deprecated:: Carbon
+
+        The :py:func:`vsphere <salt.cloud.clouds.vsphere>` cloud driver has been
+        deprecated in favor of the :py:func:`vmware <salt.cloud.clouds.vmware>`
+        cloud driver and will be removed in Salt Carbon. Please refer to
+        :doc:`Getting started with VMware </topics/cloud/vmware>` instead to get
+        started with the configuration.
+
+VMware vSphere is a management platform for virtual infrastructure and cloud
+computing.
+
+
+Dependencies
+============
+The vSphere module for Salt Cloud requires the PySphere package, which is
+available at PyPI:
+
+https://pypi.python.org/pypi/pysphere
+
+This package can be installed using `pip` or `easy_install`:
+
+.. code-block:: bash
+
+  # pip install pysphere
+  # easy_install pysphere
+
+
+Configuration
+=============
+Set up the cloud config at ``/etc/salt/cloud.providers`` or in the
+``/etc/salt/cloud.providers.d/`` directory:
+
+.. code-block:: yaml
+
+    my-vsphere-config:
+      provider: vsphere
+      # Set the vSphere access credentials
+      user: marco
+      password: polo
+      # Set the URL of your vSphere server
+      url: 'vsphere.example.com'
+
+
+Profiles
+========
+
+Cloud Profiles
+~~~~~~~~~~~~~~
+vSphere uses a Managed Object Reference to identify objects located in vCenter.
+The MOR ID's are used when configuring a vSphere cloud profile. Use the
+following reference when locating the MOR's for the cloud profile.
+
+http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=1017126&sliceId=1&docTypeID=DT_KB_1_1&dialogID=520386078&stateId=1%200%20520388386
+
+Set up an initial profile at ``/etc/salt/cloud.profiles`` or in the
+``/etc/salt/cloud.profiles.d`` directory:
+
+.. code-block:: yaml
+
+    vsphere-centos:
+      provider: my-vsphere-config
+      image: centos
+      # Optional
+      datastore: datastore-15
+      resourcepool: resgroup-8
+      folder: salt-cloud
+      host: host-9
+      template: False
+
+
+provider
+--------
+Enter the name that was specified when the cloud provider profile was created.
+
+image
+-----
+Images available to build an instance can be found using the `--list-images`
+option:
+
+.. code-block:: bash
+
+    # salt-cloud --list-images my-vsphere-config
+
+datastore
+---------
+The MOR of the datastore where the virtual machine should be located. If not
+specified, the current datastore is used.
+
+resourcepool
+------------
+The MOR of the resourcepool to be used for the new vm. If not set, it will use
+the same resourcepool as the original vm.
+
+folder
+------
+Name of the folder that will contain the new VM. If not set, the VM will be
+added to the folder the original VM belongs to.
+
+host
+----
+The MOR of the host where the vm should be registered.
+
+  If not specified:
+    * if resourcepool is not specified, the current host is used.
+    * if resourcepool is specified, and the target pool represents a
+      stand-alone host, the host is used.
+    * if resourcepool is specified, and the target pool represents a
+      DRS-enabled cluster, a host selected by DRS is used.
+    * if resourcepool is specified, and the target pool represents a
+      cluster without DRS enabled, an InvalidArgument exception will be thrown.
+
+template
+--------
+Specifies whether or not the new virtual machine should be marked as a
+template. Default is False.
diff -Nru salt-2015.5.2+ds/doc/topics/development/contributing.rst salt-2015.5.3+ds/doc/topics/development/contributing.rst
--- salt-2015.5.2+ds/doc/topics/development/contributing.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/development/contributing.rst	2015-07-01 21:33:42.000000000 +0000
@@ -11,6 +11,8 @@
 For details on how to contribute documentation improvements please review
 :ref:`Writing Salt Documentation <salt-docs>`.
 
+.. _github-pull-request:
+
 Sending a GitHub pull request
 =============================
 
@@ -41,7 +43,7 @@
         isolated into separate branches.
 
     If you're working on a fix, create your branch from the oldest release
-    branch having the bug.  See :ref:`Which Salt Branch?`.
+    branch having the bug.  See :ref:`Which Salt Branch? <which-salt-branch>`.
 
     .. code-block:: bash
 
@@ -155,13 +157,15 @@
 
     Test progress and results can be found at http://jenkins.saltstack.com/.
 
+.. _which-salt-branch:
+
 Which Salt branch?
 ==================
 
 GitHub will open pull requests against Salt's main branch, ``develop``, by
 default.  Ideally features should go into ``develop`` and bug fixes should go
 into the oldest supported release branch affected by the bug.  See
-:ref:`Sending a GitHub pull request`.
+:ref:`Sending a GitHub pull request <github-pull-request>`.
 
 If you have a bug fix and have already forked your working branch from
 ``develop`` and do not know how to rebase your commits against another branch,
@@ -281,6 +285,8 @@
 will then get credit for the patch, and the Salt community will have an archive
 of the patch and a place for discussion.
 
+.. _backporting-pull-requests:
+
 Backporting Pull Requests
 =========================
 
@@ -355,8 +361,8 @@
 ======================================
 
 SaltStack uses several labeling schemes to help facilitate code contributions
-and bug resolution. See the :doc:`<labels-and-milestones>` documentation for
-more information.
+and bug resolution. See the :ref:`Labels and Milestones
+<labels-and-milestones>` documentation for more information.
 
 .. _`saltstack/salt`: https://github.com/saltstack/salt
 .. _`GitHub Fork a Repo Guide`: https://help.github.com/articles/fork-a-repo
diff -Nru salt-2015.5.2+ds/doc/topics/development/conventions/formulas.rst salt-2015.5.3+ds/doc/topics/development/conventions/formulas.rst
--- salt-2015.5.2+ds/doc/topics/development/conventions/formulas.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/development/conventions/formulas.rst	2015-07-07 20:42:37.000000000 +0000
@@ -680,10 +680,11 @@
 
 .. code-block:: yaml
 
-    PHP:
-      engine: 'On'
-      short_open_tag: 'Off'
-      error_reporting: 'E_ALL & ~E_DEPRECATED & ~E_STRICT'
+    php_ini:
+      PHP:
+        engine: 'On'
+        short_open_tag: 'Off'
+        error_reporting: 'E_ALL & ~E_DEPRECATED & ~E_STRICT'
 
 ``/srv/salt/php.ini.tmpl``:
 
@@ -691,8 +692,8 @@
 
     {% macro php_ini_serializer(data) %}
     {% for section_name, name_val_pairs in data.items() %}
-    [{{ section }}]
-    {% for name, val in name_val_pairs.items() %}
+    [{{ section_name }}]
+    {% for name, val in name_val_pairs.items() -%}
     {{ name }} = "{{ val }}"
     {% endfor %}
     {% endfor %}
diff -Nru salt-2015.5.2+ds/doc/topics/development/external_pillars.rst salt-2015.5.3+ds/doc/topics/development/external_pillars.rst
--- salt-2015.5.2+ds/doc/topics/development/external_pillars.rst	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/development/external_pillars.rst	2015-07-01 21:33:42.000000000 +0000
@@ -1,6 +1,8 @@
-===================
+.. _external-pillars:
+
+================
 External Pillars
-===================
+================
 
 Salt provides a mechanism for generating pillar data by calling external
 pillar interfaces. This document will describe an outline of an ext_pillar
diff -Nru salt-2015.5.2+ds/doc/topics/development/hacking.rst salt-2015.5.3+ds/doc/topics/development/hacking.rst
--- salt-2015.5.2+ds/doc/topics/development/hacking.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/development/hacking.rst	2015-07-07 20:42:37.000000000 +0000
@@ -283,3 +283,10 @@
     ./setup.py test
 
 See :doc:`here <tests/index>` for more information regarding the test suite.
+
+Issue and Pull Request Labeling System
+--------------------------------------
+
+SaltStack uses several labeling schemes to help facilitate code contributions
+and bug resolution. See the :ref:`Labels and Milestones
+<labels-and-milestones>` documentation for more information.
diff -Nru salt-2015.5.2+ds/doc/topics/development/labels.rst salt-2015.5.3+ds/doc/topics/development/labels.rst
--- salt-2015.5.2+ds/doc/topics/development/labels.rst	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/development/labels.rst	2015-07-07 00:55:51.000000000 +0000
@@ -0,0 +1,295 @@
+.. _labels-and-milestones:
+
+============================
+GitHub Labels and Milestones
+============================
+
+SaltStack uses several label categories, as well as milestones, to triage incoming issues and pull requests in the
+GitHub issue tracker.  Labels are used to sort issues by type, priority, severity, status, functional area, functional
+group, and targeted release and pull requests by status, functional area, functional group, type of change, and test
+status.  Milestones are used to indicate whether an issue is fully triaged or is scheduled to be fixed by SaltStack in
+an upcoming sprint.
+
+Milestones
+==========
+
+All issues are assigned to a milestone, whereas pull requests are almost never assigned to a milestone as the mean
+lifetime of pull requests is short enough that there is no need to track them temporally.
+
+SaltStack uses milestones to indicate which issues are blocked on submitter or upstream actions, are approved, or are
+scheduled to be fixed or implemented in an upcoming sprint.  If an issue is not attached to a sprint milestone, you are
+welcome to work on it at your own desire and convenience.  If it is attached to a sprint milestone and you have already
+begun working on it or have a solution in mind or have other ideas related to the issue, you are encouraged to
+coordinate with the assignee via the GitHub issue tracker to create the best possible solution or implementation.
+
+``Approved``
+    The issue has been validated and has all necessary information.
+
+``Blocked``
+    The issue is waiting on actions by parties outside of SaltStack, such as receiving more information from the
+    submitter or resolution of an upstream issue.  This milestone is usually applied in conjunction with the labels
+    ``Info Needed``, ``Question``, ``Expected Behavior``, ``Won't Fix For Now``, or ``Upstream Bug``.
+
+``Under Review``
+    The issue is having further validation done by a SaltStack engineer.
+
+``<Sprint>``
+    The issue is being actively worked on by a SaltStack engineer.  Sprint milestones names are constructed from the
+    chemical symbol of the next release's codename and the number of sprints until that release is made.  For example,
+    if the next release codename is ``Neon`` and there are five sprints until that release, the corresponding sprint
+    milestone will be called ``Ne 5``.  See :doc:`<topics/releases/version_numbers>` for a discussion of Salt's release
+    codenames.
+
+Labels
+======
+
+Labels are used to sort and describe issues and pull requests.  Some labels are usually reserved for one or the other,
+though most labels may be applied to both.
+
+New issues will receive at least one label and a milestone, and new pull requests will receive at least one label.
+Except for the :ref:`functional area <functional-area-labels>` and :ref:`functional group <functional-group-labels>`
+label categories, issues will generally receive only up to one label per category.
+
+Type
+----
+
+Issues are categorized into one of several types.  Type labels are almost never used for pull requests.  GitHub treats
+pull requests like issues in many ways, so a pull request could be considered an issue with an implicit ``Pull Request``
+type label applied.
+
+``Feature``
+    The issue is a request for new functionality including changes, enhancements, refactors, etc.
+
+``Bug``
+    The issue documents broken, incorrect, or confusing behavior.  This label is always accompanied by a :ref:`severity
+    label <bug-severity-labels>`.
+
+``Duplicate``
+    The issue is a duplicate of another feature request or bug report.
+
+``Upstream Bug``
+    The issue is a result of an upstream issue.
+
+``Question``
+    The issue is more of a question than a request for new features or a report of broken features, but can sometimes
+    lead to further discussion or changes of confusing or incongruous behavior or documentation.
+
+``Expected Behavior``
+    The issue is a bug report of intended functionality.
+
+Priority
+--------
+
+An issue's priority is relative to its :ref:`functional area <functional-area-labels>`.  If a bug report, for example,
+about ``gitfs`` indicates that all users of ``gitfs`` will encounter this bug, then a ``P1`` label will be applied, even
+though users who are not using ``gitfs`` will not encounter the bug.  If a feature is requested by many users, it may be
+given a high priority.
+
+``P1``
+    The issue will be seen by all users.
+
+``P2``
+    The issue will be seen by most users.
+
+``P3``
+    The issue will be seen by about half of users.
+
+``P4``
+    The issue will not be seen by most users.  Usually the issue is a very specific use case or corner case.
+
+.. _bug-severity-labels:
+
+Severity
+--------
+
+Severity labels are almost always only applied to issues labeled ``Bug``.
+
+``Blocker``
+    The issue is blocking an impending release.
+
+``Critical``
+    The issue causes data loss, crashes or hangs salt processes, makes the system unresponsive, etc.
+
+``High Severity``
+    The issue reports incorrect functionality, bad functionality, a confusing user experience, etc.
+
+``Medium Severity``
+    The issue reports cosmetic items, formatting, spelling, colors, etc.
+
+.. _functional-area-labels:
+
+Functional Area
+---------------
+
+Many major components of Salt have corresponding GitHub labels.  These labels are applied to all issues and pull
+requests as is reasonably appropriate.  They are useful in organizing issues and pull requests according to the source
+code relevant to issues or the source code changed by pull requests.
+
+* ``Execution Module``
+* ``File Servers``
+* ``Grains``
+* ``Multi-Master``
+* ``Packaging``  Related to packaging of Salt, not Salt's support for package management.
+* ``Pillar``
+* ``RAET``
+* ``Returners``
+* ``Runners``
+* ``Salt-API``
+* ``Salt-Cloud``
+* ``Salt-SSH``
+* ``Salt-Syndic``
+* ``State Module``
+* ``Tests``
+* ``Transport``
+* ``Windows``
+* ``ZMQ``
+
+.. _functional-group-labels:
+
+Functional Group
+----------------
+
+These labels sort issues and pull requests according to the internal SaltStack engineering teams.
+
+``Core``
+    The issue or pull request relates to code that is central or existential to Salt itself.
+
+``Platform``
+    The issue or pull request relates to support and integration with various platforms like traditional operating
+    systems as well as containers, platform-based utilities like filesystems, command schedulers, etc., and
+    system-based applications like webservers, databases, etc.
+
+``RIoT``
+    The issue or pull request relates to support and integration with various abstract systems like cloud providers,
+    hypervisors, API-based services, etc.
+
+``Console``
+    The issue or pull request relates to the SaltStack enterprise console.
+
+``Documentation``
+    The issue or pull request relates to documentation.
+
+Status
+------
+
+Status labels are used to define and track the state of issues and pull requests.  Not all potential statuses correspond
+to a label, but some statuses are common enough that labels have been created for them.  If an issue has not been moved
+beyond the ``Blocked`` milestone, it is very likely that it will only have a status label.
+
+``Bugfix - back-port``
+    The pull request needs to be back-ported to an older release branch.  This is done by :ref:`recreating the pull
+    request <backporting-pull-requests>` against that branch.  Once the back-port is completed, this label is replaced
+    with a ``Bugfix - [Done] back-ported`` label.  Normally, new features should go into the develop and bug fixes into
+    the oldest supported release branch, see :ref:`<which-salt-branch>`.
+
+``Bugfix - [Done] back-ported``
+    The pull request has been back-ported to an older branch.
+
+``Cannot Reproduce``
+    The issue is a bug and has been reviewed by a SaltStack engineer, but it cannot be replicated with the provided
+    information and context.  Those involved with the bug will need to work through additional ideas until the bug can
+    be isolated and verified.
+
+``Confirmed``
+    The issue is a bug and has been confirmed by a SaltStack engineer, who often documents a minimal working example
+    that reproduces the bug.
+
+``Fixed Pending Verification``
+    The issue is a bug and has been fixed by one or more pull requests, which should link to the issue.  Closure of the
+    issue is contingent upon confirmation of resolution from the submitter.  If the submitter reports a negative
+    confirmation, this label is removed.  If no response is given after a few weeks, then the issue will be assumed
+    fixed and closed.
+
+``Info Needed``
+    The issue needs more information before it can be verified and resolved.  For a feature request this may include a
+    description of the use cases.  Almost all bug reports need to include at least the versions of salt and its
+    dependencies, the system type and version, commands used, debug logs, error messages, and relevant configs.
+
+``Pending Changes``
+    The pull request needs additional changes before it can be merged.
+
+``Pending Discussion``
+    The issue or pull request needs more discussion before it can be closed or merged.  The status of the issue or pull
+    request is not clear or apparent enough for definite action to be taken, or additional input from SaltStack, the
+    submitter, or another party has been requested.
+
+    If the issue is not a pull request, once the discussion has arrived at a cogent conclusion, this label will be
+    removed and the issue will be accepted.  If it is a pull request, the results of the discussion may require
+    additional changes and thus, a ``Pending Changes`` label.
+
+``Won't Fix for Now``
+    The issue is legitimate, but it is not something the SaltStack team is currently able or willing to fix or
+    implement.  Issues having this label may be revisited in the future.
+
+Type of Change
+~~~~~~~~~~~~~~
+
+Every pull request should receive a change label.  These labels measure the quantity of change as well as the
+significance of the change.  The amount of change and the importance of the code area changed are considered, but often
+the depth of secondary code review required and the potential repercussions of the change may also advise the label
+choice.
+
+Core code areas include: state compiler, crypto engine, master and minion and syndic daemons, transport, pillar
+rendering, loader, transport layer, event system, salt.utils, client, cli, logging, netapi, runner engine, templating
+engine, top file compilation, file client, file server, mine, salt-ssh, test runner, etc.
+
+Non-core code usually constitutes the specific set of plugins for each of the several plugin layers of Salt: execution
+modules, states, runners, returners, clouds, etc.
+
+``Minor Change``
+    * Less than 64 lines changed, or
+    * Less than 8 core lines changed
+``Medium Change``
+    * Less than 256 lines changed, or
+    * Less than 64 core lines changed
+``Master Change``
+    * More than 256 lines changed, or
+    * More than 64 core lines changed
+``Expert Change``
+    * Needs specialized, in-depth review
+
+Test Status
+-----------
+
+These labels relate to the status of the automated tests that run on pull requests.  If the tests on a pull request fail
+and are not overridden by one of these labels, the pull request submitter needs to update the code and/or tests so that
+the tests pass and the pull request can be merged.
+
+``Lint``
+    The pull request has passed all tests except for the code lint checker.
+
+``Tests Passed``
+    The pull request has passed all tests even though some test results are negative.  Sometimes the automated testing
+    infrastructure will encounter internal errors unrelated to the code change in the pull request that cause test runs
+    to fail.  These errors can be caused by cloud provider and network issues and also Jenkins issues like erroneously
+    accumulating workspace artifacts, resource exhaustion, and bugs that arise from long running Jenkins processes.
+
+Other
+-----
+
+These labels indicate miscellaneous issue types or statuses that are common or important enough to be tracked and sorted
+with labels.
+
+``Awesome``
+    The pull request implements an especially well crafted solution, or a very difficult but necessary change.
+
+``Low Hanging Fruit``
+    The issue is trivial or almost trivial to implement or fix.  Issues having this label should be a good starting
+    place for new contributors to Salt.
+
+``Needs Testcase``
+    The issue or pull request relates to a feature that needs test coverage.  The pull request containing the tests
+    should reference the issue or pull request having this label, whereupon the label should be removed.
+
+``Regression``
+    The issue is a bug that breaks functionality known to work in previous releases.
+
+``Story``
+    The issue is used by a SaltStack engineer to track progress on multiple related issues in a single place.
+
+``ZD``
+    The issue is related to a Zendesk customer support ticket.
+
+``<Release>``
+    The issue is scheduled to be implemented by ``<Release>``.  See :doc:`<topics/releases/version_numbers>` for a
+    discussion of Salt's release codenames.
diff -Nru salt-2015.5.2+ds/doc/topics/eauth/index.rst salt-2015.5.3+ds/doc/topics/eauth/index.rst
--- salt-2015.5.2+ds/doc/topics/eauth/index.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/eauth/index.rst	2015-07-07 21:04:39.000000000 +0000
@@ -203,7 +203,7 @@
 .. code-block:: yaml
 
     external_auth:
-    ldap:
+      ldap:
         test_ldap_group%:
           - '*':
-            - test.echo
\ No newline at end of file
+            - test.echo
diff -Nru salt-2015.5.2+ds/doc/topics/highavailability/index.rst salt-2015.5.3+ds/doc/topics/highavailability/index.rst
--- salt-2015.5.2+ds/doc/topics/highavailability/index.rst	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/highavailability/index.rst	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,65 @@
+.. _highavailability:
+
+==================================
+High Availability Features in Salt
+==================================
+
+Salt supports several features for high availability and fault tolerance.
+Brief documentation for these features is listed alongside their configuration
+parameters in :ref:`Configuration file examples <configuration/examples>`.
+
+Multimaster
+===========
+
+Salt minions can connect to multiple masters at one time by configuring the
+`master` configuration paramter as a YAML list of all the available masters.  By
+default, all masters are "hot", meaning that any master can direct commands to
+the Salt infrastructure.
+
+In a multimaster configuration, each master must have the same cryptographic
+keys, and minion keys must be accepted on all masters separately.  The contents
+of file_roots and pillar_roots need to be kept in sync with processes external
+to Salt as well
+
+A tutorial on setting up multimaster with "hot" masters is here:
+
+:doc:`Multimaster Tutorial </topics/tutorials/multimaster>`
+
+Multimaster with Failover
+=========================
+
+Changing the ``master_type`` parameter from ``standard`` to ``failover`` will
+cause minions to connect to the first responding master in the list of masters.
+Every ``master_alive_check`` seconds the minions will check to make sure
+the current master is still responding.  If the master does not respond,
+the minion will attempt to connect to the next master in the list.  If the
+minion runs out of masters, the list will be recycled in case dead masters
+have been restored.  Note that ``master_alive_check`` must be present in the
+minion configuration, or else the recurring job to check master status
+will not get scheduled.
+
+Failover can be combined with PKI-style encrypted keys, but PKI is NOT
+REQUIRED to use failover.
+
+Multimaster with PKI and Failover is discussed in 
+:doc:`this tutorial </topics/tutorials/multimaster_pki>`
+
+``master_type: failover`` can be combined with ``master_shuffle: True``
+to spread minion connections across all masters (one master per
+minion, not each minion connecting to all masters).  Adding Salt Syndics
+into the mix makes it possible to create a load-balanced Salt infrastructure.
+If a master fails, minions will notice and select another master from the
+available list.
+
+Syndic
+======
+
+Salt's Syndic feature is a way to create differing infrastructure
+topologies.  It is not strictly an HA feature, but can be treated as such.
+
+With the syndic, a Salt infrastructure can be partitioned in such a way that
+certain masters control certain segments of the infrastructure, and "Master
+of Masters" nodes can control multiple segments underneath them.
+
+Syndics are covered in depth in :doc:`Salt Syndic </topics/topology/syndic>`.
+
diff -Nru salt-2015.5.2+ds/doc/topics/index.rst salt-2015.5.3+ds/doc/topics/index.rst
--- salt-2015.5.2+ds/doc/topics/index.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/index.rst	2015-07-07 20:42:37.000000000 +0000
@@ -118,6 +118,12 @@
 
 .. _`salt-users mailing list`: https://groups.google.com/forum/#!forum/salt-users
 
+There is also a low-traffic list used to announce new releases
+called `salt-announce`_
+
+https://groups.google.com/forum/#!forum/salt-announce
+
+.. _`salt-announce`: https://groups.google.com/forum/#!forum/salt-announce
 
 IRC
 ===
diff -Nru salt-2015.5.2+ds/doc/topics/installation/windows.rst salt-2015.5.3+ds/doc/topics/installation/windows.rst
--- salt-2015.5.2+ds/doc/topics/installation/windows.rst	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/installation/windows.rst	2015-07-01 21:33:42.000000000 +0000
@@ -20,6 +20,14 @@
 
 .. admonition:: Download here
 
+    * 2015.5.2
+    * `Salt-Minion-2015.5.2-x86-Setup.exe <http://docs.saltstack.com/downloads/Salt-Minion-2015.5.2-x86-Setup.exe>`__ | `md5 <http://docs.saltstack.com/downloads/Salt-Minion-2015.5.2-x86-Setup.exe.md5>`__
+    * `Salt-Minion-2015.5.2-AMD64-Setup.exe <http://docs.saltstack.com/downloads/Salt-Minion-2015.5.2-AMD64-Setup.exe>`__ | `md5 <http://docs.saltstack.com/downloads/Salt-Minion-2015.5.2-AMD64-Setup.exe.md5>`__
+
+    * 2015.5.1-3
+    * `Salt-Minion-2015.5.1-3-x86-Setup.exe <http://docs.saltstack.com/downloads/Salt-Minion-2015.5.1-3-x86-Setup.exe>`__ | `md5 <http://docs.saltstack.com/downloads/Salt-Minion-2015.5.1-3-x86-Setup.exe.md5>`__
+    * `Salt-Minion-2015.5.1-3-AMD64-Setup.exe <http://docs.saltstack.com/downloads/Salt-Minion-2015.5.1-3-AMD64-Setup.exe>`__ | `md5 <http://docs.saltstack.com/downloads/Salt-Minion-2015.5.1-3-AMD64-Setup.exe.md5>`__
+
     * 2015.5.0-2
     * `Salt-Minion-2015.5.0-2-x86-Setup.exe <http://docs.saltstack.com/downloads/Salt-Minion-2015.5.0-2-x86-Setup.exe>`__ | `md5 <http://docs.saltstack.com/downloads/Salt-Minion-2015.5.0-2-x86-Setup.exe.md5>`__
     * `Salt-Minion-2015.5.0-2-AMD64-Setup.exe <http://docs.saltstack.com/downloads/Salt-Minion-2015.5.0-2-AMD64-Setup.exe>`__ | `md5 <http://docs.saltstack.com/downloads/Salt-Minion-2015.5.0-2-AMD64-Setup.exe.md5>`__
@@ -43,8 +51,9 @@
     * 2014.7.0
     * Salt-Minion-2014.7.0-1-win32-Setup.exe | md5
     * Salt-Minion-2014.7.0-AMD64-Setup.exe | md5
-    .. note::
-        The 2014.7.0 installers have been removed because of a regression. Please use the 2014.7.1 release instead.
+        .. note::
+
+            The 2014.7.0 installers have been removed because of a regression. Please use the 2014.7.1 release instead.
 
     * 2014.1.13
     * `Salt-Minion-2014.1.13-x86-Setup.exe <http://docs.saltstack.com/downloads/Salt-Minion-2014.1.13-x86-Setup.exe>`__ | `md5 <http://docs.saltstack.com/downloads/Salt-Minion-2014.1.13-x86-Setup.exe.md5>`__
diff -Nru salt-2015.5.2+ds/doc/topics/mine/index.rst salt-2015.5.3+ds/doc/topics/mine/index.rst
--- salt-2015.5.2+ds/doc/topics/mine/index.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/mine/index.rst	2015-07-07 20:42:37.000000000 +0000
@@ -144,7 +144,7 @@
 
     <...file contents snipped...>
 
-    {% for server, addrs in salt['mine.get']('roles:web', 'network.ip_addrs', expr_form='grain').items() %}
+    {% for server, addrs in salt['mine.get']('roles:web', 'network.ip_addrs', expr_form='pillar').items() %}
     server {{ server }} {{ addrs[0] }}:80 check
     {% endfor %}
 
diff -Nru salt-2015.5.2+ds/doc/topics/releases/2015.5.2.rst salt-2015.5.3+ds/doc/topics/releases/2015.5.2.rst
--- salt-2015.5.2+ds/doc/topics/releases/2015.5.2.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/releases/2015.5.2.rst	2015-07-01 21:33:42.000000000 +0000
@@ -2,7 +2,7 @@
 Salt 2015.5.2 Release Notes
 ===========================
 
-:release: TBA
+:release: 2015-06-10
 
 Version 2015.5.2 is a bugfix release for :doc:`2015.5.0
 </topics/releases/2015.5.0>`.
diff -Nru salt-2015.5.2+ds/doc/topics/releases/2015.5.3.rst salt-2015.5.3+ds/doc/topics/releases/2015.5.3.rst
--- salt-2015.5.2+ds/doc/topics/releases/2015.5.3.rst	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/releases/2015.5.3.rst	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,1819 @@
+
+Changes for v2015.5.2..v2015.5.3
+--------------------------------
+
+Extended Changelog Courtesy of Todd Stansell (https://github.com/tjstansell/salt-changelogs):
+
+*Generated at: 2015-07-01T19:40:52Z*
+
+Statistics:
+
+- Total Merges: **177**
+- Total Issue references: **81**
+- Total PR references: **231**
+
+Changes:
+
+
+- **PR** `#25096`_: (*jfindlay*) Postgres group test
+  @ *2015-07-01T18:48:26Z*
+
+  - **PR** `#24330`_: (*jayeshka*) adding states/postgres_group unit test case.
+    | refs: `#25096`_
+  * 21709aa Merge pull request `#25096`_ from jfindlay/postgres_group_test
+  * 3c379dc declobber postgres state unit test mocking
+
+  * a162ffa adding states/postgres_group unit test case.
+
+- **PR** `#25085`_: (*jfindlay*) accept all sources in the file state
+  @ *2015-07-01T18:23:45Z*
+
+  - **ISSUE** `#25041`_: (*wt*) REGRESSION: pillar.get of integer fails to render in sls
+    | refs: `#25085`_
+  * 0a84640 Merge pull request `#25085`_ from jfindlay/fix_file
+  * 937a252 remove unnecessary file state tests
+
+  * 6f238e9 integration test file.managed sources
+
+  * a5978d3 iterate an iterable source othwerise list+str it
+
+- **PR** `#25095`_: (*jfindlay*) Win groupadd unit tests
+  @ *2015-07-01T18:18:53Z*
+
+  - **PR** `#24207`_: (*jayeshka*) adding win_groupadd unit test case.
+    | refs: `#25095`_
+  * a983942 Merge pull request `#25095`_ from jfindlay/win_groupadd_test
+  * 564dffd depend on win libs rather than mocking them
+
+  * 9b9aeb8 resolved all erors.
+
+  * aaf8935 adding win_groupadd unit test case.
+
+- **PR** `#25089`_: (*jfindlay*) fix minion sudo
+  @ *2015-07-01T15:53:16Z*
+
+  - **ISSUE** `#21520`_: (*jfindlay*) sudo.salt_call is broken
+    | refs: `#25089`_
+  - **PR** `#20226`_: (*thatch45*) Allow sudo priv escalation
+    | refs: `#25089`_
+  * 7c8d2a8 Merge pull request `#25089`_ from jfindlay/fix_sudo
+  * d8f91d4 add some apprehension to the sudo exec module
+
+  * a9269c0 adding sudo exec module docs
+
+  * e4a40b7 comment whitespace in minion config
+
+  * 44cb167 adding sudo_user minion config docs
+
+  * d461060 adding sudo_user minion config to default
+
+- **PR** `#25099`_: (*driskell*) Fix broken batch results
+  @ *2015-07-01T15:51:29Z*
+
+  - **ISSUE** `#24875`_: (*ahammond*) ValueError: list.remove(x): x not in list  in   File "/usr/lib/python2.6/site-packages/salt/cli/batch.py", line 179, in run active.remove(minion)
+    | refs: `#25099`_
+  * 4d6078e Merge pull request `#25099`_ from driskell/patch-1
+  * 59b23e5 Fix broken batch results
+
+- **PR** `#25083`_: (*steverweber*) ipmi: get_sensor_data would always fail
+  @ *2015-06-30T20:57:21Z*
+
+  * 4635079 Merge pull request `#25083`_ from steverweber/fix_ipmi_stat
+  * 836f48c include _ in IpmiCommand
+
+  * 817e434 get_sensor_data would always fail
+
+- **PR** `#25067`_: (*The-Loeki*) Fix for maxdepth=0 in find
+  @ *2015-06-30T20:54:06Z*
+
+  * 15f2a40 Merge pull request `#25067`_ from The-Loeki/patch-1
+  * 61edad3 Fix for maxdepth=0 in find
+
+- **PR** `#25078`_: (*terminalmage*) Use smaller number for upper limit of mac_user's _first_avail_uid helper function
+  @ *2015-06-30T20:53:24Z*
+
+  * 58d933c Merge pull request `#25078`_ from terminalmage/fix-mac-uid
+  * df2ab7e Use smaller number for upper limit of mac_user's _first_avail_uid helper function
+
+- **PR** `#25045`_: (*garethgreenaway*) Fixes to debian_ip.py in 2015.5
+  @ *2015-06-30T17:36:43Z*
+
+  - **ISSUE** `#24521`_: (*multani*) State network.managed fails on Debian (Jessie)
+    | refs: `#25045`_
+  * ebd6cdc Merge pull request `#25045`_ from garethgreenaway/24521_debian_networking
+  * 6f2a6c9 having proto default to static since it's needed to build the template.
+
+- **PR** `#25065`_: (*lorengordon*) Add download links for 2015.5.1-3 and 2015.5.2 Windows installers
+  @ *2015-06-30T15:29:31Z*
+
+  - **ISSUE** `#25057`_: (*TheBigBear*) why is there still no newer salt-minion for windows than ver. 2015.5.0-2? no 2015.5.1 or 2015.5.2?
+  * ae31b27 Merge pull request `#25065`_ from lorengordon/update-windows-installer-links
+  * 40a0c13 Add download links for 2015.5.1-3 and 2015.5.2, Fixes `#25057`_
+
+- **PR** `#25052`_: (*basepi*) [2015.5] Merge forward from 2014.7 to 2015.5
+  @ *2015-06-30T01:05:00Z*
+
+  - **ISSUE** `#15209`_: (*hubez*) file.manage: source_hash not working with s3:// (2014.7.0rc1)
+    | refs: `#25011`_
+  - **PR** `#25011`_: (*notpeter*) Add s3 to protocols for remote source_hash (2014.7 backport)
+  * ddaeb0f Merge pull request `#25052`_ from basepi/merge-forward-2015.5
+  * 2c5e664 Merge remote-tracking branch 'upstream/2014.7' into merge-forward-2015.5
+
+  * a7154e7 Merge pull request `#25011`_ from notpeter/s3_2014.7_backport
+
+    * 8b8af64 Add s3 to protocols for remote source_hash
+
+- **PR** `#25038`_: (*jfindlay*) versionadded
+  @ *2015-06-29T19:49:27Z*
+
+  - **PR** `#24747`_: (*msciciel*) add get_route function to network module
+    | refs: `#25038`_
+  * c7003d4 Merge pull request `#25038`_ from jfindlay/versionadded
+  * d6dc6f9 versionadded
+
+- **PR** `#24747`_: (*msciciel*) add get_route function to network module
+  | refs: `#25038`_
+  @ *2015-06-29T16:51:43Z*
+
+  * 28c87ca Merge pull request `#24747`_ from msciciel/2015.5
+  * 79b4ec2 network module lint fix
+
+  * 0b6ef78 network module: fix for ipv6
+
+  * f3d184c add get_route function to network module
+
+- **PR** `#24975`_: (*ryan-lane*) Fix update of undefined env var in npm module
+  @ *2015-06-29T16:45:05Z*
+
+  * 46a9677 Merge pull request `#24975`_ from lyft/npm-module-fix
+  * 6fde581 Try byte literals rather than unicode strings in the env
+
+  * c8514de Fix update of undefined env var in npm module
+
+- **PR** `#24986`_: (*heewa*) Don't modify empty change
+  @ *2015-06-29T16:44:17Z*
+
+  * 9cf8550 Merge pull request `#24986`_ from heewa/fix-pkg-hold-when-errored
+  * d47a448 Don't modify empty change
+
+- **PR** `#24999`_: (*rallytime*) Provide a less confusing error when cloud provider is misconfigured
+  @ *2015-06-29T16:43:31Z*
+
+  - **ISSUE** `#24969`_: (*bradthurber*) salt-cloud 2015.5.0: missing azure dependency results in misleading error
+    | refs: `#24999`_
+  * ece897d Merge pull request `#24999`_ from rallytime/cloud_error_help
+  * 1e81a88 Clean up
+
+  * be19a67 Provide a less confusing error when cloud provider is misconfigured
+
+- **PR** `#24987`_: (*heewa*) Don't try to cache a template when it's not a file
+  @ *2015-06-29T14:02:59Z*
+
+  * 4af15cf Merge pull request `#24987`_ from heewa/fix-trying-to-cache-no-file
+  * 9ae0c78 Don't try to cache a template when it's not a file
+
+- **PR** `#25022`_: (*jfindlay*) revise label and milestone documentation
+  @ *2015-06-29T13:51:24Z*
+
+  * 8eeaddb Merge pull request `#25022`_ from jfindlay/label_docs
+  * 8575192 revise label and milestone documentation
+
+- **PR** `#25029`_: (*jayeshka*) adding redismod unit test case.
+  @ *2015-06-29T13:50:33Z*
+
+  * 89c2e01 Merge pull request `#25029`_ from jayeshka/redismod-unit-test
+  * e3045be adding redismod unit test case.
+
+- **PR** `#24995`_: (*rallytime*) Fix deprecated pymongo usage causing errors in latest pymongo
+  @ *2015-06-27T22:28:56Z*
+
+  - **PR** `#24175`_: (*trevor-h*) fix deprecated pymongo usage causing errors in latest pymongo
+    | refs: `#24995`_
+  * 6425252 Merge pull request `#24995`_ from rallytime/tops_mongo
+  * a3c1063 fix deprecated pymongo usage causing errors in latest pymongo
+
+- **PR** `#24994`_: (*garethgreenaway*) Another Fix to gpg.py in 2015.5
+  @ *2015-06-27T22:28:15Z*
+
+  - **ISSUE** `#24862`_: (*dkatsanikakis*) gpg.import_key returns error after succesfully completed
+    | refs: `#24966`_ `#24994`_
+  * e9aaa11 Merge pull request `#24994`_ from garethgreenaway/2015_5_24862_gpg_import_key
+  * d2f0d8f variable was referenced before assignment.  Just removing the variable and checking the return from distutils.version.LooseVersion directly.
+
+- **PR** `#24988`_: (*jayeshka*) adding states/supervisord unit test case.
+  @ *2015-06-27T22:24:42Z*
+
+  * ebd666e Merge pull request `#24988`_ from jayeshka/supervisord-states-unit-test
+  * bb0a6d5 adding states/supervisord unit test case.
+
+- **PR** `#25007`_: (*basepi*) [2015.5] Merge forward from 2014.7 to 2015.5
+  @ *2015-06-26T21:28:57Z*
+
+  - **ISSUE** `#24915`_: (*jtand*) Salt-cloud not working in 2014.7.6
+    | refs: `#24944`_
+  - **PR** `#24944`_: (*techhat*) Double-check main_cloud_config
+  - **PR** `#24936`_: (*jtand*) Fixed ps module to not use depreciated psutil commands
+  * 0487c3c Merge pull request `#25007`_ from basepi/merge-forward-2015.5
+  * 4980fd5 Merge remote-tracking branch 'upstream/2014.7' into merge-forward-2015.5
+
+  * a11e4c6 Merge pull request `#24944`_ from techhat/issue24915
+
+    * 59c3081 Double-check main_cloud_config
+
+  * d26a544 Merge pull request `#24936`_ from jtand/psutil
+
+    * bdb7a19 Fixed ps module to not use depreciated psutil commands
+
+- **PR** `#25003`_: (*jacobhammons*) Updated man pages
+  @ *2015-06-26T19:13:41Z*
+
+  * 91a60e1 Merge pull request `#25003`_ from jacobhammons/man-pages
+  * cf97a4a Updated man pages
+
+- **PR** `#25002`_: (*jacobhammons*) sphinx html theme updates
+  @ *2015-06-26T18:39:14Z*
+
+  * a60a2c4 Merge pull request `#25002`_ from jacobhammons/doc-announcements
+  * f88f344 sphinx html theme updates
+
+- **PR** `#24977`_: (*rallytime*) Only warn about digital ocean deprecation if digital ocean is configured
+  @ *2015-06-25T23:54:46Z*
+
+  * a791b23 Merge pull request `#24977`_ from rallytime/do_move_warning
+  * 6b54422 Only warn about digital ocean deprecation if digital ocean is configured
+
+- **PR** `#24966`_: (*garethgreenaway*) Fixes to gpg.py in 2015.5
+  @ *2015-06-25T19:58:49Z*
+
+  - **ISSUE** `#24862`_: (*dkatsanikakis*) gpg.import_key returns error after succesfully completed
+    | refs: `#24966`_ `#24994`_
+  * a71c1b7 Merge pull request `#24966`_ from garethgreenaway/2015_5_24862_gpg_import_key
+  * 55eb73b fixing unit tests.
+
+  * 80c24be Fixing an issue with the import_key method.  Different results depending on which gnupg python module is installed.
+
+- **PR** `#24965`_: (*jacksontj*) Fix memory leak in saltnado
+  @ *2015-06-25T18:48:03Z*
+
+  - **ISSUE** `#24846`_: (*mavenAtHouzz*) Memory leak issue in rest_tornado EventListener
+    | refs: `#24965`_
+  * 8622184 Merge pull request `#24965`_ from jacksontj/2015.5
+  * 48b5e16 pylint
+
+  * 87adca4 Fix memory leak in saltnado
+
+- **PR** `#24948`_: (*jfindlay*) fix some malformed doc links and anchors
+  @ *2015-06-25T15:51:38Z*
+
+  * 773c4cf Merge pull request `#24948`_ from jfindlay/doc_links
+  * 152a9b2 fix some malformed doc links and anchors
+
+- **PR** `#24886`_: (*anlutro*) Be more careful about stripping away root_dir from directory options
+  @ *2015-06-25T15:50:11Z*
+
+  - **ISSUE** `#24885`_: (*anlutro*) Master config - Directories starting with a dot have the dot stripped when root_dir is .
+    | refs: `#24886`_
+  * 4ebc01e Merge pull request `#24886`_ from alprs/fix-root_dir_bug
+  * 52ccafd os.sep is the correct directory separator constant
+
+  * 0ecbf26 Be more careful about stripping away root_dir from directory options
+
+- **PR** `#24930`_: (*jacksontj*) Don't refetch file templates 100% of the time-- Performance optimization for templated files
+  @ *2015-06-24T21:22:47Z*
+
+  * f52f7e1 Merge pull request `#24930`_ from jacksontj/2015.5
+  * 5fb7534 Only parse the source if we have one
+
+  * c03a6fa Add support for sources of managed files to be local
+
+  * 4cf78a0 pylint
+
+  * d70914e Don't refetch the template 100% of the time-- Performance optimization for templated files
+
+- **PR** `#24935`_: (*basepi*) [2015.5] Merge forward from 2014.7 to 2015.5
+  @ *2015-06-24T18:17:54Z*
+
+  - **PR** `#24918`_: (*BretFisher*) SmartOS SMF minion startup fix
+  - **PR** `#473`_: (*whiteinge*) Added a couple functions to work with the minion file cache
+    | refs: `#24918`_
+  * 925a4d9 Merge pull request `#24935`_ from basepi/merge-forward-2015.5
+  * 8d8bf34 Merge remote-tracking branch 'upstream/2014.7' into merge-forward-2015.5
+
+  * eeb05a1 Merge pull request `#24918`_ from BretFisher/minion-start-smartos-smf-fix
+
+    * d7bfb0c Smartos smf minion fix
+
+- **PR** `#24873`_: (*jfindlay*) convert osrelease grain to str before str op
+  @ *2015-06-24T16:43:08Z*
+
+  - **ISSUE** `#24826`_: (*rakai93*) rh_service.py: 'int' object has no attribute 'startswith'
+    | refs: `#24873`_
+  * 4e8ed0d Merge pull request `#24873`_ from jfindlay/rh_service
+  * febe6ef convert osrelease grain to str before str op
+
+- **PR** `#24923`_: (*jayeshka*) adding states/status unit test case.
+  @ *2015-06-24T15:50:07Z*
+
+  * 90819f9 Merge pull request `#24923`_ from jayeshka/status-states-unit-test
+  * baec650 adding states/status unit test case.
+
+- **PR** `#24902`_: (*cro*) Fix minion failover, document same
+  @ *2015-06-24T15:20:43Z*
+
+  * 2dd24ec Merge pull request `#24902`_ from cro/fixfo2
+  * 90c73ff References to documentation.
+
+  * f0c9204 Add references to failover parameters in conf
+
+  * 9da96a8 Docs
+
+  * e2314f0 Move comment.
+
+  * b9a756f Fix master failover and add documentation for same.  Factor in syndics.  Syndics will not failover (yet).
+
+- **PR** `#24926`_: (*rallytime*) Back-port `#22263`_ to 2015.5
+  @ *2015-06-24T15:09:40Z*
+
+  - **PR** `#22263`_: (*cachedout*) Prevent a load from being written if one already exists
+    | refs: `#24926`_
+  * 087ee09 Merge pull request `#24926`_ from rallytime/`bp-22263`_
+  * 8c92d9c Prevent a load from being written if one already exists
+
+- **PR** `#24900`_: (*rallytime*) Back-port `#24848`_ to 2015.5
+  @ *2015-06-24T15:09:18Z*
+
+  - **PR** `#24848`_: (*nmadhok*) Correcting bash code blocks
+    | refs: `#24900`_
+  * b34a74f Merge pull request `#24900`_ from rallytime/`bp-24848`_
+  * d2b5456 Correcting bash code blocks
+
+- **PR** `#24899`_: (*rallytime*) Back-port `#24847`_ to 2015.5
+  @ *2015-06-24T15:09:01Z*
+
+  - **PR** `#24847`_: (*borutmrak*) unset size parameter for lxc.create when backing=zfs
+    | refs: `#24899`_
+  * a546e8e Merge pull request `#24899`_ from rallytime/`bp-24847`_
+  * 1e4ec7a unset size parameter for lxc.create when backing=zfs
+
+- **PR** `#24898`_: (*rallytime*) Back-port `#24845`_ to 2015.5
+  @ *2015-06-24T15:06:09Z*
+
+  - **PR** `#24845`_: (*porterjamesj*) fix bug in docker.loaded
+    | refs: `#24898`_
+  * d4dd8d2 Merge pull request `#24898`_ from rallytime/`bp-24845`_
+  * 071049a fix bug in docker.loaded
+
+- **PR** `#24897`_: (*rallytime*) Back-port `#24839`_ to 2015.5
+  @ *2015-06-24T15:05:35Z*
+
+  - **ISSUE** `#24799`_: (*infestdead*) Forced remount because options changed when no options changed (glusterfs)
+  - **PR** `#24839`_: (*infestdead*) fix for issue `#24799`_
+    | refs: `#24897`_
+  * 6930855 Merge pull request `#24897`_ from rallytime/`bp-24839`_
+  * f3b20d5 fix for issue `#24799`_
+
+- **PR** `#24891`_: (*jayeshka*) adding states/ssh_known_hosts unit test case.
+  @ *2015-06-23T16:46:58Z*
+
+  * 1650233 Merge pull request `#24891`_ from jayeshka/ssh_known_hosts-states-unit-test
+  * ef1347f adding states/ssh_known_hosts unit test case.
+
+- **PR** `#24874`_: (*dkiser*) Fix for salt-cloud when ssh key used to auth and using sudo.
+  @ *2015-06-22T23:46:08Z*
+
+  - **ISSUE** `#24870`_: (*dkiser*) salt-cloud fails on sudo password prompt when using ssh key to auth
+    | refs: `#24874`_
+  * c32aae9 Merge pull request `#24874`_ from dkiser/salt-cloud-24870
+  * 6c31143 Fix key error for the PR to fix `#24870`_.
+
+  * bdcf7d8 Fix pylint for `#24874`_.
+
+  * 8f66d19 Fix for salt-cloud when ssh key used to auth and using sudo.
+
+- **PR** `#24880`_: (*dkiser*) Fix to allow password for salt-cloud to be set outside of a vm specif…
+  @ *2015-06-22T23:44:59Z*
+
+  - **ISSUE** `#24871`_: (*dkiser*) salt-cloud fails to honor 'password' in cloud options before raising an exception
+    | refs: `#24880`_
+  * ddaa21c Merge pull request `#24880`_ from dkiser/salt-cloud-24871
+  * 4f6c035 Fix to allow password for salt-cloud to be set outside of a vm specific context.
+
+- **PR** `#24852`_: (*pruiz*) Fix issue 24851: regular expression so it now matches packages with '.' or '-' at pkg name
+  @ *2015-06-22T20:37:13Z*
+
+  * 3902b16 Merge pull request `#24852`_ from pruiz/issue-24851
+  * 73adb1d Fix regular expression so it now matches packages with '.' or '-' at pkg name.
+
+- **PR** `#24861`_: (*jayeshka*) adding states/ssh_auth unit test case.
+  @ *2015-06-22T16:20:01Z*
+
+  * 6c5b788 Merge pull request `#24861`_ from jayeshka/ssh_auth-states-unit-test
+  * e5d7b0d adding states/ssh_auth unit test case.
+
+- **PR** `#24824`_: (*kev009*) Detect bhyve virtual type for FreeBSD guests
+  @ *2015-06-22T15:24:35Z*
+
+  - **ISSUE** `#23478`_: (*calvinhp*) grains.get virtual reports "physical" on bhyve FreeBSD VM
+    | refs: `#24824`_
+  * 9e3321c Merge pull request `#24824`_ from kev009/grains-bhyve-bsd
+  * a226209 Detect bhyve virtual type for freebsd guests
+
+- **PR** `#24795`_: (*anlutro*) Fix state.apply for salt-ssh
+  @ *2015-06-22T15:23:57Z*
+
+  - **ISSUE** `#24746`_: (*anlutro*) state.apply doesn't seem to work
+    | refs: `#24795`_
+  * 7b07ef9 Merge pull request `#24795`_ from alprs/fix-salt_ssh_state_apply
+  * 905840b Fix state.apply for salt-ssh
+
+- **PR** `#24832`_: (*jacksontj*) Don't incur a "_load_all" of the lazy_loader while looking for mod_init.
+  @ *2015-06-22T15:17:10Z*
+
+  - **PR** `#20540`_: (*jacksontj*) Loader nomerge: Don't allow modules to "merge"
+    | refs: `#24832`_
+  - **PR** `#20481`_: (*jacksontj*) Add submodule support to LazyLoader
+    | refs: `#20540`_
+  - **PR** `#20473`_: (*jacksontj*) Add "disabled" support
+    | refs: `#20481`_
+  - **PR** `#20274`_: (*jacksontj*) Loader overhaul to LazyLoader
+    | refs: `#20473`_
+  - **PR** `#12327`_: (*jacksontj*) Add a LazyLoader class which will lazily load modules (with the given lo...
+    | refs: `#20274`_
+  * 31d4c13 Merge pull request `#24832`_ from jacksontj/2015.5
+  * cfa7c0a pylint
+
+  * be18439 Don't incur a "_load_all" of the lazy_loader while looking for mod_init.
+
+- **PR** `#24834`_: (*rallytime*) Back-port `#24811`_ to 2015.5
+  @ *2015-06-19T18:43:49Z*
+
+  - **ISSUE** `#14666`_: (*luciddr34m3r*) salt-cloud GoGrid exception when using map file
+    | refs: `#24811`_
+  - **PR** `#24811`_: (*rallytime*) Add notes to map and gogrid docs -- don't use -P with map files
+    | refs: `#24834`_
+  * 2d8148f Merge pull request `#24834`_ from rallytime/`bp-24811`_
+  * e2684ec Add notes to map and gogrid docs -- don't use -P with map files
+
+- **PR** `#24790`_: (*rallytime*) Back-port `#24741`_ to 2015.5
+  @ *2015-06-19T17:25:58Z*
+
+  - **PR** `#24741`_: (*CameronNemo*) Improve Upstart enable/disable handling
+    | refs: `#24790`_
+  * d2edb63 Merge pull request `#24790`_ from rallytime/`bp-24741`_
+  * a54245f Add missing import
+
+  * 4ce6370 salt.modules.upstart: fix lint errors
+
+  * aec53ec Improve Upstart enable/disable handling
+
+- **PR** `#24789`_: (*rallytime*) Back-port `#24717`_ to 2015.5
+  @ *2015-06-19T17:17:00Z*
+
+  - **PR** `#24717`_: (*gthb*) virtualenv.managed: document user and no_chown
+    | refs: `#24789`_
+  * 645e62a Merge pull request `#24789`_ from rallytime/`bp-24717`_
+  * 95ac4eb virtualenv.managed: document user and no_chown
+
+- **PR** `#24823`_: (*jayeshka*) adding states/splunk_search unit test case.
+  @ *2015-06-19T17:14:12Z*
+
+  * 0a6c70f Merge pull request `#24823`_ from jayeshka/splunk_search-states-unit-test
+  * 98831a8 adding states/splunk_search unit test case.
+
+- **PR** `#24809`_: (*jodv*) Correctly create single item list for failover master type with string value for master opt
+  @ *2015-06-19T15:22:20Z*
+
+  * 4c5a708 Merge pull request `#24809`_ from jodv/single_item_master_list
+  * 18ceebc single item list vs. list of characters
+
+- **PR** `#24802`_: (*basepi*) [2015.5] Merge forward from 2014.7 to 2015.5
+  @ *2015-06-18T20:11:58Z*
+
+  - **ISSUE** `#24776`_: (*nmadhok*) --static option in salt raises ValueError and has been broken for a very long time
+    | refs: `#24777`_
+  - **ISSUE** `#21318`_: (*thanatos*) get_full_returns raises KeyError
+    | refs: `#24769`_
+  - **ISSUE** `#18994`_: (*njhartwell*) salt.client.get_cli_returns errors when called immediately after run_job
+    | refs: `#24769`_
+  - **ISSUE** `#17041`_: (*xenophonf*) Confusing Salt error messages due to limited/incomplete PowerShell command error handling
+    | refs: `#24690`_
+  - **ISSUE** `#19`_: (*thatch45*) Sending a faulty command kills all the minions!
+  - **PR** `#24780`_: (*nmadhok*) Backporting PR `#24777`_ to 2014.7 branch
+  - **PR** `#24779`_: (*nmadhok*) Backporting Changes to 2014.7 branch
+    | refs: `#24777`_
+  - **PR** `#24778`_: (*nmadhok*) Backporting PR `#24777`_ to 2015.2 branch
+    | refs: `#24777`_
+  - **PR** `#24777`_: (*nmadhok*) Fixing issue where --static option fails with ValueError Fixes `#24776`_
+    | refs: `#24778`_ `#24780`_
+  - **PR** `#24769`_: (*msteed*) Fix stacktrace in get_cli_returns()
+  - **PR** `#24690`_: (*twangboy*) Report powershell output instead of error
+  * ae05e70 Merge pull request `#24802`_ from basepi/merge-forward-2015.5
+  * 5b7a65d Merge pull request `#19`_ from twangboy/merge-forward-fixes
+
+    * 98e7e90 Fixed test failures for Colton
+
+  * b949856 Merge remote-tracking branch 'upstream/2014.7' into merge-forward-2015.5
+
+    * 4281dff Merge pull request `#24780`_ from nmadhok/backport-2014.7-24777
+
+      * c53b0d9 Backporting PR `#24777`_ to 2014.7 branch
+
+    * f3c5cb2 Merge pull request `#24769`_ from msteed/issue-21318
+
+      * f40a9d5 Fix stacktrace in get_cli_returns()
+
+    * 59db246 Merge pull request `#24690`_ from twangboy/fix_17041
+
+      * 7a01538 Added additional reporting
+
+      * d84ad5d Fixed capitalization... Failed and Already
+
+      * e955245 Merge branch '2014.7' of https://github.com/saltstack/salt into fix_17041
+
+      * 144bff2 Report powershell output instead of error
+
+- **PR** `#24798`_: (*jtand*) Revert "adding states/postgres_database unit test case."
+  @ *2015-06-18T17:56:17Z*
+
+  - **PR** `#24329`_: (*jayeshka*) adding states/postgres_database unit test case.
+    | refs: `#24798`_
+  * daa76c3 Merge pull request `#24798`_ from saltstack/revert-24329-postgres_database-states-unit-test
+  * 179ce03 Revert "adding states/postgres_database unit test case."
+
+- **PR** `#24791`_: (*rallytime*) Back-port `#24749`_ to 2015.5
+  @ *2015-06-18T17:43:15Z*
+
+  - **PR** `#24749`_: (*obestwalter*) add windows specfic default for multiprocessing
+    | refs: `#24791`_
+  * 7073a9f Merge pull request `#24791`_ from rallytime/`bp-24749`_
+  * be43b2b add windows specfic default for multiprocessing
+
+- **PR** `#24792`_: (*rallytime*) Back-port `#24757`_ to 2015.5
+  @ *2015-06-18T15:58:35Z*
+
+  - **PR** `#24757`_: (*cachedout*) Fix loader call in pyobjects
+    | refs: `#24792`_
+  - **PR** `#24668`_: (*grischa*) enable virtual package names in pyobjects renderer
+    | refs: `#24721`_ `#24757`_
+  * 1a158e8 Merge pull request `#24792`_ from rallytime/`bp-24757`_
+  * 6c804f0 Fix loader call in pyobjects
+
+- **PR** `#24768`_: (*jfindlay*) fix yum versionlock on RHEL/CentOS 5, disable corresponding test
+  @ *2015-06-18T15:13:12Z*
+
+  * 0f92982 Merge pull request `#24768`_ from jfindlay/pkg_mod
+  * 7a26c2b disable pkg.hold test for RHEL/CentOS 5
+
+  * 4cacd93 use correct yum versionlock pkg name on centos 5
+
+- **PR** `#24778`_: (*nmadhok*) Backporting PR `#24777`_ to 2015.2 branch
+  | refs: `#24777`_
+  @ *2015-06-18T14:53:04Z*
+
+  - **ISSUE** `#24776`_: (*nmadhok*) --static option in salt raises ValueError and has been broken for a very long time
+    | refs: `#24777`_
+  - **PR** `#24779`_: (*nmadhok*) Backporting Changes to 2014.7 branch
+    | refs: `#24777`_
+  - **PR** `#24777`_: (*nmadhok*) Fixing issue where --static option fails with ValueError Fixes `#24776`_
+    | refs: `#24778`_ `#24780`_
+  * 39f088a Merge pull request `#24778`_ from nmadhok/backport-2015.2-24777
+  * ae3701f Backporting PR `#24777`_ to 2015.2 branch
+
+- **PR** `#24774`_: (*zefrog*) Fix lxc lvname parameter command
+  @ *2015-06-18T14:49:06Z*
+
+  * 2a4f65f Merge pull request `#24774`_ from zefrog/fix-lxc-lvname-param
+  * 21e0cd4 Fixed typo in lxc module: lvname parameter typo
+
+  * 283d86e Fixed bug in lxc module: lvname using wrong parameter in cmd
+
+- **PR** `#24782`_: (*jayeshka*) adding states/slack unit test case.
+  @ *2015-06-18T14:33:55Z*
+
+  * fd73390 Merge pull request `#24782`_ from jayeshka/slack-states-unit-test
+  * e2b6214 adding states/slack unit test case.
+
+- **PR** `#24771`_: (*jacksontj*) Always extend requisites, instead of replacing them
+  @ *2015-06-18T14:29:09Z*
+
+  - **ISSUE** `#24770`_: (*jacksontj*) `Requisite` and `Requisite_in` don't play nice together
+    | refs: `#24771`_
+  * c9c90af Merge pull request `#24771`_ from jacksontj/2015.5
+  * b1211c5 Re-enable tests for complex prereq and prereq_in
+
+  * 378f6bf Only merge when the merge is of requisites
+
+- **PR** `#24766`_: (*msteed*) Remove doc references to obsolete minion opt
+  @ *2015-06-17T21:36:55Z*
+
+  * 5fe4de8 Merge pull request `#24766`_ from msteed/undoc-dns_check
+  * f92a769 Remove doc references to obsolete minion opt
+
+- **PR** `#24329`_: (*jayeshka*) adding states/postgres_database unit test case.
+  | refs: `#24798`_
+  @ *2015-06-17T19:11:02Z*
+
+  * a407ab7 Merge pull request `#24329`_ from jayeshka/postgres_database-states-unit-test
+  * ee06f1a adding states/postgres_database unit test case.
+
+- **PR** `#24632`_: (*jacobhammons*) Doc bug fixes
+  @ *2015-06-17T18:40:02Z*
+
+  - **ISSUE** `#24560`_: (*hydrosine*) Documentation missing on parameter
+    | refs: `#24632`_
+  - **ISSUE** `#24547`_: (*dragonpaw*) Artifactory docs say module is 'jboss7'. 
+    | refs: `#24632`_
+  - **ISSUE** `#24375`_: (*companykitchen-dev*) Custom grain won't sync under any circumstances
+    | refs: `#24632`_
+  - **ISSUE** `#24275`_: (*kartiksubbarao*) augeas issue with apache and recognizing changes that have been already made
+    | refs: `#24632`_
+  - **ISSUE** `#24163`_: (*tbaker57*) enable_gpu_grains default value confusion
+    | refs: `#24632`_
+  * 3ff6eff Merge pull request `#24632`_ from jacobhammons/bug-fixes
+  * 7c52012 Fixed typos
+
+  * c7cdd41 Doc bug fixes Refs `#24547`_ Refs `#24275`_ Refs `#24375`_ Refs `#24560`_ Refs `#24163`_
+
+- **PR** `#24607`_: (*garethgreenaway*) fixes to minion.py 
+  @ *2015-06-17T18:16:42Z*
+
+  - **ISSUE** `#24198`_: (*ahammond*) salt-call event.send doesn't send events from minion
+    | refs: `#24607`_
+  * 9995f64 Merge pull request `#24607`_ from garethgreenaway/2015_5_sending_events_multi_master
+  * 8abd3f0 A fix if you have multiple masters configured and try to fire events to the minion.  Currently they fail silently.  Might be the cause of `#24198`_.
+
+- **PR** `#24755`_: (*rallytime*) Remove SALT_CLOUD_REQS from setup.py
+  @ *2015-06-17T17:42:25Z*
+
+  * bf2dd94 Merge pull request `#24755`_ from rallytime/fix_setup_15
+  * 48769a5 Remove SALT_CLOUD_REQS from setup.py
+
+- **PR** `#24740`_: (*rallytime*) Backport `#24720`_ to 2015.5
+  @ *2015-06-17T16:43:37Z*
+
+  - **PR** `#24720`_: (*TheScriptSage*) Issue 24621 - AD/LDAP Group Auth Issue
+    | refs: `#24740`_
+  * 3d53d79 Merge pull request `#24740`_ from rallytime/`bp-24720`_
+  * a9bcdb5 Updating master.py to properly check against groups when user is only authed against group.  Tested against unit.auth_test.
+
+- **PR** `#24723`_: (*rallytime*) Back-port `#20124`_ to 2015.5
+  @ *2015-06-17T16:43:20Z*
+
+  - **PR** `#20124`_: (*cgtx*) add init system to default grains
+    | refs: `#24723`_
+  * ac2851b Merge pull request `#24723`_ from rallytime/`bp-20124`_
+  * 4d0061b fix infinite loop introduced by `#20124`_ when the init system is not in the supported_inits list
+
+  * 0c7fa0f Optimizations for `#20124`_
+
+  * f353454 add init system to default grains (resolve `#20124`_)
+
+- **PR** `#24754`_: (*anlutro*) salt-cloud documentation - Add information about linode location
+  @ *2015-06-17T16:04:48Z*
+
+  * 78cd09b Merge pull request `#24754`_ from alprs/docs-add_linode_location_option
+  * d88e071 add information about linode location
+
+- **PR** `#24748`_: (*jayeshka*) adding states/serverdensity_device unit test case.
+  @ *2015-06-17T15:39:07Z*
+
+  * d5554f7 Merge pull request `#24748`_ from jayeshka/serverdensity_device-states-unit-test
+  * 1a4c241 adding states/serverdensity_device unit test case.
+
+- **PR** `#24739`_: (*rallytime*) Back-port `#24735`_ to 2015.5
+  @ *2015-06-17T15:16:47Z*
+
+  - **PR** `#24735`_: (*notpeter*) Add 2015.5 codename to version numbers docs
+    | refs: `#24739`_
+  * 0b7e7ef Merge pull request `#24739`_ from rallytime/`bp-24735`_
+  * 64c565d Add .0 to version number
+
+  * 5ed801b Add codenames for 2015.5 and future versions. Trailing newline.
+
+- **PR** `#24732`_: (*msteed*) Fix stacktrace when `--summary` is used
+  @ *2015-06-17T03:27:57Z*
+
+  - **ISSUE** `#24111`_: (*yermulnik*) cli option '--summary' got broken after upgrade to 2015.5.1
+    | refs: `#24732`_
+  * c8713f2 Merge pull request `#24732`_ from msteed/issue-24111
+  * 54b33dd Fix stacktrace when --summary is used
+
+- **PR** `#24721`_: (*rallytime*) Back-port `#24668`_ to 2015.5
+  @ *2015-06-17T03:23:47Z*
+
+  - **PR** `#24668`_: (*grischa*) enable virtual package names in pyobjects renderer
+    | refs: `#24721`_ `#24757`_
+  * 70d3781 Merge pull request `#24721`_ from rallytime/`bp-24668`_
+  * 68fb5af fixing other test
+
+  * ba4f262 fixing text for virtual support in pyobjects
+
+  * b349d91 enable virtual package names in pyobjects renderer
+
+- **PR** `#24718`_: (*rallytime*) Added some missing config documentation to the vsphere driver
+  @ *2015-06-17T03:19:35Z*
+
+  - **ISSUE** `#21923`_: (*Fluro*) Salt cloud not running  provisioning script as root
+    | refs: `#24718`_
+  - **ISSUE** `#17241`_: (*hasues*) Salt-Cloud for vSphere needs additional documentation
+    | refs: `#24718`_
+  * 1b9d689 Merge pull request `#24718`_ from rallytime/update_vsphere_docs
+  * bfdebb6 Added some missing config documentation to the vsphere driver
+
+- **PR** `#24714`_: (*rallytime*) Remove cloud-requirements.txt
+  @ *2015-06-17T03:17:04Z*
+
+  * 64857c7 Merge pull request `#24714`_ from rallytime/remove_cloud_reqs_15
+  * 67b796d Remove cloud-requirements.txt
+
+- **PR** `#24733`_: (*msteed*) Include Tornado in versions report
+  @ *2015-06-17T03:13:53Z*
+
+  - **ISSUE** `#24439`_: (*bechtoldt*) Add tornado version to versions report
+    | refs: `#24733`_
+  * f96b1d6 Merge pull request `#24733`_ from msteed/issue-24439
+  * 76cfef0 Include Tornado in versions report
+
+- **PR** `#24737`_: (*jacksontj*) Move AES command logging to trace
+  @ *2015-06-17T01:48:11Z*
+
+  * a861fe0 Merge pull request `#24737`_ from jacksontj/2015.5
+  * a4ed41a Move AES command logging to trace
+
+- **PR** `#24724`_: (*basepi*) [2015.5] Merge forward from 2014.7 to 2015.5
+  @ *2015-06-16T22:46:27Z*
+
+  - **ISSUE** `#24196`_: (*johnccfm*) Exception when using user.present with Windows
+    | refs: `#24646`_
+  - **PR** `#24646`_: (*twangboy*) Fixed user.present on existing user
+  * 0d2dc46 Merge pull request `#24724`_ from basepi/merge-forward-2015.5
+  * 4641028 Merge remote-tracking branch 'upstream/2014.7' into merge-forward-2015.5
+
+  * a18dada Merge pull request `#24646`_ from twangboy/fix_24196
+
+    * a208e1d Fixed user.present on existing user
+
+- **PR** `#24701`_: (*jayeshka*) adding states/selinux unit test case.
+  @ *2015-06-16T15:27:29Z*
+
+  * 3d33fe7 Merge pull request `#24701`_ from jayeshka/selinux-states-unit-test
+  * 0c136fd adding states/selinux unit test case.
+
+- **PR** `#24687`_: (*cachedout*) Note about minimum worker_threads
+  @ *2015-06-15T20:46:23Z*
+
+  * 2e287a9 Merge pull request `#24687`_ from cachedout/min_worker_threads
+  * b7bb7ea Note about minimum worker_threads
+
+- **PR** `#24688`_: (*cachedout*) Update AUTHORS
+  @ *2015-06-15T20:46:03Z*
+
+  * 432478c Merge pull request `#24688`_ from cachedout/update_authors
+  * 3f6880e Better email
+
+  * 6c7b773 Update AUTHORS
+
+- **PR** `#24649`_: (*cachedout*) Improved error reporting for failed states
+  @ *2015-06-15T16:04:20Z*
+
+  - **ISSUE** `#22385`_: (*cachedout*) States which require unavailable modules should display the reason
+    | refs: `#24649`_
+  * 9a2b50d Merge pull request `#24649`_ from cachedout/issue_22385
+  * b9fe792 States will now return the reason behind failure if a module could not be loaded
+
+- **PR** `#24673`_: (*jayeshka*) adding states/schedule unit test case.
+  @ *2015-06-15T15:24:52Z*
+
+  * 66e9e16 Merge pull request `#24673`_ from jayeshka/schedule-states-unit-test
+  * 54aaaa5 adding states/schedule unit test case.
+
+- **PR** `#24663`_: (*kartiksubbarao*) Update augeas_cfg.py
+  @ *2015-06-15T15:18:48Z*
+
+  - **ISSUE** `#24661`_: (*kartiksubbarao*) augeas.change doesn't support setting empty values
+    | refs: `#24663`_
+  * 5eb19c4 Merge pull request `#24663`_ from kartiksubbarao/patch-2
+  * e18db50 Update augeas_cfg.py
+
+- **PR** `#24667`_: (*dkiser*) fix for `#24583`_ clouds/openstack.py kerying first time succeeds
+  @ *2015-06-14T21:58:58Z*
+
+  - **ISSUE** `#24583`_: (*dkiser*) salt-cloud keyring password referenced before assignment
+    | refs: `#24667`_
+  * 4450432 Merge pull request `#24667`_ from dkiser/fix-cloud-keyring
+  * c92c05f fix for `#24583`_ clouds/openstack.py kerying first time succeeds
+
+- **PR** `#24659`_: (*kartiksubbarao*) Update aliases.py
+  @ *2015-06-13T17:31:42Z*
+
+  - **ISSUE** `#24537`_: (*kartiksubbarao*) alias.present doesn't update alias values that are substrings of the existing value
+    | refs: `#24659`_
+  * 4c64ee9 Merge pull request `#24659`_ from kartiksubbarao/patch-1
+  * d683474 Update aliases.py
+
+- **PR** `#24644`_: (*cro*) Merge forward 2014.7->2015.5
+  @ *2015-06-12T21:31:41Z*
+
+  - **PR** `#24643`_: (*cro*) Add reference to salt-announce mailing list
+  - **PR** `#24620`_: (*twangboy*) Fixed comment and uncomment functions in file.py
+  * 89eb616 Merge pull request `#24644`_ from cro/2014.7-2015.5-20150612
+  * 4136dc3 Merge forward from 2014.7 to 2015.5
+
+  * b99484f Merge pull request `#24643`_ from cro/saltannounce
+
+    * ecb0623 Add salt-announce mailing list.
+
+  * 635121e Merge pull request `#24620`_ from twangboy/fix_24215
+
+    * d7a9999 Fixed comment and uncomment functions in file.py
+
+- **PR** `#24642`_: (*basepi*) Revert "fix target rule, remove unneeded quotation mark"
+  @ *2015-06-12T20:14:26Z*
+
+  - **PR** `#24595`_: (*tankywoo*) fix target rule, remove unneeded quotation mark
+    | refs: `#24642`_
+  * b896a0d Merge pull request `#24642`_ from saltstack/revert-24595-fix-iptables-target
+  * 5ff3224 Revert "fix target rule, remove unneeded quotation mark"
+
+- **PR** `#24628`_: (*jayeshka*) adding states/reg unit test case.
+  @ *2015-06-12T17:29:11Z*
+
+  * 01092c2 Merge pull request `#24628`_ from jayeshka/reg_states-unit-test
+  * af1bd8f adding states/reg unit test case.
+
+- **PR** `#24631`_: (*rallytime*) Back-port `#24591`_ to 2015.5
+  @ *2015-06-12T16:54:32Z*
+
+  - **ISSUE** `#24494`_: (*arnoutpierre*) Computed comments in jinja states
+    | refs: `#24591`_
+  - **ISSUE** `#24073`_: (*primechuck*) State.highstate uses stale grain data.
+    | refs: `#24492`_
+  - **ISSUE** `#23359`_: (*BalintSzigeti*) init.sls parsing issue
+    | refs: `#24591`_
+  - **ISSUE** `#21217`_: (*Colstuwjx*) Maybe a bug for jinja render?
+    | refs: `#24591`_
+  - **PR** `#24591`_: (*tbaker57*) Add some documentation surrounding Jinja vs yaml comments - 
+    | refs: `#24631`_
+  - **PR** `#24492`_: (*DmitryKuzmenko*) Don't remove grains from opts
+  * 5f491f9 Merge pull request `#24631`_ from rallytime/`bp-24591`_
+  * f13cd41 Add extra clarification why jinja comments are needed.
+
+  * 2374971 Fix typo
+
+  * 6a91747 Add some documentation surrounding Jinja comments - refs `#24492`_, `#21217`_, `#23359`_
+
+- **PR** `#24616`_: (*garethgreenaway*) additional logging in state.py module
+  @ *2015-06-12T16:25:39Z*
+
+  * f23f99e Merge pull request `#24616`_ from garethgreenaway/2015_5_logging_disabled_states
+  * 4dbf0ef Adding some logging statement to give feedback when states, including highstate, are disabled.  Useful when running from scheduler.
+
+- **PR** `#24595`_: (*tankywoo*) fix target rule, remove unneeded quotation mark
+  | refs: `#24642`_
+  @ *2015-06-12T16:23:22Z*
+
+  * 6dccbb0 Merge pull request `#24595`_ from tankywoo/fix-iptables-target
+  * 10a5160 fix target rule, remove unneeded quotation mark
+
+- **PR** `#24604`_: (*jfindlay*) fix pkg module integration tests
+  @ *2015-06-12T16:04:26Z*
+
+  * 8ac3d94 Merge pull request `#24604`_ from jfindlay/pkg_tests
+  * d88fb22 fix pkg module integration tests on CentOS 5
+
+  * fb91b40 fix pkg module integration tests on ubuntu 12
+
+- **PR** `#24600`_: (*basepi*) [2015.5] Remove __kwarg__ from salt-ssh keyword args
+  @ *2015-06-12T04:21:29Z*
+
+  * 0ff545c Merge pull request `#24600`_ from basepi/salt-ssh.orchestrate.20615
+  * 9b55683 Remove __kwarg__ from salt-ssh keyword args
+
+- **PR** `#24608`_: (*basepi*) [2015.5] Normalize salt-ssh flat roster minion IDs to strings
+  @ *2015-06-11T21:35:07Z*
+
+  - **ISSUE** `#22843`_: (*Xiol*) salt-ssh roster doesn't support integers as host keys
+    | refs: `#24608`_
+  * 832916f Merge pull request `#24608`_ from basepi/salt-ssh.flat.roster.integers.22843
+  * 381820f Normalize salt-ssh flat roster minion IDs to strings
+
+- **PR** `#24605`_: (*basepi*) [2015.5] Merge forward from 2014.7 to 2015.5
+  @ *2015-06-11T19:15:21Z*
+
+  - **PR** `#24589`_: (*BretFisher*) Fixed Mine example for jinja code block
+  * 4eb5bb2 Merge pull request `#24605`_ from basepi/merge-forward-2015.5
+  * f96c502 Merge remote-tracking branch 'upstream/2014.7' into merge-forward-2015.5
+
+  * d83928a Merge pull request `#24589`_ from BretFisher/patch-1
+
+    * 65a1133 Fixed Mine example for jinja code block
+
+- **PR** `#24598`_: (*jacobhammons*) 2015.5.2 release changes
+  @ *2015-06-11T17:24:11Z*
+
+  - **ISSUE** `#24457`_: (*ryan-lane*) When selecting the version of docs on the docs site, it brings you to the homepage
+    | refs: `#24598`_
+  - **ISSUE** `#24250`_: (*jfindlay*) have version links on docs page link to that version of the current page
+    | refs: `#24598`_
+  * e0bb177 Merge pull request `#24598`_ from jacobhammons/doc-fixes
+  * f3f34dd 2015.5.2 release changes Refs `#24250`_ Refs `#24457`_
+
+- **PR** `#24588`_: (*basepi*) Fixes for saltmod.function for salt-ssh
+  @ *2015-06-11T16:15:21Z*
+
+  - **ISSUE** `#20615`_: (*aurynn*) 2014.7.1: salt/states/saltmod using incorrect return dict for orchestrate
+    | refs: `#24588`_
+  * 26930b4 Merge pull request `#24588`_ from basepi/salt-ssh.orchestrate.20615
+  * 826936c Move documentation into docstring instead of comments
+
+  * de052e7 Assign 'return' to 'ret' if necessary in saltmod.function
+
+  * 34ff989 Convert keyword args to key=value strings in salt-ssh
+
+- **PR** `#24593`_: (*jayeshka*) adding states/redismod unit test case.
+  @ *2015-06-11T15:55:27Z*
+
+  * 5a21ad1 Merge pull request `#24593`_ from jayeshka/redismod_states-unit-test
+  * 3b95744 adding states/redismod unit test case.
+
+- **PR** `#24581`_: (*rallytime*) Disabled some flaky tests until we can figure out how to make them more reliable
+  @ *2015-06-11T15:51:41Z*
+
+  - **ISSUE** `#40`_: (*thatch45*) Clean up timeouts
+    | refs: `#22857`_
+  - **PR** `#24217`_: (*jfindlay*) disable intermittently failing tests
+    | refs: `#24581`_
+  - **PR** `#23623`_: (*jfindlay*) Fix /jobs endpoint's return
+    | refs: `#24217`_
+  - **PR** `#22857`_: (*jacksontj*) Fix /jobs endpoint's return
+    | refs: `#23623`_
+  * 8ffb86e Merge pull request `#24581`_ from rallytime/disable_some_flaky_tests
+  * c82f135 Disabled some flaky tests until we can figure out how to make them more reliable
+
+- **PR** `#24566`_: (*jayeshka*) adding states/rdp unit test case.
+  @ *2015-06-11T02:14:39Z*
+
+  * a570d7f Merge pull request `#24566`_ from jayeshka/rdp_states-unit-test
+  * 273b994 adding states/rdp unit test case.
+
+- **PR** `#24551`_: (*joejulian*) 2015.5 dont pollute environment
+  @ *2015-06-11T02:13:06Z*
+
+  - **ISSUE** `#24480`_: (*kiorky*) [CRITICAL] [2015.5] tls breaks tzinfo
+    | refs: `#24551`_
+  * 20ada1f Merge pull request `#24551`_ from joejulian/2015.5_dont_pollute_environment
+  * cfc3b43 Don't pollute the TZ environment variable
+
+  * cba8d3f pep8
+
+  * 9cb7015 Mark keyword version adds
+
+  * 76e2583 Merge tls changes from develop
+
+- **PR** `#24574`_: (*jacobhammons*) Refs `#19901`_
+  @ *2015-06-10T20:09:23Z*
+
+  - **ISSUE** `#19901`_: (*clinta*) State cache is not documented
+    | refs: `#24468`_
+  * bb2fd6a Merge pull request `#24574`_ from jacobhammons/19901
+  * e2a2946 Refs `#19901`_
+
+- **PR** `#24577`_: (*basepi*) [2015.5] Merge forward from 2014.7 to 2015.5
+  @ *2015-06-10T19:46:22Z*
+
+  - **ISSUE** `#24427`_: (*fayetted*) 2015.5.1-3 Windows 64Bit Minion fails to start after install
+    | refs: `#24530`_
+  - **PR** `#24530`_: (*twangboy*) Start Minion Service on Silent Install
+  * b03166c Merge pull request `#24577`_ from basepi/merge-forward-2015.5
+  * e1d45cc Merge remote-tracking branch 'upstream/2014.7' into merge-forward-2015.5
+
+  * d376390 Merge pull request `#24530`_ from twangboy/fix_24427
+
+    * 673e1d8 Added missing panel.bmp for installer
+
+    * cc50218 Start Minion Service on Silent Install
+
+- **PR** `#24571`_: (*jacobhammons*) Refs `#24235`_
+  @ *2015-06-10T17:02:18Z*
+
+  - **ISSUE** `#24235`_: (*tomasfejfar*) Difference between running from minion and from master
+    | refs: `#24468`_
+  * 3ec457b Merge pull request `#24571`_ from jacobhammons/24235
+  * 8df5d53 Refs `#24235`_
+
+- **PR** `#24565`_: (*pille*) fix backtrace, when listing plugins
+  @ *2015-06-10T16:33:11Z*
+
+  * fe07eb5 Merge pull request `#24565`_ from pille/munin-ignore-broken-symlinks
+  * 8511a6c fix backtrace, when listing plugins
+
+- **PR** `#24554`_: (*ryan-lane*) Fix yes usage for pecl defaults
+  @ *2015-06-09T23:59:49Z*
+
+  * 251c8f9 Merge pull request `#24554`_ from lyft/pecl-module-fix
+  * 56a9cfc Fix yes usage for pecl defaults
+
+- **PR** `#24535`_: (*rallytime*) Back-port `#24518`_ to 2015.5
+  @ *2015-06-09T20:06:18Z*
+
+  - **PR** `#24518`_: (*rallytime*) Merge `#24448`_ with Pylint Fixes
+    | refs: `#24535`_
+  - **PR** `#24448`_: (*codertux*) Update modules path for operating systems using systemd
+    | refs: `#24518`_
+  * dbd49b4 Merge pull request `#24535`_ from rallytime/`bp-24518`_
+  * fc75197 Pylint fix
+
+  * 3e08840 Update modules path for operating systems using systemd
+
+- **PR** `#24538`_: (*basepi*) [2015.5] Merge forward from 2014.7 to 2015.5
+  @ *2015-06-09T17:27:20Z*
+
+  - **PR** `#24513`_: (*jquast*) bugfix use of 'iteritem' in 2014.7 branch
+  - **PR** `#24511`_: (*jquast*) bugfix: trailing "...done" in rabbitmq output
+    | refs: `#24513`_
+  * 485ed3c Merge pull request `#24538`_ from basepi/merge-forward-2015.5
+  * 6a8039d Merge remote-tracking branch 'upstream/2014.7' into merge-forward-2015.5
+
+  * 6ebc476 Merge pull request `#24513`_ from jquast/2014.7-bugfix-iteritem
+
+    * 2be0180 bugfix use of 'iteritem' in 2014.7 branch
+
+- **PR** `#24495`_: (*jayeshka*) adding states/rabbitmq_vhost unit test case.
+  @ *2015-06-09T15:33:23Z*
+
+  * 73e6388 Merge pull request `#24495`_ from jayeshka/rabbitmq_vhost_states-unit-test
+  * 31889e3 cosmetic change.
+
+  * cf501cf resolved error.
+
+  * 4bb6087 Merge branch '2015.5' of https://github.com/saltstack/salt into rabbitmq_vhost_states-unit-test
+
+  * 3ad7714 adding states/rabbitmq_vhost unit test case.
+
+- **PR** `#24445`_: (*jayeshka*) adding states/pyrax_queues unit test case.
+  @ *2015-06-09T15:28:45Z*
+
+  * bf1abcc Merge pull request `#24445`_ from jayeshka/pyrax_queues_states-unit-test
+  * ea27cef adding states/pyrax_queues unit test case.
+
+- **PR** `#24490`_: (*aneeshusa*) Fix pacman.list_upgrades for new python_shell default.
+  @ *2015-06-09T15:13:16Z*
+
+  * 0247e8d Merge pull request `#24490`_ from aneeshusa/fix-pacman-list-upgrades
+  * 980e1cb Lint fix.
+
+  * dca33f1 Fix pacman.list_upgrades for new python_shell default.
+
+- **PR** `#24517`_: (*steverweber*) small fixes to the ipmi docs
+  @ *2015-06-09T15:10:14Z*
+
+  * 6268ddb Merge pull request `#24517`_ from steverweber/ipmi_doc
+  * 6413712 lint
+
+  * e78aea9 more small fixes to the ipmi docs
+
+- **PR** `#24524`_: (*jayeshka*) any() takes list oy tuple.
+  @ *2015-06-09T13:49:42Z*
+
+  * 3728b3f Merge pull request `#24524`_ from jayeshka/rabbitmq_vhost_states-module
+  * 01c99ad any() takes list oy tuple.
+
+- **PR** `#24482`_: (*eliasp*) 'docker.running' needs now the 'image' param.
+  @ *2015-06-09T04:43:04Z*
+
+  * dd23de8 Merge pull request `#24482`_ from eliasp/2015.5-states.dockerio-docker.running-doc
+  * 5de741d 'docker.running' needs now the 'image' param.
+
+- **PR** `#24515`_: (*basepi*) [2015.5] Add xml library to the salt-thin
+  @ *2015-06-09T04:10:06Z*
+
+  - **ISSUE** `#23503`_: (*jfindlay*) salt-ssh fails on CentOS 7 when python-zmq is not installed
+    | refs: `#24515`_
+  * 2a727c3 Merge pull request `#24515`_ from basepi/susexml23503
+  * 078b33e Add xml library to the thin
+
+- **PR** `#24497`_: (*jayeshka*) adding states/rbenv unit test case.
+  @ *2015-06-09T03:56:10Z*
+
+  * fce998a Merge pull request `#24497`_ from jayeshka/rbenv_states-unit-test
+  * 79d343a adding states/rbenv unit test case.
+
+- **PR** `#24496`_: (*jayeshka*) adding states/rabbitmq_user unit test case.
+  @ *2015-06-09T03:55:23Z*
+
+  * 2bcb4b1 Merge pull request `#24496`_ from jayeshka/rabbitmq_user_states-unit-test
+  * 7d96f27 adding states/rabbitmq_user unit test case.
+
+- **PR** `#24481`_: (*eliasp*) Fix typo (licnese → license).
+  @ *2015-06-09T03:30:25Z*
+
+  * 02a597b Merge pull request `#24481`_ from eliasp/2015.5-salt.states.powerpath-license_typo
+  * 1280054 Fix typo (licnese → license).
+
+- **PR** `#24467`_: (*thenewwazoo*) Fix dockerio bound volumes
+  @ *2015-06-09T01:40:23Z*
+
+  * 5ad3db5 Merge pull request `#24467`_ from thenewwazoo/fix-dockerio-bound-volumes
+  * db4e3dc Let's raise an exception if create fails
+
+  * d1d85dd Add logging
+
+  * ddc63f0 Fix volume handling when creating containers
+
+- **PR** `#24504`_: (*rallytime*) Move vsphere deprecation to 2015.5
+  @ *2015-06-08T22:43:05Z*
+
+  - **PR** `#24487`_: (*nmadhok*) Deprecating vsphere cloud driver in favor of vmware cloud driver
+    | refs: `#24504`_
+  * d236fbd Merge pull request `#24504`_ from rallytime/move_vsphere_deprecation_2015.5
+  * d876535 Add Getting Started with VSphere doc to 2015.5
+
+  * b685ebc Add vSphere deprecation warnings to 2015.5
+
+- **PR** `#24506`_: (*rallytime*) Backport `#24450`_ to 2015.5
+  @ *2015-06-08T22:42:14Z*
+
+  - **PR** `#24450`_: (*ruzarowski*) Fix salt cli runs with batch-size set
+    | refs: `#24506`_
+  * cb55460 Merge pull request `#24506`_ from rallytime/`bp-24450`_
+  * 1c0fca2 Backport `#24450`_ to 2015.5
+
+- **PR** `#24498`_: (*rallytime*) Added "CLI Example" to make failing test happy on 2015.5
+  @ *2015-06-08T15:48:40Z*
+
+  * 3173fd1 Merge pull request `#24498`_ from rallytime/fix_doc_failure_fifteen
+  * d992ef4 Added "CLI Example" to make failing test happy on 2015.5
+
+- **PR** `#24471`_: (*anlutro*) Set up salt-ssh file logging
+  @ *2015-06-08T15:26:49Z*
+
+  * 3639e41 Merge pull request `#24471`_ from alprs/fix-salt_ssh_logging
+  * 6a11ec8 set up salt-ssh file logging
+
+- **PR** `#24469`_: (*jfindlay*) correctly handle user environment info for npm
+  @ *2015-06-08T15:26:02Z*
+
+  - **ISSUE** `#24231`_: (*tarwich*) npm.bootstrap
+    | refs: `#24469`_
+  * 551e70f Merge pull request `#24469`_ from jfindlay/npm_env
+  * 8140c96 update npm's user info envs
+
+  * cb572f8 add `env` parameter to npm.uninstall
+
+- **PR** `#24468`_: (*jacobhammons*) Bug fixes and build errors
+  @ *2015-06-08T15:25:40Z*
+
+  - **ISSUE** `#24268`_: (*tkent-xetus*) Ability to specify revision for win_gitrepos undocumented
+    | refs: `#24468`_
+  - **ISSUE** `#24235`_: (*tomasfejfar*) Difference between running from minion and from master
+    | refs: `#24468`_
+  - **ISSUE** `#24193`_: (*abng88*) Update ext_pillar docs to mention that this feature is supported masterless as well
+    | refs: `#24468`_
+  - **ISSUE** `#24172`_: (*zhujinhe*) Can lists be passed in the pillar on the command line on version 2015.5.0?
+    | refs: `#24468`_
+  - **ISSUE** `#23211`_: (*lloesche*) Document that salt://| escapes special characters in filenames
+    | refs: `#24468`_
+  - **ISSUE** `#19901`_: (*clinta*) State cache is not documented
+    | refs: `#24468`_
+  - **ISSUE** `#19801`_: (*ksalman*) How are grains static?
+    | refs: `#24468`_
+  * 0d9e0c2 Merge pull request `#24468`_ from jacobhammons/doc-fixes
+  * 1035959 Appended .0 to version added
+
+  * d45c4ed Bug fixes and build errors Refs `#23211`_ Refs `#24268`_ Refs `#24235`_ Refs `#24193`_ Refs `#24172`_ Refs `#19901`_ Refs `#19801`_
+
+- **PR** `#24465`_: (*jfindlay*) catch exception from softwarerepositories
+  @ *2015-06-08T15:25:19Z*
+
+  - **ISSUE** `#24318`_: (*favadi*) uncaught exception for pkgrepo.absent for invalid PPA
+    | refs: `#24465`_
+  * be6905a Merge pull request `#24465`_ from jfindlay/unknown_ppa
+  * 19c9128 catch exception from softwarerepositories
+
+- **PR** `#24464`_: (*jfindlay*) fix typo in modules/mount.py
+  @ *2015-06-08T15:25:07Z*
+
+  - **ISSUE** `#24296`_: (*objectx*) mount.mount calls file.mkdir with incorrect named argument
+    | refs: `#24464`_
+  * 58d1ea8 Merge pull request `#24464`_ from jfindlay/file_mkdir
+  * 6e8cd44 fix typo in modules/mount.py
+
+- **PR** `#24461`_: (*dkiser*) fix for `#24434`_
+  @ *2015-06-08T15:24:53Z*
+
+  - **ISSUE** `#24434`_: (*dkiser*) multimaster failover fails due to logic from issue `#23611`_
+  * 4f332a7 Merge pull request `#24461`_ from dkiser/multimaster_minion_fix
+  * 1944a74 fix for `#24434`_
+
+- **PR** `#24479`_: (*ahus1*) change "path" to "name" for "file" operations
+  @ *2015-06-07T17:56:11Z*
+
+  * 8917416 Merge pull request `#24479`_ from ahus1/patch-1
+  * 7d6b60c change "path" to "name" for "file" operations
+
+- **PR** `#24475`_: (*rallytime*) Back-port `#24454`_ to 2015.5
+  @ *2015-06-07T01:29:32Z*
+
+  - **PR** `#24454`_: (*rhertzog*) Strip extraneous newline character added in last environment variable
+    | refs: `#24475`_
+  * 8618d5b Merge pull request `#24475`_ from rallytime/`bp-24454`_
+  * a793c19 Avoid extraneous newline character added in last environment variable
+
+- **PR** `#24474`_: (*rallytime*) Back-port `#24420`_ to 2015.5
+  @ *2015-06-07T01:29:11Z*
+
+  - **ISSUE** `#24407`_: (*aboe76*) Please expand salt module random
+    | refs: `#24420`_
+  - **PR** `#24420`_: (*aboe76*) added random integer module to mod_random.py
+    | refs: `#24474`_
+  * 61658ff Merge pull request `#24474`_ from rallytime/`bp-24420`_
+  * 4219b40 Fix lint error and update versionadded to 2015.5.3
+
+  * 3613cc9 added random integer module to mod_random.py
+
+- **PR** `#24472`_: (*variia*) ensure {} output is not treated as change in module.py state, fixes #…
+  @ *2015-06-06T14:45:44Z*
+
+  - **ISSUE** `#24233`_: (*variia*) yumpkg.group_install keeps returning state change
+  * 508d7dd Merge pull request `#24472`_ from variia/Fix-yumpkg_group_install-return-change-`#24233`_
+  * 37e8827 ensure {} output is not treated as change in module.py state, fixes `#24233`_
+
+- **PR** `#24466`_: (*basepi*) [2015.5] Fix for # in inner strings in yaml arguments
+  @ *2015-06-06T14:35:56Z*
+
+  - **ISSUE** `#18045`_: (*dstokes*) Pillar kwargs parse error with #
+    | refs: `#24466`_
+  - **ISSUE** `#8585`_: (*UtahDave*) '#' in single quoted option on cli not making it into the execution module
+    | refs: `#24466`_
+  * 0292e67 Merge pull request `#24466`_ from basepi/fixhashinargs18045
+  * 2e0609f Fix for # in inner strings in yaml arguments
+
+- **PR** `#24456`_: (*rallytime*) Back-port `#24441`_ to 2015.5
+  @ *2015-06-05T22:32:25Z*
+
+  - **PR** `#24441`_: (*arthurlogilab*) [doc] Alignement fix on external_auth documentation
+    | refs: `#24456`_
+  * ced558a Merge pull request `#24456`_ from rallytime/`bp-24441`_
+  * 7002855 yaml indentations should be 2 spaces
+
+  * 21b51ab [doc] Alignement fix on external_auth documentation
+
+- **PR** `#24398`_: (*kiorky*) VirtualName for states.apt
+  | refs: `#24399`_
+  @ *2015-06-05T17:40:04Z*
+
+  - **ISSUE** `#24397`_: (*kiorky*) on debian: states.apt should use virtualname as it shadows system apt module
+    | refs: `#24398`_ `#24398`_ `#24399`_ `#24399`_ `#24400`_
+  - **PR** `#24399`_: (*kiorky*) Versionvirtual
+    | refs: `#24398`_
+  * c0ff411 Merge pull request `#24398`_ from makinacorpus/aptv
+  * 785d277 VirtualName for states.apt
+
+- **PR** `#24447`_: (*jayeshka*) adding states/rabbitmq_policy unit test case.
+  @ *2015-06-05T15:26:11Z*
+
+  * 3626340 Merge pull request `#24447`_ from jayeshka/rabbitmq_policy_states-unit-test
+  * 9b038ab adding states/rabbitmq_policy unit test case.
+
+- **PR** `#24446`_: (*jayeshka*) adding states/rabbitmq_plugin unit test case.
+  @ *2015-06-05T15:25:33Z*
+
+  * 8445a3f Merge pull request `#24446`_ from jayeshka/rabbitmq_plugin_states-unit-test
+  * cb0c99a adding states/rabbitmq_plugin unit test case.
+
+- **PR** `#24426`_: (*basepi*) [2015.5] Merge forward from 2014.7 to 2015.5
+  @ *2015-06-05T03:59:11Z*
+
+  - **ISSUE** `#24276`_: (*markuskramerIgitt*) Live salt-master Profiling with SIGUSR2 fails 
+  - **PR** `#24405`_: (*jacksontj*) Fix for `#24276`_
+  - **PR** `#24395`_: (*hvnsweeting*) handle exceptions when received data is not in good shape
+  - **PR** `#24305`_: (*twangboy*) Added documentation, fixed formatting
+  * 9cc3808 Merge pull request `#24426`_ from basepi/merge-forward-2015.5
+  * eafa20c Merge remote-tracking branch 'upstream/2014.7' into merge-forward-2015.5
+
+    * 83f853b Merge pull request `#24405`_ from jacksontj/2014.7
+
+      * 2c7afae Fix for `#24276`_
+
+    * cef919c Merge pull request `#24395`_ from hvnsweeting/handle-exception-get-file
+
+      * bb798a0 handle exceptions when received data is not in good shape
+
+    * efba1a9 Merge pull request `#24305`_ from twangboy/win_path_docs
+
+    * 36804253 Fixed pylint error caused by \\P... added r
+
+    * bc42a4b triple double quotes to triple single quotes
+
+    * 77cd930 Added documentation, fixed formatting
+
+- **PR** `#24429`_: (*jacobhammons*) Salt cloud doc updates, build errors and bug fixes
+  @ *2015-06-05T00:27:38Z*
+
+  - **ISSUE** `#24309`_: (*steverweber*) missing docs
+    | refs: `#24429`_
+  * 5d738b8 Merge pull request `#24429`_ from jacobhammons/cloud-doc-updates
+  * 1f7a13d Salt cloud doc updates, build errors and bug fixes Refs `#24309`_
+
+- **PR** `#24408`_: (*rallytime*) Backport `#24392`_ to 2015.5
+  @ *2015-06-04T20:22:09Z*
+
+  - **PR** `#24392`_: (*quixoten*) Fix "No such file or directory" in grains/core.py
+    | refs: `#24408`_
+  * cdffc02 Merge pull request `#24408`_ from rallytime/`bp-24392`_
+  * ff7461b Use path found by salt.utils.which
+
+- **PR** `#24380`_: (*rallytime*) Backport `#24357`_ to 2015.5
+  @ *2015-06-04T20:13:51Z*
+
+  - **PR** `#24357`_: (*zhujinhe*) fix invoke issues of Jinja Macros example
+    | refs: `#24380`_
+  * a6a1f87 Merge pull request `#24380`_ from rallytime/`bp-24357`_
+  * f08c875 fix invoke issues of Jinja Macros example
+
+- **PR** `#24388`_: (*pengyao*) fixes `#24358`_
+  @ *2015-06-04T20:07:40Z*
+
+  - **ISSUE** `#24358`_: (*pengyao*) Netapi SSH client don't support ssh_user and ssh_passwd arguments
+    | refs: `#24388`_
+  * 86ce9db Merge pull request `#24388`_ from pengyao/sshclient-kwargs
+  * 5c08ca4 fixes `#24358`_
+
+- **PR** `#24367`_: (*terminalmage*) Improve error message when module does not exist
+  @ *2015-06-04T20:07:12Z*
+
+  - **ISSUE** `#22958`_: (*highlyunavailable*) Weird error when typoing a command
+    | refs: `#24367`_
+  * 72d2eae Merge pull request `#24367`_ from terminalmage/issue22958
+  * d0d7a54 Improve error message when module does not exist
+
+- **PR** `#24412`_: (*jfindlay*) backport `#23387`_
+  @ *2015-06-04T20:06:03Z*
+
+  - **ISSUE** `#23101`_: (*gravyboat*) Create a docs page for labels
+    | refs: `#23387`_
+  - **PR** `#23387`_: (*rallytime*) Add some "What are all these labels for?" documentation
+    | refs: `#24412`_
+  * a628778 Merge pull request `#24412`_ from jfindlay/`bp-23387`_
+  * bf85772 Make sure the parameters are in the correct order
+
+  * 9f53809 Add "* Change" label parameters
+
+  * b27a15e Remove "workaround" wording
+
+  * 9fff35a Some small fixes
+
+  * 54a7089 Link the new labels doc in contributing and hacking docs
+
+  * 375695e Add pull request label definitions
+
+  * de94563 Add Feature Request label definition
+
+  * 684f291 Add issue definition and augment functional areas section
+
+  * 2da13dd Start a "what are all of these labels for?" doc
+
+- **PR** `#24336`_: (*twangboy*) Added line to give more descriptive error
+  @ *2015-06-04T19:56:00Z*
+
+  - **ISSUE** `#24154`_: (*ssgward*) Exception when running cp.get_url
+    | refs: `#24336`_
+  * 485116c Merge pull request `#24336`_ from twangboy/fix_cp_get_url
+  * 37b11f9 Added line to give more descriptive error
+
+- **PR** `#24413`_: (*techhat*) Add more namespaced functions to GoGrid driver
+  @ *2015-06-04T19:51:22Z*
+
+  * b3d39cc Merge pull request `#24413`_ from techhat/gogridnamespace
+  * 1b397cb Adding blank line
+
+  * da08cc9 Add more namespaced functions to GoGrid driver
+
+- **PR** `#24399`_: (*kiorky*) Versionvirtual
+  | refs: `#24398`_
+  @ *2015-06-04T18:02:22Z*
+
+  - **ISSUE** `#24397`_: (*kiorky*) on debian: states.apt should use virtualname as it shadows system apt module
+    | refs: `#24398`_ `#24398`_ `#24399`_ `#24399`_ `#24400`_
+  - **PR** `#24398`_: (*kiorky*) VirtualName for states.apt
+    | refs: `#24399`_
+  * 27f109b Merge pull request `#24399`_ from makinacorpus/versionvirtual
+  * 235c78d Use apt_pkg.version_compare if available
+
+  * 1c0cd45 reindent block to isolate conflict on merge forward
+
+  * 699ecea use var to isolate conflict on merge forward
+
+- **PR** `#24371`_: (*joejulian*) 2015.5 tls module tests
+  @ *2015-06-04T15:20:16Z*
+
+  * deaee68 Merge pull request `#24371`_ from joejulian/2015.5_tls_module_tests
+  * 4c5dee1 Add @destructiveTest decorator to destructive tests
+
+  * 274bbd4 Accept results from older pyOpenSSL
+
+  * 161f913 All cert info should be in UTC always
+
+  * 9affcca See the whole diff if dict compare fails
+
+  * 94f6208 Ignore extensions for now. Resolve this as part of fixing issue 24338.
+
+  * 84904d3 Mask lint warning for unused imported module
+
+  * 5675b78 Do not test if PyOpenSSL is not installed
+
+  * 563cc66 Add tls tests
+
+- **PR** `#24403`_: (*jayeshka*) adding states/process unit test case.
+  @ *2015-06-04T15:19:01Z*
+
+  * 84686ee Merge pull request `#24403`_ from jayeshka/process_states-unit-test
+  * fcb71fb adding states/process unit test case.
+
+- **PR** `#24402`_: (*jayeshka*) adding states/pyenv unit test case.
+  @ *2015-06-04T15:18:11Z*
+
+  * 35de8d7 Merge pull request `#24402`_ from jayeshka/pyenv_states-unit-test
+  * 5f263ab adding states/pyenc unit test case.
+
+- **PR** `#24401`_: (*jayeshka*) adding states/powerpath unit test case.
+  @ *2015-06-04T15:17:46Z*
+
+  * 632f838 Merge pull request `#24401`_ from jayeshka/powerpath-states-unit-test
+  * 49ff927 adding states/powerpath unit test case.
+
+- **PR** `#24400`_: (*kiorky*) Aptversion
+  @ *2015-06-04T15:17:19Z*
+
+  - **ISSUE** `#24397`_: (*kiorky*) on debian: states.apt should use virtualname as it shadows system apt module
+    | refs: `#24398`_ `#24398`_ `#24399`_ `#24399`_ `#24400`_
+  * 0a6e5e0 Merge pull request `#24400`_ from makinacorpus/aptversion
+  * e15cb93 Use apt_pkg.version_compare if available
+
+  * 953725a Fix too much quoting in apt.version_cmp
+
+- **PR** `#24385`_: (*jeanpralo*) Fix salt.modules.dockerio.start method
+  @ *2015-06-04T15:00:22Z*
+
+  * a904055 Merge pull request `#24385`_ from jeanpralo/Fix-binds-dockerio.start
+  * a0fed31 binds dict if not specified should remain to none otherwise docker-py will try to create a new host config and all volume and ports binds are lost. config should be done at the creation of the container not when we start it
+
+- **PR** `#24381`_: (*jtand*) Disabled flaky test to review later
+  @ *2015-06-04T14:57:43Z*
+
+  * 9890bc4 Merge pull request `#24381`_ from jtand/seed_test
+  * 7570ae9 Disabled flaky test to review later
+
+- **PR** `#24382`_: (*basepi*) [2015.5] Handle CommandExecutionError in grains commands, Fixes `#23342`_
+  @ *2015-06-04T12:44:04Z*
+
+  - **ISSUE** `#23342`_: (*philipsd6*) salt-ssh 2015.2.0rc2 fails when target doesn't have lspci available
+    | refs: `#24382`_
+  * b3fa8fe Merge pull request `#24382`_ from basepi/grainscommandnotfound23342
+  * 85b91d6 Handle CommandExecutionError in grains commands
+
+- **PR** `#24379`_: (*Starblade42*) Fixes an issue where Pagerduty states/modules couldn't find their profile in the Pillar
+  @ *2015-06-04T12:41:13Z*
+
+  * 52587a4 Merge pull request `#24379`_ from Starblade42/2015.5
+  * b93dc5e Linting!
+
+  * 2dd5904 Fixes an issue where Pagerduty states/modules couldn't find it's profile in the Pillar
+
+- **PR** `#24366`_: (*terminalmage*) Use yes $'\\n' instead of printf '\\n' for pecl commands
+  @ *2015-06-03T21:28:58Z*
+
+  * 3ca35d1 Merge pull request `#24366`_ from terminalmage/pecl-yes
+  * dcd9ad8 Use yes $'\\n' instead of printf '\\n' for pecl commands
+
+- **PR** `#24348`_: (*kiorky*) Try to close input pipes before calling lxc-start
+  @ *2015-06-03T19:38:07Z*
+
+  - **ISSUE** `#24284`_: (*kiorky*) systemd lxc containers need use_vt=True at lxc-start stage
+    | refs: `#24348`_
+  - **PR** `#548`_: (*Lanzaa*) Salt is now platform dependent. Use get_python_lib(1)
+    | refs: `#24348`_
+  * 86a3b31 Merge pull request `#24348`_ from makinacorpus/lxcpre
+  * 0cb11a2 lxc: typo
+
+  * d71efa6 Try to close input pipes before calling lxc-start
+
+
+.. _`#12327`: https://github.com/saltstack/salt/pull/12327
+.. _`#14666`: https://github.com/saltstack/salt/issues/14666
+.. _`#15209`: https://github.com/saltstack/salt/issues/15209
+.. _`#17041`: https://github.com/saltstack/salt/issues/17041
+.. _`#17241`: https://github.com/saltstack/salt/issues/17241
+.. _`#18045`: https://github.com/saltstack/salt/issues/18045
+.. _`#18994`: https://github.com/saltstack/salt/issues/18994
+.. _`#19`: https://github.com/saltstack/salt/issues/19
+.. _`#19801`: https://github.com/saltstack/salt/issues/19801
+.. _`#19901`: https://github.com/saltstack/salt/issues/19901
+.. _`#20124`: https://github.com/saltstack/salt/pull/20124
+.. _`#20226`: https://github.com/saltstack/salt/pull/20226
+.. _`#20274`: https://github.com/saltstack/salt/pull/20274
+.. _`#20473`: https://github.com/saltstack/salt/pull/20473
+.. _`#20481`: https://github.com/saltstack/salt/pull/20481
+.. _`#20540`: https://github.com/saltstack/salt/pull/20540
+.. _`#20615`: https://github.com/saltstack/salt/issues/20615
+.. _`#21217`: https://github.com/saltstack/salt/issues/21217
+.. _`#21318`: https://github.com/saltstack/salt/issues/21318
+.. _`#21520`: https://github.com/saltstack/salt/issues/21520
+.. _`#21923`: https://github.com/saltstack/salt/issues/21923
+.. _`#22263`: https://github.com/saltstack/salt/pull/22263
+.. _`#22385`: https://github.com/saltstack/salt/issues/22385
+.. _`#22843`: https://github.com/saltstack/salt/issues/22843
+.. _`#22857`: https://github.com/saltstack/salt/pull/22857
+.. _`#22958`: https://github.com/saltstack/salt/issues/22958
+.. _`#23101`: https://github.com/saltstack/salt/issues/23101
+.. _`#23211`: https://github.com/saltstack/salt/issues/23211
+.. _`#23342`: https://github.com/saltstack/salt/issues/23342
+.. _`#23359`: https://github.com/saltstack/salt/issues/23359
+.. _`#23387`: https://github.com/saltstack/salt/pull/23387
+.. _`#23478`: https://github.com/saltstack/salt/issues/23478
+.. _`#23503`: https://github.com/saltstack/salt/issues/23503
+.. _`#23611`: https://github.com/saltstack/salt/issues/23611
+.. _`#23623`: https://github.com/saltstack/salt/pull/23623
+.. _`#24073`: https://github.com/saltstack/salt/issues/24073
+.. _`#24111`: https://github.com/saltstack/salt/issues/24111
+.. _`#24154`: https://github.com/saltstack/salt/issues/24154
+.. _`#24163`: https://github.com/saltstack/salt/issues/24163
+.. _`#24172`: https://github.com/saltstack/salt/issues/24172
+.. _`#24175`: https://github.com/saltstack/salt/pull/24175
+.. _`#24193`: https://github.com/saltstack/salt/issues/24193
+.. _`#24196`: https://github.com/saltstack/salt/issues/24196
+.. _`#24198`: https://github.com/saltstack/salt/issues/24198
+.. _`#24207`: https://github.com/saltstack/salt/pull/24207
+.. _`#24217`: https://github.com/saltstack/salt/pull/24217
+.. _`#24231`: https://github.com/saltstack/salt/issues/24231
+.. _`#24233`: https://github.com/saltstack/salt/issues/24233
+.. _`#24235`: https://github.com/saltstack/salt/issues/24235
+.. _`#24250`: https://github.com/saltstack/salt/issues/24250
+.. _`#24268`: https://github.com/saltstack/salt/issues/24268
+.. _`#24275`: https://github.com/saltstack/salt/issues/24275
+.. _`#24276`: https://github.com/saltstack/salt/issues/24276
+.. _`#24284`: https://github.com/saltstack/salt/issues/24284
+.. _`#24296`: https://github.com/saltstack/salt/issues/24296
+.. _`#24305`: https://github.com/saltstack/salt/pull/24305
+.. _`#24309`: https://github.com/saltstack/salt/issues/24309
+.. _`#24318`: https://github.com/saltstack/salt/issues/24318
+.. _`#24329`: https://github.com/saltstack/salt/pull/24329
+.. _`#24330`: https://github.com/saltstack/salt/pull/24330
+.. _`#24336`: https://github.com/saltstack/salt/pull/24336
+.. _`#24348`: https://github.com/saltstack/salt/pull/24348
+.. _`#24357`: https://github.com/saltstack/salt/pull/24357
+.. _`#24358`: https://github.com/saltstack/salt/issues/24358
+.. _`#24366`: https://github.com/saltstack/salt/pull/24366
+.. _`#24367`: https://github.com/saltstack/salt/pull/24367
+.. _`#24371`: https://github.com/saltstack/salt/pull/24371
+.. _`#24375`: https://github.com/saltstack/salt/issues/24375
+.. _`#24379`: https://github.com/saltstack/salt/pull/24379
+.. _`#24380`: https://github.com/saltstack/salt/pull/24380
+.. _`#24381`: https://github.com/saltstack/salt/pull/24381
+.. _`#24382`: https://github.com/saltstack/salt/pull/24382
+.. _`#24385`: https://github.com/saltstack/salt/pull/24385
+.. _`#24388`: https://github.com/saltstack/salt/pull/24388
+.. _`#24392`: https://github.com/saltstack/salt/pull/24392
+.. _`#24395`: https://github.com/saltstack/salt/pull/24395
+.. _`#24397`: https://github.com/saltstack/salt/issues/24397
+.. _`#24398`: https://github.com/saltstack/salt/pull/24398
+.. _`#24399`: https://github.com/saltstack/salt/pull/24399
+.. _`#24400`: https://github.com/saltstack/salt/pull/24400
+.. _`#24401`: https://github.com/saltstack/salt/pull/24401
+.. _`#24402`: https://github.com/saltstack/salt/pull/24402
+.. _`#24403`: https://github.com/saltstack/salt/pull/24403
+.. _`#24405`: https://github.com/saltstack/salt/pull/24405
+.. _`#24407`: https://github.com/saltstack/salt/issues/24407
+.. _`#24408`: https://github.com/saltstack/salt/pull/24408
+.. _`#24412`: https://github.com/saltstack/salt/pull/24412
+.. _`#24413`: https://github.com/saltstack/salt/pull/24413
+.. _`#24420`: https://github.com/saltstack/salt/pull/24420
+.. _`#24426`: https://github.com/saltstack/salt/pull/24426
+.. _`#24427`: https://github.com/saltstack/salt/issues/24427
+.. _`#24429`: https://github.com/saltstack/salt/pull/24429
+.. _`#24434`: https://github.com/saltstack/salt/issues/24434
+.. _`#24439`: https://github.com/saltstack/salt/issues/24439
+.. _`#24441`: https://github.com/saltstack/salt/pull/24441
+.. _`#24445`: https://github.com/saltstack/salt/pull/24445
+.. _`#24446`: https://github.com/saltstack/salt/pull/24446
+.. _`#24447`: https://github.com/saltstack/salt/pull/24447
+.. _`#24448`: https://github.com/saltstack/salt/pull/24448
+.. _`#24450`: https://github.com/saltstack/salt/pull/24450
+.. _`#24454`: https://github.com/saltstack/salt/pull/24454
+.. _`#24456`: https://github.com/saltstack/salt/pull/24456
+.. _`#24457`: https://github.com/saltstack/salt/issues/24457
+.. _`#24461`: https://github.com/saltstack/salt/pull/24461
+.. _`#24464`: https://github.com/saltstack/salt/pull/24464
+.. _`#24465`: https://github.com/saltstack/salt/pull/24465
+.. _`#24466`: https://github.com/saltstack/salt/pull/24466
+.. _`#24467`: https://github.com/saltstack/salt/pull/24467
+.. _`#24468`: https://github.com/saltstack/salt/pull/24468
+.. _`#24469`: https://github.com/saltstack/salt/pull/24469
+.. _`#24471`: https://github.com/saltstack/salt/pull/24471
+.. _`#24472`: https://github.com/saltstack/salt/pull/24472
+.. _`#24474`: https://github.com/saltstack/salt/pull/24474
+.. _`#24475`: https://github.com/saltstack/salt/pull/24475
+.. _`#24479`: https://github.com/saltstack/salt/pull/24479
+.. _`#24480`: https://github.com/saltstack/salt/issues/24480
+.. _`#24481`: https://github.com/saltstack/salt/pull/24481
+.. _`#24482`: https://github.com/saltstack/salt/pull/24482
+.. _`#24487`: https://github.com/saltstack/salt/pull/24487
+.. _`#24490`: https://github.com/saltstack/salt/pull/24490
+.. _`#24492`: https://github.com/saltstack/salt/pull/24492
+.. _`#24494`: https://github.com/saltstack/salt/issues/24494
+.. _`#24495`: https://github.com/saltstack/salt/pull/24495
+.. _`#24496`: https://github.com/saltstack/salt/pull/24496
+.. _`#24497`: https://github.com/saltstack/salt/pull/24497
+.. _`#24498`: https://github.com/saltstack/salt/pull/24498
+.. _`#24504`: https://github.com/saltstack/salt/pull/24504
+.. _`#24506`: https://github.com/saltstack/salt/pull/24506
+.. _`#24511`: https://github.com/saltstack/salt/pull/24511
+.. _`#24513`: https://github.com/saltstack/salt/pull/24513
+.. _`#24515`: https://github.com/saltstack/salt/pull/24515
+.. _`#24517`: https://github.com/saltstack/salt/pull/24517
+.. _`#24518`: https://github.com/saltstack/salt/pull/24518
+.. _`#24521`: https://github.com/saltstack/salt/issues/24521
+.. _`#24524`: https://github.com/saltstack/salt/pull/24524
+.. _`#24530`: https://github.com/saltstack/salt/pull/24530
+.. _`#24535`: https://github.com/saltstack/salt/pull/24535
+.. _`#24537`: https://github.com/saltstack/salt/issues/24537
+.. _`#24538`: https://github.com/saltstack/salt/pull/24538
+.. _`#24547`: https://github.com/saltstack/salt/issues/24547
+.. _`#24551`: https://github.com/saltstack/salt/pull/24551
+.. _`#24554`: https://github.com/saltstack/salt/pull/24554
+.. _`#24560`: https://github.com/saltstack/salt/issues/24560
+.. _`#24565`: https://github.com/saltstack/salt/pull/24565
+.. _`#24566`: https://github.com/saltstack/salt/pull/24566
+.. _`#24571`: https://github.com/saltstack/salt/pull/24571
+.. _`#24574`: https://github.com/saltstack/salt/pull/24574
+.. _`#24577`: https://github.com/saltstack/salt/pull/24577
+.. _`#24581`: https://github.com/saltstack/salt/pull/24581
+.. _`#24583`: https://github.com/saltstack/salt/issues/24583
+.. _`#24588`: https://github.com/saltstack/salt/pull/24588
+.. _`#24589`: https://github.com/saltstack/salt/pull/24589
+.. _`#24591`: https://github.com/saltstack/salt/pull/24591
+.. _`#24593`: https://github.com/saltstack/salt/pull/24593
+.. _`#24595`: https://github.com/saltstack/salt/pull/24595
+.. _`#24598`: https://github.com/saltstack/salt/pull/24598
+.. _`#24600`: https://github.com/saltstack/salt/pull/24600
+.. _`#24604`: https://github.com/saltstack/salt/pull/24604
+.. _`#24605`: https://github.com/saltstack/salt/pull/24605
+.. _`#24607`: https://github.com/saltstack/salt/pull/24607
+.. _`#24608`: https://github.com/saltstack/salt/pull/24608
+.. _`#24616`: https://github.com/saltstack/salt/pull/24616
+.. _`#24620`: https://github.com/saltstack/salt/pull/24620
+.. _`#24628`: https://github.com/saltstack/salt/pull/24628
+.. _`#24631`: https://github.com/saltstack/salt/pull/24631
+.. _`#24632`: https://github.com/saltstack/salt/pull/24632
+.. _`#24642`: https://github.com/saltstack/salt/pull/24642
+.. _`#24643`: https://github.com/saltstack/salt/pull/24643
+.. _`#24644`: https://github.com/saltstack/salt/pull/24644
+.. _`#24646`: https://github.com/saltstack/salt/pull/24646
+.. _`#24649`: https://github.com/saltstack/salt/pull/24649
+.. _`#24659`: https://github.com/saltstack/salt/pull/24659
+.. _`#24661`: https://github.com/saltstack/salt/issues/24661
+.. _`#24663`: https://github.com/saltstack/salt/pull/24663
+.. _`#24667`: https://github.com/saltstack/salt/pull/24667
+.. _`#24668`: https://github.com/saltstack/salt/pull/24668
+.. _`#24673`: https://github.com/saltstack/salt/pull/24673
+.. _`#24687`: https://github.com/saltstack/salt/pull/24687
+.. _`#24688`: https://github.com/saltstack/salt/pull/24688
+.. _`#24690`: https://github.com/saltstack/salt/pull/24690
+.. _`#24701`: https://github.com/saltstack/salt/pull/24701
+.. _`#24714`: https://github.com/saltstack/salt/pull/24714
+.. _`#24717`: https://github.com/saltstack/salt/pull/24717
+.. _`#24718`: https://github.com/saltstack/salt/pull/24718
+.. _`#24720`: https://github.com/saltstack/salt/pull/24720
+.. _`#24721`: https://github.com/saltstack/salt/pull/24721
+.. _`#24723`: https://github.com/saltstack/salt/pull/24723
+.. _`#24724`: https://github.com/saltstack/salt/pull/24724
+.. _`#24732`: https://github.com/saltstack/salt/pull/24732
+.. _`#24733`: https://github.com/saltstack/salt/pull/24733
+.. _`#24735`: https://github.com/saltstack/salt/pull/24735
+.. _`#24737`: https://github.com/saltstack/salt/pull/24737
+.. _`#24739`: https://github.com/saltstack/salt/pull/24739
+.. _`#24740`: https://github.com/saltstack/salt/pull/24740
+.. _`#24741`: https://github.com/saltstack/salt/pull/24741
+.. _`#24746`: https://github.com/saltstack/salt/issues/24746
+.. _`#24747`: https://github.com/saltstack/salt/pull/24747
+.. _`#24748`: https://github.com/saltstack/salt/pull/24748
+.. _`#24749`: https://github.com/saltstack/salt/pull/24749
+.. _`#24754`: https://github.com/saltstack/salt/pull/24754
+.. _`#24755`: https://github.com/saltstack/salt/pull/24755
+.. _`#24757`: https://github.com/saltstack/salt/pull/24757
+.. _`#24766`: https://github.com/saltstack/salt/pull/24766
+.. _`#24768`: https://github.com/saltstack/salt/pull/24768
+.. _`#24769`: https://github.com/saltstack/salt/pull/24769
+.. _`#24770`: https://github.com/saltstack/salt/issues/24770
+.. _`#24771`: https://github.com/saltstack/salt/pull/24771
+.. _`#24774`: https://github.com/saltstack/salt/pull/24774
+.. _`#24776`: https://github.com/saltstack/salt/issues/24776
+.. _`#24777`: https://github.com/saltstack/salt/pull/24777
+.. _`#24778`: https://github.com/saltstack/salt/pull/24778
+.. _`#24779`: https://github.com/saltstack/salt/pull/24779
+.. _`#24780`: https://github.com/saltstack/salt/pull/24780
+.. _`#24782`: https://github.com/saltstack/salt/pull/24782
+.. _`#24789`: https://github.com/saltstack/salt/pull/24789
+.. _`#24790`: https://github.com/saltstack/salt/pull/24790
+.. _`#24791`: https://github.com/saltstack/salt/pull/24791
+.. _`#24792`: https://github.com/saltstack/salt/pull/24792
+.. _`#24795`: https://github.com/saltstack/salt/pull/24795
+.. _`#24798`: https://github.com/saltstack/salt/pull/24798
+.. _`#24799`: https://github.com/saltstack/salt/issues/24799
+.. _`#24802`: https://github.com/saltstack/salt/pull/24802
+.. _`#24809`: https://github.com/saltstack/salt/pull/24809
+.. _`#24811`: https://github.com/saltstack/salt/pull/24811
+.. _`#24823`: https://github.com/saltstack/salt/pull/24823
+.. _`#24824`: https://github.com/saltstack/salt/pull/24824
+.. _`#24826`: https://github.com/saltstack/salt/issues/24826
+.. _`#24832`: https://github.com/saltstack/salt/pull/24832
+.. _`#24834`: https://github.com/saltstack/salt/pull/24834
+.. _`#24839`: https://github.com/saltstack/salt/pull/24839
+.. _`#24845`: https://github.com/saltstack/salt/pull/24845
+.. _`#24846`: https://github.com/saltstack/salt/issues/24846
+.. _`#24847`: https://github.com/saltstack/salt/pull/24847
+.. _`#24848`: https://github.com/saltstack/salt/pull/24848
+.. _`#24852`: https://github.com/saltstack/salt/pull/24852
+.. _`#24861`: https://github.com/saltstack/salt/pull/24861
+.. _`#24862`: https://github.com/saltstack/salt/issues/24862
+.. _`#24870`: https://github.com/saltstack/salt/issues/24870
+.. _`#24871`: https://github.com/saltstack/salt/issues/24871
+.. _`#24873`: https://github.com/saltstack/salt/pull/24873
+.. _`#24874`: https://github.com/saltstack/salt/pull/24874
+.. _`#24875`: https://github.com/saltstack/salt/issues/24875
+.. _`#24880`: https://github.com/saltstack/salt/pull/24880
+.. _`#24885`: https://github.com/saltstack/salt/issues/24885
+.. _`#24886`: https://github.com/saltstack/salt/pull/24886
+.. _`#24891`: https://github.com/saltstack/salt/pull/24891
+.. _`#24897`: https://github.com/saltstack/salt/pull/24897
+.. _`#24898`: https://github.com/saltstack/salt/pull/24898
+.. _`#24899`: https://github.com/saltstack/salt/pull/24899
+.. _`#24900`: https://github.com/saltstack/salt/pull/24900
+.. _`#24902`: https://github.com/saltstack/salt/pull/24902
+.. _`#24915`: https://github.com/saltstack/salt/issues/24915
+.. _`#24918`: https://github.com/saltstack/salt/pull/24918
+.. _`#24923`: https://github.com/saltstack/salt/pull/24923
+.. _`#24926`: https://github.com/saltstack/salt/pull/24926
+.. _`#24930`: https://github.com/saltstack/salt/pull/24930
+.. _`#24935`: https://github.com/saltstack/salt/pull/24935
+.. _`#24936`: https://github.com/saltstack/salt/pull/24936
+.. _`#24944`: https://github.com/saltstack/salt/pull/24944
+.. _`#24948`: https://github.com/saltstack/salt/pull/24948
+.. _`#24965`: https://github.com/saltstack/salt/pull/24965
+.. _`#24966`: https://github.com/saltstack/salt/pull/24966
+.. _`#24969`: https://github.com/saltstack/salt/issues/24969
+.. _`#24975`: https://github.com/saltstack/salt/pull/24975
+.. _`#24977`: https://github.com/saltstack/salt/pull/24977
+.. _`#24986`: https://github.com/saltstack/salt/pull/24986
+.. _`#24987`: https://github.com/saltstack/salt/pull/24987
+.. _`#24988`: https://github.com/saltstack/salt/pull/24988
+.. _`#24994`: https://github.com/saltstack/salt/pull/24994
+.. _`#24995`: https://github.com/saltstack/salt/pull/24995
+.. _`#24999`: https://github.com/saltstack/salt/pull/24999
+.. _`#25002`: https://github.com/saltstack/salt/pull/25002
+.. _`#25003`: https://github.com/saltstack/salt/pull/25003
+.. _`#25007`: https://github.com/saltstack/salt/pull/25007
+.. _`#25011`: https://github.com/saltstack/salt/pull/25011
+.. _`#25022`: https://github.com/saltstack/salt/pull/25022
+.. _`#25029`: https://github.com/saltstack/salt/pull/25029
+.. _`#25038`: https://github.com/saltstack/salt/pull/25038
+.. _`#25041`: https://github.com/saltstack/salt/issues/25041
+.. _`#25045`: https://github.com/saltstack/salt/pull/25045
+.. _`#25052`: https://github.com/saltstack/salt/pull/25052
+.. _`#25057`: https://github.com/saltstack/salt/issues/25057
+.. _`#25065`: https://github.com/saltstack/salt/pull/25065
+.. _`#25067`: https://github.com/saltstack/salt/pull/25067
+.. _`#25078`: https://github.com/saltstack/salt/pull/25078
+.. _`#25083`: https://github.com/saltstack/salt/pull/25083
+.. _`#25085`: https://github.com/saltstack/salt/pull/25085
+.. _`#25089`: https://github.com/saltstack/salt/pull/25089
+.. _`#25095`: https://github.com/saltstack/salt/pull/25095
+.. _`#25096`: https://github.com/saltstack/salt/pull/25096
+.. _`#25099`: https://github.com/saltstack/salt/pull/25099
+.. _`#40`: https://github.com/saltstack/salt/issues/40
+.. _`#473`: https://github.com/saltstack/salt/pull/473
+.. _`#548`: https://github.com/saltstack/salt/pull/548
+.. _`#8585`: https://github.com/saltstack/salt/issues/8585
+.. _`bp-20124`: https://github.com/saltstack/salt/pull/20124
+.. _`bp-22263`: https://github.com/saltstack/salt/pull/22263
+.. _`bp-23387`: https://github.com/saltstack/salt/pull/23387
+.. _`bp-24357`: https://github.com/saltstack/salt/pull/24357
+.. _`bp-24392`: https://github.com/saltstack/salt/pull/24392
+.. _`bp-24420`: https://github.com/saltstack/salt/pull/24420
+.. _`bp-24441`: https://github.com/saltstack/salt/pull/24441
+.. _`bp-24450`: https://github.com/saltstack/salt/pull/24450
+.. _`bp-24454`: https://github.com/saltstack/salt/pull/24454
+.. _`bp-24518`: https://github.com/saltstack/salt/pull/24518
+.. _`bp-24591`: https://github.com/saltstack/salt/pull/24591
+.. _`bp-24668`: https://github.com/saltstack/salt/pull/24668
+.. _`bp-24717`: https://github.com/saltstack/salt/pull/24717
+.. _`bp-24720`: https://github.com/saltstack/salt/pull/24720
+.. _`bp-24735`: https://github.com/saltstack/salt/pull/24735
+.. _`bp-24741`: https://github.com/saltstack/salt/pull/24741
+.. _`bp-24749`: https://github.com/saltstack/salt/pull/24749
+.. _`bp-24757`: https://github.com/saltstack/salt/pull/24757
+.. _`bp-24811`: https://github.com/saltstack/salt/pull/24811
+.. _`bp-24839`: https://github.com/saltstack/salt/pull/24839
+.. _`bp-24845`: https://github.com/saltstack/salt/pull/24845
+.. _`bp-24847`: https://github.com/saltstack/salt/pull/24847
+.. _`bp-24848`: https://github.com/saltstack/salt/pull/24848
diff -Nru salt-2015.5.2+ds/doc/topics/releases/version_numbers.rst salt-2015.5.3+ds/doc/topics/releases/version_numbers.rst
--- salt-2015.5.2+ds/doc/topics/releases/version_numbers.rst	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/releases/version_numbers.rst	2015-07-01 21:33:42.000000000 +0000
@@ -23,6 +23,9 @@
 
 - Hydrogen: ``2014.1.0``
 - Helium: ``2014.7.0``
+- Lithium: ``2015.5.0``
+- Beryllium: ``TBD``
+- Boron: ``TBD``
 
 Example
 -------
@@ -35,4 +38,4 @@
 ``2020.6.3``.
 
 After the release is cut, new features would be worked on under the ``Xenon``
-code name and the process repeats itself.
\ No newline at end of file
+code name and the process repeats itself.
diff -Nru salt-2015.5.2+ds/doc/topics/troubleshooting/minion.rst salt-2015.5.3+ds/doc/topics/troubleshooting/minion.rst
--- salt-2015.5.2+ds/doc/topics/troubleshooting/minion.rst	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/troubleshooting/minion.rst	2015-07-01 21:33:42.000000000 +0000
@@ -66,6 +66,8 @@
 .. _`SELinux`: https://en.wikipedia.org/wiki/Security-Enhanced_Linux
 .. _`AppArmor`: http://wiki.apparmor.net/index.php/Main_Page
 
+.. _troubleshooting-minion-salt-call:
+
 Using salt-call
 ===============
 
diff -Nru salt-2015.5.2+ds/doc/topics/tutorials/pillar.rst salt-2015.5.3+ds/doc/topics/tutorials/pillar.rst
--- salt-2015.5.2+ds/doc/topics/tutorials/pillar.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/tutorials/pillar.rst	2015-07-07 20:42:37.000000000 +0000
@@ -34,9 +34,9 @@
     minions can be defined in pillar and then accessed inside sls formulas
     and template files.
 Arbitrary Data:
-    Pillar can contain any basic data structure, so a list of values, or a
-    key/value store can be defined making it easy to iterate over a group
-    of values in sls formulas
+    Pillar can contain any basic data structure in dictionary format,
+    so a key/value store can be defined making it easy to iterate over a group
+    of values in sls formulas.
 
 Pillar is therefore one of the most important systems when using Salt. This
 walkthrough is designed to get a simple Pillar up and running in a few minutes
@@ -309,12 +309,6 @@
 
     salt '*' state.sls my_sls_file pillar='{"hello": "world"}'
 
-Lists can be passed in pillar as well:
-
-.. code-block:: bash
-
-    salt '*' state.highstate pillar='["foo", "bar", "baz"]'
-
 .. note::
 
     If a key is passed on the command line that already exists on the minion,
diff -Nru salt-2015.5.2+ds/doc/topics/tutorials/standalone_minion.rst salt-2015.5.3+ds/doc/topics/tutorials/standalone_minion.rst
--- salt-2015.5.2+ds/doc/topics/tutorials/standalone_minion.rst	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/tutorials/standalone_minion.rst	2015-07-01 21:33:42.000000000 +0000
@@ -1,3 +1,5 @@
+.. _tutorial-standalone-minion:
+
 =================
 Standalone Minion
 =================
@@ -77,4 +79,10 @@
 
 .. code-block:: bash
 
-    salt-call state.highstate --local
\ No newline at end of file
+    salt-call state.highstate --local
+
+External Pillars
+================
+
+:ref:`External pillars <external-pillars>` are supported when running in masterless mode.
+
diff -Nru salt-2015.5.2+ds/doc/topics/tutorials/states_pt1.rst salt-2015.5.3+ds/doc/topics/tutorials/states_pt1.rst
--- salt-2015.5.2+ds/doc/topics/tutorials/states_pt1.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/tutorials/states_pt1.rst	2015-07-07 20:42:37.000000000 +0000
@@ -178,8 +178,8 @@
             salt-minion -l debug
 
     Run the minion in the foreground
-        By not starting the minion in daemon mode (:option:`-d <salt-minion
-        -d>`) one can view any output from the minion as it works:
+        By not starting the minion in daemon mode (:option:`-d <salt-minion -d>`)
+        one can view any output from the minion as it works:
 
         .. code-block:: bash
 
diff -Nru salt-2015.5.2+ds/doc/topics/tutorials/states_pt3.rst salt-2015.5.3+ds/doc/topics/tutorials/states_pt3.rst
--- salt-2015.5.2+ds/doc/topics/tutorials/states_pt3.rst	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/tutorials/states_pt3.rst	2015-07-01 21:33:42.000000000 +0000
@@ -46,6 +46,13 @@
 
 .. code-blocK:: jinja
 
+    # Comments in yaml start with a hash symbol.
+    # Since jinja rendering occurs before yaml parsing, if you want to include jinja 
+    # in the comments you may need to escape them using 'jinja' comments to prevent
+    # jinja from trying to render something which is not well-defined jinja.
+    # e.g.
+    # {# iterate over the Three Stooges using a {% for %}..{% endfor %} loop 
+    # with the iterator variable {{ usr }} becoming the state ID. #}
     {% for usr in 'moe','larry','curly' %}
     {{ usr }}:
       group:
@@ -216,4 +223,4 @@
 
 In :doc:`part 4 <states_pt4>` we will discuss how to use salt's
 :conf_master:`file_roots` to set up a workflow in which states can be
-"promoted" from dev, to QA, to production.
\ No newline at end of file
+"promoted" from dev, to QA, to production.
diff -Nru salt-2015.5.2+ds/doc/topics/tutorials/walkthrough.rst salt-2015.5.3+ds/doc/topics/tutorials/walkthrough.rst
--- salt-2015.5.2+ds/doc/topics/tutorials/walkthrough.rst	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/doc/topics/tutorials/walkthrough.rst	2015-07-07 20:42:37.000000000 +0000
@@ -33,11 +33,9 @@
 Installing Salt
 ---------------
 
-SaltStack has been made to be very easy to install and get started. Setting up
-Salt should be as easy as installing Salt via distribution packages on Linux or
-via the Windows installer. The :doc:`installation documents
-</topics/installation/index>` cover platform-specific installation in depth.
-
+SaltStack has been made to be very easy to install and get started. The
+:doc:`installation documents </topics/installation/index>` contain instructions
+for all supported platforms.
 
 Starting Salt
 -------------
@@ -636,9 +634,8 @@
 Two more in-depth States tutorials exist, which delve much more deeply into States
 functionality.
 
-1. Thomas' original states tutorial, :doc:`How Do I Use Salt
-   States?</topics/tutorials/starting_states>`, covers much more to get off the
-   ground with States.
+1. :doc:`How Do I Use Salt States? </topics/tutorials/starting_states>`, covers much
+   more to get off the ground with States.
 
 2. The :doc:`States Tutorial</topics/tutorials/states_pt1>` also provides a
    fantastic introduction.
diff -Nru salt-2015.5.2+ds/pkg/smartos/salt-minion.xml salt-2015.5.3+ds/pkg/smartos/salt-minion.xml
--- salt-2015.5.2+ds/pkg/smartos/salt-minion.xml	2015-05-21 19:34:21.000000000 +0000
+++ salt-2015.5.3+ds/pkg/smartos/salt-minion.xml	2015-07-01 21:33:42.000000000 +0000
@@ -14,7 +14,7 @@
                   grouping="require_all"
                   restart_on="none"
                   type="path">
-          <service_fmri value='file:///opt/local/etc/salt/minion'/>
+          <service_fmri value="file:///opt/local/etc/salt/minion"/>
       </dependency>
 
       <dependency name="network"
@@ -31,17 +31,17 @@
         <service_fmri value="svc:/system/filesystem/local"/>
       </dependency>
 
-      <method_context>
-       <method_environment>
-        <envvar name='PATH'
-                value='/usr/local/sbin:/usr/local/bin:/opt/local/sbin:/opt/local/bin:/usr/sbin:/usr/bin:/sbin'/>
-       </method_environment>
-      </method_context>
-
       <exec_method type="method"
                    name="start"
                    exec="/opt/local/bin/salt-minion -c %{config_dir}"
-                   timeout_seconds="60"/>
+                   timeout_seconds="60">
+        <method_context>
+          <method_environment>
+            <envvar name="PATH"
+                    value="/usr/local/sbin:/usr/local/bin:/opt/local/sbin:/opt/local/bin:/usr/sbin:/usr/bin:/sbin"/>
+          </method_environment>
+        </method_context>
+      </exec_method>
 
       <exec_method type="method"
                    name="stop"
diff -Nru salt-2015.5.2+ds/pkg/windows/installer/Salt-Minion-Setup.nsi salt-2015.5.3+ds/pkg/windows/installer/Salt-Minion-Setup.nsi
--- salt-2015.5.2+ds/pkg/windows/installer/Salt-Minion-Setup.nsi	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/pkg/windows/installer/Salt-Minion-Setup.nsi	2015-07-01 21:33:42.000000000 +0000
@@ -142,19 +142,6 @@
 
 FunctionEnd
 
-Function MsiQueryProductState
-
-  !define INSTALLSTATE_DEFAULT "5"
-  Var /GLOBAL NeedVcRedist                       ; used as a return value
-
-  Pop $R0
-  StrCpy $NeedVcRedist "False"
-  System::Call "msi::MsiQueryProductStateA(t '$R0') i.r0"
-  StrCmp $0 ${INSTALLSTATE_DEFAULT} +2 0
-  StrCpy $NeedVcRedist "True"
-
-FunctionEnd
-
 Name "${PRODUCT_NAME} ${PRODUCT_VERSION}"
 OutFile "Salt-Minion-${PRODUCT_VERSION}-${CPUARCH}-Setup.exe"
 InstallDir "c:\salt"
@@ -162,37 +149,6 @@
 ShowInstDetails show
 ShowUnInstDetails show
 
-; Check and install Visual C++ 2008 SP1 MFC Security Update redist packages
-; See http://blogs.msdn.com/b/astebner/archive/2009/01/29/9384143.aspx for more info
-Section -Prerequisites
-
-;  !define VC_REDIST_X64_GUID "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}"
-;  !define VC_REDIST_X86_GUID "{9BE518E6-ECC6-35A9-88E4-87755C07200F}"
-;  !define VC_REDIST_X64_URI "http://download.microsoft.com/download/5/D/8/5D8C65CB-C849-4025-8E95-C3966CAFD8AE/vcredist_x64.exe"
-;  !define VC_REDIST_X86_URI "http://download.microsoft.com/download/5/D/8/5D8C65CB-C849-4025-8E95-C3966CAFD8AE/vcredist_x86.exe"
-
-;  Var /GLOBAL VcRedistGuid
-;  Var /GLOBAL VcRedistUri
-;  ${If} ${RunningX64}
-;    StrCpy $VcRedistGuid ${VC_REDIST_X64_GUID}
-;    StrCpy $VcRedistUri  ${VC_REDIST_X64_URI}
-;  ${Else}
-;    StrCpy $VcRedistGuid ${VC_REDIST_X86_GUID}
-;    StrCpy $VcRedistUri  ${VC_REDIST_X86_URI}
-;  ${EndIf}
-
-;  Push $VcRedistGuid
-  Call MsiQueryProductState
-;  ${If} $NeedVcRedist == "True"
-;    NSISdl::download /TIMEOUT=30000 $VcRedistUri $TEMP\vcredist.exe
-;    Pop $R0
-;    StrCmp $R0 "success" +2
-;      MessageBox MB_OK "VC redist package download failed: $R0" /SD IDOK    ; just report, do not break installation
-;    Execwait '"$TEMP\vcredist.exe" /q'
-;  ${EndIf}
-
-SectionEnd
-
 Section "MainSection" SEC01
 
   ; Remove previous version of salt, but don't remove conf and key
@@ -255,6 +211,12 @@
   Call updateMinionConfig
 SectionEnd
 
+Function .onInstSuccess
+; If the installer is running Silently, start the service
+  IfSilent 0 +2
+  Exec 'net start salt-minion'
+FunctionEnd
+
 Function un.onUninstSuccess
   HideWindow
   MessageBox MB_ICONINFORMATION|MB_OK "$(^Name) was successfully removed from your computer." /SD IDOK
@@ -367,8 +329,6 @@
   Delete "$INSTDIR\salt*"
   Delete "$INSTDIR\bin"
 
-  #Delete "$SMPROGRAMS\Salt Minion\Uninstall.lnk"
-  #RMDir /r "$SMPROGRAMS\Salt Minion"
   ${If} $INSTDIR != 'Program Files'
   ${AndIf} $INSTDIR != 'Program Files (x86)'
     RMDir /r "$INSTDIR"
diff -Nru salt-2015.5.2+ds/PKG-INFO salt-2015.5.3+ds/PKG-INFO
--- salt-2015.5.2+ds/PKG-INFO	2015-06-04 16:49:25.000000000 +0000
+++ salt-2015.5.3+ds/PKG-INFO	2015-07-07 21:09:09.000000000 +0000
@@ -1,6 +1,6 @@
 Metadata-Version: 1.0
 Name: salt
-Version: 2015.5.2
+Version: 2015.5.3
 Summary: Portable, distributed, remote execution and configuration management system
 Home-page: http://saltstack.org
 Author: Thomas S Hatch
diff -Nru salt-2015.5.2+ds/salt/auth/mysql.py salt-2015.5.3+ds/salt/auth/mysql.py
--- salt-2015.5.2+ds/salt/auth/mysql.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/auth/mysql.py	2015-07-01 21:33:42.000000000 +0000
@@ -9,29 +9,29 @@
 To get started, create a simple table that holds just a username and
 a password. The password field will hold a SHA256 checksum.
 
-  .. code-block:: sql
+.. code-block:: sql
 
-  CREATE TABLE `users` (
-    `id` int(11) NOT NULL AUTO_INCREMENT,
-    `username` varchar(25) DEFAULT NULL,
-    `password` varchar(70) DEFAULT NULL,
-    PRIMARY KEY (`id`)
-  ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1;
+    CREATE TABLE `users` (
+      `id` int(11) NOT NULL AUTO_INCREMENT,
+      `username` varchar(25) DEFAULT NULL,
+      `password` varchar(70) DEFAULT NULL,
+      PRIMARY KEY (`id`)
+    ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1;
 
 To create a user within MySQL, execute the following statement.
 
-  .. code-block:: sql
+.. code-block:: sql
 
-  INSERT INTO users VALUES (NULL, 'diana', SHA2('secret', 256))
+    INSERT INTO users VALUES (NULL, 'diana', SHA2('secret', 256))
 
-  .. code-block:: yaml
+.. code-block:: yaml
 
-  mysql_auth:
-    hostname: localhost
-    database: SaltStack
-    username: root
-    password: letmein
-    auth_sql: 'SELECT username FROM users WHERE username = "{0}" AND password = SHA2("{1}", 256)'
+    mysql_auth:
+      hostname: localhost
+      database: SaltStack
+      username: root
+      password: letmein
+      auth_sql: 'SELECT username FROM users WHERE username = "{0}" AND password = SHA2("{1}", 256)'
 
 The `auth_sql` contains the SQL that will validate a user to ensure they are
 correctly authenticated. This is where you can specify other SQL queries to
@@ -39,7 +39,7 @@
 
 Enable MySQL authentication.
 
-  .. code-block:: yaml
+.. code-block:: yaml
 
     external_auth:
       mysql:
diff -Nru salt-2015.5.2+ds/salt/beacons/inotify.py salt-2015.5.3+ds/salt/beacons/inotify.py
--- salt-2015.5.2+ds/salt/beacons/inotify.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/beacons/inotify.py	2015-07-07 20:42:37.000000000 +0000
@@ -84,24 +84,26 @@
 
     The mask list can contain the following events (the default mask is create,
     delete, and modify):
-        * access            File accessed
-        * attrib            File metadata changed
-        * close_nowrite     Unwritable file closed
-        * close_write       Writable file closed
-        * create            File created in watched directory
-        * delete            File deleted from watched directory
-        * delete_self       Watched file or directory deleted
-        * modify            File modified
-        * moved_from        File moved out of watched directory
-        * moved_to          File moved into watched directory
-        * move_self         Watched file moved
-        * open              File opened
+
+    * access            File accessed
+    * attrib            File metadata changed
+    * close_nowrite     Unwritable file closed
+    * close_write       Writable file closed
+    * create            File created in watched directory
+    * delete            File deleted from watched directory
+    * delete_self       Watched file or directory deleted
+    * modify            File modified
+    * moved_from        File moved out of watched directory
+    * moved_to          File moved into watched directory
+    * move_self         Watched file moved
+    * open              File opened
 
     The mask can also contain the following options:
-        * dont_follow       Don't dereference symbolic links
-        * excl_unlink       Omit events for children after they have been unlinked
-        * oneshot           Remove watch after one event
-        * onlydir           Operate only if name is directory
+
+    * dont_follow       Don't dereference symbolic links
+    * excl_unlink       Omit events for children after they have been unlinked
+    * oneshot           Remove watch after one event
+    * onlydir           Operate only if name is directory
 
     recurse:
       Recursively watch files in the directory
diff -Nru salt-2015.5.2+ds/salt/cli/batch.py salt-2015.5.3+ds/salt/cli/batch.py
--- salt-2015.5.2+ds/salt/cli/batch.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/cli/batch.py	2015-07-07 20:42:37.000000000 +0000
@@ -139,10 +139,10 @@
             for ping_ret in self.ping_gen:
                 if ping_ret is None:
                     break
-                if ping_ret not in self.minions:
-                    self.minions.append(ping_ret)
-                    to_run.append(ping_ret)
-
+                m = next(ping_ret.iterkeys())
+                if m not in self.minions:
+                    self.minions.append(m)
+                    to_run.append(m)
             for queue in iters:
                 try:
                     # Gather returns until we get to the bottom
@@ -157,8 +157,11 @@
                             continue
                         if self.opts.get('raw'):
                             parts.update({part['id']: part})
+                            minion_tracker[queue]['minions'].remove(part['id'])
                         else:
                             parts.update(part)
+                            for id in part.keys():
+                                minion_tracker[queue]['minions'].remove(id)
                 except StopIteration:
                     # if a iterator is done:
                     # - set it to inactive
@@ -176,7 +179,8 @@
                                 parts[minion]['ret'] = {}
 
             for minion, data in parts.items():
-                active.remove(minion)
+                if minion in active:
+                    active.remove(minion)
                 if self.opts.get('raw'):
                     yield data
                 else:
diff -Nru salt-2015.5.2+ds/salt/cli/salt.py salt-2015.5.3+ds/salt/cli/salt.py
--- salt-2015.5.2+ds/salt/cli/salt.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/cli/salt.py	2015-07-07 20:42:37.000000000 +0000
@@ -237,7 +237,7 @@
         not_return_counter = 0
         not_return_minions = []
         for each_minion in ret:
-            minion_ret = ret[each_minion].get('ret')
+            minion_ret = ret[each_minion]
             if (
                     isinstance(minion_ret, string_types)
                     and minion_ret.startswith("Minion did not return")
diff -Nru salt-2015.5.2+ds/salt/cli/ssh.py salt-2015.5.3+ds/salt/cli/ssh.py
--- salt-2015.5.2+ds/salt/cli/ssh.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/cli/ssh.py	2015-07-01 21:33:42.000000000 +0000
@@ -13,6 +13,7 @@
 
     def run(self):
         self.parse_args()
+        self.setup_logfile_logger()
 
         ssh = salt.client.ssh.SSH(self.config)
         ssh.run()
diff -Nru salt-2015.5.2+ds/salt/client/ssh/client.py salt-2015.5.3+ds/salt/client/ssh/client.py
--- salt-2015.5.2+ds/salt/client/ssh/client.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/client/ssh/client.py	2015-07-07 20:42:37.000000000 +0000
@@ -128,12 +128,20 @@
                 })
             {'silver': {'fun_args': [], 'jid': '20141202152721523072', 'return': True, 'retcode': 0, 'success': True, 'fun': 'test.ping', 'id': 'silver'}}
         '''
+
+        kwargs = copy.deepcopy(low)
+
+        for ignore in ['tgt', 'fun', 'arg', 'timeout', 'expr_form', 'kwarg']:
+            if ignore in kwargs:
+                del kwargs[ignore]
+
         return self.cmd(low['tgt'],
                         low['fun'],
                         low.get('arg', []),
                         low.get('timeout'),
                         low.get('expr_form'),
-                        low.get('kwarg'))
+                        low.get('kwarg'),
+                        **kwargs)
 
     def cmd_async(self, low, timeout=None):
         '''
diff -Nru salt-2015.5.2+ds/salt/client/ssh/__init__.py salt-2015.5.3+ds/salt/client/ssh/__init__.py
--- salt-2015.5.2+ds/salt/client/ssh/__init__.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/client/ssh/__init__.py	2015-07-07 20:42:37.000000000 +0000
@@ -935,14 +935,15 @@
     def cmd_block(self, is_retry=False):
         '''
         Prepare the pre-check command to send to the subsystem
-        '''
-        # 1. execute SHIM + command
-        # 2. check if SHIM returns a master request or if it completed
-        # 3. handle any master request
-        # 4. re-execute SHIM + command
-        # 5. split SHIM results from command results
-        # 6. return command results
 
+        1. execute SHIM + command
+        2. check if SHIM returns a master request or if it completed
+        3. handle any master request
+        4. re-execute SHIM + command
+        5. split SHIM results from command results
+        6. return command results
+        '''
+        self.argv = _convert_args(self.argv)
         log.debug('Performing shimmed, blocking command as follows:\n{0}'.format(' '.join(self.argv)))
         cmd_str = self._cmd_str()
         stdout, stderr, retcode = self.shim_cmd(cmd_str)
@@ -1207,3 +1208,20 @@
         return ret[1].split(',')[0].split('_')[1]
     except IndexError:
         return '2.0'
+
+
+def _convert_args(args):
+    '''
+    Take a list of args, and convert any dicts inside the list to keyword
+    args in the form of `key=value`, ready to be passed to salt-ssh
+    '''
+    converted = []
+    for arg in args:
+        if isinstance(arg, dict):
+            for key in list(arg.keys()):
+                if key == '__kwarg__':
+                    continue
+                converted.append('{0}={1}'.format(key, arg[key]))
+        else:
+            converted.append(arg)
+    return converted
diff -Nru salt-2015.5.2+ds/salt/client/ssh/wrapper/state.py salt-2015.5.3+ds/salt/client/ssh/wrapper/state.py
--- salt-2015.5.2+ds/salt/client/ssh/wrapper/state.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/client/ssh/wrapper/state.py	2015-07-01 21:33:42.000000000 +0000
@@ -22,6 +22,9 @@
 import salt.log
 from salt.ext.six import string_types
 
+__func_alias__ = {
+    'apply_': 'apply'
+}
 log = logging.getLogger(__name__)
 
 
@@ -259,6 +262,28 @@
     return stdout
 
 
+def apply_(mods=None,
+          **kwargs):
+    '''
+    .. versionadded:: 2015.5.3
+
+    Apply states! This function will call highstate or state.sls based on the
+    arguments passed in, state.apply is intended to be the main gateway for
+    all state executions.
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' state.apply
+        salt '*' state.apply test
+        salt '*' state.apply test,pkgs
+    '''
+    if mods:
+        return sls(mods, **kwargs)
+    return highstate(**kwargs)
+
+
 def highstate(test=None, **kwargs):
     '''
     Retrieve the state data from the salt master for this minion and execute it
diff -Nru salt-2015.5.2+ds/salt/cloud/clouds/digital_ocean.py salt-2015.5.3+ds/salt/cloud/clouds/digital_ocean.py
--- salt-2015.5.2+ds/salt/cloud/clouds/digital_ocean.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/cloud/clouds/digital_ocean.py	2015-07-07 20:42:37.000000000 +0000
@@ -81,19 +81,22 @@
     '''
     Return the first configured instance.
     '''
-    warn_until(
-        'Beryllium',
-        'The digital_ocean driver is deprecated and will be removed in Salt Beryllium. '
-        'Please convert your digital ocean provider configs to use the digital_ocean_v2 '
-        'driver.'
-    )
-
-    return config.is_provider_configured(
+    configuration = config.is_provider_configured(
         __opts__,
         __active_provider_name__ or 'digital_ocean',
         ('api_key',)
     )
 
+    if configuration:
+        warn_until(
+            'Beryllium',
+            'The digital_ocean driver is deprecated and will be removed in Salt Beryllium. '
+            'Please convert your digital ocean provider configs to use the digital_ocean_v2 '
+            'driver.'
+        )
+
+    return configuration
+
 
 def avail_locations(call=None):
     '''
diff -Nru salt-2015.5.2+ds/salt/cloud/clouds/gogrid.py salt-2015.5.3+ds/salt/cloud/clouds/gogrid.py
--- salt-2015.5.2+ds/salt/cloud/clouds/gogrid.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/cloud/clouds/gogrid.py	2015-07-07 20:42:37.000000000 +0000
@@ -23,6 +23,14 @@
 
       provider: gogrid
 
+.. note::
+
+    A Note about using Map files with GoGrid:
+
+    Due to limitations in the GoGrid API, instances cannot be provisioned in parallel
+    with the GoGrid driver. Map files will work with GoGrid, but the ``-P``
+    argument should not be used on maps referencing GoGrid instances.
+
 '''
 from __future__ import absolute_import
 
@@ -51,12 +59,16 @@
 get_image = namespaced_function(get_image, globals())
 avail_images = namespaced_function(avail_images, globals())
 avail_sizes = namespaced_function(avail_sizes, globals())
+avail_locations = namespaced_function(avail_locations, globals())
 script = namespaced_function(script, globals())
 destroy = namespaced_function(destroy, globals())
 list_nodes = namespaced_function(list_nodes, globals())
 list_nodes_full = namespaced_function(list_nodes_full, globals())
 list_nodes_select = namespaced_function(list_nodes_select, globals())
 show_instance = namespaced_function(show_instance, globals())
+reboot = namespaced_function(reboot, globals())
+get_node = namespaced_function(get_node, globals())
+get_salt_interface = namespaced_function(get_salt_interface, globals())
 
 
 # Only load in this module is the GOGRID configurations are in place
diff -Nru salt-2015.5.2+ds/salt/cloud/clouds/openstack.py salt-2015.5.3+ds/salt/cloud/clouds/openstack.py
--- salt-2015.5.2+ds/salt/cloud/clouds/openstack.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/cloud/clouds/openstack.py	2015-07-07 20:42:37.000000000 +0000
@@ -295,6 +295,8 @@
                     )
                 else:
                     actual_password = provider_password
+            else:
+                actual_password = driver_password
         else:
             actual_password = password
         return driver(
diff -Nru salt-2015.5.2+ds/salt/cloud/clouds/vsphere.py salt-2015.5.3+ds/salt/cloud/clouds/vsphere.py
--- salt-2015.5.2+ds/salt/cloud/clouds/vsphere.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/cloud/clouds/vsphere.py	2015-07-07 20:42:37.000000000 +0000
@@ -3,7 +3,15 @@
 vSphere Cloud Module
 ====================
 
-.. versionadded:: 2014.7.0
+.. note::
+
+    .. deprecated:: Carbon
+
+        The :py:func:`vsphere <salt.cloud.clouds.vsphere>` cloud driver has been
+        deprecated in favor of the :py:func:`vmware <salt.cloud.clouds.vmware>`
+        cloud driver and will be removed in Salt Carbon. Please refer to
+        :doc:`Getting started with VMware </topics/cloud/vmware>` to get started
+        and convert your vsphere provider configurations to use the vmware driver.
 
 The vSphere cloud module is used to control access to VMWare vSphere.
 
@@ -29,6 +37,8 @@
       provider: vsphere
       user: myuser
       password: verybadpass
+      template_user: root
+      template_password: mybadVMpassword
       url: 'https://10.1.1.1:443'
 
 Note: Your URL may or may not look like any of the following, depending on how
@@ -43,17 +53,22 @@
     10.1.1.1:443/sdk
 
 
-folder: Name of the folder that will contain the new VM. If not set, the VM will
-        be added to the folder the original VM belongs to.
-
-resourcepool: MOR of the resourcepool to be used for the new vm. If not set, it
-              uses the same resourcepool than the original vm.
+folder
+    Name of the folder that will contain the new VM. If not set, the VM will be added to
+    the folder the original VM belongs to.
+
+resourcepool
+    MOR of the resourcepool to be used for the new vm. If not set, it uses the same
+    resourcepool than the original vm.
+
+datastore
+    MOR of the datastore where the virtual machine should be located. If not specified,
+    the current datastore is used.
 
-datastore: MOR of the datastore where the virtual machine should be located. If
-           not specified, the current datastore is used.
+host
+    MOR of the host where the virtual machine should be registered.
 
-host: MOR of the host where the virtual machine should be registered.
-    IF not specified:
+    Id not specified:
         * if resourcepool is not specified, current host is used.
         * if resourcepool is specified, and the target pool represents a
           stand-alone host, the host is used.
@@ -62,8 +77,25 @@
         * if resourcepool is specified and the target pool represents a cluster
           without DRS enabled, an InvalidArgument exception will be thrown.
 
-template: Specifies whether or not the new virtual machine should be marked as a
-          template. Default is False.
+template
+    Specifies whether or not the new virtual machine should be marked as a template.
+    Default is False.
+
+template_user
+    Specifies the user to access the VM. Should be
+
+template_password
+    The password with which to access the VM.
+
+sudo
+    The user to access the VM with sudo privileges.
+
+    .. versionadded:: 2015.5.2
+
+sudo_password
+    The password corresponding to the sudo user to access the VM with sudo privileges.
+
+    .. versionadded:: 2015.5.2
 '''
 from __future__ import absolute_import
 
@@ -76,6 +108,7 @@
 import salt.utils.cloud
 import salt.utils.xmlutil
 from salt.exceptions import SaltCloudSystemExit
+from salt.utils import warn_until
 
 # Import salt cloud libs
 import salt.config as config
@@ -110,6 +143,11 @@
     '''
     Return the first configured instance.
     '''
+    warn_until(
+        'Carbon',
+        'The vsphere driver is deprecated in favor of the vmware driver and will be removed '
+        'in Salt Carbon. Please convert your vsphere provider configs to use the vmware driver.'
+    )
     return config.is_provider_configured(
         __opts__,
         __active_provider_name__ or 'vsphere',
diff -Nru salt-2015.5.2+ds/salt/cloud/__init__.py salt-2015.5.3+ds/salt/cloud/__init__.py
--- salt-2015.5.2+ds/salt/cloud/__init__.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/cloud/__init__.py	2015-07-07 20:42:37.000000000 +0000
@@ -1339,6 +1339,9 @@
         except IOError:
             main_cloud_config = {}
 
+        if main_cloud_config is None:
+            main_cloud_config = {}
+
         profile_details = self.opts['profiles'][profile]
         alias, driver = profile_details['provider'].split(':')
         mapped_providers = self.map_providers_parallel()
@@ -1514,8 +1517,12 @@
                     # Mis-configured provider that got removed?
                     log.warn(
                         'The cloud driver, {0!r}, configured under the '
-                        '{1!r} cloud provider alias was not loaded since '
-                        '\'{2}()\' could not be found. Removing it from '
+                        '{1!r} cloud provider alias, could not be loaded. '
+                        'Please check your provider configuration files and '
+                        'ensure all required dependencies are installed '
+                        'for the {0!r} driver.\n'
+                        'In rare cases, this could indicate the \'{2}()\' '
+                        'function could not be found.\nRemoving {0!r} from '
                         'the available providers list'.format(
                             driver, alias, fun
                         )
diff -Nru salt-2015.5.2+ds/salt/config.py salt-2015.5.3+ds/salt/config.py
--- salt-2015.5.2+ds/salt/config.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/config.py	2015-07-07 20:42:37.000000000 +0000
@@ -46,6 +46,16 @@
     '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s][%(process)d] %(message)s'
 )
 
+if salt.utils.is_windows():
+    # Since an 'ipc_mode' of 'ipc' will never work on Windows due to lack of
+    # support in ZeroMQ, we want the default to be something that has a
+    # chance of working.
+    _DFLT_IPC_MODE = 'tcp'
+    _DFLT_MULTIPROCESSING_MODE = False
+else:
+    _DFLT_IPC_MODE = 'ipc'
+    _DFLT_MULTIPROCESSING_MODE = True
+
 FLO_DIR = os.path.join(
         os.path.dirname(__file__),
         'daemons', 'flo')
@@ -280,13 +290,14 @@
     'rotate_aes_key': bool,
     'cache_sreqs': bool,
     'cmd_safe': bool,
+    'sudo_user': str,
 }
 
 # default configurations
 DEFAULT_MINION_OPTS = {
     'interface': '0.0.0.0',
     'master': 'salt',
-    'master_type': 'str',
+    'master_type': 'standard',
     'master_port': '4506',
     'master_finger': '',
     'master_shuffle': False,
@@ -359,7 +370,7 @@
     'open_mode': False,
     'auto_accept': True,
     'autosign_timeout': 120,
-    'multiprocessing': True,
+    'multiprocessing': _DFLT_MULTIPROCESSING_MODE,
     'mine_interval': 60,
     'ipc_mode': 'ipc',
     'ipv6': False,
@@ -434,6 +445,7 @@
     'zmq_monitor': False,
     'cache_sreqs': True,
     'cmd_safe': True,
+    'sudo_user': '',
 }
 
 DEFAULT_MASTER_OPTS = {
@@ -901,14 +913,13 @@
     'root_dir' option.
     '''
     root_dir = os.path.abspath(opts['root_dir'])
+    root_opt = opts['root_dir'].rstrip(os.sep)
     for path_option in path_options:
         if path_option in opts:
-            if opts[path_option].startswith(opts['root_dir']):
-                opts[path_option] = opts[path_option][len(opts['root_dir']):]
-            opts[path_option] = salt.utils.path_join(
-                root_dir,
-                opts[path_option]
-            )
+            path = opts[path_option]
+            if path == root_opt or path.startswith(root_opt + os.sep):
+                path = path[len(root_opt):]
+            opts[path_option] = salt.utils.path_join(root_dir, path)
 
 
 def insert_system_path(opts, paths):
diff -Nru salt-2015.5.2+ds/salt/fileclient.py salt-2015.5.3+ds/salt/fileclient.py
--- salt-2015.5.2+ds/salt/fileclient.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/fileclient.py	2015-07-07 21:04:39.000000000 +0000
@@ -356,11 +356,14 @@
             self.opts['cachedir'], 'localfiles', path.lstrip('/'))
         filesdest = os.path.join(
             self.opts['cachedir'], 'files', saltenv, path.lstrip('salt://'))
+        extrndest = self._extrn_path(path, saltenv)
 
         if os.path.exists(filesdest):
             return filesdest
         elif os.path.exists(localsfilesdest):
             return localsfilesdest
+        elif os.path.exists(extrndest):
+            return extrndest
 
         return ''
 
@@ -537,13 +540,7 @@
                 netloc = salt.utils.sanitize_win_path_string(url_data.netloc)
             else:
                 netloc = url_data.netloc
-            dest = salt.utils.path_join(
-                self.opts['cachedir'],
-                'extrn_files',
-                saltenv,
-                netloc,
-                url_data.path
-            )
+            dest = self._extrn_path(url, saltenv)
             destdir = os.path.dirname(dest)
             if not os.path.isdir(destdir):
                 os.makedirs(destdir)
@@ -595,6 +592,8 @@
                 stream=True,
                 **get_kwargs
             )
+            if 'handle' not in query:
+                raise MinionError('Error: {0}'.format(query['error']))
             response = query['handle']
             chunk_size = 32 * 1024
             if not no_cache:
@@ -668,13 +667,7 @@
             return ''
         if not dest:
             # No destination passed, set the dest as an extrn_files cache
-            dest = salt.utils.path_join(
-                self.opts['cachedir'],
-                'extrn_files',
-                saltenv,
-                url_data.netloc,
-                url_data.path
-            )
+            dest = self._extrn_path(url, saltenv)
             # If Salt generated the dest name, create any required dirs
             makedirs = True
 
@@ -688,6 +681,20 @@
         shutil.move(data['data'], dest)
         return dest
 
+    def _extrn_path(self, url, saltenv):
+        '''
+        Return the extn_filepath for a given url
+        '''
+        url_data = urlparse(url)
+
+        return salt.utils.path_join(
+            self.opts['cachedir'],
+            'extrn_files',
+            saltenv,
+            url_data.netloc,
+            url_data.path
+        )
+
 
 class LocalClient(Client):
     '''
@@ -993,6 +1000,7 @@
             )
         )
         d_tries = 0
+        transport_tries = 0
         path = self._check_proto(path)
         load = {'path': path,
                 'saltenv': saltenv,
@@ -1010,45 +1018,54 @@
                 else:
                     return False
             fn_ = salt.utils.fopen(dest, 'wb+')
+
         while True:
             if not fn_:
                 load['loc'] = 0
             else:
                 load['loc'] = fn_.tell()
             data = self.channel.send(load)
-            if 'data' not in data:
-                log.error('Data is {0}'.format(data))
-                self._refresh_channel()
-            if not data['data']:
-                if not fn_ and data['dest']:
-                    # This is a 0 byte file on the master
+            try:
+                if not data['data']:
+                    if not fn_ and data['dest']:
+                        # This is a 0 byte file on the master
+                        with self._cache_loc(data['dest'], saltenv) as cache_dest:
+                            dest = cache_dest
+                            with salt.utils.fopen(cache_dest, 'wb+') as ofile:
+                                ofile.write(data['data'])
+                    if 'hsum' in data and d_tries < 3:
+                        # Master has prompted a file verification, if the
+                        # verification fails, re-download the file. Try 3 times
+                        d_tries += 1
+                        hsum = salt.utils.get_hash(dest, data.get('hash_type', 'md5'))
+                        if hsum != data['hsum']:
+                            log.warn('Bad download of file {0}, attempt {1} '
+                                     'of 3'.format(path, d_tries))
+                            continue
+                    break
+                if not fn_:
                     with self._cache_loc(data['dest'], saltenv) as cache_dest:
                         dest = cache_dest
-                        with salt.utils.fopen(cache_dest, 'wb+') as ofile:
-                            ofile.write(data['data'])
-                if 'hsum' in data and d_tries < 3:
-                    # Master has prompted a file verification, if the
-                    # verification fails, re-download the file. Try 3 times
-                    d_tries += 1
-                    hsum = salt.utils.get_hash(dest, data.get('hash_type', 'md5'))
-                    if hsum != data['hsum']:
-                        log.warn('Bad download of file {0}, attempt {1} '
-                                 'of 3'.format(path, d_tries))
-                        continue
-                break
-            if not fn_:
-                with self._cache_loc(data['dest'], saltenv) as cache_dest:
-                    dest = cache_dest
-                    # If a directory was formerly cached at this path, then
-                    # remove it to avoid a traceback trying to write the file
-                    if os.path.isdir(dest):
-                        salt.utils.rm_rf(dest)
-                    fn_ = salt.utils.fopen(dest, 'wb+')
-            if data.get('gzip', None):
-                data = salt.utils.gzip_util.uncompress(data['data'])
-            else:
-                data = data['data']
-            fn_.write(data)
+                        # If a directory was formerly cached at this path, then
+                        # remove it to avoid a traceback trying to write the file
+                        if os.path.isdir(dest):
+                            salt.utils.rm_rf(dest)
+                        fn_ = salt.utils.fopen(dest, 'wb+')
+                if data.get('gzip', None):
+                    data = salt.utils.gzip_util.uncompress(data['data'])
+                else:
+                    data = data['data']
+                fn_.write(data)
+            except (TypeError, KeyError) as e:
+                transport_tries += 1
+                log.error('Data transport is broken, got: {0}, type: {1}, '
+                          'exception: {2}, attempt {3} of 3'.format(
+                              data, type(data), e, transport_tries)
+                          )
+                self._refresh_channel()
+                if transport_tries > 3:
+                    break
+
         if fn_:
             fn_.close()
             log.info(
diff -Nru salt-2015.5.2+ds/salt/grains/core.py salt-2015.5.3+ds/salt/grains/core.py
--- salt-2015.5.2+ds/salt/grains/core.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/grains/core.py	2015-07-07 20:42:37.000000000 +0000
@@ -161,7 +161,7 @@
 
     devs = []
     try:
-        lspci_out = __salt__['cmd.run']('lspci -vmm')
+        lspci_out = __salt__['cmd.run']('{0} -vmm'.format(lspci))
 
         cur_dev = {}
         error = False
@@ -495,11 +495,18 @@
         if not cmd:
             continue
 
-        cmd = '{0} {1}'.format(command, ' '.join(args))
+        cmd = '{0} {1}'.format(cmd, ' '.join(args))
 
-        ret = __salt__['cmd.run_all'](cmd)
+        try:
+            ret = __salt__['cmd.run_all'](cmd)
 
-        if ret['retcode'] > 0:
+            if ret['retcode'] > 0:
+                if salt.log.is_logging_configured():
+                    if salt.utils.is_windows():
+                        continue
+                    failed_commands.add(command)
+                continue
+        except salt.exceptions.CommandExecutionError:
             if salt.log.is_logging_configured():
                 if salt.utils.is_windows():
                     continue
@@ -706,10 +713,13 @@
             if maker.startswith('OpenStack'):
                 grains['virtual'] = 'OpenStack'
         if sysctl:
+            hv_vendor = __salt__['cmd.run']('{0} hw.hv_vendor'.format(sysctl))
             model = __salt__['cmd.run']('{0} hw.model'.format(sysctl))
             jail = __salt__['cmd.run'](
                 '{0} -n security.jail.jailed'.format(sysctl)
             )
+            if 'bhyve' in hv_vendor:
+                grains['virtual'] = 'bhyve'
             if jail == '1':
                 grains['virtual_subtype'] = 'jail'
             if 'QEMU Virtual CPU' in model:
@@ -1023,6 +1033,38 @@
             grains['systemd']['version'] = systemd_info[0].split()[1]
             grains['systemd']['features'] = systemd_info[1]
 
+        # Add init grain
+        grains['init'] = 'unknown'
+        try:
+            os.stat('/run/systemd/system')
+            grains['init'] = 'systemd'
+        except OSError:
+            with salt.utils.fopen('/proc/1/cmdline') as fhr:
+                init_cmdline = fhr.read().replace('\x00', ' ').split()
+                init_bin = salt.utils.which(init_cmdline[0])
+                supported_inits = ('upstart', 'sysvinit', 'systemd')
+                edge_len = max(len(x) for x in supported_inits) - 1
+                buf_size = __opts__['file_buffer_size']
+                try:
+                    with open(init_bin, 'rb') as fp_:
+                        buf = True
+                        edge = ''
+                        buf = fp_.read(buf_size).lower()
+                        while buf:
+                            buf = edge + buf
+                            for item in supported_inits:
+                                if item in buf:
+                                    grains['init'] = item
+                                    buf = ''
+                                    break
+                            edge = buf[-edge_len:]
+                            buf = fp_.read(buf_size).lower()
+                except (IOError, OSError) as exc:
+                    log.error(
+                        'Unable to read from init_bin ({0}): {1}'
+                        .format(init_bin, exc)
+                    )
+
         # Add lsb grains on any distro with lsb-release
         try:
             import lsb_release
diff -Nru salt-2015.5.2+ds/salt/loader.py salt-2015.5.3+ds/salt/loader.py
--- salt-2015.5.2+ds/salt/loader.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/loader.py	2015-07-07 20:42:37.000000000 +0000
@@ -776,14 +776,15 @@
         '''
         mod_name = function_name.split('.')[0]
         if mod_name in self.loaded_modules:
-            return '{0!r} is not available.'.format(function_name)
+            return '\'{0}\' is not available.'.format(function_name)
         else:
             if self.missing_modules.get(mod_name) is not None:
-                return '\'{0}\' __virtual__ returned False: {1}'.format(mod_name, self.missing_modules[mod_name])
-            elif self.missing_modules.get(mod_name) is None:
-                return '\'{0}\' __virtual__ returned False'.format(mod_name)
+                # Error in the __virtual__ function of an existing module
+                return '\'{0}\' __virtual__ returned False: {1}'.format(
+                    mod_name, self.missing_modules[mod_name]
+                )
             else:
-                return '\'{0}\' is not available.'.format(function_name)
+                return 'Module \'{0}\' is not available.'.format(mod_name)
 
     def refresh_file_mapping(self):
         '''
diff -Nru salt-2015.5.2+ds/salt/master.py salt-2015.5.3+ds/salt/master.py
--- salt-2015.5.2+ds/salt/master.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/master.py	2015-07-07 20:42:37.000000000 +0000
@@ -823,7 +823,7 @@
         if 'cmd' not in data:
             log.error('Received malformed command {0}'.format(data))
             return {}
-        log.info('AES payload received with command {0}'.format(data['cmd']))
+        log.trace('AES payload received with command {0}'.format(data['cmd']))
         if data['cmd'].startswith('__'):
             return False
         return self.aes_funcs.run_func(data['cmd'], data)
@@ -1893,11 +1893,17 @@
 
         check_fun = getattr(self.ckminions,
                             '{auth}_check'.format(auth=auth_type))
-        good = check_fun(
-            self.opts['external_auth'][token['eauth']][token['name']]
-            if token['name'] in self.opts['external_auth'][token['eauth']]
-            else self.opts['external_auth'][token['eauth']]['*'],
-            fun)
+        if token['name'] in self.opts['external_auth'][token['eauth']]:
+            good = check_fun(self.opts['external_auth'][token['eauth']][token['name']], fun)
+        elif any(key.endswith('%') for key in self.opts['external_auth'][token['eauth']]):
+            for group in self.opts['external_auth'][token['eauth']]:
+                if group.endswith('%'):
+                    for group in self.opts['external_auth'][token['eauth']]:
+                        good = check_fun(self.opts['external_auth'][token['eauth']][group], fun)
+                        if good:
+                            break
+        else:
+            good = check_fun(self.opts['external_auth'][token['eauth']]['*'], fun)
         if not good:
             msg = ('Authentication failure of type "token" occurred for '
                    'user {0}.').format(token['name'])
@@ -1941,13 +1947,19 @@
             log.warning(msg)
             return dict(error=dict(name='EauthAuthenticationError',
                                    message=msg))
+
         check_fun = getattr(self.ckminions,
                             '{auth}_check'.format(auth=auth_type))
-        good = check_fun(
-            self.opts['external_auth'][clear_load['eauth']][name]
-            if name in self.opts['external_auth'][clear_load['eauth']]
-            else self.opts['external_auth'][clear_load['eauth']]['*'],
-            clear_load['fun'])
+        if name in self.opts['external_auth'][clear_load['eauth']]:
+            good = check_fun(self.opts['external_auth'][clear_load['eauth']][name], clear_load['fun'])
+        elif any(key.endswith('%') for key in self.opts['external_auth'][clear_load['eauth']]):
+            for group in self.opts['external_auth'][clear_load['eauth']]:
+                if group.endswith('%'):
+                    good = check_fun(self.opts['external_auth'][clear_load['eauth']][group], clear_load['fun'])
+                    if good:
+                        break
+        else:
+            good = check_fun(self.opts['external_auth'][clear_load['eauth']]['*'], clear_load['fun'])
         if not good:
             msg = ('Authentication failure of type "eauth" occurred for '
                    'user {0}.').format(clear_load.get('username', 'UNKNOWN'))
diff -Nru salt-2015.5.2+ds/salt/minion.py salt-2015.5.3+ds/salt/minion.py
--- salt-2015.5.2+ds/salt/minion.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/minion.py	2015-07-07 20:42:37.000000000 +0000
@@ -631,9 +631,12 @@
                 if package:
                     try:
                         for master in masters:
-                            minions[master].handle_event(package)
+                            if 'minion' in minions[master]:
+                                minions[master]['minion'].handle_event(package)
                     except Exception:
-                        pass
+                        exc_type, exc_value, exc_traceback = sys.exc_info()
+                        lines = traceback.format_exception(exc_type, exc_value, exc_traceback)
+                        log.debug(lines)
                     finally:
                         package = None
 
@@ -770,7 +773,7 @@
         (possibly failed) master will then be removed from the list of masters.
         '''
         # check if master_type was altered from its default
-        if opts['master_type'] != 'str':
+        if opts['master_type'] != 'standard' and opts['__role'] != 'syndic':
             # check for a valid keyword
             if opts['master_type'] == 'func':
                 # split module and function and try loading the module
@@ -788,30 +791,30 @@
                     sys.exit(salt.defaults.exitcodes.EX_GENERIC)
                 log.info('Evaluated master from module: {0}'.format(master_mod))
 
-            # if failover is set, master has to be of type list
+            # if failover is set, the first time through, opts['master'] is a list.
             elif opts['master_type'] == 'failover':
-                if isinstance(opts['master'], list):
-                    log.info('Got list of available master addresses:'
-                             ' {0}'.format(opts['master']))
-                    if opts['master_shuffle']:
-                        shuffle(opts['master'])
-                elif isinstance(opts['master'], str):
-                    # We have a string, but a list was what was intended. Convert.
-                    # See issue 23611 for details
-                    opts['master'] = list(opts['master'])
-                elif opts['__role'] == 'syndic':
-                    log.info('Syndic setting master_syndic to \'{0}\''.format(opts['master']))
-
                 # if failed=True, the minion was previously connected
                 # we're probably called from the minions main-event-loop
                 # because a master connection loss was detected. remove
                 # the possibly failed master from the list of masters.
-                elif failed:
+                if failed:
                     log.info('Removing possibly failed master {0} from list of'
                              ' masters'.format(opts['master']))
                     # create new list of master with the possibly failed one removed
-                    opts['master'] = [x for x in opts['master_list'] if opts['master'] != x]
-
+                    opts['master_active_list'] = [x for x in opts['master_active_list'] if opts['master'] != x]
+                elif isinstance(opts['master'], list):
+                    log.info('Got list of available master addresses:'
+                             ' {0}'.format(opts['master']))
+                    opts['master_list'] = opts['master']
+                    opts['master_active_list'] = opts['master']
+                    if opts.get('master_shuffle'):
+                        shuffle(opts['master_list'])
+                elif isinstance(opts['master'], str):
+                    # We have a string, but a list was what was intended. Convert.
+                    # See issue 23611 for details
+                    opts['master'] = [opts['master']]
+                    opts['master_list'] = opts['master']
+                    opts['master_active_list'] = opts['master']
                 else:
                     msg = ('master_type set to \'failover\' but \'master\' '
                            'is not of type list but of type '
@@ -824,44 +827,56 @@
                 log.error(msg)
                 sys.exit(salt.defaults.exitcodes.EX_GENERIC)
 
-        # if we have a list of masters, loop through them and be
-        # happy with the first one that allows us to connect
-        if isinstance(opts['master'], list):
-            conn = False
-            # shuffle the masters and then loop through them
-            local_masters = copy.copy(opts['master'])
-
-            for master in local_masters:
-                opts['master'] = master
-                opts.update(resolve_dns(opts))
-                super(Minion, self).__init__(opts)
-
-                # on first run, update self.opts with the whole master list
-                # to enable a minion to re-use old masters if they get fixed
-                if 'master_list' not in self.opts:
-                    self.opts['master_list'] = local_masters
+            # if the master_active_list is empty, reset with the original list
+            # if we have a list of masters, loop through them and be
+            # happy with the first one that allows us to connect
+            # If there is no 'master_list' then this is a single-master scenario, so fall through this
+            # conditional without warning.
+            if not opts.get('master_active_list'):
+                if opts.get('master_list'):
+                    log.info('List of active masters is empty, try all masters from the top.')
+                    opts['master_active_list'] = opts['master_list']
+
+            if isinstance(opts['master_active_list'], list):
+                conn = False
+                # shuffle the masters and then loop through them
+                local_masters = opts['master_active_list']
+
+                for master in local_masters:
+                    opts['master'] = master
+                    opts.update(resolve_dns(opts))
+                    super(Minion, self).__init__(opts)
+
+                    # on first run, update self.opts with the whole master list
+                    # to enable a minion to re-use old masters if they get fixed
+                    # if 'master_list' not in self.opts:
+                    #    self.opts['master_list'] = local_masters
+                    # cro: I don't think we need this because we are getting master_list
+                    # from above.
 
-                try:
-                    if self.authenticate(timeout, safe) != 'full':
-                        conn = True
-                        break
-                except SaltClientError:
-                    msg = ('Master {0} could not be reached, trying '
-                           'next master (if any)'.format(opts['master']))
-                    log.info(msg)
-                    continue
-
-            if not conn:
-                self.connected = False
-                msg = ('No master could be reached or all masters denied '
-                       'the minions connection attempt.')
-                log.error(msg)
-            else:
-                self.connected = True
-                return opts['master']
+                    try:
+                        if self.authenticate(timeout, safe) != 'full':
+                            conn = True
+                            break
+                    except SaltClientError:
+                        msg = ('Master {0} could not be reached, trying '
+                               'next master (if any)'.format(opts['master']))
+                        log.info(msg)
+                        continue
+
+                if not conn:
+                    self.connected = False
+                    msg = ('No master could be reached or all masters denied '
+                           'the minions connection attempt.')
+                    log.error(msg)
+                else:
+                    self.connected = True
+                    return opts['master']
 
-        # single master sign in
+        # single master sign in or syndic
         else:
+            if opts['__role'] == 'syndic':
+                log.info('Syndic setting master_syndic to \'{0}\''.format(opts['master']))
             opts.update(resolve_dns(opts))
             super(Minion, self).__init__(opts)
             if self.authenticate(timeout, safe) == 'full':
@@ -1690,9 +1705,10 @@
             self._fire_master(data['data'], data['tag'], data['events'], data['pretag'])
         elif package.startswith('__master_disconnected'):
             tag, data = salt.utils.event.MinionEvent.unpack(package)
-            # if the master disconnect event is for a different master, raise an exception
+            # if the master disconnect event is for a different master, ignore
             if data['master'] != self.opts['master']:
-                raise Exception()
+                return self.opts['master']
+            #    raise Exception()
             if self.connected:
                 # we are not connected anymore
                 self.connected = False
diff -Nru salt-2015.5.2+ds/salt/modules/aliases.py salt-2015.5.3+ds/salt/modules/aliases.py
--- salt-2015.5.2+ds/salt/modules/aliases.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/aliases.py	2015-07-01 21:33:42.000000000 +0000
@@ -144,12 +144,11 @@
     if target == '':
         raise SaltInvocationError('target can not be an empty string')
     aliases = list_aliases()
-    if alias in aliases and isinstance(target, list):
-        for item in target:
-            if item not in aliases[alias]:
-                return False
+    if alias not in aliases:
+        return False
+    if isinstance(target, list):
         target = ', '.join(target)
-    return alias in aliases and target in aliases[alias]
+    return target == aliases[alias]
 
 
 def set_target(alias, target):
diff -Nru salt-2015.5.2+ds/salt/modules/aptpkg.py salt-2015.5.3+ds/salt/modules/aptpkg.py
--- salt-2015.5.2+ds/salt/modules/aptpkg.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/aptpkg.py	2015-07-07 20:42:37.000000000 +0000
@@ -50,6 +50,12 @@
     HAS_APT = False
 
 try:
+    import apt_pkg
+    HAS_APTPKG = True
+except ImportError:
+    HAS_APTPKG = False
+
+try:
     import softwareproperties.ppa
     HAS_SOFTWAREPROPERTIES = True
 except ImportError:
@@ -1117,10 +1123,19 @@
 
         salt '*' pkg.version_cmp '0.2.4-0ubuntu1' '0.2.4.1-0ubuntu1'
     '''
+    # if we have apt_pkg, this will be quickier this way
+    # and also do not rely on shell.
+    if HAS_APTPKG:
+        try:
+            return apt_pkg.version_compare(pkg1, pkg2)
+        except (TypeError, ValueError):
+            # try to use shell version in case of errors via
+            # the python binding
+            pass
     try:
         for oper, ret in (('lt', -1), ('eq', 0), ('gt', 1)):
-            cmd = 'dpkg --compare-versions {0!r} {1} ' \
-                  '{2!r}'.format(_cmd_quote(pkg1), oper, _cmd_quote(pkg2))
+            cmd = 'dpkg --compare-versions {0} {1} ' \
+                  '{2}'.format(_cmd_quote(pkg1), oper, _cmd_quote(pkg2))
             retcode = __salt__['cmd.retcode'](
                 cmd, output_loglevel='trace', ignore_retcode=True
             )
@@ -1234,13 +1249,18 @@
                                             ppa_name, dist)
         else:
             if HAS_SOFTWAREPROPERTIES:
-                if hasattr(softwareproperties.ppa, 'PPAShortcutHandler'):
-                    repo = softwareproperties.ppa.PPAShortcutHandler(repo).expand(
-                        __grains__['lsb_distrib_codename'])[0]
-                else:
-                    repo = softwareproperties.ppa.expand_ppa_line(
-                        repo,
-                        __grains__['lsb_distrib_codename'])[0]
+                try:
+                    if hasattr(softwareproperties.ppa, 'PPAShortcutHandler'):
+                        repo = softwareproperties.ppa.PPAShortcutHandler(
+                            repo).expand(dist)[0]
+                    else:
+                        repo = softwareproperties.ppa.expand_ppa_line(
+                            repo,
+                            dist)[0]
+                except NameError as name_error:
+                    raise CommandExecutionError(
+                        'Could not find ppa {0}: {1}'.format(repo, name_error)
+                    )
             else:
                 repo = LP_SRC_FORMAT.format(owner_name, ppa_name, dist)
 
diff -Nru salt-2015.5.2+ds/salt/modules/augeas_cfg.py salt-2015.5.3+ds/salt/modules/augeas_cfg.py
--- salt-2015.5.2+ds/salt/modules/augeas_cfg.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/augeas_cfg.py	2015-07-01 21:33:42.000000000 +0000
@@ -130,7 +130,8 @@
 
         try:
             if method == 'set':
-                path, value, remainder = re.split('([^\'" ]+|"[^"]+"|\'[^\']+\')$', arg, 1)
+                path, value, remainder = re.split('([^\'" ]+|"[^"]*"|\'[^\']*\')$', arg, 1)
+                path = path.rstrip()
                 if context:
                     path = os.path.join(context.rstrip('/'), path.lstrip('/'))
                 value = value.strip('"').strip("'")
diff -Nru salt-2015.5.2+ds/salt/modules/cassandra_cql.py salt-2015.5.3+ds/salt/modules/cassandra_cql.py
--- salt-2015.5.2+ds/salt/modules/cassandra_cql.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/cassandra_cql.py	2015-07-07 20:42:37.000000000 +0000
@@ -647,6 +647,7 @@
     :rtype:                dict
 
     .. code-block:: bash
+
         salt 'minion1' cassandra_cql.list_permissions
 
         salt 'minion1' cassandra_cql.list_permissions username=joe resource=test_keyspace permission=select
@@ -702,6 +703,7 @@
     :rtype:
 
     .. code-block:: bash
+
         salt 'minion1' cassandra_cql.grant_permission
 
         salt 'minion1' cassandra_cql.grant_permission username=joe resource=test_keyspace permission=select
diff -Nru salt-2015.5.2+ds/salt/modules/cmdmod.py salt-2015.5.3+ds/salt/modules/cmdmod.py
--- salt-2015.5.2+ds/salt/modules/cmdmod.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/cmdmod.py	2015-07-07 20:42:37.000000000 +0000
@@ -270,8 +270,8 @@
             # Getting the environment for the runas user
             # There must be a better way to do this.
             py_code = (
-                'import os, itertools; '
-                'print \"\\0\".join(itertools.chain(*os.environ.items()))'
+                'import sys, os, itertools; '
+                'sys.stdout.write(\"\\0\".join(itertools.chain(*os.environ.items())))'
             )
             if __grains__['os'] in ['MacOS', 'Darwin']:
                 env_cmd = ('sudo', '-i', '-u', runas, '--',
@@ -579,18 +579,18 @@
     Note that ``env`` represents the environment variables for the command, and
     should be formatted as a dict, or a YAML string which resolves to a dict.
 
-    *************************************************************************
-    WARNING: This function does not process commands through a shell
-    unless the python_shell flag is set to True. This means that any
-    shell-specific functionality such as 'echo' or the use of pipes,
-    redirection or &&, should either be migrated to cmd.shell or
-    have the python_shell=True flag set here.
-
-    The use of python_shell=True means that the shell will accept _any_ input
-    including potentially malicious commands such as 'good_command;rm -rf /'.
-    Be absolutely certain that you have sanitized your input prior to using
-    python_shell=True
-    *************************************************************************
+    .. warning::
+
+        This function does not process commands through a shell
+        unless the python_shell flag is set to True. This means that any
+        shell-specific functionality such as 'echo' or the use of pipes,
+        redirection or &&, should either be migrated to cmd.shell or
+        have the python_shell=True flag set here.
+
+        The use of python_shell=True means that the shell will accept _any_ input
+        including potentially malicious commands such as 'good_command;rm -rf /'.
+        Be absolutely certain that you have sanitized your input prior to using
+        python_shell=True
 
     CLI Example:
 
@@ -707,12 +707,12 @@
 
     .. versionadded:: 2015.5.0
 
-    ************************************************************
-    WARNING: This passes the cmd argument directly to the shell
-    without any further processing! Be absolutely sure that you
-    have properly santized the command passed to this function
-    and do not use untrusted inputs.
-    ************************************************************
+    .. warning ::
+
+        This passes the cmd argument directly to the shell
+        without any further processing! Be absolutely sure that you
+        have properly santized the command passed to this function
+        and do not use untrusted inputs.
 
     Note that ``env`` represents the environment variables for the command, and
     should be formatted as a dict, or a YAML string which resolves to a dict.
diff -Nru salt-2015.5.2+ds/salt/modules/debian_ip.py salt-2015.5.3+ds/salt/modules/debian_ip.py
--- salt-2015.5.2+ds/salt/modules/debian_ip.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/debian_ip.py	2015-07-07 20:42:37.000000000 +0000
@@ -1529,6 +1529,9 @@
     if iface_type not in _IFACE_TYPES:
         _raise_error_iface(iface, iface_type, _IFACE_TYPES)
 
+    if 'proto' not in settings:
+        settings['proto'] = 'static'
+
     if iface_type == 'slave':
         settings['slave'] = 'yes'
         if 'master' not in settings:
diff -Nru salt-2015.5.2+ds/salt/modules/dockerio.py salt-2015.5.3+ds/salt/modules/dockerio.py
--- salt-2015.5.2+ds/salt/modules/dockerio.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/dockerio.py	2015-07-07 20:42:37.000000000 +0000
@@ -563,7 +563,8 @@
                      volumes_from=None,
                      name=None,
                      cpu_shares=None,
-                     cpuset=None):
+                     cpuset=None,
+                     binds=None):
     '''
     Create a new container
 
@@ -582,10 +583,26 @@
     ports
         port redirections ``({'222': {}})``
     volumes
-        list of volume mappings::
-
-            (['/mountpoint/in/container:/guest/foo', '/same/path/mounted/point'])
+        list of volume mappings in either local volume, bound volume, or read-only
+        bound volume form::
 
+            (['/var/lib/mysql/', '/usr/local/etc/ssl:/etc/ssl', '/etc/passwd:/etc/passwd:ro'])
+    binds
+        complete dictionary of bound volume mappings::
+
+            { '/usr/local/etc/ssl/certs/internal.crt': {
+                'bind': '/etc/ssl/certs/com.example.internal.crt',
+                'ro': True
+                },
+              '/var/lib/mysql': {
+                'bind': '/var/lib/mysql/',
+                'ro': False
+                }
+            }
+
+        This dictionary is suitable for feeding directly into the Docker API, and all
+        keys are required.
+        (see http://docker-py.readthedocs.org/en/latest/volumes/)
     tty
         attach ttys, Default is ``False``
     stdin_open
@@ -604,23 +621,31 @@
         salt '*' docker.create_container o/ubuntu volumes="['/s','/m:/f']"
 
     '''
+    log.trace("modules.dockerio.create_container() called for image " + image)
     status = base_status.copy()
     client = _get_client()
+
+    # In order to permit specification of bind volumes in the volumes field,
+    #  we'll look through it for bind-style specs and move them. This is purely
+    #  for CLI convenience and backwards-compatibility, as states.dockerio
+    #  should parse volumes before this, and the binds argument duplicates this.
+    # N.B. this duplicates code in states.dockerio._parse_volumes()
+    if isinstance(volumes, list):
+        for volume in volumes:
+            if ':' in volume:
+                volspec = volume.split(':')
+                source = volspec[0]
+                target = volspec[1]
+                ro = False
+                try:
+                    if len(volspec) > 2:
+                        ro = volspec[2] == "ro"
+                except IndexError:
+                    pass
+                binds[source] = {'bind': target, 'ro': ro}
+                volumes.remove(volume)
+
     try:
-        mountpoints = {}
-        binds = {}
-        # create empty mountpoints for them to be
-        # editable
-        # either we have a list of guest or host:guest
-        if isinstance(volumes, list):
-            for mountpoint in volumes:
-                mounted = mountpoint
-                if ':' in mountpoint:
-                    parts = mountpoint.split(':')
-                    mountpoint = parts[1]
-                    mounted = parts[0]
-                mountpoints[mountpoint] = {}
-                binds[mounted] = mountpoint
         container_info = client.create_container(
             image=image,
             command=command,
@@ -633,12 +658,14 @@
             ports=ports,
             environment=environment,
             dns=dns,
-            volumes=mountpoints,
+            volumes=volumes,
             volumes_from=volumes_from,
             name=name,
             cpu_shares=cpu_shares,
-            cpuset=cpuset
+            cpuset=cpuset,
+            host_config=docker.utils.create_host_config(binds=binds)
         )
+        log.trace("docker.client.create_container returned: " + str(container_info))
         container = container_info['Id']
         callback = _valid
         comment = 'Container created'
@@ -648,8 +675,9 @@
         }
         __salt__['mine.send']('docker.get_containers', host=True)
         return callback(status, id_=container, comment=comment, out=out)
-    except Exception:
+    except Exception, e:
         _invalid(status, id_=image, out=traceback.format_exc())
+        raise e
     __salt__['mine.send']('docker.get_containers', host=True)
     return status
 
@@ -873,11 +901,9 @@
 
         salt '*' docker.start <container id>
     '''
-    if not binds:
-        binds = {}
-
-    if not isinstance(binds, dict):
-        raise SaltInvocationError('binds must be formatted as a dictionary')
+    if binds:
+        if not isinstance(binds, dict):
+            raise SaltInvocationError('binds must be formatted as a dictionary')
 
     client = _get_client()
     status = base_status.copy()
@@ -1809,7 +1835,7 @@
 def load(imagepath):
     '''
     Load the specified file at imagepath into docker that was generated from
-   a docker save command
+    a docker save command
     e.g. `docker load < imagepath`
 
     imagepath
@@ -1826,7 +1852,7 @@
     if os.path.isfile(imagepath):
         try:
             dockercmd = ['docker', 'load', '-i', imagepath]
-            ret = __salt__['cmd.run'](dockercmd)
+            ret = __salt__['cmd.run'](dockercmd, python_shell=False)
             if ((isinstance(ret, dict) and
                 ('retcode' in ret) and
                 (ret['retcode'] != 0))):
diff -Nru salt-2015.5.2+ds/salt/modules/file.py salt-2015.5.3+ds/salt/modules/file.py
--- salt-2015.5.2+ds/salt/modules/file.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/file.py	2015-07-07 20:42:37.000000000 +0000
@@ -982,13 +982,12 @@
 
         salt '*' file.uncomment /etc/hosts.deny 'ALL: PARANOID'
     '''
-    # Largely inspired by Fabric's contrib.files.uncomment()
-
-    return sed(path,
-               before=r'^([[:space:]]*){0}'.format(char),
-               after=r'\1',
-               limit=regex.lstrip('^'),
-               backup=backup)
+    pattern = '^{0}{1}'.format(char, regex.lstrip('^').rstrip('$'))
+    repl = "{0}".format(regex.lstrip('^').rstrip('$'))
+    return replace(path=path,
+                   pattern=pattern,
+                   repl=repl,
+                   backup=backup)
 
 
 def comment(path,
@@ -1026,17 +1025,11 @@
 
         salt '*' file.comment /etc/modules pcspkr
     '''
-    # Largely inspired by Fabric's contrib.files.comment()
-
-    regex = '{0}({1}){2}'.format(
-            '^' if regex.startswith('^') else '',
-            regex.lstrip('^').rstrip('$'),
-            '$' if regex.endswith('$') else '')
-
-    return sed(path,
-               before=regex,
-               after=r'{0}\1'.format(char),
-               backup=backup)
+    repl = "{0}{1}".format(char, regex.lstrip('^').rstrip('$'))
+    return replace(path=path,
+                   pattern=regex,
+                   repl=repl,
+                   backup=backup)
 
 
 def _get_flags(flags):
@@ -2765,8 +2758,61 @@
     # Copy the file to the minion and templatize it
     sfn = ''
     source_sum = {}
+    # if we have a source defined, lets figure out what the hash is
+    if source:
+        urlparsed_source = _urlparse(source)
+        if urlparsed_source.scheme == 'salt':
+            source_sum = __salt__['cp.hash_file'](source, saltenv)
+            if not source_sum:
+                return '', {}, 'Source file {0} not found'.format(source)
+        # if its a local file
+        elif urlparsed_source.scheme == 'file':
+            source_sum = get_hash(urlparsed_source.path)
+        elif source.startswith('/'):
+            source_sum = get_hash(source)
+        elif source_hash:
+            protos = ('salt', 'http', 'https', 'ftp', 'swift')
+            if _urlparse(source_hash).scheme in protos:
+                # The source_hash is a file on a server
+                hash_fn = __salt__['cp.cache_file'](source_hash, saltenv)
+                if not hash_fn:
+                    return '', {}, 'Source hash file {0} not found'.format(
+                        source_hash)
+                source_sum = extract_hash(hash_fn, '', name)
+                if source_sum is None:
+                    return '', {}, ('Source hash file {0} contains an invalid '
+                        'hash format, it must be in the format <hash type>=<hash>.'
+                        ).format(source_hash)
+
+            else:
+                # The source_hash is a hash string
+                comps = source_hash.split('=')
+                if len(comps) < 2:
+                    return '', {}, ('Source hash file {0} contains an '
+                                    'invalid hash format, it must be in '
+                                    'the format <hash type>=<hash>'
+                                    ).format(source_hash)
+                source_sum['hsum'] = comps[1].strip()
+                source_sum['hash_type'] = comps[0].strip()
+        else:
+            return '', {}, ('Unable to determine upstream hash of'
+                            ' source file {0}').format(source)
+
+    # if the file is a template we need to actually template the file to get
+    # a checksum, but we can cache the template itself, but only if there is
+    # a template source (it could be a templated contents)
     if template and source:
-        sfn = __salt__['cp.cache_file'](source, saltenv)
+        # check if we have the template cached
+        template_dest = __salt__['cp.is_cached'](source, saltenv)
+        if template_dest:
+            comps = source_hash.split('=')
+            cached_template_sum = get_hash(template_dest, form=source_sum['hash_type'])
+            if cached_template_sum == source_sum['hsum']:
+                sfn = template_dest
+        # if we didn't have the template file, lets get it
+        if not sfn:
+            sfn = __salt__['cp.cache_file'](source, saltenv)
+
         # exists doesn't play nice with sfn as bool
         # but if cache failed, sfn == False
         if not sfn or not os.path.exists(sfn):
@@ -2805,40 +2851,7 @@
         else:
             __clean_tmp(sfn)
             return sfn, {}, data['data']
-    else:
-        # Copy the file down if there is a source
-        if source:
-            if _urlparse(source).scheme == 'salt':
-                source_sum = __salt__['cp.hash_file'](source, saltenv)
-                if not source_sum:
-                    return '', {}, 'Source file {0} not found'.format(source)
-            elif source_hash:
-                protos = ['salt', 'http', 'https', 'ftp', 'swift']
-                if _urlparse(source_hash).scheme in protos:
-                    # The source_hash is a file on a server
-                    hash_fn = __salt__['cp.cache_file'](source_hash, saltenv)
-                    if not hash_fn:
-                        return '', {}, 'Source hash file {0} not found'.format(
-                            source_hash)
-                    source_sum = extract_hash(hash_fn, '', name)
-                    if source_sum is None:
-                        return '', {}, ('Source hash file {0} contains an invalid '
-                            'hash format, it must be in the format <hash type>=<hash>.'
-                            ).format(source_hash)
 
-                else:
-                    # The source_hash is a hash string
-                    comps = source_hash.split('=')
-                    if len(comps) < 2:
-                        return '', {}, ('Source hash file {0} contains an '
-                                        'invalid hash format, it must be in '
-                                        'the format <hash type>=<hash>'
-                                        ).format(source_hash)
-                    source_sum['hsum'] = comps[1].strip()
-                    source_sum['hash_type'] = comps[0].strip()
-            else:
-                return '', {}, ('Unable to determine upstream hash of'
-                                ' source file {0}').format(source)
     return sfn, source_sum, ''
 
 
@@ -3308,6 +3321,9 @@
         This file is then grabbed and if it has template set, it renders the file to be placed
         into the correct place on the system using salt.files.utils.copyfile()
 
+    ret
+        The initial state return data structure. Pass in ``None`` to use the default structure.
+
     source
         file reference on the master
 
diff -Nru salt-2015.5.2+ds/salt/modules/gpg.py salt-2015.5.3+ds/salt/modules/gpg.py
--- salt-2015.5.2+ds/salt/modules/gpg.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/gpg.py	2015-07-07 20:42:37.000000000 +0000
@@ -210,7 +210,6 @@
         salt '*' gpg.list_keys
 
     '''
-    log.debug('GPG_1_3_1 {0}'.format(GPG_1_3_1))
     _keys = []
     for _key in _list_keys(user):
         tmp = {}
@@ -590,9 +589,7 @@
     .. code-block:: bash
 
         salt '*' gpg.import_key text='-----BEGIN PGP PUBLIC KEY BLOCK-----\n ... -----END PGP PUBLIC KEY BLOCK-----'
-
         salt '*' gpg.import_key filename='/path/to/public-key-file'
-
     '''
     ret = {
            'res': True,
@@ -613,23 +610,32 @@
             raise SaltInvocationError('filename does not exist.')
 
     imported_data = gpg.import_keys(text)
-    log.debug('imported_data {0}'.format(imported_data.__dict__.keys()))
-    log.debug('imported_data {0}'.format(imported_data.counts))
 
-    if imported_data.counts:
-        if imported_data.counts['imported'] or imported_data.counts['imported_rsa']:
+    # include another check for Salt unit tests
+    gnupg_version = distutils.version.LooseVersion(gnupg.__version__)
+    if gnupg_version >= '1.3.1':
+        counts = imported_data.counts
+        if counts.get('imported') or counts.get('imported_rsa'):
             ret['message'] = 'Successfully imported key(s).'
-        elif imported_data.counts['unchanged']:
+        elif counts.get('unchanged'):
             ret['message'] = 'Key(s) already exist in keychain.'
-        elif imported_data.counts['not_imported']:
+        elif counts.get('not_imported'):
             ret['res'] = False
             ret['message'] = 'Unable to import key.'
-        elif not imported_data.counts['count']:
+        elif not counts.get('count'):
             ret['res'] = False
             ret['message'] = 'Unable to import key.'
     else:
-        ret['res'] = False
-        ret['message'] = 'Unable to import key.'
+        if imported_data.imported or imported_data.imported_rsa:
+            ret['message'] = 'Successfully imported key(s).'
+        elif imported_data.unchanged:
+            ret['message'] = 'Key(s) already exist in keychain.'
+        elif imported_data.not_imported:
+            ret['res'] = False
+            ret['message'] = 'Unable to import key.'
+        elif not imported_data.count:
+            ret['res'] = False
+            ret['message'] = 'Unable to import key.'
     return ret
 
 
@@ -749,7 +755,6 @@
         salt '*' gpg.trust_key fingerprint='53C96788253E58416D20BCD352952C84C3252192' trust_level='not_trusted'
 
         salt '*' gpg.trust_key keys=3FAD9F1E trust_level='ultimately' user='username'
-
     '''
     ret = {
            'res': True,
diff -Nru salt-2015.5.2+ds/salt/modules/ipmi.py salt-2015.5.3+ds/salt/modules/ipmi.py
--- salt-2015.5.2+ds/salt/modules/ipmi.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/ipmi.py	2015-07-07 20:42:37.000000000 +0000
@@ -279,8 +279,11 @@
         - api_port=623
         - api_kg=None
 
-    :return: A Python dict with the following keys/values:
+    return
+        A Python dict with the following keys/values:
+
         .. code-block:: python
+
             {
                 alerting:
                 per_msg_auth:
@@ -322,14 +325,17 @@
         - api_port=623
         - api_kg=None
 
-    :return:
-    session_support:
-        no_session: channel is session-less
-        single: channel is single-session
-        multi: channel is multi-session
-        auto: channel is session-based (channel could alternate between
-            single- and multi-session operation, as can occur with a
-            serial/modem channel that supports connection mode auto-detect)
+    return
+        channel session supports:
+
+        .. code-block:: none
+
+                - no_session: channel is session-less
+                - single: channel is single-session
+                - multi: channel is multi-session
+                - auto: channel is session-based (channel could alternate between
+                    single- and multi-session operation, as can occur with a
+                    serial/modem channel that supports connection mode auto-detect)
 
     CLI Examples:
 
@@ -419,19 +425,20 @@
         - api_port=623
         - api_kg=None
 
-    :return:
-        channel_info:
-            - max_user_count = maximum number of user IDs on this channel
-            - enabled_users = count of User ID slots presently in use
-            - users_with_fixed_names = count of user IDs with fixed names
-        access:
-            - callback
-            - link_auth
-            - ipmi_msg
-            - privilege_level: [reserved, callback, user, operator
-                               administrator, proprietary, no_access]
+    return
 
+        .. code-block:: none
 
+            channel_info:
+                - max_user_count = maximum number of user IDs on this channel
+                - enabled_users = count of User ID slots presently in use
+                - users_with_fixed_names = count of user IDs with fixed names
+            access:
+                - callback
+                - link_auth
+                - ipmi_msg
+                - privilege_level: [reserved, callback, user, operator
+                                   administrator, proprietary, no_access]
 
     CLI Examples:
 
@@ -597,10 +604,13 @@
 
         salt-call ipmi.get_sensor_data api_host=127.0.0.1 api_user=admin api_pass=pass
     '''
+    import ast
     with _IpmiCommand(**kwargs) as s:
         data = {}
         for reading in s.get_sensor_data():
-            data[reading['name']] = reading
+            if reading:
+                r = ast.literal_eval(repr(reading))
+                data[r.pop('name')] = r
     return data
 
 
@@ -770,16 +780,20 @@
         - api_port=623
         - api_kg=None
 
-    :return:
-        name: (str)
-        uid: (int)
-        channel: (int)
-        access:
-            - callback (bool)
-            - link_auth (bool)
-            - ipmi_msg (bool)
-            - privilege_level: (str)[callback, user, operatorm administrator,
-                                    proprietary, no_access]
+    return
+
+        .. code-block:: none
+
+            name: (str)
+            uid: (int)
+            channel: (int)
+            access:
+                - callback (bool)
+                - link_auth (bool)
+                - ipmi_msg (bool)
+                - privilege_level: (str)[callback, user, operatorm administrator,
+                                        proprietary, no_access]
+
     CLI Examples:
 
     .. code-block:: bash
diff -Nru salt-2015.5.2+ds/salt/modules/kmod.py salt-2015.5.3+ds/salt/modules/kmod.py
--- salt-2015.5.2+ds/salt/modules/kmod.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/kmod.py	2015-07-07 20:42:37.000000000 +0000
@@ -52,7 +52,7 @@
     Return location of modules config file.
     Default: /etc/modules
     '''
-    if __grains__['os'] == 'Arch':
+    if 'systemd' in __grains__:
         return '/etc/modules-load.d/salt_managed.conf'
     return '/etc/modules'
 
diff -Nru salt-2015.5.2+ds/salt/modules/lxc.py salt-2015.5.3+ds/salt/modules/lxc.py
--- salt-2015.5.2+ds/salt/modules/lxc.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/lxc.py	2015-07-07 20:42:37.000000000 +0000
@@ -293,7 +293,7 @@
         Use snapshot when cloning the container source
     vgname
         if using LVM: vgname
-    lgname
+    lvname
         if using LVM: lvname
     ip
         ip for the primary nic
@@ -1866,7 +1866,7 @@
     lvname = select('lvname')
     fstype = select('fstype')
     size = select('size', '1G')
-    if backing in ('dir', 'overlayfs', 'btrfs'):
+    if backing in ('dir', 'overlayfs', 'btrfs', 'zfs'):
         fstype = None
         size = None
     # some backends wont support some parameters
@@ -1890,7 +1890,7 @@
         cmd += ' -B {0}'.format(backing)
         if backing in ('lvm',):
             if lvname:
-                cmd += ' --lvname {0}'.format(vgname)
+                cmd += ' --lvname {0}'.format(lvname)
             if vgname:
                 cmd += ' --vgname {0}'.format(vgname)
         if backing not in ('dir', 'overlayfs'):
@@ -2137,7 +2137,14 @@
     return ret
 
 
-def _change_state(cmd, name, expected):
+def _change_state(cmd,
+                  name,
+                  expected,
+                  stdin=_marker,
+                  stdout=_marker,
+                  stderr=_marker,
+                  with_communicate=_marker,
+                  use_vt=_marker):
     pre = state(name)
     if pre == expected:
         return {'result': True,
@@ -2150,8 +2157,22 @@
         __salt__['cmd.run']('lxc-stop -k -n {0}'.format(name),
                             python_shell=False)
 
+    # certain lxc commands need to be taken with care (lxc-start)
+    # as te command itself mess with double forks; we must not
+    # communicate with it, but just wait for the exit status
+    pkwargs = {'python_shell': False,
+               'with_communicate': with_communicate,
+               'use_vt': use_vt,
+               'stdin': stdin,
+               'stdout': stdout,
+               'stderr': stderr}
+    for i in [a for a in pkwargs]:
+        val = pkwargs[i]
+        if val is _marker:
+            pkwargs.pop(i, None)
     cmd = '{0} -n {1}'.format(cmd, name)
-    error = __salt__['cmd.run_stderr'](cmd, python_shell=False)
+    error = __salt__['cmd.run_stderr'](cmd, **pkwargs)
+
     if error:
         raise CommandExecutionError(
             'Error changing state for container \'{0}\' using command '
@@ -2258,7 +2279,15 @@
         raise CommandExecutionError(
             'Container \'{0}\' is frozen, use lxc.unfreeze'.format(name)
         )
-    return _change_state('lxc-start -d', name, 'running')
+    # lxc-start daemonize itself violently, we must not communicate with it
+    use_vt = kwargs.get('use_vt', None)
+    with_communicate = kwargs.get('with_communicate', False)
+    return _change_state('lxc-start -d', name, 'running',
+                         stdout=None,
+                         stderr=None,
+                         stdin=None,
+                         with_communicate=with_communicate,
+                         use_vt=use_vt)
 
 
 def stop(name, kill=False):
diff -Nru salt-2015.5.2+ds/salt/modules/mac_user.py salt-2015.5.3+ds/salt/modules/mac_user.py
--- salt-2015.5.2+ds/salt/modules/mac_user.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/mac_user.py	2015-07-07 20:42:37.000000000 +0000
@@ -63,7 +63,7 @@
 
 def _first_avail_uid():
     uids = set(x.pw_uid for x in pwd.getpwall())
-    for idx in range(501, 2 ** 32):
+    for idx in range(501, 2 ** 24):
         if idx not in uids:
             return idx
 
diff -Nru salt-2015.5.2+ds/salt/modules/mod_random.py salt-2015.5.3+ds/salt/modules/mod_random.py
--- salt-2015.5.2+ds/salt/modules/mod_random.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/mod_random.py	2015-07-07 20:42:37.000000000 +0000
@@ -7,6 +7,7 @@
 from __future__ import absolute_import
 # Import python libs
 import hashlib
+import random
 
 # Import salt libs
 import salt.utils.pycrypto
@@ -118,3 +119,24 @@
         salt '*' random.shadow_hash 'My5alT' 'MyP@asswd' md5
     '''
     return salt.utils.pycrypto.gen_hash(crypt_salt, password, algorithm)
+
+
+def rand_int(start=1, end=10):
+    '''
+    Returns a random integer number between the start and end number.
+
+    .. versionadded: 2015.5.3
+
+    start : 1
+        Any valid integer number
+
+    end : 10
+        Any valid integer number
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' random.rand_int 1 10
+    '''
+    return random.randint(start, end)
diff -Nru salt-2015.5.2+ds/salt/modules/mount.py salt-2015.5.3+ds/salt/modules/mount.py
--- salt-2015.5.2+ds/salt/modules/mount.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/mount.py	2015-07-07 20:42:37.000000000 +0000
@@ -687,7 +687,7 @@
         opts = opts.split(',')
 
     if not os.path.exists(name) and mkmnt:
-        __salt__['file.mkdir'](name=name, user=user)
+        __salt__['file.mkdir'](name, user=user)
 
     args = ''
     if opts is not None:
diff -Nru salt-2015.5.2+ds/salt/modules/munin.py salt-2015.5.3+ds/salt/modules/munin.py
--- salt-2015.5.2+ds/salt/modules/munin.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/munin.py	2015-07-01 21:33:42.000000000 +0000
@@ -101,7 +101,10 @@
     for plugin in pluginlist:
         # Check if execute bit
         statf = os.path.join(PLUGINDIR, plugin)
-        executebit = stat.S_IXUSR & os.stat(statf)[stat.ST_MODE]
+        try:
+            executebit = stat.S_IXUSR & os.stat(statf)[stat.ST_MODE]
+        except OSError:
+            pass
         if executebit:
             ret.append(plugin)
     return ret
diff -Nru salt-2015.5.2+ds/salt/modules/nacl.py salt-2015.5.3+ds/salt/modules/nacl.py
--- salt-2015.5.2+ds/salt/modules/nacl.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/nacl.py	2015-07-01 21:33:42.000000000 +0000
@@ -1,11 +1,11 @@
 # -*- coding: utf-8 -*-
 '''
-:requires: libnacl
-https://github.com/saltstack/libnacl
-
 This module helps include encrypted passwords in pillars, grains and salt state files.
-This is often usefull if you wish to store your pillars in source control or
-share your pillar data with others that you trust. I dont advise making your pillars public
+
+:depends: libnacl, https://github.com/saltstack/libnacl
+
+This is often useful if you wish to store your pillars in source control or
+share your pillar data with others that you trust. I don't advise making your pillars public
 regardless if they are encrypted or not.
 
 When generating keys and encrypting passwords use --local when using salt-call for extra
@@ -14,20 +14,28 @@
 The nacl lib uses 32byte keys, these keys are base64 encoded to make your life more simple.
 To generate your `key` or `keyfile` you can use:
 
+.. code-block:: bash
+
     salt-call --local nacl.keygen keyfile=/root/.nacl
 
-Now with your key, you can encrypt some data
+Now with your key, you can encrypt some data:
+
+.. code-block:: bash
 
     salt-call --local nacl.enc mypass keyfile=/root/.nacl
     DRB7Q6/X5gGSRCTpZyxS6hXO5LnlJIIJ4ivbmUlbWj0llUA+uaVyvou3vJ4=
 
-To decrypt the data
+To decrypt the data:
+
+.. code-block:: bash
 
     salt-call --local nacl.dec data='DRB7Q6/X5gGSRCTpZyxS6hXO5LnlJIIJ4ivbmUlbWj0llUA+uaVyvou3vJ4=' keyfile=/root/.nacl
     mypass
 
 The following optional configurations can be defined in the
-minion or master config. Avoide storeing the config in pillars!
+minion or master config. Avoid storing the config in pillars!
+
+.. code-block:: yaml
 
     cat /etc/salt/master.d/nacl.conf
     nacl.config:
@@ -36,15 +44,21 @@
 
 When the key is defined in the master config you can use it from the nacl runner:
 
+.. code-block:: bash
+
     salt-run nacl.enc 'myotherpass'
 
 Now you can create a pillar with protected data like:
 
+.. code-block:: yaml
+
     pillarexample:
         user: root
         password: {{ salt.nacl.dec('DRB7Q6/X5gGSRCTpZyxS6hXO5LnlJIIJ4ivbmUlbWj0llUA+uaVyvou3vJ4=') }}
 
-Or do somthing interesting with grains like:
+Or do something interesting with grains like:
+
+.. code-block:: yaml
 
     salt-call nacl.enc minionname:dbrole
     AL24Z2C5OlkReer3DuQTFdrNLchLuz3NGIhGjZkLtKRYry/b/CksWM8O9yskLwH2AGVLoEXI5jAa
diff -Nru salt-2015.5.2+ds/salt/modules/network.py salt-2015.5.3+ds/salt/modules/network.py
--- salt-2015.5.2+ds/salt/modules/network.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/network.py	2015-07-07 20:42:37.000000000 +0000
@@ -80,10 +80,14 @@
 
     Return a True or False instead of ping output.
 
+    .. code-block:: bash
+
         salt '*' network.ping archlinux.org return_boolean=True
 
     Set the time to wait for a response in seconds.
 
+    .. code-block:: bash
+
         salt '*' network.ping archlinux.org timeout=3
     '''
     if timeout:
@@ -925,7 +929,9 @@
 
     .. versionadded:: 2014.7.0
 
-    CLI Example::
+    CLI Example:
+
+    .. code-block:: bash
 
         salt '*' network.is_private 10.0.0.3
     '''
@@ -938,7 +944,9 @@
 
     .. versionadded:: 2014.7.0
 
-    CLI Example::
+    CLI Example:
+
+    .. code-block:: bash
 
         salt '*' network.is_loopback 127.0.0.1
     '''
@@ -990,7 +998,9 @@
     '''
     Return network buffer sizes as a dict
 
-    CLI Example::
+    CLI Example:
+
+    .. code-block:: bash
 
         salt '*' network.getbufsize
     '''
@@ -1034,7 +1044,9 @@
     '''
     Modify network interface buffers (currently linux only)
 
-    CLI Example::
+    CLI Example:
+
+    .. code-block:: bash
 
         salt '*' network.getBuffers
     '''
@@ -1049,7 +1061,9 @@
     '''
     Return currently configured routes from routing table
 
-    CLI Example::
+    CLI Example:
+
+    .. code-block:: bash
 
         salt '*' network.routes
     '''
@@ -1078,7 +1092,9 @@
     '''
     Return default route(s) from routing table
 
-    CLI Example::
+    CLI Example:
+
+    .. code-block:: bash
 
         salt '*' network.default_route
     '''
@@ -1108,3 +1124,30 @@
                 ret.append(route)
 
     return ret
+
+
+def get_route(ip):
+    '''
+    Return routing information for given destination ip
+
+    .. versionadded:: 2015.5.3
+
+    CLI Example::
+
+        salt '*' network.get_route 10.10.10.10
+    '''
+
+    if __grains__['kernel'] == 'Linux':
+        cmd = 'ip route get {0}'.format(ip)
+        out = __salt__['cmd.run'](cmd, python_shell=True)
+        regexp = re.compile(r'(via\s+(?P<gateway>[\w\.:]+))?\s+dev\s+(?P<interface>[\w\.\:]+)\s+.*src\s+(?P<source>[\w\.:]+)')
+        m = regexp.search(out.splitlines()[0])
+        ret = {
+            'destination': ip,
+            'gateway': m.group('gateway'),
+            'interface': m.group('interface'),
+            'source': m.group('source')}
+
+        return ret
+    else:
+        raise CommandExecutionError('Not yet supported on this platform')
diff -Nru salt-2015.5.2+ds/salt/modules/npm.py salt-2015.5.3+ds/salt/modules/npm.py
--- salt-2015.5.2+ds/salt/modules/npm.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/npm.py	2015-07-01 21:33:42.000000000 +0000
@@ -119,6 +119,14 @@
     elif pkgs:
         cmd += ' "{0}"'.format('" "'.join(pkgs))
 
+    if env is None:
+        env = {}
+
+    if runas:
+        uid = salt.utils.get_uid(runas)
+        if uid:
+            env.update({'SUDO_UID': b'{0}'.format(uid), 'SUDO_USER': b''})
+
     result = __salt__['cmd.run_all'](cmd, python_shell=False, cwd=dir, runas=runas, env=env)
 
     if result['retcode'] != 0:
@@ -151,7 +159,8 @@
 
 def uninstall(pkg,
               dir=None,
-              runas=None):
+              runas=None,
+              env=None):
     '''
     Uninstall an NPM package.
 
@@ -167,6 +176,13 @@
     runas
         The user to run NPM with
 
+    env
+        Environment variables to set when invoking npm. Uses the same ``env``
+        format as the :py:func:`cmd.run <salt.modules.cmdmod.run>` execution
+        function.
+
+        .. versionadded:: 2015.5.3
+
     CLI Example:
 
     .. code-block:: bash
@@ -175,6 +191,14 @@
 
     '''
 
+    if env is None:
+        env = {}
+
+    if runas:
+        uid = salt.utils.get_uid(runas)
+        if uid:
+            env.update({'SUDO_UID': b'{0}'.format(uid), 'SUDO_USER': b''})
+
     cmd = 'npm uninstall'
 
     if dir is None:
@@ -182,7 +206,7 @@
 
     cmd += ' "{0}"'.format(pkg)
 
-    result = __salt__['cmd.run_all'](cmd, python_shell=False, cwd=dir, runas=runas)
+    result = __salt__['cmd.run_all'](cmd, python_shell=False, cwd=dir, runas=runas, env=env)
 
     if result['retcode'] != 0:
         log.error(result['stderr'])
@@ -227,6 +251,14 @@
 
     '''
 
+    if env is None:
+        env = {}
+
+    if runas:
+        uid = salt.utils.get_uid(runas)
+        if uid:
+            env.update({'SUDO_UID': b'{0}'.format(uid), 'SUDO_USER': b''})
+
     cmd = 'npm list --silent --json'
 
     if dir is None:
diff -Nru salt-2015.5.2+ds/salt/modules/pacman.py salt-2015.5.3+ds/salt/modules/pacman.py
--- salt-2015.5.2+ds/salt/modules/pacman.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/pacman.py	2015-07-07 20:42:37.000000000 +0000
@@ -126,10 +126,7 @@
     if refresh:
         options.append('-y')
 
-    cmd = (
-        'pacman {0} | egrep -v '
-        r'"^\s|^:"'
-    ).format(' '.join(options))
+    cmd = ('pacman {0}').format(' '.join(options))
 
     call = __salt__['cmd.run_all'](cmd, output_loglevel='trace')
 
@@ -145,7 +142,9 @@
     else:
         out = call['stdout']
 
-    for line in out.splitlines():
+    output = iter(out.splitlines())
+    output.next()  # Skip informational output line
+    for line in output:
         comps = line.split(' ')
         if len(comps) < 2:
             continue
diff -Nru salt-2015.5.2+ds/salt/modules/pecl.py salt-2015.5.3+ds/salt/modules/pecl.py
--- salt-2015.5.2+ds/salt/modules/pecl.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/pecl.py	2015-07-07 20:42:37.000000000 +0000
@@ -33,7 +33,7 @@
     '''
     cmdline = 'pecl {0}'.format(command)
     if salt.utils.is_true(defaults):
-        cmdline = "printf '\n' | " + cmdline
+        cmdline = 'yes ' "''" + ' | ' + cmdline
 
     ret = __salt__['cmd.run_all'](cmdline, python_shell=True)
 
diff -Nru salt-2015.5.2+ds/salt/modules/pip.py salt-2015.5.3+ds/salt/modules/pip.py
--- salt-2015.5.2+ds/salt/modules/pip.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/pip.py	2015-07-07 20:42:37.000000000 +0000
@@ -737,7 +737,9 @@
         The user under which to run pip
     no_chown
         When user is given, do not attempt to copy and chown
-        a requirements file
+        a requirements file (needed if the requirements file refers to other
+        files via relative paths, as the copy-and-chown procedure does not
+        account for such files)
     cwd
         Current working directory to run pip from
     use_vt
diff -Nru salt-2015.5.2+ds/salt/modules/puppet.py salt-2015.5.3+ds/salt/modules/puppet.py
--- salt-2015.5.2+ds/salt/modules/puppet.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/puppet.py	2015-07-07 20:42:37.000000000 +0000
@@ -225,11 +225,13 @@
 def disable(message=None):
     '''
     .. versionadded:: 2014.7.0
+
     Disable the puppet agent
 
     message
         .. versionadded:: 2015.5.2
-        disable message to send to puppet
+
+        Disable message to send to puppet
 
     CLI Example:
 
@@ -237,7 +239,6 @@
 
         salt '*' puppet.disable
         salt '*' puppet.disable 'disabled for a good reason'
-
     '''
 
     _check_puppet()
diff -Nru salt-2015.5.2+ds/salt/modules/random_org.py salt-2015.5.3+ds/salt/modules/random_org.py
--- salt-2015.5.2+ds/salt/modules/random_org.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/random_org.py	2015-07-07 20:42:37.000000000 +0000
@@ -681,10 +681,9 @@
 
     .. code-block:: bash
 
-        salt '*' get_intergers number=5 min=1 max=6
-
-        salt '*' get_intergers number=5 min=1 max=6
+        salt '*' get_integers number=5 min=1 max=6
 
+        salt '*' get_integers number=5 min=1 max=6
     '''
     ret = {'res': True}
 
diff -Nru salt-2015.5.2+ds/salt/modules/rh_service.py salt-2015.5.3+ds/salt/modules/rh_service.py
--- salt-2015.5.2+ds/salt/modules/rh_service.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/rh_service.py	2015-07-01 21:33:42.000000000 +0000
@@ -58,7 +58,7 @@
     ))
     if __grains__['os'] in enable:
         if __grains__['os'] == 'SUSE':
-            if __grains__['osrelease'].startswith('11'):
+            if str(__grains__['osrelease']).startswith('11'):
                 return __virtualname__
             else:
                 return False
diff -Nru salt-2015.5.2+ds/salt/modules/state.py salt-2015.5.3+ds/salt/modules/state.py
--- salt-2015.5.2+ds/salt/modules/state.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/state.py	2015-07-07 20:42:37.000000000 +0000
@@ -1,6 +1,13 @@
 # -*- coding: utf-8 -*-
 '''
-Control the state system on the minion
+Control the state system on the minion.
+
+State Caching
+-------------
+
+When a highstate is called, the minion automatically caches a copy of the last high data.
+If you then run a highstate with cache=True it will use that cached highdata and won't hit the fileserver
+except for ``salt://`` links in the states themselves.
 '''
 from __future__ import absolute_import
 
@@ -466,6 +473,7 @@
         salt '*' state.highstate pillar="{foo: 'Foo!', bar: 'Bar!'}"
     '''
     if _disabled(['highstate']):
+        log.debug('Salt highstate run is disabled. To re-enable, run state.enable highstate')
         ret = {
             'name': 'Salt highstate run is disabled. To re-enable, run state.enable highstate',
             'result': 'False',
@@ -612,6 +620,8 @@
         disabled = _disabled([mods])
 
     if disabled:
+        for state in disabled:
+            log.debug('Salt state {0} run is disabled. To re-enable, run state.enable {0}'.format(state))
         __context__['retcode'] = 1
         return disabled
 
diff -Nru salt-2015.5.2+ds/salt/modules/sudo.py salt-2015.5.3+ds/salt/modules/sudo.py
--- salt-2015.5.2+ds/salt/modules/sudo.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/sudo.py	2015-07-07 20:42:37.000000000 +0000
@@ -1,10 +1,41 @@
 # -*- coding: utf-8 -*-
 '''
-Allow for the calling of execution modules via sudo
+Allow for the calling of execution modules via sudo.
+
+This module is invoked by the minion if the ``sudo_user`` minion config is
+present.
+
+Example minion config:
+
+.. code-block:: yaml
+
+    sudo_user: saltdev
+
+Once this setting is made, any execution module call done by the minion will be
+run under ``sudo -u <sudo_user> salt-call``.  For example, with the above
+minion config,
+
+.. code-block:: bash
+
+    salt sudo_minion cmd.run 'cat /etc/sudoers'
+
+is equivalent to
+
+.. code-block:: bash
+
+    sudo -u saltdev salt-call cmd.run 'cat /etc/sudoers'
+
+being run on ``sudo_minion``.
 '''
 # Import python libs
 import json
+try:
+    from shlex import quote as _cmd_quote  # pylint: disable=E0611
+except ImportError:
+    from pipes import quote as _cmd_quote
+
 # Import salt libs
+from salt.exceptions import SaltInvocationError
 import salt.utils
 import salt.syspaths
 
@@ -12,7 +43,7 @@
 
 
 def __virtual__():
-    if salt.utils.which('sudo'):
+    if salt.utils.which('sudo') and __opts__.get('sudo_user'):
         return __virtualname__
     return False
 
@@ -21,23 +52,45 @@
     '''
     Wrap a shell execution out to salt call with sudo
 
-    CLI Example::
+    Example:
+
+    /etc/salt/minion
+
+    .. code-block:: yaml
+
+        sudo_user: saltdev
 
-        salt '*' sudo.salt_call root test.ping
+    .. code-block:: bash
+
+        salt '*' test.ping  # is run as saltdev user
     '''
+    if fun == 'sudo.salt_call':
+        __context__['retcode'] = 1
+        raise SaltInvocationError('sudo.salt_call is not designed to be run '
+                                  'directly, but is used by the minion when '
+                                  'the sudo_user config is set.')
+
     cmd = ['sudo',
            '-u', runas,
            'salt-call',
            '--out', 'json',
            '--metadata',
            '-c', salt.syspaths.CONFIG_DIR,
+           '--',
            fun]
     for arg in args:
-        cmd.append(arg)
+        cmd.append(_cmd_quote(arg))
     for key in kwargs:
-        cmd.append('{0}={1}'.format(key, kwargs[key]))
-    cmd_ret = __salt__['cmd.run_all'](cmd, python_shell=False)
-    cmd_meta = json.loads(cmd_ret['stdout'])['local']
-    ret = cmd_meta['return']
-    __context__['retcode'] = cmd_meta.get('retcode', 0)
+        cmd.append(_cmd_quote('{0}={1}'.format(key, kwargs[key])))
+
+    cmd_ret = __salt__['cmd.run_all'](cmd, use_vt=True, python_shell=False)
+
+    if cmd_ret['retcode'] == 0:
+        cmd_meta = json.loads(cmd_ret['stdout'])['local']
+        ret = cmd_meta['return']
+        __context__['retcode'] = cmd_meta.get('retcode', 0)
+    else:
+        ret = cmd_ret['stderr']
+        __context__['retcode'] = cmd_ret['retcode']
+
     return ret
diff -Nru salt-2015.5.2+ds/salt/modules/system_profiler.py salt-2015.5.3+ds/salt/modules/system_profiler.py
--- salt-2015.5.2+ds/salt/modules/system_profiler.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/system_profiler.py	2015-07-07 20:42:37.000000000 +0000
@@ -52,8 +52,7 @@
 def receipts():
     '''
     Return the results of a call to
-    `system_profiler -xml -detail full
-                     SPInstallHistoryDataType`
+    ``system_profiler -xml -detail full SPInstallHistoryDataType``
     as a dictionary.  Top-level keys of the dictionary
     are the names of each set of install receipts, since
     there can be multiple receipts with the same name.
@@ -93,12 +92,11 @@
 def applications():
     '''
     Return the results of a call to
-    `system_profiler -xml -detail full
-                     SPApplicationsDataType`
+    ``system_profiler -xml -detail full SPApplicationsDataType``
     as a dictionary.  Top-level keys of the dictionary
     are the names of each set of install receipts, since
     there can be multiple receipts with the same name.
-    Contents of each key are a list of dicttionaries.
+    Contents of each key are a list of dictionaries.
 
     Note that this can take a long time depending on how many
     applications are installed on the target Mac.
diff -Nru salt-2015.5.2+ds/salt/modules/tls.py salt-2015.5.3+ds/salt/modules/tls.py
--- salt-2015.5.2+ds/salt/modules/tls.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/tls.py	2015-07-01 21:33:42.000000000 +0000
@@ -4,55 +4,161 @@
 Can create a Certificate Authority (CA)
 or use Self-Signed certificates.
 
-:depends:   - PyOpenSSL Python module
-:configuration: Add the following values in ``/etc/salt/minion`` for the CA module
-    to function properly:
-
-    .. code-block:: text
+:depends:   - PyOpenSSL Python module (0.14 or later)
+:configuration: Add the following values in /etc/salt/minion for the CA module
+    to function properly::
 
         ca.cert_base_path: '/etc/pki'
-'''
 
-from __future__ import absolute_import
 
+CLI Example #1
+Creating a CA, a server request and its signed certificate:
+
+    .. code-block:: bash
+
+    # salt-call tls.create_ca my_little \
+      days=5 \
+      CN='My Little CA' \
+      C=US \
+      ST=Utah \
+      L=Salt Lake City \
+      O=Saltstack \
+      emailAddress=pleasedontemail@thisisnot.coms
+
+    Created Private Key: "/etc/pki/my_little/my_little_ca_cert.key"
+    Created CA "my_little_ca": "/etc/pki/my_little_ca/my_little_ca_cert.crt"
+
+    # salt-call tls.create_csr my_little CN=www.thisisnot.coms
+    Created Private Key: "/etc/pki/my_little/certs/www.thisisnot.coms.key
+    Created CSR for "www.thisisnot.coms": "/etc/pki/my_little/certs/www.thisisnot.coms.csr"
+
+    # salt-call tls.create_ca_signed_cert my_little CN=www.thisisnot.coms
+    Created Certificate for "www.thisisnot.coms": /etc/pki/my_little/certs/www.thisisnot.coms.crt"
+
+CLI Example #2:
+Creating a client request and its signed certificate
+
+    .. code-block:: bash
+
+    # salt-call tls.create_csr my_little CN=DBReplica_No.1 cert_type=client
+    Created Private Key: "/etc/pki/my_little/certs//DBReplica_No.1.key."
+    Created CSR for "DBReplica_No.1": "/etc/pki/my_little/certs/DBReplica_No.1.csr."
+
+    # salt-call tls.create_ca_signed_cert my_little CN=DBReplica_No.1
+    Created Certificate for "DBReplica_No.1": "/etc/pki/my_little/certs/DBReplica_No.1.crt"
+
+CLI Example #3:
+Creating both a server and client req + cert for the same CN
+
+    .. code-block:: bash
+    # salt-call tls.create_csr my_little CN=MasterDBReplica_No.2  \
+        cert_type=client
+    Created Private Key: "/etc/pki/my_little/certs/MasterDBReplica_No.2.key."
+    Created CSR for "DBReplica_No.1": "/etc/pki/my_little/certs/MasterDBReplica_No.2.csr."
+
+    # salt-call tls.create_ca_signed_cert my_little CN=MasterDBReplica_No.2
+    Created Certificate for "DBReplica_No.1": "/etc/pki/my_little/certs/DBReplica_No.1.crt"
+
+    # salt-call tls.create_csr my_little CN=MasterDBReplica_No.2 \
+        cert_type=server
+    Certificate "MasterDBReplica_No.2" already exists
+
+    (doh!)
+
+    # salt-call tls.create_csr my_little CN=MasterDBReplica_No.2 \
+        cert_type=server type_ext=True
+    Created Private Key: "/etc/pki/my_little/certs/DBReplica_No.1_client.key."
+    Created CSR for "DBReplica_No.1": "/etc/pki/my_little/certs/DBReplica_No.1_client.csr."
+
+    # salt-call tls.create_ca_signed_cert my_little CN=MasterDBReplica_No.2
+    Certificate "MasterDBReplica_No.2" already exists
+
+    (DOH!)
+
+    # salt-call tls.create_ca_signed_cert my_little CN=MasterDBReplica_No.2 \
+        cert_type=server type_ext=True
+    Created Certificate for "MasterDBReplica_No.2": "/etc/pki/my_little/certs/MasterDBReplica_No.2_server.crt"
+
+
+CLI Example #4:
+Create a server req + cert with non-CN filename for the cert
+
+    .. code-block:: bash
+
+    # salt-call tls.create_csr my_little CN=www.anothersometh.ing \
+        cert_type=server type_ext=True
+    Created Private Key: "/etc/pki/my_little/certs/www.anothersometh.ing_server.key."
+    Created CSR for "DBReplica_No.1": "/etc/pki/my_little/certs/www.anothersometh.ing_server.csr."
+
+    # salt-call tls_create_ca_signed_cert my_little CN=www.anothersometh.ing \
+        cert_type=server cert_filename="something_completely_different"
+    Created Certificate for "www.anothersometh.ing": /etc/pki/my_little/certs/something_completely_different.crt
+
+'''
+from __future__ import absolute_import
 # pylint: disable=C0103
 
 # Import python libs
 import os
 import time
+import calendar
 import logging
 import hashlib
-from salt.ext import six
+import salt.utils
+from salt._compat import string_types
 from salt.ext.six.moves import range as _range
 from datetime import datetime
+from distutils.version import LooseVersion
+
+import re
 
 HAS_SSL = False
 try:
     import OpenSSL
     HAS_SSL = True
+    OpenSSL_version = LooseVersion(OpenSSL.__dict__.get('__version__', '0.0'))
 except ImportError:
     pass
 
 # Import salt libs
-import salt.utils
 
 
 log = logging.getLogger(__name__)
 
+two_digit_year_fmt = "%y%m%d%H%M%SZ"
+four_digit_year_fmt = "%Y%m%d%H%M%SZ"
+
 
 def __virtual__():
     '''
     Only load this module if the ca config options are set
     '''
-    if HAS_SSL:
+    if HAS_SSL and OpenSSL_version >= LooseVersion('0.14'):
+        if OpenSSL_version <= LooseVersion('0.15'):
+            log.warn('You should upgrade pyOpenSSL to at least 0.15.1')
+        # never EVER reactivate this code, this has been done too many times.
+        # not having configured a cert path in the configuration does not
+        # mean that users cant use this module as we provide methods
+        # to configure it afterwards.
+        # if __opts__.get('ca.cert_base_path', None):
+        #     return True
+        # else:
+        #     log.error('tls module not loaded: ca.cert_base_path not set')
+        #     return False
         return True
-    return False, ['PyOpenSSL must be installed before this module can be used.']
+    else:
+        return False, ['PyOpenSSL version 0.14 or later'
+                       ' must be installed before '
+                       ' this module can be used.']
 
 
 def cert_base_path(cacert_path=None):
     '''
     Return the base path for certs from CLI or from options
 
+    cacert_path
+        absolute path to ca certificates root directory
+
     CLI Example:
 
     .. code-block:: bash
@@ -60,9 +166,13 @@
         salt '*' tls.cert_base_path
     '''
     if not cacert_path:
-        cacert_path = __salt__['config.option']('ca.contextual_cert_base_path')
+        cacert_path = __context__.get(
+            'ca.contextual_cert_base_path',
+            __salt__['config.option']('ca.contextual_cert_base_path'))
     if not cacert_path:
-        cacert_path = __salt__['config.option']('ca.cert_base_path')
+        cacert_path = __context__.get(
+            'ca.cert_base_path',
+            __salt__['config.option']('ca.cert_base_path'))
     return cacert_path
 
 
@@ -85,7 +195,7 @@
         salt '*' tls.set_ca_path /etc/certs
     '''
     if cacert_path:
-        __opts__['ca.contextual_cert_base_path'] = cacert_path
+        __context__['ca.contextual_cert_base_path'] = cacert_path
     return cert_base_path()
 
 
@@ -102,67 +212,95 @@
     opts_hash_type = __opts__.get('hash_type', 'md5')
     hashtype = getattr(hashlib, opts_hash_type)
     hashnum = int(
-            hashtype(
-                '{0}_{1}_{2}'.format(
-                    ca_name,
-                    CN,
-                    int(time.time()))
-                ).hexdigest(),
-            16
-            )
+        hashtype(
+            '{0}_{1}_{2}'.format(
+                ca_name,
+                CN,
+                int(calendar.timegm(time.gmtime())))
+        ).hexdigest(),
+        16
+    )
     log.debug('Hashnum: {0}'.format(hashnum))
 
     # record the hash somewhere
     cachedir = __opts__['cachedir']
     log.debug('cachedir: {0}'.format(cachedir))
     serial_file = '{0}/{1}.serial'.format(cachedir, ca_name)
-    with salt.utils.fopen(serial_file, 'a+') as ofile:
+    if not os.path.exists(cachedir):
+        os.makedirs(cachedir)
+    if not os.path.exists(serial_file):
+        fd = salt.utils.fopen(serial_file, 'w')
+    else:
+        fd = salt.utils.fopen(serial_file, 'a+')
+    with fd as ofile:
         ofile.write(str(hashnum))
 
     return hashnum
 
 
-def _write_cert_to_database(ca_name, cert, cacert_path=None):
-    '''
-    write out the index.txt database file in the appropriate directory to
-    track certificates
+def _four_digit_year_to_two_digit(datetimeObj):
+    return datetimeObj.strftime(two_digit_year_fmt)
 
-    ca_name
-        name of the CA
-    cert
-        certificate to be recorded
-    cacert_path
-        absolute path to ca certificates root directory
+
+def _get_basic_info(ca_name, cert, ca_dir=None):
     '''
-    set_ca_path(cacert_path)
-    index_file = "{0}/{1}/index.txt".format(cert_base_path(),
-                                            ca_name)
+    Get basic info to write out to the index.txt
+    '''
+    if ca_dir is None:
+        ca_dir = '{0}/{1}'.format(_cert_base_path(), ca_name)
+
+    index_file = "{0}/index.txt".format(ca_dir)
 
-    expire_date = cert.get_notAfter()
-    serial_number = cert.get_serial_number()
+    expire_date = _four_digit_year_to_two_digit(
+        datetime.strptime(
+            cert.get_notAfter(),
+            four_digit_year_fmt)
+    )
+    serial_number = format(cert.get_serial_number(), 'X')
 
-    #gotta prepend a /
+    # gotta prepend a /
     subject = '/'
 
     # then we can add the rest of the subject
     subject += '/'.join(
-            ['{0}={1}'.format(
-                x, y
-                ) for x, y in cert.get_subject().get_components()]
-            )
+        ['{0}={1}'.format(
+            x, y
+        ) for x, y in cert.get_subject().get_components()]
+    )
     subject += '\n'
 
-    index_data = 'V\t{0}\t\t{1}\tunknown\t{2}'.format(
-            expire_date,
-            serial_number,
-            subject
-            )
+    return (index_file, expire_date, serial_number, subject)
+
+
+def _write_cert_to_database(ca_name, cert, cacert_path=None, status='V'):
+    '''
+    write out the index.txt database file in the appropriate directory to
+    track certificates
+
+    ca_name
+        name of the CA
+    cert
+        certificate to be recorded
+    '''
+    set_ca_path(cacert_path)
+    ca_dir = '{0}/{1}'.format(cert_base_path(), ca_name)
+    index_file, expire_date, serial_number, subject = _get_basic_info(
+        ca_name,
+        cert,
+        ca_dir)
+
+    index_data = '{0}\t{1}\t\t{2}\tunknown\t{3}'.format(
+        status,
+        expire_date,
+        serial_number,
+        subject
+    )
 
     with salt.utils.fopen(index_file, 'a+') as ofile:
         ofile.write(index_data)
 
 
-def maybe_fix_ssl_version(ca_name, cacert_path=None):
+def maybe_fix_ssl_version(ca_name, cacert_path=None, ca_filename=None):
     '''
     Check that the X509 version is correct
     (was incorrectly set in previous salt versions).
@@ -172,6 +310,11 @@
         ca authority name
     cacert_path
         absolute path to ca certificates root directory
+    ca_filename
+        alternative filename for the CA
+
+        .. versionadded:: 2015.5.3
+
 
     CLI Example:
 
@@ -180,12 +323,16 @@
         salt '*' tls.maybe_fix_ssl_version test_ca /etc/certs
     '''
     set_ca_path(cacert_path)
-    certp = '{0}/{1}/{2}_ca_cert.crt'.format(
-        cert_base_path(),
+    if not ca_filename:
+        ca_filename = '{0}_ca_cert'.format(ca_name)
+    certp = '{0}/{1}/{2}.crt'.format(
+            cert_base_path(),
             ca_name,
-            ca_name)
-    ca_keyp = '{0}/{1}/{2}_ca_cert.key'.format(
-        cert_base_path(), ca_name, ca_name)
+            ca_filename)
+    ca_keyp = '{0}/{1}/{2}.key'.format(
+        cert_base_path(),
+        ca_name,
+        ca_filename)
     with salt.utils.fopen(certp) as fic:
         cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                                fic.read())
@@ -202,9 +349,9 @@
                 except Exception:
                     bits = 2048
                 try:
-                    days = (datetime.strptime(cert.get_notAfter(),
-                                                       '%Y%m%d%H%M%SZ') -
-                            datetime.now()).days
+                    days = (datetime.strptime(
+                        cert.get_notAfter(),
+                        '%Y%m%d%H%M%SZ') - datetime.utcnow()).days
                 except (ValueError, TypeError):
                     days = 365
                 subj = cert.get_subject()
@@ -222,7 +369,7 @@
                     fixmode=True)
 
 
-def ca_exists(ca_name, cacert_path=None):
+def ca_exists(ca_name, cacert_path=None, ca_filename=None):
     '''
     Verify whether a Certificate Authority (CA) already exists
 
@@ -230,6 +377,11 @@
         name of the CA
     cacert_path
         absolute path to ca certificates root directory
+    ca_filename
+        alternative filename for the CA
+
+        .. versionadded:: 2015.5.3
+
 
     CLI Example:
 
@@ -238,12 +390,16 @@
         salt '*' tls.ca_exists test_ca /etc/certs
     '''
     set_ca_path(cacert_path)
-    certp = '{0}/{1}/{2}_ca_cert.crt'.format(
+    if not ca_filename:
+        ca_filename = '{0}_ca_cert'.format(ca_name)
+    certp = '{0}/{1}/{2}.crt'.format(
             cert_base_path(),
             ca_name,
-            ca_name)
+            ca_filename)
     if os.path.exists(certp):
-        maybe_fix_ssl_version(ca_name)
+        maybe_fix_ssl_version(ca_name,
+                              cacert_path=cacert_path,
+                              ca_filename=ca_filename)
         return True
     return False
 
@@ -284,6 +440,122 @@
     return certp
 
 
+def get_ca_signed_cert(ca_name,
+                       CN='localhost',
+                       as_text=False,
+                       cacert_path=None,
+                       cert_filename=None):
+    '''
+    Get the certificate path or content
+
+    ca_name
+        name of the CA
+    CN
+        common name of the certificate
+    as_text
+        if true, return the certificate content instead of the path
+    cacert_path
+        absolute path to certificates root directory
+    cert_filename
+        alternative filename for the certificate, useful when using special characters in the CN
+
+        .. versionadded:: 2015.5.3
+
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' tls.get_ca_signed_cert test_ca CN=localhost as_text=False cacert_path=/etc/certs
+    '''
+    set_ca_path(cacert_path)
+    if not cert_filename:
+        cert_filename = CN
+
+    certp = '{0}/{1}/certs/{2}.crt'.format(
+            cert_base_path(),
+            ca_name,
+            cert_filename)
+    if not os.path.exists(certp):
+        raise ValueError('Certificate does not exists for {0}'.format(CN))
+    else:
+        if as_text:
+            with salt.utils.fopen(certp) as fic:
+                certp = fic.read()
+    return certp
+
+
+def get_ca_signed_key(ca_name,
+                      CN='localhost',
+                      as_text=False,
+                      cacert_path=None,
+                      key_filename=None):
+    '''
+    Get the certificate path or content
+
+    ca_name
+        name of the CA
+    CN
+        common name of the certificate
+    as_text
+        if true, return the certificate content instead of the path
+    cacert_path
+        absolute path to certificates root directory
+    key_filename
+        alternative filename for the key, useful when using special characters
+
+        .. versionadded:: 2015.5.3
+
+        in the CN
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' tls.get_ca_signed_key \
+                test_ca CN=localhost \
+                as_text=False \
+                cacert_path=/etc/certs
+    '''
+    set_ca_path(cacert_path)
+    if not key_filename:
+        key_filename = CN
+
+    keyp = '{0}/{1}/certs/{2}.key'.format(
+        cert_base_path(),
+        ca_name,
+        key_filename)
+    if not os.path.exists(keyp):
+        raise ValueError('Certificate does not exists for {0}'.format(CN))
+    else:
+        if as_text:
+            with salt.utils.fopen(keyp) as fic:
+                keyp = fic.read()
+    return keyp
+
+
+def _check_onlyif_unless(onlyif, unless):
+    ret = None
+    retcode = __salt__['cmd.retcode']
+    if onlyif is not None:
+        if not isinstance(onlyif, string_types):
+            if not onlyif:
+                ret = {'comment': 'onlyif execution failed', 'result': True}
+        elif isinstance(onlyif, string_types):
+            if retcode(onlyif) != 0:
+                ret = {'comment': 'onlyif execution failed', 'result': True}
+                log.debug('onlyif execution failed')
+    if unless is not None:
+        if not isinstance(unless, string_types):
+            if unless:
+                ret = {'comment': 'unless execution succeeded', 'result': True}
+        elif isinstance(unless, string_types):
+            if retcode(unless) == 0:
+                ret = {'comment': 'unless execution succeeded', 'result': True}
+                log.debug('unless execution succeeded')
+    return ret
+
+
 def create_ca(ca_name,
               bits=2048,
               days=365,
@@ -296,7 +568,10 @@
               emailAddress='xyz@pdq.net',
               fixmode=False,
               cacert_path=None,
+              ca_filename=None,
               digest='sha256',
+              onlyif=None,
+              unless=None,
               replace=False):
     '''
     Create a Certificate Authority (CA)
@@ -304,25 +579,30 @@
     ca_name
         name of the CA
     bits
-        number of RSA key bits, Default is ``2048``
+        number of RSA key bits, default is 2048
     days
-        number of days the CA will be valid, Default is ``365``
+        number of days the CA will be valid, default is 365
     CN
-        common name in the request, Default is ``localhost``
+        common name in the request, default is "localhost"
     C
-        country, Default is ``US``
+        country, default is "US"
     ST
-        state, Default is ``Utah``
+        state, default is "Utah"
     L
-        locality, Default is ``Salt Lake City``
+        locality, default is "Centerville", the city where SaltStack originated
     O
-        organization, Default is ``SaltStack``
+        organization, default is "SaltStack"
     OU
-        organizational unit, Default is ``None``
+        organizational unit, default is None
     emailAddress
-        email address for the CA owner, Default is ``xyz@pdq.net``
+        email address for the CA owner, default is 'xyz@pdq.net'
     cacert_path
         absolute path to ca certificates root directory
+    ca_filename
+        alternative filename for the CA
+
+        .. versionadded:: 2015.5.3
+
     digest
         The message digest algorithm. Must be a string describing a digest
         algorithm supported by OpenSSL (by EVP_get_digestbyname, specifically).
@@ -336,16 +616,13 @@
     already exists, the function just returns assuming the CA certificate
     already exists.
 
-    If the following values were set:
-
-    .. code-block:: bash
+    If the following values were set::
 
         ca.cert_base_path='/etc/pki'
         ca_name='koji'
 
-    the resulting CA, and corresponding key, would be written in the following location:
-
-    .. code-block:: text
+    the resulting CA, and corresponding key, would be written in the following
+    location::
 
         /etc/pki/koji/koji_ca_cert.crt
         /etc/pki/koji/koji_ca_cert.key
@@ -356,15 +633,21 @@
 
         salt '*' tls.create_ca test_ca
     '''
+    status = _check_onlyif_unless(onlyif, unless)
+    if status is not None:
+        return None
+
     set_ca_path(cacert_path)
-    certp = '{0}/{1}/{2}_ca_cert.crt'.format(
-        cert_base_path(), ca_name, ca_name)
-    ca_keyp = '{0}/{1}/{2}_ca_cert.key'.format(
-        cert_base_path(), ca_name, ca_name)
-    if not replace and not fixmode and ca_exists(ca_name):
-        return (
-            'Certificate for CA named "{0}" '
-            'already exists').format(ca_name)
+
+    if not ca_filename:
+        ca_filename = '{0}_ca_cert'.format(ca_name)
+
+    certp = '{0}/{1}/{2}.crt'.format(
+        cert_base_path(), ca_name, ca_filename)
+    ca_keyp = '{0}/{1}/{2}.key'.format(
+        cert_base_path(), ca_name, ca_filename)
+    if not replace and not fixmode and ca_exists(ca_name, ca_filename=ca_filename):
+        return 'Certificate for CA named "{0}" already exists'.format(ca_name)
 
     if fixmode and not os.path.exists(certp):
         raise ValueError('{0} does not exists, can\'t fix'.format(certp))
@@ -424,7 +707,7 @@
                                                 key)
     write_key = True
     if os.path.exists(ca_keyp):
-        bck = "{0}.{1}".format(ca_keyp, datetime.now().strftime(
+        bck = "{0}.{1}".format(ca_keyp, datetime.utcnow().strftime(
             "%Y%m%d%H%M%S"))
         with salt.utils.fopen(ca_keyp) as fic:
             old_key = fic.read().strip()
@@ -445,14 +728,100 @@
 
     _write_cert_to_database(ca_name, ca)
 
-    ret = ('Created Private Key: "{0}/{1}/{1}_ca_cert.key." ').format(
-        cert_base_path(), ca_name)
-    ret += ('Created CA "{0}": "{1}/{0}/{0}_ca_cert.crt."').format(
-        ca_name, cert_base_path())
+    ret = ('Created Private Key: "{0}/{1}/{2}.key." ').format(
+        cert_base_path(), ca_name, ca_filename)
+    ret += ('Created CA "{0}": "{1}/{2}/{3}.crt."').format(
+        ca_name, cert_base_path(), ca_name, ca_filename)
 
     return ret
 
 
+def get_extensions(cert_type):
+    '''
+    Fetch X509 and CSR extension definitions from tls:extensions:
+    (common|server|client) or set them to standard defaults.
+
+    .. versionadded:: Beryllium
+
+    cert_type:
+        The type of certificate such as ``server`` or ``client``.
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' tls.get_extensions client
+
+    '''
+
+    ext = {}
+    if cert_type == '':
+        log.error('cert_type set to empty in tls_ca.get_extensions(); '
+                  'defaulting to ``server``')
+        cert_type = 'server'
+
+    try:
+        ext['common'] = __salt__['pillar.get']('tls.extensions:common', False)
+    except NameError as err:
+        log.debug(err)
+
+    if not ext['common'] or ext['common'] == '':
+        ext['common'] = {
+            'csr': {
+                'basicConstraints': 'CA:FALSE',
+            },
+            'cert': {
+                'authorityKeyIdentifier': 'keyid,issuer:always',
+                'subjectKeyIdentifier': 'hash',
+            },
+        }
+
+    try:
+        ext['server'] = __salt__['pillar.get']('tls.extensions:server', False)
+    except NameError as err:
+        log.debug(err)
+
+    if not ext['server'] or ext['server'] == '':
+        ext['server'] = {
+            'csr': {
+                'extendedKeyUsage': 'serverAuth',
+                'keyUsage': 'digitalSignature, keyEncipherment',
+            },
+            'cert': {},
+        }
+
+    try:
+        ext['client'] = __salt__['pillar.get']('tls.extensions:client', False)
+    except NameError as err:
+        log.debug(err)
+
+    if not ext['client'] or ext['client'] == '':
+        ext['client'] = {
+            'csr': {
+                'extendedKeyUsage': 'clientAuth',
+                'keyUsage': 'nonRepudiation, digitalSignature, keyEncipherment',
+            },
+            'cert': {},
+        }
+
+    # possible user-defined profile or a typo
+    if cert_type not in ext:
+        try:
+            ext[cert_type] = __salt__['pillar.get'](
+                'tls.extensions:{0}'.format(cert_type))
+        except NameError as e:
+            log.debug(
+                'pillar, tls:extensions:{0} not available or '
+                'not operating in a salt context\n{1}'.format(cert_type, e))
+
+    retval = ext['common']
+
+    for Use in retval:
+        retval[Use].update(ext[cert_type][Use])
+
+    return retval
+
+
 def create_csr(ca_name,
                bits=2048,
                CN='localhost',
@@ -464,7 +833,12 @@
                emailAddress='xyz@pdq.net',
                subjectAltName=None,
                cacert_path=None,
+               ca_filename=None,
+               csr_path=None,
+               csr_filename=None,
                digest='sha256',
+               type_ext=False,
+               cert_type='server',
                replace=False):
     '''
     Create a Certificate Signing Request (CSR) for a
@@ -473,30 +847,68 @@
     ca_name
         name of the CA
     bits
-        number of RSA key bits, Default is ``2048``
+        number of RSA key bits, default is 2048
     CN
-        common name in the request, Default is ``localhost``
+        common name in the request, default is "localhost"
     C
-        country, Default is ``US``
+        country, default is "US"
     ST
-        state, Default is ``Utah``
+        state, default is "Utah"
     L
-        locality, Default is ``Salt Lake City``
+        locality, default is "Centerville", the city where SaltStack originated
     O
-        organization. Must the same as CA certificate or an error will be raised, Default is ``SaltStack``
+        organization, default is "SaltStack"
+        NOTE: Must the same as CA certificate or an error will be raised
     OU
-        organizational unit, Default is ``None``
+        organizational unit, default is None
     emailAddress
-        email address for the request, Default is ``xyz@pdq.net``
+        email address for the request, default is 'xyz@pdq.net'
     subjectAltName
         valid subjectAltNames in full form, e.g. to add DNS entry you would call
-        this function with this value:  **['DNS:myapp.foo.comm']**
-    cacert_path
-        absolute path to ca certificates root directory
-    digest
-        The message digest algorithm. Must be a string describing a digest
-        algorithm supported by OpenSSL (by EVP_get_digestbyname, specifically).
-        For example, "md5" or "sha1". Default: 'sha256'
+        this function with this value:
+
+        examples: ['DNS:somednsname.com',
+                'DNS:1.2.3.4',
+                'IP:1.2.3.4',
+                'IP:2001:4801:7821:77:be76:4eff:fe11:e51',
+                'email:me@i.like.pie.com']
+
+    .. note::
+        some libraries do not properly query IP: prefixes, instead looking
+        for the given req. source with a DNS: prefix. To be thorough, you
+        may want to include both DNS: and IP: entries if you are using
+        subjectAltNames for destinations for your TLS connections.
+            e.g.:
+                requests to https://1.2.3.4 will fail from python's
+                requests library w/out the second entry in the above list
+
+    .. versionadded:: Beryllium
+
+    cert_type
+        Specify the general certificate type. Can be either `server` or
+        `client`. Indicates the set of common extensions added to the CSR.
+
+        server: {
+           'basicConstraints': 'CA:FALSE',
+           'extendedKeyUsage': 'serverAuth',
+           'keyUsage': 'digitalSignature, keyEncipherment'
+        }
+
+        client: {
+           'basicConstraints': 'CA:FALSE',
+           'extendedKeyUsage': 'clientAuth',
+           'keyUsage': 'nonRepudiation, digitalSignature, keyEncipherment'
+        }
+
+    type_ext
+        boolean.  Whether or not to extend the filename with CN_[cert_type]
+        This can be useful if a server and client certificate are needed for
+        the same CN. Defaults to False to avoid introducing an unexpected file
+        naming pattern
+
+        The files normally named some_subject_CN.csr and some_subject_CN.key
+        will then be saved
+
     replace
         Replace this signing request even if it exists
 
@@ -505,18 +917,14 @@
     Writes out a Certificate Signing Request (CSR) If the file already
     exists, the function just returns assuming the CSR already exists.
 
-    If the following values were set:
-
-    .. code-block:: bash
+    If the following values were set::
 
         ca.cert_base_path='/etc/pki'
         ca_name='koji'
         CN='test.egavas.org'
 
     the resulting CSR, and corresponding key, would be written in the
-    following location:
-
-    .. code-block:: text
+    following location::
 
         /etc/pki/koji/certs/test.egavas.org.csr
         /etc/pki/koji/certs/test.egavas.org.key
@@ -529,19 +937,26 @@
     '''
     set_ca_path(cacert_path)
 
-    if not ca_exists(ca_name):
+    if not ca_filename:
+        ca_filename = '{0}_ca_cert'.format(ca_name)
+
+    if not ca_exists(ca_name, ca_filename=ca_filename):
         return ('Certificate for CA named "{0}" does not exist, please create '
                 'it first.').format(ca_name)
 
-    if not os.path.exists('{0}/{1}/certs/'.format(
-        cert_base_path(),
-        ca_name)
-    ):
-        os.makedirs("{0}/{1}/certs/".format(cert_base_path(),
-                                            ca_name))
+    if not csr_path:
+        csr_path = '{0}/{1}/certs/'.format(cert_base_path(), ca_name)
+
+    if not os.path.exists(csr_path):
+        os.makedirs(csr_path)
+
+    CN_ext = '_{0}'.format(cert_type) if type_ext else ''
+
+    if not csr_filename:
+        csr_filename = '{0}{1}'.format(CN, CN_ext)
+
+    csr_f = '{0}/{1}.csr'.format(csr_path, csr_filename)
 
-    csr_f = '{0}/{1}/certs/{2}.csr'.format(cert_base_path(),
-                                           ca_name, CN)
     if not replace and os.path.exists(csr_f):
         return 'Certificate Request "{0}" already exists'.format(csr_f)
 
@@ -559,40 +974,48 @@
     req.get_subject().CN = CN
     req.get_subject().emailAddress = emailAddress
 
+    extensions = get_extensions(cert_type)['csr']
+    extension_adds = []
+
+    for ext, value in extensions.items():
+        extension_adds.append(OpenSSL.crypto.X509Extension(ext, False, value))
+
     if subjectAltName:
-        req.add_extensions([
+        if isinstance(subjectAltName, str):
+            subjectAltName = [subjectAltName]
+
+        extension_adds.append(
             OpenSSL.crypto.X509Extension(
-                'subjectAltName', False, ", ".join(subjectAltName))])
+                'subjectAltName', False, ", ".join(subjectAltName)))
+
+    req.add_extensions(extension_adds)
     req.set_pubkey(key)
     req.sign(key, digest)
 
     # Write private key and request
-    with salt.utils.fopen('{0}/{1}/certs/{2}.key'.format(
-                                    cert_base_path(),
-                                    ca_name, CN), 'w+') as priv_key:
+    with salt.utils.fopen('{0}/{1}.key'.format(csr_path,
+                                               csr_filename), 'w+') as priv_key:
         priv_key.write(
-                OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, key)
-                )
+            OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, key)
+        )
 
     with salt.utils.fopen(csr_f, 'w+') as csr:
         csr.write(
-                OpenSSL.crypto.dump_certificate_request(
-                    OpenSSL.crypto.FILETYPE_PEM,
-                    req
-                    )
-                )
+            OpenSSL.crypto.dump_certificate_request(
+                OpenSSL.crypto.FILETYPE_PEM,
+                req
+            )
+        )
 
-    ret = 'Created Private Key: "{0}/{1}/certs/{2}.key." '.format(
-                    cert_base_path(),
-                    ca_name,
-                    CN
-                    )
-    ret += 'Created CSR for "{0}": "{1}/{2}/certs/{3}.csr."'.format(
-                    ca_name,
-                    cert_base_path(),
-                    ca_name,
-                    CN
-                    )
+    ret = 'Created Private Key: "{0}{1}.key." '.format(
+        csr_path,
+        csr_filename
+    )
+    ret += 'Created CSR for "{0}": "{1}{2}.csr."'.format(
+        CN,
+        csr_path,
+        csr_filename
+    )
 
     return ret
 
@@ -608,31 +1031,31 @@
                             OU=None,
                             emailAddress='xyz@pdq.net',
                             cacert_path=None,
+                            cert_filename=None,
                             digest='sha256',
                             replace=False):
     '''
     Create a Self-Signed Certificate (CERT)
 
     tls_dir
-        location appended to the ca.cert_base_path, Default is ``tls``
+        location appended to the ca.cert_base_path, default is 'tls'
     bits
-        number of RSA key bits, Default is ``2048``
-    days
-        validity of certificate, Default is ``365``
+        number of RSA key bits, default is 2048
     CN
-        common name in the request, Default is ``localhost``
+        common name in the request, default is "localhost"
     C
-        country, Default is ``US``
+        country, default is "US"
     ST
-        state, Default is ``Utah``
+        state, default is "Utah"
     L
-        locality, Default is ``Salt Lake City``
+        locality, default is "Centerville", the city where SaltStack originated
     O
-        organization. Must the same as CA certificate or an error will be raised, Default is ``SaltStack``
+        organization, default is "SaltStack"
+        NOTE: Must the same as CA certificate or an error will be raised
     OU
-        organizational unit, Default is ``None``
+        organizational unit, default is None
     emailAddress
-        email address for the request, Default is ``xyz@pdq.net``
+        email address for the request, default is 'xyz@pdq.net'
     cacert_path
         absolute path to ca certificates root directory
     digest
@@ -647,27 +1070,28 @@
     Writes out a Self-Signed Certificate (CERT). If the file already
     exists, the function just returns.
 
-    If the following values were set:
-
-    .. code-block:: bash
+    If the following values were set::
 
         ca.cert_base_path='/etc/pki'
         tls_dir='koji'
         CN='test.egavas.org'
 
     the resulting CERT, and corresponding key, would be written in the
-    following location:
-
-    .. code-block:: text
+    following location::
 
         /etc/pki/koji/certs/test.egavas.org.crt
         /etc/pki/koji/certs/test.egavas.org.key
 
-    CLI Examples:
+    CLI Example:
 
     .. code-block:: bash
 
         salt '*' tls.create_self_signed_cert
+
+    Passing options from the command line:
+
+    .. code-block:: bash
+
         salt 'minion' tls.create_self_signed_cert CN='test.mysite.org'
     '''
     set_ca_path(cacert_path)
@@ -676,11 +1100,14 @@
         os.makedirs("{0}/{1}/certs/".format(cert_base_path(),
                                             tls_dir))
 
+    if not cert_filename:
+        cert_filename = CN
+
     if not replace and os.path.exists(
             '{0}/{1}/certs/{2}.crt'.format(cert_base_path(),
-                                           tls_dir, CN)
-            ):
-        return 'Certificate "{0}" already exists'.format(CN)
+                                           tls_dir, cert_filename)
+    ):
+        return 'Certificate "{0}" already exists'.format(cert_filename)
 
     key = OpenSSL.crypto.PKey()
     key.generate_key(OpenSSL.crypto.TYPE_RSA, bits)
@@ -708,37 +1135,37 @@
 
     # Write private key and cert
     with salt.utils.fopen(
-                '{0}/{1}/certs/{2}.key'.format(cert_base_path(),
-                                               tls_dir, CN),
-                'w+'
-                ) as priv_key:
+        '{0}/{1}/certs/{2}.key'.format(cert_base_path(),
+                                       tls_dir, cert_filename),
+        'w+'
+    ) as priv_key:
         priv_key.write(
-                OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, key)
-                )
+            OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, key)
+        )
 
     with salt.utils.fopen('{0}/{1}/certs/{2}.crt'.format(cert_base_path(),
                                                          tls_dir,
-                                                         CN
+                                                         cert_filename
                                                          ), 'w+') as crt:
         crt.write(
-                OpenSSL.crypto.dump_certificate(
-                    OpenSSL.crypto.FILETYPE_PEM,
-                    cert
-                    )
-                )
+            OpenSSL.crypto.dump_certificate(
+                OpenSSL.crypto.FILETYPE_PEM,
+                cert
+            )
+        )
 
     _write_cert_to_database(tls_dir, cert)
 
     ret = 'Created Private Key: "{0}/{1}/certs/{2}.key." '.format(
-                    cert_base_path(),
-                    tls_dir,
-                    CN
-                    )
+        cert_base_path(),
+        tls_dir,
+        cert_filename
+    )
     ret += 'Created Certificate: "{0}/{1}/certs/{2}.crt."'.format(
-                    cert_base_path(),
-                    tls_dir,
-                    CN
-                    )
+        cert_base_path(),
+        tls_dir,
+        cert_filename
+    )
 
     return ret
 
@@ -747,9 +1174,13 @@
                           CN,
                           days=365,
                           cacert_path=None,
+                          ca_filename=None,
+                          cert_path=None,
+                          cert_filename=None,
                           digest='sha256',
-                          replace=False,
-                          **extensions):
+                          cert_type=None,
+                          type_ext=False,
+                          replace=False):
     '''
     Create a Certificate (CERT) signed by a named Certificate Authority (CA)
 
@@ -764,9 +1195,29 @@
     CN
         common name matching the certificate signing request
     days
-        number of days certificate is valid, Default is ``365`` (1 year)
+        number of days certificate is valid, default is 365 (1 year)
+
     cacert_path
         absolute path to ca certificates root directory
+
+    ca_filename
+        alternative filename for the CA
+
+        .. versionadded:: 2015.5.3
+
+
+    cert_path
+        full path to the certificates directory
+
+    cert_filename
+        alternative filename for the certificate, useful when using special
+        characters in the CN. If this option is set it will override
+        the certificate filename output effects of ``cert_type``.
+        ``type_ext`` will be completely overridden.
+
+        .. versionadded:: 2015.5.3
+
+
     digest
         The message digest algorithm. Must be a string describing a digest
         algorithm supported by OpenSSL (by EVP_get_digestbyname, specifically).
@@ -776,25 +1227,39 @@
 
         .. versionadded:: 2015.5.1
 
-    extensions
-        X509 V3 certificate extension
+    cert_type
+        string. Either 'server' or 'client' (see create_csr() for details).
 
-    Writes out a Certificate (CERT). If the file already
-    exists, the function just returns assuming the CERT already exists.
+        If create_csr(type_ext=True) this function **must** be called with the
+        same cert_type so it can find the CSR file.
 
-    The CN *must* match an existing CSR generated by create_csr. If it
-    does not, this method does nothing.
+    .. note::
+        create_csr() defaults to cert_type='server'; therefore, if it was also
+        called with type_ext, cert_type becomes a required argument for
+        create_ca_signed_cert()
+
+    type_ext
+        bool. If set True, use ``cert_type`` as an extension to the CN when
+        formatting the filename.
+
+        e.g.: some_subject_CN_server.crt or some_subject_CN_client.crt
+
+        This facilitates the context where both types are required for the same
+        subject
+
+        If ``cert_filename`` is `not None`, setting ``type_ext`` has no
+        effect
 
     If the following values were set:
 
-    .. code-block:: bash
+    .. code-block:: text
 
         ca.cert_base_path='/etc/pki'
         ca_name='koji'
         CN='test.egavas.org'
 
-    the resulting signed certificate would be written in the
-    following location:
+    the resulting signed certificate would be written in the following
+    location:
 
     .. code-block:: text
 
@@ -806,100 +1271,136 @@
 
         salt '*' tls.create_ca_signed_cert test localhost
     '''
+    ret = {}
+
     set_ca_path(cacert_path)
 
-    crt_f = '{0}/{1}/certs/{2}.crt'.format(cert_base_path(),
-                                           ca_name, CN)
-    if not replace and os.path.exists(crt_f):
-        return 'Certificate "{0}" already exists'.format(CN)
+    if not ca_filename:
+        ca_filename = '{0}_ca_cert'.format(ca_name)
+
+    if not cert_path:
+        cert_path = '{0}/{1}/certs'.format(cert_base_path(), ca_name)
+
+    if type_ext:
+        if not cert_type:
+            log.error('type_ext = True but cert_type is unset. '
+                      'Certificate not written.')
+            return ret
+        elif cert_type:
+            CN_ext = '_{0}'.format(cert_type)
+    else:
+        CN_ext = ''
+
+    csr_filename = '{0}{1}'.format(CN, CN_ext)
+
+    if not cert_filename:
+        cert_filename = '{0}{1}'.format(CN, CN_ext)
+
+    if not replace and os.path.exists(
+            os.path.join(
+                os.path.sep.join('{0}/{1}/certs/{2}.crt'.format(
+                    cert_base_path(),
+                    ca_name,
+                    cert_filename).split('/')
+                )
+            )
+    ):
+        return 'Certificate "{0}" already exists'.format(cert_filename)
 
     try:
-        maybe_fix_ssl_version(ca_name)
-        with salt.utils.fopen('{0}/{1}/{2}_ca_cert.crt'.format(cert_base_path(),
-                                                               ca_name,
-                                                               ca_name)) as fhr:
+        maybe_fix_ssl_version(ca_name,
+                              cacert_path=cacert_path,
+                              ca_filename=ca_filename)
+        with salt.utils.fopen('{0}/{1}/{2}.crt'.format(cert_base_path(),
+                                                       ca_name,
+                                                       ca_filename)) as fhr:
             ca_cert = OpenSSL.crypto.load_certificate(
-                    OpenSSL.crypto.FILETYPE_PEM, fhr.read()
-                )
-        with salt.utils.fopen('{0}/{1}/{2}_ca_cert.key'.format(cert_base_path(),
-                                                               ca_name,
-                                                               ca_name)) as fhr:
+                OpenSSL.crypto.FILETYPE_PEM, fhr.read()
+            )
+        with salt.utils.fopen('{0}/{1}/{2}.key'.format(cert_base_path(),
+                                                       ca_name,
+                                                       ca_filename)) as fhr:
             ca_key = OpenSSL.crypto.load_privatekey(
-                    OpenSSL.crypto.FILETYPE_PEM,
-                    fhr.read()
-                )
+                OpenSSL.crypto.FILETYPE_PEM,
+                fhr.read()
+            )
     except IOError:
-        return 'There is no CA named "{0}"'.format(ca_name)
+        ret['retcode'] = 1
+        ret['comment'] = 'There is no CA named "{0}"'.format(ca_name)
+        return ret
 
     try:
-        with salt.utils.fopen('{0}/{1}/certs/{2}.csr'.format(cert_base_path(),
-                                                             ca_name,
-                                                             CN)) as fhr:
+        csr_path = '{0}/{1}.csr'.format(cert_path, csr_filename)
+        with salt.utils.fopen(csr_path) as fhr:
             req = OpenSSL.crypto.load_certificate_request(
-                    OpenSSL.crypto.FILETYPE_PEM,
-                    fhr.read()
-                    )
+                OpenSSL.crypto.FILETYPE_PEM,
+                fhr.read())
     except IOError:
-        return 'There is no CSR that matches the CN "{0}"'.format(CN)
+        ret['retcode'] = 1
+        ret['comment'] = 'There is no CSR that matches the CN "{0}"'.format(
+            cert_filename)
+        return ret
 
     exts = []
     try:
-        # see: http://bazaar.launchpad.net/~exarkun/pyopenssl/master/revision/189
-        # support is there from quite a long time, but without API
-        # so we mimic the newly get_extensions method present in ultra
-        # recent pyopenssl distros
-        native_exts_obj = OpenSSL._util.lib.X509_REQ_get_extensions(req._req)
-        for i in _range(OpenSSL._util.lib.sk_X509_EXTENSION_num(native_exts_obj)):
-            ext = OpenSSL.crypto.X509Extension.__new__(OpenSSL.crypto.X509Extension)
-            ext._extension = OpenSSL._util.lib.sk_X509_EXTENSION_value(native_exts_obj, i)
-            exts.append(ext)
-    except Exception:
-        log.error('Support for extensions is not available, upgrade PyOpenSSL')
+        exts.extend(req.get_extensions())
+        log.debug('req.get_extensions() supported in pyOpenSSL {0}'.format(
+            OpenSSL.__dict__.get('__version__', '')))
+    except AttributeError:
+        try:
+            # see: http://bazaar.launchpad.net/~exarkun/pyopenssl/master/revision/189
+            # support is there from quite a long time, but without API
+            # so we mimic the newly get_extensions method present in ultra
+            # recent pyopenssl distros
+            log.info('req.get_extensions() not supported in pyOpenSSL versions '
+                     'prior to 0.15. Switching to Dark Magic(tm) '
+                     ' Your version: {0}'.format(
+                         OpenSSL.__dict__.get('__version__', 'pre-2014')))
+
+            native_exts_obj = OpenSSL._util.lib.X509_REQ_get_extensions(
+                req._req)
+            for i in _range(OpenSSL._util.lib.sk_X509_EXTENSION_num(
+                    native_exts_obj)):
+                ext = OpenSSL.crypto.X509Extension.__new__(
+                    OpenSSL.crypto.X509Extension)
+                ext._extension = OpenSSL._util.lib.sk_X509_EXTENSION_value(
+                    native_exts_obj,
+                    i)
+                exts.append(ext)
+        except Exception:
+            log.error('X509 extensions are unsupported in pyOpenSSL '
+                      'versions prior to 0.14. Upgrade required. Current '
+                      'version: {0}'.format(
+                          OpenSSL.__dict__.get('__version__', 'pre-2014'))
+                      )
 
     cert = OpenSSL.crypto.X509()
     cert.set_version(2)
     cert.set_subject(req.get_subject())
     cert.gmtime_adj_notBefore(0)
     cert.gmtime_adj_notAfter(int(days) * 24 * 60 * 60)
-    if exts:
-        cert.add_extensions(exts)
     cert.set_serial_number(_new_serial(ca_name, CN))
     cert.set_issuer(ca_cert.get_subject())
     cert.set_pubkey(req.get_pubkey())
-    extensions_list = []
-    for name, edata in six.iteritems(extensions):
-        if not isinstance(edata, dict):
-            continue
-        for opt in ['critical', 'options']:
-            if opt not in edata:
-                break
-        else:
-            extensions_list.append(OpenSSL.crypto.X509Extension(
-                                   name,
-                                   edata['critical'],
-                                   edata['options']))
-    cert.add_extensions(extensions_list)
+
+    cert.add_extensions(exts)
+
     cert.sign(ca_key, digest)
 
-    with salt.utils.fopen('{0}/{1}/certs/{2}.crt'.format(cert_base_path(),
-                                                         ca_name,
-                                                         CN), 'w+') as crt:
+    cert_full_path = '{0}/{1}.crt'.format(cert_path, cert_filename)
+
+    with salt.utils.fopen(cert_full_path, 'w+') as crt:
         crt.write(
-            OpenSSL.crypto.dump_certificate(
-                OpenSSL.crypto.FILETYPE_PEM,
-                cert
-                )
-            )
+            OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, cert))
 
     _write_cert_to_database(ca_name, cert)
 
     return ('Created Certificate for "{0}": '
-            '"{1}/{2}/certs/{3}.crt"').format(
-                    ca_name,
-                    cert_base_path(),
-                    ca_name,
-                    CN
-                    )
+            '"{1}/{2}.crt"').format(
+        CN,
+        cert_path,
+        cert_filename
+    )
 
 
 def create_pkcs12(ca_name, CN, passphrase='', cacert_path=None, replace=False):
@@ -919,18 +1420,14 @@
 
         .. versionadded:: 2015.5.1
 
-    If the following values were set:
-
-    .. code-block:: bash
+    If the following values were set::
 
         ca.cert_base_path='/etc/pki'
         ca_name='koji'
         CN='test.egavas.org'
 
     the resulting signed certificate would be written in the
-    following location:
-
-    .. code-block:: text
+    following location::
 
         /etc/pki/koji/certs/test.egavas.org.p12
 
@@ -946,7 +1443,7 @@
                 cert_base_path(),
                 ca_name,
                 CN)
-            ):
+    ):
         return 'Certificate "{0}" already exists'.format(CN)
 
     try:
@@ -954,9 +1451,9 @@
                                                                ca_name,
                                                                ca_name)) as fhr:
             ca_cert = OpenSSL.crypto.load_certificate(
-                    OpenSSL.crypto.FILETYPE_PEM,
-                    fhr.read()
-                )
+                OpenSSL.crypto.FILETYPE_PEM,
+                fhr.read()
+            )
     except IOError:
         return 'There is no CA named "{0}"'.format(ca_name)
 
@@ -965,16 +1462,16 @@
                                                              ca_name,
                                                              CN)) as fhr:
             cert = OpenSSL.crypto.load_certificate(
-                    OpenSSL.crypto.FILETYPE_PEM,
-                    fhr.read()
-                )
+                OpenSSL.crypto.FILETYPE_PEM,
+                fhr.read()
+            )
         with salt.utils.fopen('{0}/{1}/certs/{2}.key'.format(cert_base_path(),
                                                              ca_name,
                                                              CN)) as fhr:
             key = OpenSSL.crypto.load_privatekey(
-                    OpenSSL.crypto.FILETYPE_PEM,
-                    fhr.read()
-                    )
+                OpenSSL.crypto.FILETYPE_PEM,
+                fhr.read()
+            )
     except IOError:
         return 'There is no certificate that matches the CN "{0}"'.format(CN)
 
@@ -991,11 +1488,11 @@
 
     return ('Created PKCS#12 Certificate for "{0}": '
             '"{1}/{2}/certs/{3}.p12"').format(
-                    CN,
-                    cert_base_path(),
-                    ca_name,
-                    CN
-                    )
+        CN,
+        cert_base_path(),
+        ca_name,
+        CN
+    )
 
 
 def cert_info(cert_path, digest='sha256'):
@@ -1018,16 +1515,20 @@
 
     with salt.utils.fopen(cert_path) as cert_file:
         cert = OpenSSL.crypto.load_certificate(
-                OpenSSL.crypto.FILETYPE_PEM,
-                cert_file.read()
-            )
+            OpenSSL.crypto.FILETYPE_PEM,
+            cert_file.read()
+        )
     ret = {
         'fingerprint': cert.digest(digest),
         'subject': dict(cert.get_subject().get_components()),
         'issuer': dict(cert.get_issuer().get_components()),
         'serial_number': cert.get_serial_number(),
-        'not_before': time.mktime(datetime.strptime(cert.get_notBefore(), date_fmt).timetuple()),
-        'not_after': time.mktime(datetime.strptime(cert.get_notAfter(), date_fmt).timetuple()),
+        'not_before': calendar.timegm(time.strptime(
+            cert.get_notBefore(),
+            date_fmt)),
+        'not_after': calendar.timegm(time.strptime(
+            cert.get_notAfter(),
+            date_fmt)),
     }
 
     # add additional info if your version of pyOpenSSL supports it
@@ -1039,9 +1540,11 @@
 
     if 'subjectAltName' in ret.get('extensions', {}):
         valid_names = set()
-        for name in ret['extensions']['subjectAltName']._subjectAltNameString().split(", "):
+        for name in ret['extensions']['subjectAltName'] \
+                ._subjectAltNameString().split(", "):
             if not name.startswith('DNS:'):
-                log.error('Cert {0} has an entry ({1}) which does not start with DNS:'.format(cert_path, name))
+                log.error('Cert {0} has an entry ({1}) which does not start '
+                          'with DNS:'.format(cert_path, name))
             else:
                 valid_names.add(name[4:])
         ret['subject_alt_names'] = valid_names
@@ -1052,17 +1555,264 @@
     return ret
 
 
+def create_empty_crl(
+        ca_name,
+        cacert_path=None,
+        ca_filename=None,
+        crl_file=None):
+    '''
+    Create an empty Certificate Revocation List.
+
+    .. versionadded:: Beryllium
+
+    ca_name
+        name of the CA
+    cacert_path
+        absolute path to ca certificates root directory
+    ca_filename
+        alternative filename for the CA
+
+        .. versionadded:: 2015.5.3
+
+    crl_file
+        full path to the CRL file
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' tls.create_empty_crl ca_name='koji' \
+                ca_filename='ca' \
+                crl_file='/etc/openvpn/team1/crl.pem'
+    '''
+
+    set_ca_path(cacert_path)
+
+    if not ca_filename:
+        ca_filename = '{0}_ca_cert'.format(ca_name)
+
+    if not crl_file:
+        crl_file = '{0}/{1}/crl.pem'.format(
+            _cert_base_path(),
+            ca_name
+        )
+
+    if os.path.exists('{0}'.format(crl_file)):
+        return 'CRL "{0}" already exists'.format(crl_file)
+
+    try:
+        ca_cert = OpenSSL.crypto.load_certificate(
+            OpenSSL.crypto.FILETYPE_PEM,
+            salt.utils.fopen('{0}/{1}/{2}.crt'.format(
+                cert_base_path(),
+                ca_name,
+                ca_filename
+            )).read()
+        )
+        ca_key = OpenSSL.crypto.load_privatekey(
+            OpenSSL.crypto.FILETYPE_PEM,
+            salt.utils.fopen('{0}/{1}/{2}.key'.format(
+                cert_base_path(),
+                ca_name,
+                ca_filename)).read()
+        )
+    except IOError:
+        return 'There is no CA named "{0}"'.format(ca_name)
+
+    crl = OpenSSL.crypto.CRL()
+    crl_text = crl.export(ca_cert, ca_key)
+
+    with salt.utils.fopen(crl_file, 'w') as f:
+        f.write(crl_text)
+
+    return 'Created an empty CRL: "{0}"'.format(crl_file)
+
+
+def revoke_cert(
+        ca_name,
+        CN,
+        cacert_path=None,
+        ca_filename=None,
+        cert_path=None,
+        cert_filename=None,
+        crl_file=None):
+    '''
+    Revoke a certificate.
+
+    .. versionadded:: Beryllium
+
+    ca_name
+        Name of the CA.
+
+    CN
+        Common name matching the certificate signing request.
+
+    cacert_path
+        Absolute path to ca certificates root directory.
+
+    ca_filename
+        Alternative filename for the CA.
+
+    cert_path
+        Path to the cert file.
+
+    cert_filename
+        Alternative filename for the certificate, useful when using special
+        characters in the CN.
+
+    crl_file
+        Full path to the CRL file.
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' tls.revoke_cert ca_name='koji' \
+                ca_filename='ca' \
+                crl_file='/etc/openvpn/team1/crl.pem'
+
+    '''
+
+    set_ca_path(cacert_path)
+    ca_dir = '{0}/{1}'.format(cert_base_path(), ca_name)
+
+    if ca_filename is None:
+        ca_filename = '{0}_ca_cert'.format(ca_name)
+
+    if cert_path is None:
+        cert_path = '{0}/{1}/certs'.format(_cert_base_path(), ca_name)
+
+    if cert_filename is None:
+        cert_filename = '{0}'.format(CN)
+
+    try:
+        ca_cert = OpenSSL.crypto.load_certificate(
+            OpenSSL.crypto.FILETYPE_PEM,
+            salt.utils.fopen('{0}/{1}/{2}.crt'.format(
+                cert_base_path(),
+                ca_name,
+                ca_filename
+            )).read()
+        )
+        ca_key = OpenSSL.crypto.load_privatekey(
+            OpenSSL.crypto.FILETYPE_PEM,
+            salt.utils.fopen('{0}/{1}/{2}.key'.format(
+                cert_base_path(),
+                ca_name,
+                ca_filename)).read()
+        )
+    except IOError:
+        return 'There is no CA named "{0}"'.format(ca_name)
+
+    try:
+        client_cert = OpenSSL.crypto.load_certificate(
+            OpenSSL.crypto.FILETYPE_PEM,
+            salt.utils.fopen('{0}/{1}.crt'.format(
+                cert_path,
+                cert_filename)).read()
+        )
+    except IOError:
+        return 'There is no client certificate named "{0}"'.format(CN)
+
+    index_file, expire_date, serial_number, subject = _get_basic_info(
+        ca_name,
+        client_cert,
+        ca_dir)
+
+    index_serial_subject = '{0}\tunknown\t{1}'.format(
+        serial_number,
+        subject)
+    index_v_data = 'V\t{0}\t\t{1}'.format(
+        expire_date,
+        index_serial_subject)
+    index_r_data_pattern = re.compile(
+        r"R\t" +
+        expire_date +
+        r"\t\d{12}Z\t" +
+        re.escape(index_serial_subject))
+    index_r_data = 'R\t{0}\t{1}\t{2}'.format(
+        expire_date,
+        _four_digit_year_to_two_digit(datetime.utcnow()),
+        index_serial_subject)
+
+    ret = {}
+    with salt.utils.fopen(index_file) as f:
+        for line in f:
+            if index_r_data_pattern.match(line):
+                revoke_date = line.split('\t')[2]
+                try:
+                    datetime.strptime(revoke_date, two_digit_year_fmt)
+                    return ('"{0}/{1}.crt" was already revoked, '
+                            'serial number: {2}').format(
+                        cert_path,
+                        cert_filename,
+                        serial_number
+                    )
+                except ValueError:
+                    ret['retcode'] = 1
+                    ret['comment'] = ("Revocation date '{0}' does not match"
+                                      "format '{1}'".format(
+                                          revoke_date,
+                                          two_digit_year_fmt))
+                    return ret
+            elif index_serial_subject in line:
+                __salt__['file.replace'](
+                    index_file,
+                    index_v_data,
+                    index_r_data,
+                    backup=False)
+                break
+
+    crl = OpenSSL.crypto.CRL()
+
+    with salt.utils.fopen(index_file) as f:
+        for line in f:
+            if line.startswith('R'):
+                fields = line.split('\t')
+                revoked = OpenSSL.crypto.Revoked()
+                revoked.set_serial(fields[3])
+                revoke_date_2_digit = datetime.strptime(fields[2],
+                                                        two_digit_year_fmt)
+                revoked.set_rev_date(revoke_date_2_digit.strftime(
+                    four_digit_year_fmt))
+                crl.add_revoked(revoked)
+
+    crl_text = crl.export(ca_cert, ca_key)
+
+    if crl_file is None:
+        crl_file = '{0}/{1}/crl.pem'.format(
+            _cert_base_path(),
+            ca_name
+        )
+
+    if os.path.isdir(crl_file):
+        ret['retcode'] = 1
+        ret['comment'] = 'crl_file "{0}" is an existing directory'.format(
+            crl_file)
+        return ret
+
+    with salt.utils.fopen(crl_file, 'w') as f:
+        f.write(crl_text)
+
+    return ('Revoked Certificate: "{0}/{1}.crt", '
+            'serial number: {2}').format(
+        cert_path,
+        cert_filename,
+        serial_number
+    )
+
+
 if __name__ == '__main__':
-    #create_ca('koji', days=365, **cert_sample_meta)
+    # create_ca('koji', days=365, **cert_sample_meta)
     create_csr(
-            'koji',
-            CN='test_system',
-            C="US",
-            ST="Utah",
-            L="Centerville",
-            O="SaltStack",
-            OU=None,
-            emailAddress='test_system@saltstack.org'
-            )
+        'koji',
+        CN='test_system',
+        C="US",
+        ST="Utah",
+        L="Centerville",
+        O="SaltStack",
+        OU=None,
+        emailAddress='test_system@saltstack.org'
+    )
     create_ca_signed_cert('koji', 'test_system')
     create_pkcs12('koji', 'test_system', passphrase='test')
diff -Nru salt-2015.5.2+ds/salt/modules/upstart.py salt-2015.5.3+ds/salt/modules/upstart.py
--- salt-2015.5.2+ds/salt/modules/upstart.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/upstart.py	2015-07-07 20:42:37.000000000 +0000
@@ -43,6 +43,8 @@
 # Import python libs
 import glob
 import os
+import re
+import itertools
 
 # Import salt libs
 import salt.utils
@@ -170,7 +172,12 @@
     NOTE: An Upstart service can also be disabled by placing "manual"
     in /etc/init/[name].conf.
     '''
-    return os.access('/etc/init/{0}.override'.format(name), os.R_OK)
+    files = ['/etc/init/{0}.conf'.format(name), '/etc/init/{0}.override'.format(name)]
+    for file_name in itertools.ifilter(os.path.isfile, files):
+        with salt.utils.fopen(file_name) as fp_:
+            if re.search(r'^\s*manual', fp_.read(), re.MULTILINE):
+                return True
+    return False
 
 
 def _upstart_is_enabled(name):
@@ -436,9 +443,11 @@
     '''
     Disable an Upstart service.
     '''
+    if _upstart_is_disabled(name):
+        return _upstart_is_disabled(name)
     override = '/etc/init/{0}.override'.format(name)
-    with salt.utils.fopen(override, 'w') as ofile:
-        ofile.write('manual')
+    with salt.utils.fopen(override, 'a') as ofile:
+        ofile.write('manual\n')
     return _upstart_is_disabled(name)
 
 
@@ -446,8 +455,17 @@
     '''
     Enable an Upstart service.
     '''
+    if _upstart_is_enabled(name):
+        return _upstart_is_enabled(name)
     override = '/etc/init/{0}.override'.format(name)
-    if os.access(override, os.R_OK):
+    files = ['/etc/init/{0}.conf'.format(name), override]
+    for file_name in itertools.ifilter(os.path.isfile, files):
+        with salt.utils.fopen(file_name, 'r+') as fp_:
+            new_text = re.sub(r'^\s*manual\n?', '', fp_.read(), 0, re.MULTILINE)
+            fp_.seek(0)
+            fp_.write(new_text)
+            fp_.truncate()
+    if os.access(override, os.R_OK) and os.path.getsize(override) == 0:
         os.unlink(override)
     return _upstart_is_enabled(name)
 
diff -Nru salt-2015.5.2+ds/salt/modules/win_file.py salt-2015.5.3+ds/salt/modules/win_file.py
--- salt-2015.5.2+ds/salt/modules/win_file.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/win_file.py	2015-07-07 20:42:37.000000000 +0000
@@ -57,7 +57,7 @@
         access, copy, readdir, rmdir, truncate, replace, delete_backup,
         search, _get_flags, extract_hash, _error, _sed_esc, _psed,
         RE_FLAG_TABLE, blockreplace, prepend, seek_read, seek_write, rename,
-        lstat, path_exists_glob, HASHES)
+        lstat, path_exists_glob, HASHES, comment, uncomment)
 
 from salt.utils import namespaced_function as _namespaced_function
 
@@ -83,7 +83,7 @@
             global access, copy, readdir, rmdir, truncate, replace, search
             global _binary_replace, _get_bkroot, list_backups, restore_backup
             global blockreplace, prepend, seek_read, seek_write, rename, lstat
-            global path_exists_glob, _mkstemp_copy
+            global path_exists_glob, comment, uncomment, _mkstemp_copy
 
             replace = _namespaced_function(replace, globals())
             search = _namespaced_function(search, globals())
@@ -133,6 +133,8 @@
             rename = _namespaced_function(rename, globals())
             lstat = _namespaced_function(lstat, globals())
             path_exists_glob = _namespaced_function(path_exists_glob, globals())
+            comment = _namespaced_function(comment, globals())
+            uncomment = _namespaced_function(uncomment, globals())
             _mkstemp_copy = _namespaced_function(_mkstemp_copy, globals())
 
             return __virtualname__
diff -Nru salt-2015.5.2+ds/salt/modules/win_path.py salt-2015.5.3+ds/salt/modules/win_path.py
--- salt-2015.5.2+ds/salt/modules/win_path.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/win_path.py	2015-07-07 20:42:37.000000000 +0000
@@ -46,16 +46,35 @@
 
 def rehash():
     '''
-    Send a WM_SETTINGCHANGE Broadcast to Windows to rehash the Environment variables
+    Send a WM_SETTINGCHANGE Broadcast to Windows to refresh the Environment variables
+
+    CLI Example:
+
+    ... code-block:: bash
+
+        salt '*' win_path.rehash
     '''
-    return win32gui.SendMessageTimeout(win32con.HWND_BROADCAST, win32con.WM_SETTINGCHANGE, 0, 'Environment', 0, 10000)[0] == 1
+    return win32gui.SendMessageTimeout(win32con.HWND_BROADCAST,
+                                       win32con.WM_SETTINGCHANGE,
+                                       0,
+                                       'Environment',
+                                       0,
+                                       10000)[0] == 1
 
 
 def get_path():
     '''
-    Returns the system path
+    Returns a list of items in the SYSTEM path
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' win_path.get_path
     '''
-    ret = __salt__['reg.read_key']('HKEY_LOCAL_MACHINE', 'SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Environment', 'PATH').split(';')
+    ret = __salt__['reg.read_key']('HKEY_LOCAL_MACHINE',
+                                   'SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Environment',
+                                   'PATH').split(';')
 
     # Trim ending backslash
     return list(map(_normalize_dir, ret))
@@ -66,6 +85,9 @@
     Check if the directory is configured in the SYSTEM path
     Case-insensitive and ignores trailing backslash
 
+    Returns:
+        boolean True if path exists, False if not
+
     CLI Example:
 
     .. code-block:: bash
@@ -84,6 +106,9 @@
     '''
     Add the directory to the SYSTEM path in the index location
 
+    Returns:
+        boolean True if successful, False if unsuccessful
+
     CLI Example:
 
     .. code-block:: bash
@@ -123,7 +148,7 @@
         'PATH',
         ';'.join(sysPath),
         'REG_EXPAND_SZ'
-        )
+    )
 
     # Broadcast WM_SETTINGCHANGE to Windows
     if regedit:
@@ -133,11 +158,22 @@
 
 
 def remove(path):
-    '''
+    r'''
     Remove the directory from the SYSTEM path
+
+    Returns:
+        boolean True if successful, False if unsuccessful
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        # Will remove C:\Python27 from the path
+        salt '*' win_path.remove 'c:\\python27'
     '''
     path = _normalize_dir(path)
     sysPath = get_path()
+
     try:
         sysPath.remove(path)
     except ValueError:
diff -Nru salt-2015.5.2+ds/salt/modules/win_servermanager.py salt-2015.5.3+ds/salt/modules/win_servermanager.py
--- salt-2015.5.2+ds/salt/modules/win_servermanager.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/win_servermanager.py	2015-07-01 21:33:42.000000000 +0000
@@ -37,6 +37,8 @@
 def _parse_powershell_list(lst):
     '''
     Parse command output when piped to format-list
+    Need to look at splitting with ':' so you can get the full value
+    Need to check for error codes and return false if it's trying to parse
     '''
     ret = {}
     for line in lst.splitlines():
@@ -47,6 +49,7 @@
             #                    baz}
             if len(splt) > 2:
                 ret[splt[0]] = splt[2]
+    ret['message'] = lst
     return ret
 
 
diff -Nru salt-2015.5.2+ds/salt/modules/win_useradd.py salt-2015.5.3+ds/salt/modules/win_useradd.py
--- salt-2015.5.2+ds/salt/modules/win_useradd.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/win_useradd.py	2015-07-07 20:42:37.000000000 +0000
@@ -158,15 +158,16 @@
     return ret['retcode'] == 0
 
 
-def chhome(name, home):
+def chhome(name, home, persist=False):
     '''
-    Change the home directory of the user
+    Change the home directory of the user, pass True for persist to move files
+    to the new home directory if the old home directory exist.
 
     CLI Example:
 
     .. code-block:: bash
 
-        salt '*' user.chhome foo \\\\fileserver\\home\\foo
+        salt '*' user.chhome foo \\\\fileserver\\home\\foo True
     '''
     pre_info = info(name)
 
@@ -180,6 +181,11 @@
             name, home)) != 0:
         return False
 
+    if persist and home is not None and pre_info['home'] is not None:
+        cmd = 'move /Y {0} {1}'.format(pre_info['home'], home)
+        if __salt__['cmd.retcode'](cmd, python_shell=False) != 0:
+            log.debug('Failed to move the contents of the Home Directory')
+
     post_info = info(name)
     if post_info['home'] != pre_info['home']:
         return post_info['home'] == home
diff -Nru salt-2015.5.2+ds/salt/modules/yumpkg.py salt-2015.5.3+ds/salt/modules/yumpkg.py
--- salt-2015.5.2+ds/salt/modules/yumpkg.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/modules/yumpkg.py	2015-07-07 20:42:37.000000000 +0000
@@ -1303,9 +1303,12 @@
         salt '*' pkg.hold <package name>
         salt '*' pkg.hold pkgs='["foo", "bar"]'
     '''
-    if 'yum-plugin-versionlock' not in list_pkgs():
+
+    on_redhat_5 = __grains__.get('osmajorrelease', None) == '5'
+    lock_pkg = 'yum-versionlock' if on_redhat_5 else 'yum-plugin-versionlock'
+    if lock_pkg not in list_pkgs():
         raise SaltInvocationError(
-            'Packages cannot be held, yum-plugin-versionlock is not installed.'
+            'Packages cannot be held, {0} is not installed.'.format(lock_pkg)
         )
     if not name and not pkgs and not sources:
         raise SaltInvocationError(
@@ -1396,9 +1399,12 @@
         salt '*' pkg.unhold <package name>
         salt '*' pkg.unhold pkgs='["foo", "bar"]'
     '''
-    if 'yum-plugin-versionlock' not in list_pkgs():
+
+    on_redhat_5 = __grains__.get('osmajorrelease', None) == '5'
+    lock_pkg = 'yum-versionlock' if on_redhat_5 else 'yum-plugin-versionlock'
+    if lock_pkg not in list_pkgs():
         raise SaltInvocationError(
-            'Packages cannot be unheld, yum-plugin-versionlock is not installed.'
+            'Packages cannot be unheld, {0} is not installed.'.format(lock_pkg)
         )
     if not name and not pkgs and not sources:
         raise SaltInvocationError(
@@ -1481,9 +1487,9 @@
             _pat = r'\d\:({0}\-\S+)'.format(pattern)
     else:
         if full:
-            _pat = r'(\d\:\w+\-\S+)'
+            _pat = r'(\d\:\w+(?:[\.\-][^\-]+)*-\S+)'
         else:
-            _pat = r'\d\:(\w+\-\S+)'
+            _pat = r'\d\:(\w+(?:[\.\-][^\-]+)*-\S+)'
     pat = re.compile(_pat)
 
     current_locks = []
diff -Nru salt-2015.5.2+ds/salt/netapi/rest_cherrypy/app.py salt-2015.5.3+ds/salt/netapi/rest_cherrypy/app.py
--- salt-2015.5.2+ds/salt/netapi/rest_cherrypy/app.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/netapi/rest_cherrypy/app.py	2015-07-07 20:42:37.000000000 +0000
@@ -7,16 +7,18 @@
 
 .. py:currentmodule:: salt.netapi.rest_cherrypy.app
 
-:depends:   - CherryPy Python module. Versions 3.2.{2,3,4} are strongly
-    recommended due to a known `SSL error
-    <https://bitbucket.org/cherrypy/cherrypy/issue/1298/ssl-not-working>`_
-    introduced in version 3.2.5. The issue was reportedly resolved with
-    CherryPy milestone 3.3, but the patch was committed for version 3.6.1.
+:depends:
+    - CherryPy Python module. Versions 3.2.{2,3,4} are strongly
+      recommended due to a known `SSL error
+      <https://bitbucket.org/cherrypy/cherrypy/issue/1298/ssl-not-working>`_
+      introduced in version 3.2.5. The issue was reportedly resolved with
+      CherryPy milestone 3.3, but the patch was committed for version 3.6.1.
 :optdepends:    - ws4py Python module for websockets support.
 :client_libraries:
     - Java: https://github.com/SUSE/saltstack-netapi-client-java
     - Python: https://github.com/saltstack/pepper
-:configuration: All authentication is done through Salt's :ref:`external auth
+:configuration:
+    All authentication is done through Salt's :ref:`external auth
     <acl-eauth>` system which requires additional configuration not described
     here.
 
diff -Nru salt-2015.5.2+ds/salt/netapi/rest_tornado/saltnado.py salt-2015.5.3+ds/salt/netapi/rest_tornado/saltnado.py
--- salt-2015.5.2+ds/salt/netapi/rest_tornado/saltnado.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/netapi/rest_tornado/saltnado.py	2015-07-07 21:04:39.000000000 +0000
@@ -267,7 +267,8 @@
         # request_obj -> list of (tag, future)
         self.request_map = defaultdict(list)
 
-        self.timeout_map = {}  # map of future -> timeout_callback
+        # map of future -> timeout_callback
+        self.timeout_map = {}
 
         self.stream = zmqstream.ZMQStream(self.event.sub,
                                           io_loop=tornado.ioloop.IOLoop.current())
@@ -280,7 +281,14 @@
         if request not in self.request_map:
             return
         for tag, future in self.request_map[request]:
+            # timeout the future
             self._timeout_future(tag, future)
+            # remove the timeout
+            if future in self.timeout_map:
+                tornado.ioloop.IOLoop.current().remove_timeout(self.timeout_map[future])
+                del self.timeout_map[future]
+
+        del self.request_map[request]
 
     def get_event(self,
                   request,
@@ -291,6 +299,13 @@
         '''
         Get an event (async of course) return a future that will get it later
         '''
+        # if the request finished, no reason to allow event fetching, since we
+        # can't send back to the client
+        if request._finished:
+            future = Future()
+            future.set_exception(TimeoutException())
+            return future
+
         future = Future()
         if callback is not None:
             def handle_future(future):
diff -Nru salt-2015.5.2+ds/salt/renderers/pyobjects.py salt-2015.5.3+ds/salt/renderers/pyobjects.py
--- salt-2015.5.2+ds/salt/renderers/pyobjects.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/renderers/pyobjects.py	2015-07-07 20:42:37.000000000 +0000
@@ -290,19 +290,11 @@
     '''
     states = {}
 
-    # the loader expects to find pillar & grian data
-    __opts__['grains'] = __grains__
+    # the loader expects to find pillar & grain data
+    __opts__['grains'] = salt.loader.grains(__opts__)
     __opts__['pillar'] = __pillar__
-
-    # TODO: honor __virtual__? The old one didn't...
-    # create our own loader that ignores __virtual__()
-    lazy_states = salt.loader.LazyLoader(
-        salt.loader._module_dirs(__opts__, 'states', 'states'),
-        __opts__,
-        tag='states',
-        pack={'__salt__': __salt__},
-        virtual_enable=False,
-    )
+    lazy_funcs = salt.loader.minion_mods(__opts__)
+    lazy_states = salt.loader.states(__opts__, lazy_funcs)
 
     # TODO: some way to lazily do this? This requires loading *all* state modules
     for key, func in lazy_states.iteritems():
diff -Nru salt-2015.5.2+ds/salt/returners/django_return.py salt-2015.5.3+ds/salt/returners/django_return.py
--- salt-2015.5.2+ds/salt/returners/django_return.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/returners/django_return.py	2015-07-01 21:33:42.000000000 +0000
@@ -16,7 +16,7 @@
 An example Django module that registers a function called
 'returner_callback' with this module's 'returner' function:
 
-    .. code-block:: python
+.. code-block:: python
 
     import salt.returners.django_return
     from django.dispatch import receiver
diff -Nru salt-2015.5.2+ds/salt/returners/local_cache.py salt-2015.5.3+ds/salt/returners/local_cache.py
--- salt-2015.5.2+ds/salt/returners/local_cache.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/returners/local_cache.py	2015-07-07 20:42:37.000000000 +0000
@@ -228,7 +228,8 @@
     Return the load data that marks a specified jid
     '''
     jid_dir = _jid_dir(jid)
-    if not os.path.exists(jid_dir):
+    load_fn = os.path.join(jid_dir, LOAD_P)
+    if not os.path.exists(jid_dir) or not os.path.exists(load_fn):
         return {}
     serial = salt.payload.Serial(__opts__)
 
diff -Nru salt-2015.5.2+ds/salt/roster/ansible.py salt-2015.5.3+ds/salt/roster/ansible.py
--- salt-2015.5.2+ds/salt/roster/ansible.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/roster/ansible.py	2015-07-07 20:42:37.000000000 +0000
@@ -84,6 +84,7 @@
 This is the format that an inventory script needs to output to work with ansible, and thus here.
 
 .. code-block:: bash
+
     [~]# salt-ssh --roster-file /etc/salt/hosts salt.gtmanfred.com test.ping
     salt.gtmanfred.com:
             True
diff -Nru salt-2015.5.2+ds/salt/roster/flat.py salt-2015.5.3+ds/salt/roster/flat.py
--- salt-2015.5.2+ds/salt/roster/flat.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/roster/flat.py	2015-07-07 20:42:37.000000000 +0000
@@ -27,7 +27,10 @@
 
     rend = salt.loader.render(__opts__, {})
     raw = compile_template(template, rend, __opts__['renderer'], **kwargs)
-    rmatcher = RosterMatcher(raw, tgt, tgt_type, 'ipv4')
+    conditioned_raw = {}
+    for minion in raw:
+        conditioned_raw[str(minion)] = raw[minion]
+    rmatcher = RosterMatcher(conditioned_raw, tgt, tgt_type, 'ipv4')
     return rmatcher.targets()
 
 
diff -Nru salt-2015.5.2+ds/salt/runners/fileserver.py salt-2015.5.3+ds/salt/runners/fileserver.py
--- salt-2015.5.2+ds/salt/runners/fileserver.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/runners/fileserver.py	2015-07-01 21:33:42.000000000 +0000
@@ -349,7 +349,7 @@
     .. note::
 
         This will only operate on enabled backends (those configured in
-        :master_conf:`fileserver_backend`).
+        :conf_master:`fileserver_backend`).
 
     backend
         Only set the update lock for the specified backend(s).
diff -Nru salt-2015.5.2+ds/salt/runners/http.py salt-2015.5.3+ds/salt/runners/http.py
--- salt-2015.5.2+ds/salt/runners/http.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/runners/http.py	2015-07-01 21:33:42.000000000 +0000
@@ -19,7 +19,7 @@
     '''
     Query a resource, and decode the return data
 
-    .. versionaddedd:: 2015.2
+    .. versionadded:: 2015.5.0
 
     CLI Example:
 
@@ -44,7 +44,7 @@
     '''
     Update the local CA bundle file from a URL
 
-    .. versionaddedd:: 2015.2
+    .. versionadded:: 2015.5.0
 
     CLI Example:
 
diff -Nru salt-2015.5.2+ds/salt/state.py salt-2015.5.3+ds/salt/state.py
--- salt-2015.5.2+ds/salt/state.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/state.py	2015-07-07 20:42:37.000000000 +0000
@@ -608,9 +608,11 @@
         of a state package that has a mod_init function, then execute the
         mod_init function in the state module.
         '''
+        # ensure that the module is loaded
+        self.states['{0}.{1}'.format(low['state'], low['fun'])]  # pylint: disable=W0106
         minit = '{0}.mod_init'.format(low['state'])
         if low['state'] not in self.mod_init:
-            if minit in self.states:
+            if minit in self.states._dict:
                 mret = self.states[minit](low)
                 if not mret:
                     return
@@ -831,6 +833,9 @@
                         data['__sls__']
                         )
                     )
+                reason = self.states.missing_fun_string(full)
+                if reason:
+                    errors.append('Reason: {0}'.format(reason))
             else:
                 errors.append(
                         'Specified state \'{0}\' was not found'.format(
@@ -1185,32 +1190,24 @@
                     for arg in run:
                         update = False
                         for hind in range(len(high[name][state])):
-                            if (isinstance(arg, string_types) and
-                            isinstance(high[name][state][hind], string_types)):
+                            if isinstance(arg, string_types) and isinstance(high[name][state][hind], string_types):
                                 # replacing the function, replace the index
                                 high[name][state].pop(hind)
                                 high[name][state].insert(hind, arg)
                                 update = True
                                 continue
-                            if (isinstance(arg, dict) and
-                                    isinstance(high[name][state][hind], dict)):
+                            if isinstance(arg, dict) and isinstance(high[name][state][hind], dict):
                                 # It is an option, make sure the options match
                                 argfirst = next(iter(arg))
-                                if (argfirst ==
-                                    next(iter(high[name][state][hind]))):
-                                    # They match, check if the option is a
-                                    # watch or require, append, otherwise
-                                    # replace
-                                    if (argfirst == 'require' or
-                                        argfirst == 'watch'):
-                                        # Extend the list
-                                        (high[name][state][hind][argfirst]
-                                         .extend(arg[argfirst]))
-                                        update = True
+                                if argfirst == next(iter(high[name][state][hind])):
+                                    # If argfirst is a requisite then we must merge
+                                    # our requisite with that of the target state
+                                    if argfirst in STATE_REQUISITE_KEYWORDS:
+                                        high[name][state][hind][argfirst].extend(arg[argfirst])
+                                    # otherwise, its not a requisite and we are just extending (replacing)
                                     else:
-                                        # Replace the value
                                         high[name][state][hind] = arg
-                                        update = True
+                                    update = True
                                 if (argfirst == 'name' and
                                     next(iter(high[name][state][hind])) == 'names'):
                                     # If names are overwritten by name use the name
diff -Nru salt-2015.5.2+ds/salt/states/aptpkg.py salt-2015.5.3+ds/salt/states/aptpkg.py
--- salt-2015.5.2+ds/salt/states/aptpkg.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/aptpkg.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,58 @@
+# -*- coding: utf-8 -*-
+'''
+Package management operations specific to APT- and DEB-based systems
+====================================================================
+'''
+from __future__ import absolute_import
+
+# Import python libs
+import logging
+
+# Import salt libs
+import salt.utils
+
+log = logging.getLogger(__name__)
+
+
+# Define the module's virtual name
+__virtualname__ = 'apt'
+
+
+def __virtual__():
+    '''
+    Only work on apt-based platforms with pkg.get_selections
+    '''
+    return (__virtualname__
+            if __salt__.get('pkg.get_selections', False)
+            else False)
+
+
+def held(name):
+    '''
+    Set package in 'hold' state, meaning it will not be upgraded.
+
+    name
+        The name of the package, e.g., 'tmux'
+    '''
+    ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
+    state = __salt__['pkg.get_selections'](
+        pattern=name,
+    )
+    if not state:
+        ret.update(comment='Package {0} does not have a state'.format(name))
+    elif not salt.utils.is_true(state.get('hold', False)):
+        if not __opts__['test']:
+            result = __salt__['pkg.set_selections'](
+                selection={'hold': [name]}
+            )
+            ret.update(changes=result[name],
+                       result=True,
+                       comment='Package {0} is now being held'.format(name))
+        else:
+            ret.update(result=None,
+                       comment='Package {0} is set to be held'.format(name))
+    else:
+        ret.update(result=True,
+                   comment='Package {0} is already held'.format(name))
+
+    return ret
diff -Nru salt-2015.5.2+ds/salt/states/apt.py salt-2015.5.3+ds/salt/states/apt.py
--- salt-2015.5.2+ds/salt/states/apt.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/apt.py	1970-01-01 00:00:00.000000000 +0000
@@ -1,52 +0,0 @@
-# -*- coding: utf-8 -*-
-'''
-Package management operations specific to APT- and DEB-based systems
-====================================================================
-'''
-from __future__ import absolute_import
-
-# Import python libs
-import logging
-
-# Import salt libs
-import salt.utils
-
-log = logging.getLogger(__name__)
-
-
-def __virtual__():
-    '''
-    Only work on apt-based platforms with pkg.get_selections
-    '''
-    return 'pkg.get_selections' in __salt__
-
-
-def held(name):
-    '''
-    Set package in 'hold' state, meaning it will not be upgraded.
-
-    name
-        The name of the package, e.g., 'tmux'
-    '''
-    ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
-    state = __salt__['pkg.get_selections'](
-        pattern=name,
-    )
-    if not state:
-        ret.update(comment='Package {0} does not have a state'.format(name))
-    elif not salt.utils.is_true(state.get('hold', False)):
-        if not __opts__['test']:
-            result = __salt__['pkg.set_selections'](
-                selection={'hold': [name]}
-            )
-            ret.update(changes=result[name],
-                       result=True,
-                       comment='Package {0} is now being held'.format(name))
-        else:
-            ret.update(result=None,
-                       comment='Package {0} is set to be held'.format(name))
-    else:
-        ret.update(result=True,
-                   comment='Package {0} is already held'.format(name))
-
-    return ret
diff -Nru salt-2015.5.2+ds/salt/states/augeas.py salt-2015.5.3+ds/salt/states/augeas.py
--- salt-2015.5.2+ds/salt/states/augeas.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/augeas.py	2015-07-01 21:33:42.000000000 +0000
@@ -55,8 +55,15 @@
         State name
 
     context
-        The context to use. Set this to a file path, prefixed by ``/files``, to
-        avoid redundancy, e.g.:
+        A file path, prefixed by ``/files``. Should resolve to an actual file
+        (not an arbitrary augeas path). This is used to avoid duplicating the
+        file name for each item in the changes list (for example, ``set bind 0.0.0.0``
+        in the example below operates on the file specified by ``context``). If
+        ``context`` is not specified, a file path prefixed by ``/files`` should be
+        included with the ``set`` command.
+
+        The file path is examined to determine if the
+        specified changes are already present.
 
         .. code-block:: yaml
 
diff -Nru salt-2015.5.2+ds/salt/states/boto_elb.py salt-2015.5.3+ds/salt/states/boto_elb.py
--- salt-2015.5.2+ds/salt/states/boto_elb.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/boto_elb.py	2015-07-07 20:42:37.000000000 +0000
@@ -234,10 +234,10 @@
 
     listeners
         A list of listener lists; example:
-            [
-                ['443', 'HTTPS', 'arn:aws:iam::1111111:server-certificate/mycert'],
-                ['8443', '80', 'HTTPS', 'HTTP', 'arn:aws:iam::1111111:server-certificate/mycert']
-            ]
+        [
+            ['443', 'HTTPS', 'arn:aws:iam::1111111:server-certificate/mycert'],
+            ['8443', '80', 'HTTPS', 'HTTP', 'arn:aws:iam::1111111:server-certificate/mycert']
+        ]
 
     subnets
         A list of subnet IDs in your VPC to attach to your LoadBalancer.
diff -Nru salt-2015.5.2+ds/salt/states/dockerio.py salt-2015.5.3+ds/salt/states/dockerio.py
--- salt-2015.5.2+ds/salt/states/dockerio.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/dockerio.py	2015-07-07 20:42:37.000000000 +0000
@@ -74,6 +74,7 @@
       my_service:
         docker.running:
           - container: mysuperdocker
+          - image: corp/mysuperdocker_img
           - port_bindings:
               "5000/tcp":
                   HostIp: ""
@@ -184,6 +185,103 @@
                        result=False)
 
 
+def _parse_volumes(volumes):
+    '''
+    Parse a given volumes state specification for later use in
+    modules.docker.create_container(). This produces a dict that can be directly
+    consumed by the Docker API /containers/create.
+
+    Note: this only really exists for backwards-compatibility, and because
+    modules.dockerio.start() currently takes a binds argument.
+
+    volumes
+        A structure containing information about the volumes to be included in the
+        container that will be created, either:
+            - a bare dictionary
+            - a list of dictionaries and lists
+
+        .. code-block:: yaml
+
+            # bare dict style
+            - volumes:
+                /usr/local/etc/ssl/certs/example.crt:
+                  bind: /etc/ssl/certs/com.example.internal.crt
+                  ro: True
+                /var/run:
+                  bind: /var/run/host/
+                  ro: False
+
+            # list of dicts style:
+            - volumes:
+              - /usr/local/etc/ssl/certs/example.crt:
+                  bind: /etc/ssl/certs/com.example.internal.crt
+                  ro: True
+              - /var/run: /var/run/host/ # read-write bound volume
+              - /var/lib/mysql # un-bound, container-only volume
+
+        note: bind mounts specified like "/etc/timezone:/tmp/host_tz" will fall
+        through this parser.
+
+    Returns a dict of volume specifications:
+
+        .. code-block:: yaml
+
+            {
+              'bindvols': {
+                '/usr/local/etc/ssl/certs/example.crt': {
+                  'bind': '/etc/ssl/certs/com.example.internal.crt',
+                  'ro': True
+                  },
+                '/var/run/': {
+                  'bind': '/var/run/host',
+                  'ro': False
+                },
+              },
+              'contvols': [ '/var/lib/mysql/' ]
+            }
+
+    '''
+    log.trace("Parsing given volumes dict: " + str(volumes))
+    bindvolumes = {}
+    contvolumes = []
+    if isinstance(volumes, dict):
+        # If volumes as a whole is a dict, then there's no way to specify a non-bound volume
+        # so we exit early and assume the dict is properly formed.
+        bindvolumes = volumes
+    if isinstance(volumes, list):
+        for vol in volumes:
+            if isinstance(vol, dict):
+                for volsource, voldef in vol.items():
+                    if isinstance(voldef, dict):
+                        target = voldef['bind']
+                        read_only = voldef.get('ro', False)
+                    else:
+                        target = str(voldef)
+                        read_only = False
+                    source = volsource
+            else:  # isinstance(vol, dict)
+                if ':' in vol:
+                    volspec = vol.split(':')
+                    source = volspec[0]
+                    target = volspec[1]
+                    read_only = False
+                    try:
+                        if len(volspec) > 2:
+                            read_only = volspec[2] == "ro"
+                    except IndexError:
+                        pass
+                else:
+                    contvolumes.append(str(vol))
+                    continue
+            bindvolumes[source] = {
+                    'bind': target,
+                    'ro': read_only
+            }
+    result = {'bindvols': bindvolumes, 'contvols': contvolumes}
+    log.trace("Finished parsing volumes, with result: " + str(result))
+    return result
+
+
 def mod_watch(name, sfun=None, *args, **kw):
     if sfun == 'built':
         # Needs to refresh the image
@@ -479,7 +577,7 @@
             - a port to map
             - a mapping of mapping portInHost : PortInContainer
     volumes
-        List of volumes
+        List of volumes (see notes for the running function)
 
     For other parameters, see absolutely first the salt.modules.dockerio
     execution module and the docker-py python bindings for docker
@@ -502,7 +600,7 @@
     # if container exists but is not started, try to start it
     if already_exists:
         return _valid(comment='image {0!r} already exists'.format(name))
-    dports, dvolumes, denvironment = {}, [], {}
+    dports, denvironment = {}, {}
     if not ports:
         ports = []
     if not volumes:
@@ -521,15 +619,13 @@
         else:
             for k in p:
                 dports[str(p)] = {}
-    for p in volumes:
-        vals = []
-        if not isinstance(p, dict):
-            vals.append('{0}'.format(p))
-        else:
-            for k in p:
-                vals.append('{0}:{1}'.format(k, p[k]))
-        dvolumes.extend(vals)
+
+    parsed_volumes = _parse_volumes(volumes)
+    bindvolumes = parsed_volumes['bindvols']
+    contvolumes = parsed_volumes['contvols']
+
     a, kw = [image], dict(
+        binds=bindvolumes,
         command=command,
         hostname=hostname,
         user=user,
@@ -540,7 +636,7 @@
         ports=dports,
         environment=denvironment,
         dns=dns,
-        volumes=dvolumes,
+        volumes=contvolumes,
         volumes_from=volumes_from,
         name=name,
         cpu_shares=cpu_shares,
@@ -799,44 +895,47 @@
     volumes
         List of volumes to mount or create in the container (like ``-v`` of ``docker run`` command),
         mapping host directory to container directory.
-        To create a volume in the container:
+
+        To specify a volume in the container in terse list format:
 
         .. code-block:: yaml
 
             - volumes:
-              - "/var/log/service"
+              - "/var/log/service" # container-only volume
+              - "/srv/timezone:/etc/timezone" # bound volume
+              - "/usr/local/etc/passwd:/etc/passwd:ro" # read-only bound volume
 
-        For read-write mounting, use the short form (note that the notion of
+        You can also use the short dictionary form (note that the notion of
         source:target from docker is preserved):
 
         .. code-block:: yaml
 
             - volumes:
-              - /var/log/service: /var/log/service
+              - /var/log/service: /var/log/service # mandatory read-write implied
 
-        Or, to specify read-only mounting, use the extended form:
+        Or, alternatively, to specify read-only mounting, use the extended form:
 
         .. code-block:: yaml
 
             - volumes:
               - /home/user1:
-                bind: /mnt/vol2
-                ro: true
+                  bind: /mnt/vol2
+                  ro: True
               - /var/www:
-                bind: /mnt/vol1
-                ro: false
+                  bind: /mnt/vol1
+                  ro: False
 
-        Or (mostly for backwards compatibility) a dict style
+        Or (for backwards compatibility) another dict style:
 
         .. code-block:: yaml
 
             - volumes:
-              /home/user1:
-                bind: /mnt/vol2
-                ro: true
-              /var/www:
-                bind: /mnt/vol1
-                ro: false
+                /home/user1:
+                  bind: /mnt/vol2
+                  ro: True
+                /var/www:
+                  bind: /mnt/vol1
+                  ro: False
 
     volumes_from
         List of containers to share volumes with
@@ -934,27 +1033,6 @@
             if isinstance(var, dict):
                 for key in var:
                     denvironment[six.text_type(key)] = six.text_type(var[key])
-    if isinstance(volumes, dict):
-        bindvolumes = volumes
-    if isinstance(volumes, list):
-        for vol in volumes:
-            if isinstance(vol, dict):
-                # get source as the dict key
-                source = list(vol.keys())[0]
-                # then find target
-                if isinstance(vol[source], dict):
-                    target = vol[source]['bind']
-                    read_only = vol[source].get('ro', False)
-                else:
-                    target = str(vol[source])
-                    read_only = False
-                bindvolumes[source] = {
-                'bind': target,
-                'ro': read_only
-                }
-            else:
-                # assume just an own volumes
-                contvolumes.append(str(vol))
     if isinstance(ports, dict):
         bindports = ports
         # in dict form all ports bind, so no need for exposeports
@@ -976,6 +1054,11 @@
             else:
                 #assume just a port to expose
                 exposeports.append(str(port))
+
+    parsed_volumes = _parse_volumes(volumes)
+    bindvolumes = parsed_volumes['bindvols']
+    contvolumes = parsed_volumes['contvols']
+
     if not already_exists:
         args, kwargs = [image], dict(
                         command=command,
@@ -988,6 +1071,7 @@
                         ports=exposeports,
                         environment=denvironment,
                         dns=dns,
+                        binds=bindvolumes,
                         volumes=contvolumes,
                         name=name,
                         cpu_shares=cpu_shares,
diff -Nru salt-2015.5.2+ds/salt/states/file.py salt-2015.5.3+ds/salt/states/file.py
--- salt-2015.5.2+ds/salt/states/file.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/file.py	2015-07-07 20:42:37.000000000 +0000
@@ -729,7 +729,7 @@
     elif isinstance(arg, Iterable) and not isinstance(arg, Mapping):
         return [str(item) for item in arg]
     else:
-        return False
+        return [str(arg)]
 
 
 def symlink(
@@ -2098,8 +2098,6 @@
 
     # expand source into source_list
     source_list = _validate_str_list(source)
-    if not source_list:
-        return _error(ret, '\'source\' parameter is not a string or list of strings')
 
     for idx, val in enumerate(source_list):
         source_list[idx] = val.rstrip('/')
@@ -3031,8 +3029,6 @@
         text = tmpret['data']
 
     text = _validate_str_list(text)
-    if not text:
-        return _error(ret, 'Given text is not a string or a list of strings')
 
     with salt.utils.fopen(name, 'rb') as fp_:
         slines = fp_.readlines()
@@ -3198,8 +3194,6 @@
         text = tmpret['data']
 
     text = _validate_str_list(text)
-    if not text:
-        return _error(ret, 'Given text is not a string or a list of strings')
 
     with salt.utils.fopen(name, 'rb') as fp_:
         slines = fp_.readlines()
diff -Nru salt-2015.5.2+ds/salt/states/grafana.py salt-2015.5.3+ds/salt/states/grafana.py
--- salt-2015.5.2+ds/salt/states/grafana.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/grafana.py	2015-07-01 21:33:42.000000000 +0000
@@ -164,7 +164,7 @@
 The behavior of this module is to create dashboards if they do not exist, to
 add rows if they do not exist in existing dashboards, and to update rows if
 they exist in dashboards. The module will not manage rows that are not defined,
- allowing users to manage their own custom rows.
+allowing users to manage their own custom rows.
 '''
 from __future__ import absolute_import
 from salt.exceptions import SaltInvocationError
diff -Nru salt-2015.5.2+ds/salt/states/hipchat.py salt-2015.5.3+ds/salt/states/hipchat.py
--- salt-2015.5.2+ds/salt/states/hipchat.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/hipchat.py	2015-07-01 21:33:42.000000000 +0000
@@ -73,6 +73,7 @@
         The message that is to be sent to the Hipchat room.
 
     The following parameters are optional:
+
     api_key
         The api key for Hipchat to use for authentication,
         if not specified in the configuration options of master or minion.
diff -Nru salt-2015.5.2+ds/salt/states/ipmi.py salt-2015.5.3+ds/salt/states/ipmi.py
--- salt-2015.5.2+ds/salt/states/ipmi.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/ipmi.py	2015-07-07 20:42:37.000000000 +0000
@@ -163,8 +163,10 @@
 
     callback
         User Restricted to Callback
+
         False = User Privilege Limit is determined by the User Privilege Limit
             parameter privilege_level, for both callback and non-callback connections.
+
         True  = User Privilege Limit is determined by the privilege_level
             parameter for callback connections, but is restricted to Callback
             level for non-callback connections. Thus, a user can only initiate
diff -Nru salt-2015.5.2+ds/salt/states/linux_acl.py salt-2015.5.3+ds/salt/states/linux_acl.py
--- salt-2015.5.2+ds/salt/states/linux_acl.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/linux_acl.py	2015-07-07 20:42:37.000000000 +0000
@@ -4,7 +4,8 @@
 
 Ensure a Linux ACL is present
 
-  .. code-block:: yaml
+.. code-block:: yaml
+
      root:
        acl.present:
          - name: /root
@@ -14,7 +15,8 @@
 
 Ensure a Linux ACL does not exist
 
-  .. code-block:: yaml
+.. code-block:: yaml
+
      root:
        acl.absent:
          - name: /root
diff -Nru salt-2015.5.2+ds/salt/states/module.py salt-2015.5.3+ds/salt/states/module.py
--- salt-2015.5.2+ds/salt/states/module.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/module.py	2015-07-07 20:42:37.000000000 +0000
@@ -209,7 +209,7 @@
         ret['result'] = False
         return ret
     else:
-        if mret is not None:
+        if mret is not None or mret is not {}:
             ret['changes']['ret'] = mret
 
     if 'returner' in kwargs:
diff -Nru salt-2015.5.2+ds/salt/states/mount.py salt-2015.5.3+ds/salt/states/mount.py
--- salt-2015.5.2+ds/salt/states/mount.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/mount.py	2015-07-07 20:42:37.000000000 +0000
@@ -220,6 +220,7 @@
                     'nonempty',
                     'transform_symlinks',
                     'port',
+                    'backup-volfile-servers',
                 ]
                 # options which are provided as key=value (e.g. password=Zohp5ohb)
                 mount_invisible_keys = [
diff -Nru salt-2015.5.2+ds/salt/states/npm.py salt-2015.5.3+ds/salt/states/npm.py
--- salt-2015.5.2+ds/salt/states/npm.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/npm.py	2015-07-07 20:42:37.000000000 +0000
@@ -28,7 +28,7 @@
     '''
     Only load if the npm module is available in __salt__
     '''
-    return 'npm' if 'npm.list' in __salt__ else False
+    return 'npm' if 'npm.list' in __salt__ else False, '\'npm\' binary not found on system'
 
 
 def installed(name,
diff -Nru salt-2015.5.2+ds/salt/states/pkg.py salt-2015.5.3+ds/salt/states/pkg.py
--- salt-2015.5.2+ds/salt/states/pkg.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/pkg.py	2015-07-07 20:42:37.000000000 +0000
@@ -1038,14 +1038,15 @@
 
     if modified_hold:
         for i in modified_hold:
-            comment.append(i['comment'])
             change_name = i['name']
-            if len(changes[change_name]['new']) > 0:
-                changes[change_name]['new'] += '\n'
-            changes[change_name]['new'] += '{0}'.format(i['changes']['new'])
-            if len(changes[change_name]['old']) > 0:
-                changes[change_name]['old'] += '\n'
-            changes[change_name]['old'] += '{0}'.format(i['changes']['old'])
+            if change_name in changes:
+                comment.append(i['comment'])
+                if len(changes[change_name]['new']) > 0:
+                    changes[change_name]['new'] += '\n'
+                changes[change_name]['new'] += '{0}'.format(i['changes']['new'])
+                if len(changes[change_name]['old']) > 0:
+                    changes[change_name]['old'] += '\n'
+                changes[change_name]['old'] += '{0}'.format(i['changes']['old'])
 
     # Any requested packages that were not targeted for install or reinstall
     if not_modified:
@@ -1262,6 +1263,7 @@
 
     targets = {}
     problems = []
+    cmp_func = __salt__.get('pkg.version_cmp', __salt__.get('version_cmp'))
     for pkg in desired_pkgs:
         if not avail[pkg]:
             if not cur[pkg]:
@@ -1269,11 +1271,10 @@
                 log.error(msg)
                 problems.append(msg)
         elif not cur[pkg] \
-                or salt.utils.compare_versions(
-                    ver1=cur[pkg],
-                    oper='<',
-                    ver2=avail[pkg],
-                    cmp_func=__salt__.get('version_cmp')):
+                or salt.utils.compare_versions(ver1=cur[pkg],
+                                               oper='<',
+                                               ver2=avail[pkg],
+                                               cmp_func=cmp_func):
             targets[pkg] = avail[pkg]
 
     if problems:
diff -Nru salt-2015.5.2+ds/salt/states/powerpath.py salt-2015.5.3+ds/salt/states/powerpath.py
--- salt-2015.5.2+ds/salt/states/powerpath.py	2015-05-21 19:34:22.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/powerpath.py	2015-07-01 21:33:42.000000000 +0000
@@ -19,7 +19,7 @@
     on the host.
 
     name
-        The licnese key to ensure is present
+        The license key to ensure is present
     '''
     ret = {'name': name,
            'changes': {},
@@ -61,7 +61,7 @@
     on the host.
 
     name
-        The licnese key to ensure is absent
+        The license key to ensure is absent
     '''
     ret = {'name': name,
            'changes': {},
diff -Nru salt-2015.5.2+ds/salt/states/rabbitmq_vhost.py salt-2015.5.3+ds/salt/states/rabbitmq_vhost.py
--- salt-2015.5.2+ds/salt/states/rabbitmq_vhost.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/rabbitmq_vhost.py	2015-07-01 21:33:42.000000000 +0000
@@ -81,7 +81,7 @@
             'information or see #6961.'
         )
 
-    if any(user, owner, conf, write, read):
+    if any((user, owner, conf, write, read)):
         salt.utils.warn_until(
             'Beryllium',
             'Passed \'owner\', \'user\', \'conf\', \'write\' or \'read\' '
diff -Nru salt-2015.5.2+ds/salt/states/saltmod.py salt-2015.5.3+ds/salt/states/saltmod.py
--- salt-2015.5.2+ds/salt/states/saltmod.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/saltmod.py	2015-07-01 21:33:42.000000000 +0000
@@ -404,6 +404,8 @@
         if mdata.get('failed', False):
             m_func = False
         else:
+            if 'return' in mdata and 'ret' not in mdata:
+                mdata['ret'] = mdata.pop('return')
             m_ret = mdata['ret']
             m_func = (not fail_function and True) or __salt__[fail_function](m_ret)
 
diff -Nru salt-2015.5.2+ds/salt/states/slack.py salt-2015.5.3+ds/salt/states/slack.py
--- salt-2015.5.2+ds/salt/states/slack.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/slack.py	2015-07-07 20:42:37.000000000 +0000
@@ -66,10 +66,10 @@
         The message that is to be sent to the Hipchat room.
 
     The following parameters are optional:
+
     api_key
         The api key for Slack to use for authentication,
         if not specified in the configuration options of master or minion.
-
     '''
     ret = {'name': name,
            'changes': {},
diff -Nru salt-2015.5.2+ds/salt/states/ssh_known_hosts.py salt-2015.5.3+ds/salt/states/ssh_known_hosts.py
--- salt-2015.5.2+ds/salt/states/ssh_known_hosts.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/ssh_known_hosts.py	2015-07-07 21:04:39.000000000 +0000
@@ -120,7 +120,7 @@
                 hash_hostname=hash_hostname)
     if result['status'] == 'exists':
         return dict(ret,
-                    Gcomment='{0} already exists in {1}'.format(name, config))
+                    comment='{0} already exists in {1}'.format(name, config))
     elif result['status'] == 'error':
         return dict(ret, result=False, comment=result['error'])
     else:  # 'updated'
diff -Nru salt-2015.5.2+ds/salt/states/tls.py salt-2015.5.3+ds/salt/states/tls.py
--- salt-2015.5.2+ds/salt/states/tls.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/tls.py	2015-07-01 21:33:42.000000000 +0000
@@ -1,10 +1,12 @@
 # -*- coding: utf-8 -*-
 '''
-Enforce state for SSL/TLS.
-=========================================================================
+Enforce state for SSL/TLS
+=========================
 
 '''
 
+# Import Python Libs
+from __future__ import absolute_import
 import time
 import datetime
 
diff -Nru salt-2015.5.2+ds/salt/states/user.py salt-2015.5.3+ds/salt/states/user.py
--- salt-2015.5.2+ds/salt/states/user.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/user.py	2015-07-07 20:42:37.000000000 +0000
@@ -111,7 +111,7 @@
             change['home'] = home
     if createhome:
         newhome = home if home else lusr['home']
-        if not os.path.isdir(newhome):
+        if newhome is not None and not os.path.isdir(newhome):
             change['homeDoesNotExist'] = newhome
 
     if shell:
diff -Nru salt-2015.5.2+ds/salt/states/virtualenv_mod.py salt-2015.5.3+ds/salt/states/virtualenv_mod.py
--- salt-2015.5.2+ds/salt/states/virtualenv_mod.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/virtualenv_mod.py	2015-07-01 21:33:42.000000000 +0000
@@ -58,6 +58,13 @@
         the file will be transferred from the master file server.
     cwd
         Path to the working directory where "pip install" is executed.
+    user
+        The user under which to run virtualenv and pip
+    no_chown: False
+        When user is given, do not attempt to copy and chown
+        a requirements file (needed if the requirements file refers to other
+        files via relative paths, as the copy-and-chown procedure does not
+        account for such files)
     use_wheel : False
         Prefer wheel archives (requires pip>=1.4)
     no_deps: False
diff -Nru salt-2015.5.2+ds/salt/states/win_servermanager.py salt-2015.5.3+ds/salt/states/win_servermanager.py
--- salt-2015.5.2+ds/salt/states/win_servermanager.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/states/win_servermanager.py	2015-07-01 21:33:42.000000000 +0000
@@ -63,9 +63,17 @@
 
     # Install the features
     ret['changes'] = {'feature': __salt__['win_servermanager.install'](name, recurse)}
-    ret['result'] = ret['changes']['feature']['Success'] == 'True'
-    if not ret['result']:
-        ret['comment'] = 'failed to install the feature: {0}'.format(ret['changes']['feature']['ExitCode'])
+
+    if 'Success' in ret['changes']['feature']:
+        ret['result'] = ret['changes']['feature']['Success'] == 'True'
+        if not ret['result']:
+            ret['comment'] = 'Failed to install {0}: {1}'.format(name, ret['changes']['feature']['ExitCode'])
+        else:
+            ret['comment'] = 'Installed {0}'.format(name)
+    else:
+        ret['result'] = False
+        ret['comment'] = 'Failed to install {0}.\nError Message:\n{1}'.format(name, ret['changes']['feature']['message'])
+        ret['changes'] = {}
 
     return ret
 
@@ -73,23 +81,26 @@
 def removed(name):
     '''
     Remove the windows feature
+
     name:
         short name of the feature (the right column in win_servermanager.list_available)
 
-    Note:
+    .. note::
+
         Some features require a reboot after uninstallation. If so the feature will not be completly uninstalled until
-    the server is restarted.
+        the server is restarted.
 
     Example:
-        Run ``salt MinionName win_servermanager.list_installed`` to get a list of all features installed. Use the top
+
+    Run ``salt MinionName win_servermanager.list_installed`` to get a list of all features installed. Use the top
     name listed for each feature, not the indented one. Do not use the role or feature names mentioned in the
     PKGMGR documentation.
 
-        .. code-block:: yaml
-            ISWebserverRole:
-              win_servermanager.removed:
-                - name: Web-Server
+    .. code-block:: yaml
 
+        ISWebserverRole:
+          win_servermanager.removed:
+            - name: Web-Server
     '''
     ret = {'name': name,
            'result': True,
diff -Nru salt-2015.5.2+ds/salt/tops/mongo.py salt-2015.5.3+ds/salt/tops/mongo.py
--- salt-2015.5.2+ds/salt/tops/mongo.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/salt/tops/mongo.py	2015-07-01 21:33:42.000000000 +0000
@@ -103,7 +103,7 @@
     environment_field = __opts__['master_tops']['mongo'].get('environment_field', 'environment')
 
     log.info('connecting to {0}:{1} for mongo ext_tops'.format(host, port))
-    conn = pymongo.Connection(host, port)
+    conn = pymongo.MongoClient(host, port)
 
     log.debug('using database \'{0}\''.format(__opts__['mongo.db']))
     mdb = conn[__opts__['mongo.db']]
@@ -127,7 +127,7 @@
         )
     )
 
-    result = mdb[collection].find_one({id_field: minion_id}, fields=[states_field, environment_field])
+    result = mdb[collection].find_one({id_field: minion_id}, projection=[states_field, environment_field])
     if result and states_field in result:
         if environment_field in result:
             environment = result[environment_field]
diff -Nru salt-2015.5.2+ds/salt/utils/args.py salt-2015.5.3+ds/salt/utils/args.py
--- salt-2015.5.2+ds/salt/utils/args.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/utils/args.py	2015-07-07 20:42:37.000000000 +0000
@@ -106,9 +106,12 @@
         import salt.utils.yamlloader as yamlloader
         original_arg = arg
         if '#' in arg:
-            # Don't yamlify this argument or the '#' and everything after
-            # it will be interpreted as a comment.
-            return arg
+            # Only yamlify if it parses into a non-string type, to prevent
+            # loss of content due to # as comment character
+            parsed_arg = yamlloader.load(arg, Loader=yamlloader.SaltYamlSafeLoader)
+            if isinstance(parsed_arg, string_types):
+                return arg
+            return parsed_arg
         if arg == 'None':
             arg = None
         else:
diff -Nru salt-2015.5.2+ds/salt/utils/cloud.py salt-2015.5.3+ds/salt/utils/cloud.py
--- salt-2015.5.2+ds/salt/utils/cloud.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/utils/cloud.py	2015-07-07 20:42:37.000000000 +0000
@@ -84,6 +84,8 @@
 }
 
 SSH_PASSWORD_PROMP_RE = re.compile(r'(?:.*)[Pp]assword(?: for .*)?:', re.M)
+SSH_PASSWORD_PROMP_SUDO_RE = \
+    re.compile(r'(?:.*sudo)(?:.*)[Pp]assword(?: for .*)?:', re.M)
 
 # Get logging started
 log = logging.getLogger(__name__)
@@ -303,7 +305,14 @@
         if stat.S_ISSOCK(os.stat(os.environ['SSH_AUTH_SOCK']).st_mode):
             has_ssh_agent = True
 
-    if key_filename is None and ('password' not in vm_ or not vm_['password']) and has_ssh_agent is False:
+    if (key_filename is None and
+            salt.config.get_cloud_config_value(
+                'password', vm_, opts, default=None
+            ) is None and
+            salt.config.get_cloud_config_value(
+                'win_password', vm_, opts, default=None
+            ) is None and
+            has_ssh_agent is False):
         raise SaltCloudSystemExit(
             'Cannot deploy salt in a VM if the \'ssh_keyfile\' setting '
             'is not set and there is no password set for the vm. '
@@ -1459,12 +1468,26 @@
         while proc.has_unread_data:
             stdout, stderr = proc.recv()
             if stdout and SSH_PASSWORD_PROMP_RE.search(stdout):
-                if (
+                # if authenticating with an SSH key and 'sudo' is found
+                # in the password prompt
+                if ('key_filename' in kwargs and kwargs['key_filename']
+                    and SSH_PASSWORD_PROMP_SUDO_RE.search(stdout)
+                ):
+                    # do nothing, as command already has adjustments to
+                    # echo out the sudo password as part of the ssh command
+                    # keep waiting for proc output
+                    continue
+                # elif authenticating via password and haven't exhausted our
+                # password_retires
+                elif (
                     kwargs.get('password', None)
                     and (sent_password < password_retries)
                 ):
                     sent_password += 1
                     proc.sendline(kwargs['password'])
+                # else raise an error as we are not authenticating properly
+                #  * not authenticating with an SSH key
+                #  * not authenticating with a Password
                 else:
                     raise SaltCloudPasswordError(error_msg)
             # 0.0125 is really too fast on some systems
diff -Nru salt-2015.5.2+ds/salt/utils/event.py salt-2015.5.3+ds/salt/utils/event.py
--- salt-2015.5.2+ds/salt/utils/event.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/utils/event.py	2015-07-07 20:42:37.000000000 +0000
@@ -302,12 +302,11 @@
         start = time.time()
         timeout_at = start + wait
         while not wait or time.time() <= timeout_at:
-            # convert to milliseconds
-            socks = dict(self.poller.poll(wait * 1000))
-            if socks.get(self.sub) != zmq.POLLIN:
-                continue
-
             try:
+                # convert to milliseconds
+                socks = dict(self.poller.poll(wait * 1000))
+                if socks.get(self.sub) != zmq.POLLIN:
+                    continue
                 # Please do not use non-blocking mode here.
                 # Reliability is more important than pure speed on the event bus.
                 ret = self.get_event_block()
diff -Nru salt-2015.5.2+ds/salt/utils/find.py salt-2015.5.3+ds/salt/utils/find.py
--- salt-2015.5.2+ds/salt/utils/find.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/utils/find.py	2015-07-07 20:42:37.000000000 +0000
@@ -637,29 +637,29 @@
             depth = dirpath[len(path) + len(os.path.sep):].count(os.path.sep)
             if depth == self.maxdepth:
                 dirs[:] = []
-            else:
-                if depth >= self.mindepth:
-                    for name in dirs + files:
-                        fstat = None
-                        matches = True
-                        fullpath = None
-                        for criterion in self.criteria:
-                            if fstat is None and criterion.requires() & _REQUIRES_STAT:
-                                fullpath = os.path.join(dirpath, name)
-                                fstat = os.stat(fullpath)
-                            if not criterion.match(dirpath, name, fstat):
-                                matches = False
-                                break
-                        if matches:
-                            if fullpath is None:
-                                fullpath = os.path.join(dirpath, name)
-                            for action in self.actions:
-                                if (fstat is None and
+
+            if depth >= self.mindepth:
+                for name in dirs + files:
+                    fstat = None
+                    matches = True
+                    fullpath = None
+                    for criterion in self.criteria:
+                        if fstat is None and criterion.requires() & _REQUIRES_STAT:
+                            fullpath = os.path.join(dirpath, name)
+                            fstat = os.stat(fullpath)
+                        if not criterion.match(dirpath, name, fstat):
+                            matches = False
+                            break
+                    if matches:
+                        if fullpath is None:
+                            fullpath = os.path.join(dirpath, name)
+                        for action in self.actions:
+                            if (fstat is None and
                                     action.requires() & _REQUIRES_STAT):
-                                    fstat = os.stat(fullpath)
-                                result = action.execute(fullpath, fstat, test=self.test)
-                                if result is not None:
-                                    yield result
+                                fstat = os.stat(fullpath)
+                            result = action.execute(fullpath, fstat, test=self.test)
+                            if result is not None:
+                                yield result
 
 
 def find(path, options):
diff -Nru salt-2015.5.2+ds/salt/utils/job.py salt-2015.5.3+ds/salt/utils/job.py
--- salt-2015.5.2+ds/salt/utils/job.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/utils/job.py	2015-07-07 20:42:37.000000000 +0000
@@ -67,6 +67,7 @@
 
     # otherwise, write to the master cache
     savefstr = '{0}.save_load'.format(job_cache)
+    getfstr = '{0}.get_load'.format(job_cache)
     fstr = '{0}.returner'.format(job_cache)
     if 'fun' not in load and load.get('return', {}):
         ret_ = load.get('return', {})
@@ -75,7 +76,7 @@
         if 'user' in ret_:
             load.update({'user': ret_['user']})
     try:
-        if 'jid' in load:
+        if 'jid' in load and not mminion.returners[getfstr](load.get('jid', '')):
             mminion.returners[savefstr](load['jid'], load)
         mminion.returners[fstr](load)
     except KeyError:
diff -Nru salt-2015.5.2+ds/salt/utils/pagerduty.py salt-2015.5.3+ds/salt/utils/pagerduty.py
--- salt-2015.5.2+ds/salt/utils/pagerduty.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/utils/pagerduty.py	2015-07-07 20:42:37.000000000 +0000
@@ -39,7 +39,7 @@
         opts = {}
 
     if profile is not None:
-        creds = opts.get(profile, {})
+        creds = opts.get(profile, {}) or opts.get('pillar').get(profile, {})
     else:
         creds = {}
 
diff -Nru salt-2015.5.2+ds/salt/utils/thin.py salt-2015.5.3+ds/salt/utils/thin.py
--- salt-2015.5.2+ds/salt/utils/thin.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/utils/thin.py	2015-07-07 20:42:37.000000000 +0000
@@ -30,6 +30,12 @@
 except ImportError:
     # Older jinja does not need markupsafe
     HAS_MARKUPSAFE = False
+
+try:
+    import xml
+    HAS_XML = True
+except ImportError:
+    HAS_XML = False
 # pylint: enable=import-error,no-name-in-module
 
 try:
@@ -115,6 +121,10 @@
     if HAS_SSL_MATCH_HOSTNAME:
         tops.append(os.path.dirname(os.path.dirname(ssl_match_hostname.__file__)))
 
+    if HAS_XML:
+        # For openSUSE, which apparently doesn't include the whole stdlib
+        tops.append(os.path.dirname(xml.__file__))
+
     for mod in [m for m in extra_mods.split(',') if m]:
         if mod not in locals() and mod not in globals():
             try:
diff -Nru salt-2015.5.2+ds/salt/_version.py salt-2015.5.3+ds/salt/_version.py
--- salt-2015.5.2+ds/salt/_version.py	2015-06-04 16:49:25.000000000 +0000
+++ salt-2015.5.3+ds/salt/_version.py	2015-07-07 21:09:09.000000000 +0000
@@ -1,5 +1,5 @@
-# This file was auto-generated by salt's setup on Thursday, 04 June 2015 @ 16:06:25 UTC.
+# This file was auto-generated by salt's setup on Tuesday, 07 July 2015 @ 21:07:09 UTC.
 
 from salt.version import SaltStackVersion
 
-__saltstack_version__ = SaltStackVersion(2015, 5, 2, 0, 0, 0, None)
+__saltstack_version__ = SaltStackVersion(2015, 5, 3, 0, 0, 0, None)
diff -Nru salt-2015.5.2+ds/salt/version.py salt-2015.5.3+ds/salt/version.py
--- salt-2015.5.2+ds/salt/version.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/version.py	2015-07-07 20:42:37.000000000 +0000
@@ -542,6 +542,7 @@
         ('RAET', 'raet', '__version__'),
         ('ZMQ', 'zmq', 'zmq_version'),
         ('Mako', 'mako', '__version__'),
+        ('Tornado', 'tornado', 'version'),
     ]
 
     if include_salt_cloud:
diff -Nru salt-2015.5.2+ds/salt/wheel/config.py salt-2015.5.3+ds/salt/wheel/config.py
--- salt-2015.5.2+ds/salt/wheel/config.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/salt/wheel/config.py	2015-07-07 20:42:37.000000000 +0000
@@ -52,19 +52,22 @@
     specified by ``default_include``.
     This folder is named ``master.d`` by
     default. Please look at
-    http://docs.saltstack.com/en/latest/ref/configuration/master.html#include-configuration
+    :conf_master:`include-configuration`
     for more information.
 
-    Example low data::
-    data = {
-        'username': 'salt',
-        'password': 'salt',
-        'fun': 'config.update_config',
-        'file_name': 'gui',
-        'yaml_contents': {'id': 1},
-        'client': 'wheel',
-        'eauth': 'pam',
-    }
+    Example low data:
+
+    .. code-block:: yaml
+
+        data = {
+            'username': 'salt',
+            'password': 'salt',
+            'fun': 'config.update_config',
+            'file_name': 'gui',
+            'yaml_contents': {'id': 1},
+            'client': 'wheel',
+            'eauth': 'pam',
+        }
     '''
     file_name = '{0}{1}'.format(file_name, '.conf')
     dir_path = os.path.join(__opts__['config_dir'],
diff -Nru salt-2015.5.2+ds/setup.py salt-2015.5.3+ds/setup.py
--- salt-2015.5.2+ds/setup.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/setup.py	2015-07-07 21:04:39.000000000 +0000
@@ -105,7 +105,6 @@
 SALT_VERSION_HARDCODED = os.path.join(os.path.abspath(SETUP_DIRNAME), 'salt', '_version.py')
 SALT_REQS = os.path.join(os.path.abspath(SETUP_DIRNAME), '_requirements.txt')
 SALT_ZEROMQ_REQS = os.path.join(os.path.abspath(SETUP_DIRNAME), 'zeromq-requirements.txt')
-SALT_CLOUD_REQS = os.path.join(os.path.abspath(SETUP_DIRNAME), 'cloud-requirements.txt')
 SALT_RAET_REQS = os.path.join(os.path.abspath(SETUP_DIRNAME), 'raet-requirements.txt')
 
 # Salt SSH Packaging Detection
@@ -738,8 +737,7 @@
     def _property_extras_require(self):
         if self.ssh_packaging:
             return {}
-        return {'RAET': _parse_requirements_file(SALT_RAET_REQS),
-                'Cloud': _parse_requirements_file(SALT_CLOUD_REQS)}
+        return {'RAET': _parse_requirements_file(SALT_RAET_REQS)}
 
     @property
     def _property_scripts(self):
diff -Nru salt-2015.5.2+ds/tests/integration/modules/pkg.py salt-2015.5.3+ds/tests/integration/modules/pkg.py
--- salt-2015.5.2+ds/tests/integration/modules/pkg.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/tests/integration/modules/pkg.py	2015-07-01 21:33:42.000000000 +0000
@@ -1,5 +1,7 @@
 # -*- coding: utf-8 -*-
 
+from __future__ import absolute_import
+
 # Import Salt Testing libs
 from salttesting.helpers import (
     destructiveTest,
@@ -58,7 +60,6 @@
             self.assertNotEqual(ret, {})
             if os_release.startswith('12.'):
                 self.assertIn(repo, ret)
-                self.assertTrue(ret[repo]['result'])
             else:
                 self.assertIn(uri, ret.keys()[0])
 
@@ -88,6 +89,13 @@
         '''
         pkg = 'htop'
         version = self.run_function('pkg.version', [pkg])
+        os_grain = self.run_function('grains.item', ['os'])['os']
+        os_release = self.run_function('grains.item', ['osrelease'])['osrelease']
+
+        if os_grain == 'Ubuntu':
+            if os_release.startswith('12.'):
+                self.skipTest('pkg.install and pkg.remove do not work on ubuntu '
+                              '12 when run from the test suite')
 
         def test_install():
             install_ret = self.run_function('pkg.install', [pkg])
@@ -112,13 +120,19 @@
         '''
         pkg = 'htop'
         os_family = self.run_function('grains.item', ['os_family'])['os_family']
+        os_major_release = self.run_function('grains.item', ['osmajorrelease'])['osmajorrelease']
         available = self.run_function('sys.doc', ['pkg.hold'])
 
+        if os_family == 'RedHat':
+            if os_major_release == '5':
+                self.skipTest('`yum versionlock` does not seem to work on RHEL/CentOS 5')
+
         if available:
             if os_family == 'RedHat':
-                versionlock = self.run_function('pkg.version', ['yum-plugin-versionlock'])
+                lock_pkg = 'yum-versionlock' if os_major_release == '5' else 'yum-plugin-versionlock'
+                versionlock = self.run_function('pkg.version', [lock_pkg])
                 if not versionlock:
-                    self.run_function('pkg.install', ['yum-plugin-versionlock'])
+                    self.run_function('pkg.install', [lock_pkg])
 
             hold_ret = self.run_function('pkg.hold', [pkg])
             self.assertIn(pkg, hold_ret)
@@ -130,7 +144,7 @@
 
             if os_family == 'RedHat':
                 if not versionlock:
-                    self.run_function('pkg.remove', ['yum-plugin-versionlock'])
+                    self.run_function('pkg.remove', [lock_pkg])
 
         else:
             os_grain = self.run_function('grains.item', ['os'])['os']
diff -Nru salt-2015.5.2+ds/tests/integration/modules/state.py salt-2015.5.3+ds/tests/integration/modules/state.py
--- salt-2015.5.2+ds/tests/integration/modules/state.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/tests/integration/modules/state.py	2015-07-07 20:42:37.000000000 +0000
@@ -844,11 +844,9 @@
             + '                       foobar: C\n'
         )
 
-        # issue #8211, chaining complex prereq & prereq_in
-        # TODO: Actually this test fails
-        #ret = self.run_function('state.sls', mods='requisites.prereq_complex')
-        #result = self.normalize_ret(ret)
-        #self.assertEqual(expected_result_complex, result)
+        ret = self.run_function('state.sls', mods='requisites.prereq_complex')
+        result = self.normalize_ret(ret)
+        self.assertEqual(expected_result_complex, result)
 
         # issue #8210 : prereq recursion undetected
         # TODO: this test fails
diff -Nru salt-2015.5.2+ds/tests/integration/netapi/rest_tornado/test_app.py salt-2015.5.3+ds/tests/integration/netapi/rest_tornado/test_app.py
--- salt-2015.5.2+ds/tests/integration/netapi/rest_tornado/test_app.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/tests/integration/netapi/rest_tornado/test_app.py	2015-07-07 20:42:37.000000000 +0000
@@ -581,6 +581,7 @@
             self.assertIn('headers', event['data'])
             self.assertEqual(event['data']['post'], {'foo': 'bar'})
         # get an event future
+        self._finished = False  # TODO: remove after some cleanup of the event listener
         event = self.application.event_listener.get_event(self,
                                                           tag='salt/netapi/hook',
                                                           callback=verify_event,
diff -Nru salt-2015.5.2+ds/tests/integration/states/file.py salt-2015.5.3+ds/tests/integration/states/file.py
--- salt-2015.5.2+ds/tests/integration/states/file.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/tests/integration/states/file.py	2015-07-07 20:42:37.000000000 +0000
@@ -12,6 +12,7 @@
 import shutil
 import stat
 import tempfile
+import textwrap
 import filecmp
 
 # Import Salt Testing libs
@@ -21,13 +22,15 @@
     ensure_in_syspath,
     with_system_user_and_group
 )
-ensure_in_syspath('../../')
 
+ensure_in_syspath('../../')
 
 # Import salt libs
 import integration
 import salt.utils
 
+STATE_DIR = os.path.join(integration.FILES, 'file', 'base')
+
 
 class FileTest(integration.ModuleCase, integration.SaltReturnAssertsMixIn):
     '''
@@ -237,6 +240,65 @@
         changes = ret.values()[0]['changes']
         self.assertEqual('<show_diff=False>', changes['diff'])
 
+    def test_managed_contents(self):
+        '''
+        test file.managed with contents that is a boolean, string, integer,
+        float, list, and dictionary
+        '''
+        state_name = 'file-FileTest-test_managed_contents'
+        state_filename = state_name + '.sls'
+        state_file = os.path.join(STATE_DIR, state_filename)
+
+        managed_files = {}
+        state_keys = {}
+        for typ in ('bool', 'str', 'int', 'float', 'list', 'dict'):
+            managed_files[typ] = tempfile.mkstemp()[1]
+            state_keys[typ] = 'file_|-{0} file_|-{1}_|-managed'.format(typ, managed_files[typ])
+        try:
+            salt.utils.fopen(state_file, 'w').write(textwrap.dedent('''\
+                bool file:
+                  file.managed:
+                    - name: {bool}
+                    - contents: True
+
+                str file:
+                  file.managed:
+                    - name: {str}
+                    - contents: Salt was here.
+
+                int file:
+                  file.managed:
+                    - name: {int}
+                    - contents: 340282366920938463463374607431768211456
+
+                float file:
+                  file.managed:
+                    - name: {float}
+                    - contents: 1.7518e-45  # gravitational coupling constant
+
+                list file:
+                  file.managed:
+                    - name: {list}
+                    - contents: [1, 1, 2, 3, 5, 8, 13]
+
+                dict file:
+                  file.managed:
+                    - name: {dict}
+                    - contents:
+                        C: charge
+                        P: parity
+                        T: time
+                '''.format(**managed_files)))
+
+            ret = self.run_function('state.sls', [state_name])
+            for typ in state_keys:
+                self.assertTrue(ret[state_keys[typ]]['result'])
+                self.assertIn('diff', ret[state_keys[typ]]['changes'])
+        finally:
+            os.remove(state_file)
+            for typ in managed_files:
+                os.remove(managed_files[typ])
+
     def test_directory(self):
         '''
         file.directory
diff -Nru salt-2015.5.2+ds/tests/unit/modules/gpg_test.py salt-2015.5.3+ds/tests/unit/modules/gpg_test.py
--- salt-2015.5.2+ds/tests/unit/modules/gpg_test.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/modules/gpg_test.py	2015-07-07 20:42:37.000000000 +0000
@@ -37,7 +37,7 @@
 
 class Mockgnupg(object):
     '''
-    Mock smtplib class
+    Mock gnupg class
     '''
     __version__ = '1.3.1'
     fingerprint = u'F321F'
@@ -50,7 +50,7 @@
 
     class GPG(object):
         '''
-        Mock smtplib class
+        Mock gnupg class
         '''
         def __init__(self, gnupghome='/tmp/salt/.gnupg',
                      homedir='/tmp/salt/.gnupg'):
diff -Nru salt-2015.5.2+ds/tests/unit/modules/redismod_test.py salt-2015.5.3+ds/tests/unit/modules/redismod_test.py
--- salt-2015.5.2+ds/tests/unit/modules/redismod_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/modules/redismod_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,474 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.modules import redismod
+from datetime import datetime
+
+
+# Globals
+redismod.__grains__ = {}
+redismod.__salt__ = {}
+redismod.__context__ = {}
+redismod.__opts__ = {}
+
+
+class Mockredis(object):
+    '''
+    Mock redis class
+    '''
+    class ConnectionError(Exception):
+        '''
+        Mock ConnectionError class
+        '''
+        pass
+
+redismod.redis = Mockredis
+
+
+class MockConnect(object):
+    '''
+    Mock Connect class
+    '''
+    counter = 0
+
+    def __init__(self):
+        self.name = None
+        self.pattern = None
+        self.value = None
+        self.key = None
+        self.seconds = None
+        self.timestamp = None
+        self.field = None
+        self.start = None
+        self.stop = None
+        self.master_host = None
+        self.master_port = None
+
+    @staticmethod
+    def bgrewriteaof():
+        '''
+        Mock bgrewriteaof method
+        '''
+        return 'A'
+
+    @staticmethod
+    def bgsave():
+        '''
+        Mock bgsave method
+        '''
+        return 'A'
+
+    def config_get(self, pattern):
+        '''
+        Mock config_get method
+        '''
+        self.pattern = pattern
+        return 'A'
+
+    def config_set(self, name, value):
+        '''
+        Mock config_set method
+        '''
+        self.name = name
+        self.value = value
+        return 'A'
+
+    @staticmethod
+    def dbsize():
+        '''
+        Mock dbsize method
+        '''
+        return 'A'
+
+    @staticmethod
+    def delete():
+        '''
+        Mock delete method
+        '''
+        return 'A'
+
+    def exists(self, key):
+        '''
+        Mock exists method
+        '''
+        self.key = key
+        return 'A'
+
+    def expire(self, key, seconds):
+        '''
+        Mock expire method
+        '''
+        self.key = key
+        self.seconds = seconds
+        return 'A'
+
+    def expireat(self, key, timestamp):
+        '''
+        Mock expireat method
+        '''
+        self.key = key
+        self.timestamp = timestamp
+        return 'A'
+
+    @staticmethod
+    def flushall():
+        '''
+        Mock flushall method
+        '''
+        return 'A'
+
+    @staticmethod
+    def flushdb():
+        '''
+        Mock flushdb method
+        '''
+        return 'A'
+
+    def get(self, key):
+        '''
+        Mock get method
+        '''
+        self.key = key
+        return 'A'
+
+    def hget(self, key, field):
+        '''
+        Mock hget method
+        '''
+        self.key = key
+        self.field = field
+        return 'A'
+
+    def hgetall(self, key):
+        '''
+        Mock hgetall method
+        '''
+        self.key = key
+        return 'A'
+
+    @staticmethod
+    def info():
+        '''
+        Mock info method
+        '''
+        return 'A'
+
+    def keys(self, pattern):
+        '''
+        Mock keys method
+        '''
+        self.pattern = pattern
+        return 'A'
+
+    def type(self, key):
+        '''
+        Mock type method
+        '''
+        self.key = key
+        return 'A'
+
+    @staticmethod
+    def lastsave():
+        '''
+        Mock lastsave method
+        '''
+        return datetime.now()
+
+    def llen(self, key):
+        '''
+        Mock llen method
+        '''
+        self.key = key
+        return 'A'
+
+    def lrange(self, key, start, stop):
+        '''
+        Mock lrange method
+        '''
+        self.key = key
+        self.start = start
+        self.stop = stop
+        return 'A'
+
+    @staticmethod
+    def ping():
+        '''
+        Mock ping method
+        '''
+        MockConnect.counter = MockConnect.counter + 1
+        if MockConnect.counter == 1:
+            return 'A'
+        elif MockConnect.counter in (2, 3, 5):
+            raise Mockredis.ConnectionError('foo')
+
+    @staticmethod
+    def save():
+        '''
+        Mock save method
+        '''
+        return 'A'
+
+    def set(self, key, value):
+        '''
+        Mock set method
+        '''
+        self.key = key
+        self.value = value
+        return 'A'
+
+    @staticmethod
+    def shutdown():
+        '''
+        Mock shutdown method
+        '''
+        return 'A'
+
+    def slaveof(self, master_host, master_port):
+        '''
+        Mock slaveof method
+        '''
+        self.master_host = master_host
+        self.master_port = master_port
+        return 'A'
+
+    def smembers(self, key):
+        '''
+        Mock smembers method
+        '''
+        self.key = key
+        return 'A'
+
+    @staticmethod
+    def time():
+        '''
+        Mock time method
+        '''
+        return 'A'
+
+    def zcard(self, key):
+        '''
+        Mock zcard method
+        '''
+        self.key = key
+        return 'A'
+
+    def zrange(self, key, start, stop):
+        '''
+        Mock zrange method
+        '''
+        self.key = key
+        self.start = start
+        self.stop = stop
+        return 'A'
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+@patch('salt.modules.redismod._connect', MagicMock(return_value=MockConnect()))
+class RedismodTestCase(TestCase):
+    '''
+    Test cases for salt.modules.redismod
+    '''
+    def test_bgrewriteaof(self):
+        '''
+        Test to asynchronously rewrite the append-only file
+        '''
+        self.assertEqual(redismod.bgrewriteaof(), 'A')
+
+    def test_bgsave(self):
+        '''
+        Test to asynchronously save the dataset to disk
+        '''
+        self.assertEqual(redismod.bgsave(), 'A')
+
+    def test_config_get(self):
+        '''
+        Test to get redis server configuration values
+        '''
+        self.assertEqual(redismod.config_get('*'), 'A')
+
+    def test_config_set(self):
+        '''
+        Test to set redis server configuration values
+        '''
+        self.assertEqual(redismod.config_set('name', 'value'), 'A')
+
+    def test_dbsize(self):
+        '''
+        Test to return the number of keys in the selected database
+        '''
+        self.assertEqual(redismod.dbsize(), 'A')
+
+    def test_delete(self):
+        '''
+        Test to deletes the keys from redis, returns number of keys deleted
+        '''
+        self.assertEqual(redismod.delete(), 'A')
+
+    def test_exists(self):
+        '''
+        Test to return true if the key exists in redis
+        '''
+        self.assertEqual(redismod.exists('key'), 'A')
+
+    def test_expire(self):
+        '''
+        Test to set a keys time to live in seconds
+        '''
+        self.assertEqual(redismod.expire('key', 'seconds'), 'A')
+
+    def test_expireat(self):
+        '''
+        Test to set a keys expire at given UNIX time
+        '''
+        self.assertEqual(redismod.expireat('key', 'timestamp'), 'A')
+
+    def test_flushall(self):
+        '''
+        Test to remove all keys from all databases
+        '''
+        self.assertEqual(redismod.flushall(), 'A')
+
+    def test_flushdb(self):
+        '''
+        Test to remove all keys from the selected database
+        '''
+        self.assertEqual(redismod.flushdb(), 'A')
+
+    def test_get_key(self):
+        '''
+        Test to get redis key value
+        '''
+        self.assertEqual(redismod.get_key('key'), 'A')
+
+    def test_hget(self):
+        '''
+        Test to get specific field value from a redis hash, returns dict
+        '''
+        self.assertEqual(redismod.hget('key', 'field'), 'A')
+
+    def test_hgetall(self):
+        '''
+        Test to get all fields and values from a redis hash, returns dict
+        '''
+        self.assertEqual(redismod.hgetall('key'), 'A')
+
+    def test_info(self):
+        '''
+        Test to get information and statistics about the server
+        '''
+        self.assertEqual(redismod.info(), 'A')
+
+    def test_keys(self):
+        '''
+        Test to get redis keys, supports glob style patterns
+        '''
+        self.assertEqual(redismod.keys('pattern'), 'A')
+
+    def test_key_type(self):
+        '''
+        Test to get redis key type
+        '''
+        self.assertEqual(redismod.key_type('key'), 'A')
+
+    def test_lastsave(self):
+        '''
+        Test to get the UNIX time in seconds of the last successful
+        save to disk
+        '''
+        self.assertTrue(redismod.lastsave())
+
+    def test_llen(self):
+        '''
+        Test to get the length of a list in Redis
+        '''
+        self.assertEqual(redismod.llen('key'), 'A')
+
+    def test_lrange(self):
+        '''
+        Test to get a range of values from a list in Redis
+        '''
+        self.assertEqual(redismod.lrange('key', 'start', 'stop'), 'A')
+
+    def test_ping(self):
+        '''
+        Test to ping the server, returns False on connection errors
+        '''
+        self.assertEqual(redismod.ping(), 'A')
+
+        self.assertFalse(redismod.ping())
+
+    def test_save(self):
+        '''
+        Test to synchronously save the dataset to disk
+        '''
+        self.assertEqual(redismod.save(), 'A')
+
+    def test_set_key(self):
+        '''
+        Test to set redis key value
+        '''
+        self.assertEqual(redismod.set_key('key', 'value'), 'A')
+
+    def test_shutdown(self):
+        '''
+        Test to synchronously save the dataset to disk and then
+        shut down the server
+        '''
+        self.assertFalse(redismod.shutdown())
+
+        self.assertTrue(redismod.shutdown())
+
+        self.assertFalse(redismod.shutdown())
+
+    def test_slaveof(self):
+        '''
+        Test to make the server a slave of another instance, or
+        promote it as master
+        '''
+        self.assertEqual(redismod.slaveof('master_host', 'master_port'), 'A')
+
+    def test_smembers(self):
+        '''
+        Test to get members in a Redis set
+        '''
+        self.assertListEqual(redismod.smembers('key'), ['A'])
+
+    def test_time(self):
+        '''
+        Test to return the current server UNIX time in seconds
+        '''
+        self.assertEqual(redismod.time(), 'A')
+
+    def test_zcard(self):
+        '''
+        Test to get the length of a sorted set in Redis
+        '''
+        self.assertEqual(redismod.zcard('key'), 'A')
+
+    def test_zrange(self):
+        '''
+        Test to get a range of values from a sorted set in Redis by index
+        '''
+        self.assertEqual(redismod.zrange('key', 'start', 'stop'), 'A')
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(RedismodTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/modules/seed_test.py salt-2015.5.3+ds/tests/unit/modules/seed_test.py
--- salt-2015.5.2+ds/tests/unit/modules/seed_test.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/modules/seed_test.py	2015-07-07 20:42:37.000000000 +0000
@@ -93,6 +93,7 @@
                                     self.assertFalse(seed.apply_('path',
                                                                  install=False))
 
+    @skipIf(True, 'Failing intermittently, will review later')
     def test_mkconfig(self):
         '''
         Test to generate keys and config and put them in a tmp directory.
diff -Nru salt-2015.5.2+ds/tests/unit/modules/tls_test.py salt-2015.5.3+ds/tests/unit/modules/tls_test.py
--- salt-2015.5.2+ds/tests/unit/modules/tls_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/modules/tls_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,647 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Joe Julian <me@joejulian.name>`
+'''
+# Import the future
+from __future__ import absolute_import
+
+NO_PYOPENSSL = False
+
+# Import Python libs
+import shutil
+import tempfile
+import os
+try:
+    # We're not going to actually use OpenSSL, we just want to check that
+    # it's installed.
+    import OpenSSL  # pylint: disable=unused-import
+except Exception:
+    NO_PYOPENSSL = True
+
+# Import Salt Testing Libs
+from salttesting import TestCase, skipIf
+from salttesting.mock import (
+    mock_open,
+    MagicMock,
+    patch,
+    NO_MOCK,
+    NO_MOCK_REASON
+)
+from salttesting.helpers import destructiveTest
+
+# Import Salt Libs
+from salt.modules import tls
+import integration
+
+
+# Globals
+tls.__grains__ = {}
+tls.__salt__ = {}
+tls.__context__ = {}
+tls.__opts__ = {}
+
+_TLS_TEST_DATA = {
+    'ca_cert': '''-----BEGIN CERTIFICATE-----
+MIIEejCCA2KgAwIBAgIRANW6IUG5rMez0vPi3cSmS3QwDQYJKoZIhvcNAQELBQAw
+eTELMAkGA1UEBhMCVVMxDTALBgNVBAgMBFV0YWgxFzAVBgNVBAcMDlNhbHQgTGFr
+ZSBDaXR5MRIwEAYDVQQKDAlTYWx0U3RhY2sxEjAQBgNVBAMMCWxvY2FsaG9zdDEa
+MBgGCSqGSIb3DQEJARYLeHl6QHBkcS5uZXQwHhcNMTUwNTA1MTYzOTIxWhcNMTYw
+NTA0MTYzOTIxWjB5MQswCQYDVQQGEwJVUzENMAsGA1UECAwEVXRhaDEXMBUGA1UE
+BwwOU2FsdCBMYWtlIENpdHkxEjAQBgNVBAoMCVNhbHRTdGFjazESMBAGA1UEAwwJ
+bG9jYWxob3N0MRowGAYJKoZIhvcNAQkBFgt4eXpAcGRxLm5ldDCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMNvHc8LwpI5/NiwRTWYG34WQ5vau8gkj+8p
+5KehXDNmDcCY8QW9xNaCxY6Atg2Dwh5vEacubKRcnQL9SFKYHa4ddtnkISzSkdZN
+ImY7ZVQteDIVNJmy7DrZ4RvWTr2ezXYLv8oNkqrKhynt5xIBXZWslWUav1pOp8z8
+N+LeXaASVyajqB5TiN8HJR/up9MlSfy/zhtm6x6SIUsEZa+zK7m06/Glrr4WZFOV
+LbOwxl36JpjywWTNcrXJd052U/377tUATXpepALBUUOIvWeGF7mrSTZkdhqRZRTe
+Jr2+48zIuyMeB+JlY4UpR04pQNqstHimkyjxFfN/TKFqlhYqYjkCAwEAAaOB/DCB
++TASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU
+WBvk3qjnltkxKtEQxqYn5+KwYWkwgbMGA1UdIwSBqzCBqIAUWBvk3qjnltkxKtEQ
+xqYn5+KwYWmhfaR7MHkxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARVdGFoMRcwFQYD
+VQQHDA5TYWx0IExha2UgQ2l0eTESMBAGA1UECgwJU2FsdFN0YWNrMRIwEAYDVQQD
+DAlsb2NhbGhvc3QxGjAYBgkqhkiG9w0BCQEWC3h5ekBwZHEubmV0ghEA1bohQbms
+x7PS8+LdxKZLdDANBgkqhkiG9w0BAQsFAAOCAQEALe312Oe8e+VjhnItcjQFuwcP
+TaLf3+DTWaQLU1C8H78E75WE9UiRiVCyTpOLt/nONFkIKE275nCLPGCXn5JTZYVB
+CxGFTRqnQ+8bdhZA6LYQPXieGikjTy+P2oiKOvPnYsATUXLbZ3ee+zEgBFGbbxNX
+Argd3Vahg7Onu3ynsJz9a+hmwVqTX70Ykrrm+b/YtwKPfHeXTMxkX23jc4R7D+ED
+VvROFJ27hFPLVaJrsq3EHb8ZkQHmRCzK2sMIPyJb2e0BOKDEZEphNxiIjerDnH7n
+xDSMW0jK9FEv/W/sSBwoEolh3Q2e0gfd2vo7bEGvNF4eTqFsoAfeiAjWk65q0Q==
+-----END CERTIFICATE-----''',
+    'ca_cert_key': '''-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDDbx3PC8KSOfzY
+sEU1mBt+FkOb2rvIJI/vKeSnoVwzZg3AmPEFvcTWgsWOgLYNg8IebxGnLmykXJ0C
+/UhSmB2uHXbZ5CEs0pHWTSJmO2VULXgyFTSZsuw62eEb1k69ns12C7/KDZKqyocp
+7ecSAV2VrJVlGr9aTqfM/Dfi3l2gElcmo6geU4jfByUf7qfTJUn8v84bZusekiFL
+BGWvsyu5tOvxpa6+FmRTlS2zsMZd+iaY8sFkzXK1yXdOdlP9++7VAE16XqQCwVFD
+iL1nhhe5q0k2ZHYakWUU3ia9vuPMyLsjHgfiZWOFKUdOKUDarLR4ppMo8RXzf0yh
+apYWKmI5AgMBAAECggEBAIRqIRRLr4VL7NkUdZAeg2Imy6Apz9mHjE5LYDWDyui4
+WNEJzyRIs7lz2U74PmFhyIC+WIOhnNKwPWHtIrdzgYibRg/T1fZ8pXtBv/DshXdH
+Z4zneUA6TnyBa1hlF+y6UBOPWl8YWyuFFZd/LXSxoCrtSDu8p7IUYPUuXt9EMsNk
++rQhBZH7iiOx2M7ckLb/gG4tElqh/QQ0Qhuy1e80oMfO9w1XxIThETx0LxQ7Uad5
+vk5BQoEI+n/W1tPhXwQ/hndn3ub3pgfpKXIKi7AdySsdxTda4pJLyEwAm9MHrMNm
+XvlBdQ+/vq4NSRk2oVVFzJ1yX7bfmrw+6ZqY36oOrUECgYEA4KvnSgeUyG4ouwA9
+zTehvFhEWfFyj/y8Tl2OcaIeCvHahN3n6n++Rx25JYrQDhguMGgMHJ0dcZr0Wvvc
+EPOAxjam96p2HJMYdpYmrwpguHDu4Jk+fOqgc8Ms541P3+sMej1UQxRaQ6c/g1EM
+Pl0g2GdDN4bw60nbEwOXp0qFI1UCgYEA3q+GJDA+gkXcMqKN06VEdjPvm+BpOygx
+VvO0cG6njcmVjJKPePIYbjcBHduQRbCGxLmntLOyVg6Ign1+r/LaG7AADYXMdURD
+cn4J9ANKuT1lZcs/JRatA1qigwlk8E7vIqq0E/1EiEbRWVE34lgN3dkUOqAXLBfi
+9p2aJMOtC1UCgYAKnDOtDFSbbpBf3HAOu/zYXzbDJKLrZ90gukxa03Qlwiw2sCAe
+s++xfhbbTgXrVHsB8Df6NfVJAy9dCJ3o8wb21WfnNFalnNC/8PFcvNm6fCLb2oDX
+92Ciduos+UB3a6tILpNHI7Prk/9s3Sv92foOHjpPagEAq5k7+aR00xEcjQKBgEhn
+r+kCWsDG8ELygcToPqtkVatMO0sF1Y0dLnVENWyvt9V+LfI4XWMwtUc9Bdry+87p
+QrNJnlnG3fH31gJlpy9Leajr8T/L01ZdzuStUVWLtfV0MXLgvZ6SkLakjlJoh+6w
+rF63gdoBlL5C3zXURaX1mFM7jG1E0wI22lDL4u8FAoGAaeghxaW4V0keS0KpdPvL
+kmEhQ5VDAG92fmzQa0wkBoTbsS4kitHj5QTfNJgdCDJbZ7srkMbQR7oVGeZKIDBk
+L7lyhyrtHaR/r/fdUNEJAVsQt3Shaa5c5srLh6vzGcBsV7/nQqrEP+GadvGSbHNT
+bymYbi0l2pWqQLA2sPoRHNw=
+-----END PRIVATE KEY-----''',
+    'ca_signed_cert': '''
+    ''',
+    'ca_signed_key': '''
+    ''',
+    'create_ca': {
+        'bits': 2048,
+        'CN': 'localhost',
+        'C': 'US',
+        'ST': 'Utah',
+        'L': 'Salt Lake City',
+        'O': 'SaltStack',
+        'OU': 'Test Unit',
+        'emailAddress': 'xyz@pdq.net',
+        'digest': 'sha256',
+        'replace': False
+    }
+}
+
+# Skip this test case if we don't have access to mock or PyOpenSSL.
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+@skipIf(NO_PYOPENSSL, 'PyOpenSSL must be installed to run these tests.')
+class TLSAddTestCase(TestCase):
+    maxDiff = None
+
+    '''
+    Test cases for salt.modules.tls
+    '''
+
+    def test_cert_base_path(self):
+        '''
+        Test for retrieving cert base path
+        '''
+        ca_path = '/etc/tls'
+        mock_opt = MagicMock(return_value=ca_path)
+        with patch.dict(tls.__salt__, {'config.option': mock_opt}):
+            self.assertEqual(tls.cert_base_path(), ca_path)
+
+    def test_set_ca_cert_path(self):
+        '''
+        Test for setting the cert base path
+        '''
+        ca_path = '/tmp/ca_cert_test_path'
+        mock_opt = MagicMock(return_value='/etc/tls')
+        ret = {'ca.contextual_cert_base_path': '/tmp/ca_cert_test_path'}
+        with patch.dict(tls.__salt__, {'config.option': mock_opt}):
+            tls.set_ca_path(ca_path)
+            self.assertEqual(tls.__context__, ret)
+
+    @patch('os.path.exists', MagicMock(return_value=False))
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    def test_ca_exists(self):
+        '''
+        Test to see if ca does not exist
+        '''
+        ca_path = '/tmp/test_tls'
+        ca_name = 'test_ca'
+        mock_opt = MagicMock(return_value=ca_path)
+        with patch.dict(tls.__salt__, {'config.option': mock_opt}):
+            self.assertFalse(tls.ca_exists(ca_name))
+
+    @patch('os.path.exists', MagicMock(return_value=True))
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    def test_ca_exists_true(self):
+        '''
+        Test to see if ca exists
+        '''
+        ca_path = '/tmp/test_tls'
+        ca_name = 'test_ca'
+        mock_opt = MagicMock(return_value=ca_path)
+        with patch.dict(tls.__salt__, {'config.option': mock_opt}):
+            self.assertTrue(tls.ca_exists(ca_name))
+
+    @patch('os.path.exists', MagicMock(return_value=False))
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    def test_get_ca_fail(self):
+        '''
+        Test get_ca failure
+        '''
+        ca_path = '/tmp/test_tls'
+        ca_name = 'test_ca'
+        mock_opt = MagicMock(return_value=ca_path)
+        with patch.dict(tls.__salt__, {'config.option': mock_opt}):
+            self.assertRaises(ValueError, tls.get_ca, ca_name)
+
+    @patch('os.path.exists', MagicMock(return_value=True))
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    @patch('salt.utils.fopen', mock_open(read_data=_TLS_TEST_DATA['ca_cert']))
+    def test_get_ca_text(self):
+        '''
+        Test get_ca text
+        '''
+        ca_path = '/tmp/test_tls'
+        ca_name = 'test_ca'
+        mock_opt = MagicMock(return_value=ca_path)
+        with patch.dict(tls.__salt__, {'config.option': mock_opt}):
+            self.assertEqual(tls.get_ca(ca_name, as_text=True),
+                             _TLS_TEST_DATA['ca_cert'])
+
+    @patch('os.path.exists', MagicMock(return_value=True))
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    def test_get_ca(self):
+        '''
+        Test get_ca
+        '''
+        ca_path = '/tmp/test_tls'
+        ca_name = 'test_ca'
+        certp = '{0}/{1}/{2}_ca_cert.crt'.format(
+            ca_path,
+            ca_name,
+            ca_name)
+        mock_opt = MagicMock(return_value=ca_path)
+        with patch.dict(tls.__salt__, {'config.option': mock_opt}):
+            self.assertEqual(tls.get_ca(ca_name), certp)
+
+    @patch('os.path.exists', MagicMock(return_value=True))
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    @patch('salt.utils.fopen', mock_open(read_data=_TLS_TEST_DATA['ca_cert']))
+    def test_cert_info(self):
+        '''
+        Test cert info
+        '''
+        ca_path = '/tmp/test_tls'
+        ca_name = 'test_ca'
+        certp = '{0}/{1}/{2}_ca_cert.crt'.format(
+            ca_path,
+            ca_name,
+            ca_name)
+        ret = {
+            'not_after': 1462379961,
+            'signature_algorithm': 'sha256WithRSAEncryption',
+            'extensions': None,
+            'fingerprint': ('96:72:B3:0A:1D:34:37:05:75:57:44:7E:08:81:A7:09:'
+                            '0C:E1:8F:5F:4D:0C:49:CE:5B:D2:6B:45:D3:4D:FF:31'),
+            'serial_number': 284092004844685647925744086791559203700,
+            'subject': {
+                'C': 'US',
+                'CN': 'localhost',
+                'L': 'Salt Lake City',
+                'O': 'SaltStack',
+                'ST': 'Utah',
+                'emailAddress':
+                'xyz@pdq.net'},
+            'not_before': 1430843961,
+            'issuer': {
+                'C': 'US',
+                'CN': 'localhost',
+                'L': 'Salt Lake City',
+                'O': 'SaltStack',
+                'ST': 'Utah',
+                'emailAddress': 'xyz@pdq.net'}
+        }
+
+        def ignore_extensions(data):
+            '''
+            Ignore extensions pending a resolution of issue 24338
+            '''
+            if 'extensions' in data.keys():
+                data['extensions'] = None
+            return data
+
+        # older pyopenssl versions don't have extensions or
+        # signature_algorithms
+        def remove_not_in_result(source, reference):
+            if 'signature_algorithm' not in reference:
+                del source['signature_algorithm']
+            if 'extensions' not in reference:
+                del source['extensions']
+        result = ignore_extensions(tls.cert_info(certp))
+        remove_not_in_result(ret, result)
+        self.assertEqual(result, ret)
+
+    @destructiveTest
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    def test_create_ca(self):
+        '''
+        Test creating CA cert
+        '''
+        ca_path = tempfile.mkdtemp(dir=integration.SYS_TMP_DIR)
+        try:
+            ca_name = 'test_ca'
+            certp = '{0}/{1}/{2}_ca_cert.crt'.format(
+                ca_path,
+                ca_name,
+                ca_name)
+            certk = '{0}/{1}/{2}_ca_cert.key'.format(
+                ca_path,
+                ca_name,
+                ca_name)
+            ret = 'Created Private Key: "{0}." Created CA "{1}": "{2}."'.format(
+                certk, ca_name, certp)
+            mock_opt = MagicMock(return_value=ca_path)
+            mock_ret = MagicMock(return_value=0)
+            with patch.dict(tls.__salt__, {'config.option': mock_opt, 'cmd.retcode': mock_ret}):
+                with patch.dict(tls.__opts__, {'hash_type': 'sha256',
+                                               'cachedir': ca_path}):
+                    self.assertEqual(
+                        tls.create_ca(
+                            ca_name,
+                            days=365,
+                            fixmode=False,
+                            **_TLS_TEST_DATA['create_ca']),
+                        ret)
+        finally:
+            if os.path.isdir(ca_path):
+                shutil.rmtree(ca_path)
+
+    @destructiveTest
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    def test_recreate_ca(self):
+        '''
+        Test creating CA cert when one already exists
+        '''
+        ca_path = tempfile.mkdtemp(dir=integration.SYS_TMP_DIR)
+        try:
+            ca_name = 'test_ca'
+            certp = '{0}/{1}/{2}_ca_cert.crt'.format(
+                ca_path,
+                ca_name,
+                ca_name)
+            certk = '{0}/{1}/{2}_ca_cert.key'.format(
+                ca_path,
+                ca_name,
+                ca_name)
+            ret = 'Created Private Key: "{0}." Created CA "{1}": "{2}."'.format(
+                certk, ca_name, certp)
+            mock_opt = MagicMock(return_value=ca_path)
+            mock_ret = MagicMock(return_value=0)
+            with patch.dict(tls.__salt__, {'config.option': mock_opt, 'cmd.retcode': mock_ret}):
+                with patch.dict(tls.__opts__, {'hash_type': 'sha256',
+                                               'cachedir': ca_path}):
+                    with patch.dict(_TLS_TEST_DATA['create_ca'],
+                                    {'replace': True}):
+                        tls.create_ca(ca_name)
+                        self.assertEqual(
+                            tls.create_ca(
+                                ca_name,
+                                days=365,
+                                fixmode=False,
+                                **_TLS_TEST_DATA['create_ca']),
+                            ret)
+        finally:
+            if os.path.isdir(ca_path):
+                shutil.rmtree(ca_path)
+
+    @destructiveTest
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    def test_create_csr(self):
+        '''
+        Test creating certificate signing request
+        '''
+        ca_path = tempfile.mkdtemp(dir=integration.SYS_TMP_DIR)
+        try:
+            ca_name = 'test_ca'
+            certp = '{0}/{1}/certs/{2}.csr'.format(
+                ca_path,
+                ca_name,
+                _TLS_TEST_DATA['create_ca']['CN'])
+            certk = '{0}/{1}/certs/{2}.key'.format(
+                ca_path,
+                ca_name,
+                _TLS_TEST_DATA['create_ca']['CN'])
+            ret = ('Created Private Key: "{0}." '
+                   'Created CSR for "{1}": "{2}."').format(
+                       certk, _TLS_TEST_DATA['create_ca']['CN'], certp)
+            mock_opt = MagicMock(return_value=ca_path)
+            mock_ret = MagicMock(return_value=0)
+            mock_pgt = MagicMock(return_value=False)
+            with patch.dict(tls.__salt__, {'config.option': mock_opt, 'cmd.retcode': mock_ret, 'pillar.get': mock_pgt}):
+                with patch.dict(tls.__opts__, {'hash_type': 'sha256',
+                                               'cachedir': ca_path}):
+                    tls.create_ca(ca_name)
+                    self.assertEqual(
+                        tls.create_csr(
+                            ca_name,
+                            **_TLS_TEST_DATA['create_ca']),
+                        ret)
+        finally:
+            if os.path.isdir(ca_path):
+                shutil.rmtree(ca_path)
+
+    @destructiveTest
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    def test_recreate_csr(self):
+        '''
+        Test creating certificate signing request when one already exists
+        '''
+        ca_path = tempfile.mkdtemp(dir=integration.SYS_TMP_DIR)
+        try:
+            ca_name = 'test_ca'
+            certp = '{0}/{1}/certs/{2}.csr'.format(
+                ca_path,
+                ca_name,
+                _TLS_TEST_DATA['create_ca']['CN'])
+            certk = '{0}/{1}/certs/{2}.key'.format(
+                ca_path,
+                ca_name,
+                _TLS_TEST_DATA['create_ca']['CN'])
+            ret = ('Created Private Key: "{0}." '
+                   'Created CSR for "{1}": "{2}."').format(
+                       certk, _TLS_TEST_DATA['create_ca']['CN'], certp)
+            mock_opt = MagicMock(return_value=ca_path)
+            mock_ret = MagicMock(return_value=0)
+            mock_pgt = MagicMock(return_value=False)
+            with patch.dict(tls.__salt__, {'config.option': mock_opt, 'cmd.retcode': mock_ret, 'pillar.get': mock_pgt}):
+                with patch.dict(tls.__opts__, {'hash_type': 'sha256',
+                                               'cachedir': ca_path}):
+                    with patch.dict(_TLS_TEST_DATA['create_ca'],
+                                    {'replace': True}):
+                        tls.create_ca(ca_name)
+                        tls.create_csr(ca_name)
+                        self.assertEqual(
+                            tls.create_csr(
+                                ca_name,
+                                **_TLS_TEST_DATA['create_ca']),
+                            ret)
+        finally:
+            if os.path.isdir(ca_path):
+                shutil.rmtree(ca_path)
+
+    @destructiveTest
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    def test_create_self_signed_cert(self):
+        '''
+        Test creating self signed certificate
+        '''
+        ca_path = tempfile.mkdtemp(dir=integration.SYS_TMP_DIR)
+        try:
+            tls_dir = 'test_tls'
+            certp = '{0}/{1}/certs/{2}.crt'.format(
+                ca_path,
+                tls_dir,
+                _TLS_TEST_DATA['create_ca']['CN'])
+            certk = '{0}/{1}/certs/{2}.key'.format(
+                ca_path,
+                tls_dir,
+                _TLS_TEST_DATA['create_ca']['CN'])
+            ret = ('Created Private Key: "{0}." '
+                   'Created Certificate: "{1}."').format(
+                       certk, certp)
+            mock_opt = MagicMock(return_value=ca_path)
+            with patch.dict(tls.__salt__, {'config.option': mock_opt}):
+                with patch.dict(tls.__opts__, {'hash_type': 'sha256',
+                                               'cachedir': ca_path}):
+                    self.assertEqual(
+                        tls.create_self_signed_cert(
+                            tls_dir=tls_dir,
+                            days=365,
+                            **_TLS_TEST_DATA['create_ca']),
+                        ret)
+        finally:
+            if os.path.isdir(ca_path):
+                shutil.rmtree(ca_path)
+
+    @destructiveTest
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    def test_recreate_self_signed_cert(self):
+        '''
+        Test creating self signed certificate when one already exists
+        '''
+        ca_path = tempfile.mkdtemp(dir=integration.SYS_TMP_DIR)
+        try:
+            tls_dir = 'test_tls'
+            certp = '{0}/{1}/certs/{2}.crt'.format(
+                ca_path,
+                tls_dir,
+                _TLS_TEST_DATA['create_ca']['CN'])
+            certk = '{0}/{1}/certs/{2}.key'.format(
+                ca_path,
+                tls_dir,
+                _TLS_TEST_DATA['create_ca']['CN'])
+            ret = ('Created Private Key: "{0}." '
+                   'Created Certificate: "{1}."').format(
+                       certk, certp)
+            mock_opt = MagicMock(return_value=ca_path)
+            with patch.dict(tls.__salt__, {'config.option': mock_opt}):
+                with patch.dict(tls.__opts__, {'hash_type': 'sha256',
+                                               'cachedir': ca_path}):
+                    self.assertEqual(
+                        tls.create_self_signed_cert(
+                            tls_dir=tls_dir,
+                            days=365,
+                            **_TLS_TEST_DATA['create_ca']),
+                        ret)
+        finally:
+            if os.path.isdir(ca_path):
+                shutil.rmtree(ca_path)
+
+    @destructiveTest
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    def test_create_ca_signed_cert(self):
+        '''
+        Test signing certificate from request
+        '''
+        ca_path = tempfile.mkdtemp(dir=integration.SYS_TMP_DIR)
+        try:
+            ca_name = 'test_ca'
+            certp = '{0}/{1}/certs/{2}.crt'.format(
+                ca_path,
+                ca_name,
+                _TLS_TEST_DATA['create_ca']['CN'])
+            ret = 'Created Certificate for "{0}": "{1}"'.format(
+                _TLS_TEST_DATA['create_ca']['CN'], certp)
+            mock_opt = MagicMock(return_value=ca_path)
+            mock_ret = MagicMock(return_value=0)
+            mock_pgt = MagicMock(return_value=False)
+            with patch.dict(tls.__salt__, {'config.option': mock_opt, 'cmd.retcode': mock_ret, 'pillar.get': mock_pgt}):
+                with patch.dict(tls.__opts__, {'hash_type': 'sha256',
+                                               'cachedir': ca_path}):
+                    tls.create_ca(ca_name)
+                    tls.create_csr(ca_name, **_TLS_TEST_DATA['create_ca'])
+                    self.assertEqual(
+                        tls.create_ca_signed_cert(
+                            ca_name,
+                            _TLS_TEST_DATA['create_ca']['CN']),
+                        ret)
+        finally:
+            if os.path.isdir(ca_path):
+                shutil.rmtree(ca_path)
+
+    @destructiveTest
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    def test_recreate_ca_signed_cert(self):
+        '''
+        Test signing certificate from request when certificate exists
+        '''
+        ca_path = tempfile.mkdtemp(dir=integration.SYS_TMP_DIR)
+        try:
+            ca_name = 'test_ca'
+            certp = '{0}/{1}/certs/{2}.crt'.format(
+                ca_path,
+                ca_name,
+                _TLS_TEST_DATA['create_ca']['CN'])
+            ret = 'Created Certificate for "{0}": "{1}"'.format(
+                _TLS_TEST_DATA['create_ca']['CN'], certp)
+            mock_opt = MagicMock(return_value=ca_path)
+            mock_ret = MagicMock(return_value=0)
+            mock_pgt = MagicMock(return_value=False)
+            with patch.dict(tls.__salt__, {'config.option': mock_opt, 'cmd.retcode': mock_ret, 'pillar.get': mock_pgt}):
+                with patch.dict(tls.__opts__, {'hash_type': 'sha256',
+                                               'cachedir': ca_path}):
+                    tls.create_ca(ca_name)
+                    tls.create_csr(ca_name)
+                    tls.create_ca_signed_cert(ca_name,
+                                              _TLS_TEST_DATA['create_ca']['CN'])
+                    self.assertEqual(
+                        tls.create_ca_signed_cert(
+                            ca_name,
+                            _TLS_TEST_DATA['create_ca']['CN'],
+                            replace=True),
+                        ret)
+        finally:
+            if os.path.isdir(ca_path):
+                shutil.rmtree(ca_path)
+
+    @destructiveTest
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    def test_create_pkcs12(self):
+        '''
+        Test creating pkcs12
+        '''
+        ca_path = tempfile.mkdtemp(dir=integration.SYS_TMP_DIR)
+        try:
+            ca_name = 'test_ca'
+            certp = '{0}/{1}/certs/{2}.p12'.format(
+                ca_path,
+                ca_name,
+                _TLS_TEST_DATA['create_ca']['CN'])
+            ret = 'Created PKCS#12 Certificate for "{0}": "{1}"'.format(
+                _TLS_TEST_DATA['create_ca']['CN'], certp)
+            mock_opt = MagicMock(return_value=ca_path)
+            mock_ret = MagicMock(return_value=0)
+            mock_pgt = MagicMock(return_value=False)
+            with patch.dict(tls.__salt__, {'config.option': mock_opt, 'cmd.retcode': mock_ret, 'pillar.get': mock_pgt}):
+                with patch.dict(tls.__opts__, {'hash_type': 'sha256',
+                                               'cachedir': ca_path}):
+                    tls.create_ca(ca_name)
+                    tls.create_csr(ca_name, **_TLS_TEST_DATA['create_ca'])
+                    tls.create_ca_signed_cert(ca_name,
+                                              _TLS_TEST_DATA['create_ca']['CN'])
+                    self.assertEqual(
+                        tls.create_pkcs12(ca_name,
+                                          _TLS_TEST_DATA['create_ca']['CN'],
+                                          'password'),
+                        ret)
+        finally:
+            if os.path.isdir(ca_path):
+                shutil.rmtree(ca_path)
+
+    @destructiveTest
+    @patch('salt.modules.tls.maybe_fix_ssl_version',
+           MagicMock(return_value=True))
+    def test_recreate_pkcs12(self):
+        '''
+        Test creating pkcs12 when it already exists
+        '''
+        ca_path = tempfile.mkdtemp(dir=integration.SYS_TMP_DIR)
+        try:
+            ca_name = 'test_ca'
+            certp = '{0}/{1}/certs/{2}.p12'.format(
+                ca_path,
+                ca_name,
+                _TLS_TEST_DATA['create_ca']['CN'])
+            ret = 'Created PKCS#12 Certificate for "{0}": "{1}"'.format(
+                _TLS_TEST_DATA['create_ca']['CN'], certp)
+            mock_opt = MagicMock(return_value=ca_path)
+            mock_ret = MagicMock(return_value=0)
+            mock_pgt = MagicMock(return_value=False)
+            with patch.dict(tls.__salt__, {'config.option': mock_opt, 'cmd.retcode': mock_ret, 'pillar.get': mock_pgt}):
+                with patch.dict(tls.__opts__, {'hash_type': 'sha256',
+                                               'cachedir': ca_path}):
+                    with patch.dict(_TLS_TEST_DATA['create_ca'],
+                                    {'replace': True}):
+                        tls.create_ca(ca_name)
+                        tls.create_csr(ca_name)
+                        tls.create_ca_signed_cert(ca_name,
+                                                  _TLS_TEST_DATA['create_ca']['CN'])
+                        tls.create_pkcs12(ca_name,
+                                          _TLS_TEST_DATA['create_ca']['CN'],
+                                          'password')
+                        self.assertEqual(
+                            tls.create_pkcs12(ca_name,
+                                              _TLS_TEST_DATA[
+                                                  'create_ca']['CN'],
+                                              'password',
+                                              replace=True),
+                            ret)
+        finally:
+            if os.path.isdir(ca_path):
+                shutil.rmtree(ca_path)
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(TLSAddTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/modules/win_groupadd_test.py salt-2015.5.3+ds/tests/unit/modules/win_groupadd_test.py
--- salt-2015.5.2+ds/tests/unit/modules/win_groupadd_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/modules/win_groupadd_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,153 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+
+# Import Python Libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import TestCase, skipIf
+from salttesting.mock import (
+    patch,
+    NO_MOCK,
+    NO_MOCK_REASON
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.modules import win_groupadd
+
+# Import Other Libs
+# pylint: disable=W0611
+try:
+    import win32com
+    import pythoncom
+    import pywintypes
+    HAS_WIN_LIBS = True
+except ImportError:
+    HAS_WIN_LIBS = False
+# pylint: enable=W0611
+
+
+win_groupadd.__context__ = {}
+win_groupadd.__opts__ = {'test': False}
+
+
+@skipIf(not HAS_WIN_LIBS, 'win_groupadd unit tests can only be run if win32com, pythoncom, and pywintypes are installed')
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class WinGroupTestCase(TestCase):
+    '''
+    Test cases for salt.modules.win_groupadd
+    '''
+    # 'add' function tests: 1
+
+    def test_add(self):
+        '''
+        Test if it add the specified group
+        '''
+        self.assertDictEqual(win_groupadd.add('foo'),
+                             {'changes': [], 'name': 'foo', 'result': None,
+                              'comment': 'The group foo already exists.'})
+
+    # 'delete' function tests: 1
+
+    def test_delete(self):
+        '''
+        Test if it remove the specified group
+        '''
+        self.assertDictEqual(win_groupadd.delete('foo'),
+                             {'changes': [], 'name': 'foo', 'result': None,
+                              'comment': 'The group foo does not exists.'})
+
+    # 'info' function tests: 1
+
+    def test_info(self):
+        '''
+        Test if it return information about a group.
+        '''
+        with patch(win_groupadd.win32.client, 'flag', None):
+            self.assertDictEqual(win_groupadd.info('dc=salt'),
+                                 {'gid': None,
+                                  'members': ['dc=\\user1'],
+                                  'passwd': None,
+                                  'name': 'WinNT://./dc=salt,group'})
+
+        with patch(win_groupadd.win32.client, 'flag', 1):
+            self.assertFalse(win_groupadd.info('dc=salt'))
+
+        with patch(win_groupadd.win32.client, 'flag', 2):
+            self.assertFalse(win_groupadd.info('dc=salt'))
+
+    # 'getent' function tests: 1
+
+    def test_getent(self):
+        '''
+        Test if it return info on all groups
+        '''
+        with patch.dict(win_groupadd.__context__, {'group.getent': True}):
+            self.assertTrue(win_groupadd.getent())
+
+    # 'adduser' function tests: 1
+
+    def test_adduser(self):
+        '''
+        Test if it add a user to a group
+        '''
+        with patch(win_groupadd.win32.client, 'flag', None):
+            self.assertDictEqual(win_groupadd.adduser('dc=foo', 'dc=\\username'),
+                                 {'changes': {'Users Added': ['dc=\\username']},
+                                  'comment': '', 'name': 'dc=foo', 'result': True})
+
+        with patch(win_groupadd.win32.client, 'flag', 1):
+            comt = ('Failed to add dc=\\username to group dc=foo.  C')
+            self.assertDictEqual(win_groupadd.adduser('dc=foo', 'dc=\\username'),
+                                 {'changes': {'Users Added': []}, 'name': 'dc=foo',
+                                  'comment': comt, 'result': False})
+
+    # 'deluser' function tests: 1
+
+    def test_deluser(self):
+        '''
+        Test if it remove a user to a group
+        '''
+        ret = {'changes': {'Users Removed': []},
+               'comment': 'User dc=\\username is not a member of dc=foo',
+               'name': 'dc=foo', 'result': None}
+
+        self.assertDictEqual(win_groupadd.deluser('dc=foo', 'dc=\\username'),
+                             ret)
+
+    # 'members' function tests: 1
+
+    def test_members(self):
+        '''
+        Test if it remove a user to a group
+        '''
+        comment = ['Failure accessing group dc=foo.  C']
+        ret = {'name': 'dc=foo', 'result': False, 'comment': comment,
+               'changes': {'Users Added': [], 'Users Removed': []}}
+
+        with patch(win_groupadd.win32.client, 'flag', 2):
+            self.assertDictEqual(win_groupadd.members
+                                 ('dc=foo', 'dc=\\user1,dc=\\user2,dc=\\user3'),
+                                 ret)
+
+        with patch(win_groupadd.win32.client, 'flag', 1):
+            comment = ['Failed to add dc=\\user2 to dc=foo.  C',
+                       'Failed to remove dc=\\user1 from dc=foo.  C']
+            ret.update({'comment': comment, 'result': False})
+            self.assertDictEqual(win_groupadd.members('dc=foo', 'dc=\\user2'), ret)
+
+        with patch(win_groupadd.win32.client, 'flag', None):
+            comment = ['dc=foo membership is correct']
+            ret.update({'comment': comment, 'result': None})
+            self.assertDictEqual(win_groupadd.members('dc=foo', 'dc=\\user1'), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(WinGroupTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/modules/win_servermanager_test.py salt-2015.5.3+ds/tests/unit/modules/win_servermanager_test.py
--- salt-2015.5.2+ds/tests/unit/modules/win_servermanager_test.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/modules/win_servermanager_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -63,7 +63,9 @@
         Test if it install a feature.
         '''
         with patch.dict(win_servermanager.__salt__, {'cmd.run': self._m_run()}):
-            self.assertDictEqual(win_servermanager.install('Telnet-Client'), {})
+            self.assertDictEqual(win_servermanager.install('Telnet-Client'), {
+                'message': ''
+            })
 
     # 'remove' function tests: 1
 
@@ -72,7 +74,9 @@
         Test if it remove an installed feature.
         '''
         with patch.dict(win_servermanager.__salt__, {'cmd.run': self._m_run()}):
-            self.assertDictEqual(win_servermanager.remove('Telnet-Client'), {})
+            self.assertDictEqual(win_servermanager.remove('Telnet-Client'), {
+                'message': ''
+            })
 
 
 if __name__ == '__main__':
diff -Nru salt-2015.5.2+ds/tests/unit/payload_test.py salt-2015.5.3+ds/tests/unit/payload_test.py
--- salt-2015.5.2+ds/tests/unit/payload_test.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/payload_test.py	2015-07-07 20:42:37.000000000 +0000
@@ -117,6 +117,7 @@
         sreq = self.get_sreq()
         assert sreq.send('clear', 'foo') == {'enc': 'clear', 'load': 'foo'}
 
+    @skipIf(True, 'Disabled until we can figure out how to make this more reliable.')
     def test_timeout(self):
         '''
         Test SREQ Timeouts
diff -Nru salt-2015.5.2+ds/tests/unit/pyobjects_test.py salt-2015.5.3+ds/tests/unit/pyobjects_test.py
--- salt-2015.5.2+ds/tests/unit/pyobjects_test.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/pyobjects_test.py	2015-07-07 20:42:37.000000000 +0000
@@ -18,7 +18,6 @@
 from salt.utils.odict import OrderedDict
 from salt.utils.pyobjects import (StateFactory, State, Registry,
                                   SaltObject, InvalidFunction, DuplicateState)
-
 File = StateFactory('file')
 Service = StateFactory('service')
 
@@ -281,7 +280,11 @@
         ]))
 
     def test_extend(self):
-        ret = self.render(extend_template)
+        ret = self.render(extend_template,
+                          {'grains': {
+                              'os_family': 'Debian',
+                              'os': 'Debian'
+                          }})
         self.assertEqual(ret, OrderedDict([
             ('include', ['http']),
             ('extend', OrderedDict([
@@ -324,7 +327,11 @@
 
     def test_requisite_implicit_list(self):
         '''Ensure that the implicit list characteristic works as expected'''
-        ret = self.render(requisite_implicit_list_template)
+        ret = self.render(requisite_implicit_list_template,
+                          {'grains': {
+                              'os_family': 'Debian',
+                              'os': 'Debian'
+                          }})
 
         self.assertEqual(ret, OrderedDict([
             ('pkg', OrderedDict([
diff -Nru salt-2015.5.2+ds/tests/unit/states/apt_test.py salt-2015.5.3+ds/tests/unit/states/apt_test.py
--- salt-2015.5.2+ds/tests/unit/states/apt_test.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/apt_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -18,16 +18,16 @@
 ensure_in_syspath('../../')
 
 # Import Salt Libs
-from salt.states import apt
+from salt.states import aptpkg
 
-apt.__opts__ = {}
-apt.__salt__ = {}
+aptpkg.__opts__ = {}
+aptpkg.__salt__ = {}
 
 
 @skipIf(NO_MOCK, NO_MOCK_REASON)
 class AptTestCase(TestCase):
     '''
-    Test cases for salt.states.apt
+    Test cases for salt.states.aptpkg
     '''
     # 'held' function tests: 1
 
@@ -43,8 +43,8 @@
                'comment': 'Package {0} does not have a state'.format(name)}
 
         mock = MagicMock(return_value=False)
-        with patch.dict(apt.__salt__, {'pkg.get_selections': mock}):
-            self.assertDictEqual(apt.held(name), ret)
+        with patch.dict(aptpkg.__salt__, {'pkg.get_selections': mock}):
+            self.assertDictEqual(aptpkg.held(name), ret)
 
 
 if __name__ == '__main__':
diff -Nru salt-2015.5.2+ds/tests/unit/states/file_test.py salt-2015.5.3+ds/tests/unit/states/file_test.py
--- salt-2015.5.2+ds/tests/unit/states/file_test.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/file_test.py	2015-07-07 20:42:37.000000000 +0000
@@ -733,7 +733,7 @@
                 self.assertDictEqual(filestate.recurse(name, source), ret)
 
             with patch.object(os.path, 'isabs', mock_t):
-                comt = ("'source' parameter is not a string or list of strings")
+                comt = ("Invalid source '1' (must be a salt:// URI)")
                 ret.update({'comment': comt})
                 self.assertDictEqual(filestate.recurse(name, 1), ret)
 
@@ -994,10 +994,7 @@
                                          ret)
 
                     ret.pop('data', None)
-                    comt = ('Given text is not a string or a list of strings')
-                    ret.update({'comment': comt, 'name': name})
-                    self.assertDictEqual(filestate.append(name), ret)
-
+                    ret.update({'name': name})
                     with patch.object(salt.utils, 'fopen',
                                       MagicMock(mock_open(read_data=''))):
                         comt = ('No text found to append. Nothing appended')
@@ -1077,10 +1074,7 @@
                                          ret)
 
                     ret.pop('data', None)
-                    comt = ('Given text is not a string or a list of strings')
-                    ret.update({'comment': comt, 'name': name})
-                    self.assertDictEqual(filestate.prepend(name), ret)
-
+                    ret.update({'name': name})
                     with patch.object(salt.utils, 'fopen',
                                       MagicMock(mock_open(read_data=''))):
                         with patch.object(salt.utils, 'istextfile', mock_f):
diff -Nru salt-2015.5.2+ds/tests/unit/states/postgres_group_test.py salt-2015.5.3+ds/tests/unit/states/postgres_group_test.py
--- salt-2015.5.2+ds/tests/unit/states/postgres_group_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/postgres_group_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,99 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import postgres_group
+
+postgres_group.__opts__ = {}
+postgres_group.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class PostgresGroupTestCase(TestCase):
+    '''
+    Test cases for salt.states.postgres_group
+    '''
+    # 'present' function tests: 1
+
+    def test_present(self):
+        '''
+        Test to ensure that the named group is present
+        with the specified privileges.
+        '''
+        name = 'frank'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': False,
+               'comment': ''}
+
+        mock_t = MagicMock(return_value=True)
+        mock = MagicMock(return_value=None)
+        with patch.dict(postgres_group.__salt__,
+                        {'postgres.role_get': mock,
+                         'postgres.group_create': mock_t}):
+            with patch.dict(postgres_group.__opts__, {'test': True}):
+                comt = ('Group {0} is set to be created'.format(name))
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(postgres_group.present(name), ret)
+
+            with patch.dict(postgres_group.__opts__, {'test': False}):
+                comt = ('The group {0} has been created'.format(name))
+                ret.update({'comment': comt, 'result': True})
+                self.assertDictEqual(postgres_group.present(name), ret)
+
+    # 'absent' function tests: 1
+
+    def test_absent(self):
+        '''
+        Test to ensure that the named group is absent.
+        '''
+        name = 'frank'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': False,
+               'comment': ''}
+
+        mock_t = MagicMock(return_value=True)
+        mock = MagicMock(side_effect=[True, True, False])
+        with patch.dict(postgres_group.__salt__,
+                        {'postgres.user_exists': mock,
+                         'postgres.group_remove': mock_t}):
+            with patch.dict(postgres_group.__opts__, {'test': True}):
+                comt = ('Group {0} is set to be removed'.format(name))
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(postgres_group.absent(name), ret)
+
+            with patch.dict(postgres_group.__opts__, {'test': False}):
+                comt = ('Group {0} has been removed'.format(name))
+                ret.update({'comment': comt, 'result': True,
+                            'changes': {name: 'Absent'}})
+                self.assertDictEqual(postgres_group.absent(name), ret)
+
+            comt = ('Group {0} is not present, so it cannot be removed'
+                    .format(name))
+            ret.update({'comment': comt, 'result': True, 'changes': {}})
+            self.assertDictEqual(postgres_group.absent(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(PostgresGroupTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/postgres_test.py salt-2015.5.3+ds/tests/unit/states/postgres_test.py
--- salt-2015.5.2+ds/tests/unit/states/postgres_test.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/postgres_test.py	2015-07-07 20:42:37.000000000 +0000
@@ -30,9 +30,9 @@
 OPTS = {'test': False}
 
 for postgres in MODS:
-    postgres.__grains__ = None  # in order to stub it w/patch below
-    postgres.__salt__ = None  # in order to stub it w/patch below
-    postgres.__opts__ = OPTS  # in order to stub it w/patch below
+    postgres.__grains__ = {}  # in order to stub it w/patch below
+    postgres.__salt__ = {}  # in order to stub it w/patch below
+    postgres.__opts__ = {}  # in order to stub it w/patch below
 
 if NO_MOCK is False:
     SALT_STUB = {
@@ -48,7 +48,8 @@
 @skipIf(NO_MOCK, NO_MOCK_REASON)
 @patch.multiple(postgres_user,
                 __grains__={'os_family': 'Linux'},
-                __salt__=SALT_STUB)
+                __salt__=SALT_STUB,
+                __opts__={'test': False})
 @patch('salt.utils.which', Mock(return_value='/usr/bin/pgsql'))
 class PostgresUserTestCase(TestCase):
 
@@ -58,7 +59,7 @@
     })
     def test_present__creation(self):
         # test=True
-        with patch.dict(OPTS, {'test': True}):
+        with patch.dict(postgres_user.__opts__, {'test': True}):
             ret = postgres_user.present('foo')
             self.assertEqual(
                 ret,
@@ -108,7 +109,7 @@
     })
     def test_present__update(self):
         # test=True
-        with patch.dict(OPTS, {'test': True}):
+        with patch.dict(postgres_user.__opts__, {'test': True}):
             ret = postgres_user.present('foo', login=True, replication=False)
             self.assertEqual(
                 ret,
@@ -180,7 +181,8 @@
 @skipIf(NO_MOCK, NO_MOCK_REASON)
 @patch.multiple(postgres_group,
                 __grains__={'os_family': 'Linux'},
-                __salt__=SALT_STUB)
+                __salt__=SALT_STUB,
+                __opts__={'test': False})
 @patch('salt.utils.which', Mock(return_value='/usr/bin/pgsql'))
 class PostgresGroupTestCase(TestCase):
 
@@ -190,7 +192,7 @@
     })
     def test_present__creation(self):
         # test=True
-        with patch.dict(OPTS, {'test': True}):
+        with patch.dict(postgres_group.__opts__, {'test': True}):
             ret = postgres_group.present('foo')
             self.assertEqual(
                 ret,
@@ -240,7 +242,7 @@
     })
     def test_present__update(self):
         # test=True
-        with patch.dict(OPTS, {'test': True}):
+        with patch.dict(postgres_group.__opts__, {'test': True}):
             ret = postgres_group.present('foo', login=True, replication=False)
             self.assertEqual(
                 ret,
@@ -312,7 +314,8 @@
 @skipIf(NO_MOCK, NO_MOCK_REASON)
 @patch.multiple(postgres_extension,
                 __grains__={'os_family': 'Linux'},
-                __salt__=SALT_STUB)
+                __salt__=SALT_STUB,
+                __opts__={'test': False})
 @patch('salt.utils.which', Mock(return_value='/usr/bin/pgsql'))
 class PostgresExtensionTestCase(TestCase):
 
@@ -396,26 +399,27 @@
         scenario of creating upgrading extensions with possible schema and
         version specifications
         '''
-        ret = postgres_extension.present('foo')
-        self.assertEqual(
-            ret,
-            {'comment': 'Extension foo is set to be installed',
-             'changes': {}, 'name': 'foo', 'result': None}
+        with patch.dict(postgres_extension.__opts__, {'test': True}):
+            ret = postgres_extension.present('foo')
+            self.assertEqual(
+                ret,
+                {'comment': 'Extension foo is set to be installed',
+                 'changes': {}, 'name': 'foo', 'result': None}
 
-        )
-        ret = postgres_extension.present('foo')
-        self.assertEqual(
-            ret,
-            {'comment': "Extension foo is set to be created",
-             'changes': {}, 'name': 'foo', 'result': None}
+            )
+            ret = postgres_extension.present('foo')
+            self.assertEqual(
+                ret,
+                {'comment': "Extension foo is set to be created",
+                 'changes': {}, 'name': 'foo', 'result': None}
 
-        )
-        ret = postgres_extension.present('foo')
-        self.assertEqual(
-            ret,
-            {'comment': "Extension foo is set to be upgraded",
-             'changes': {}, 'name': 'foo', 'result': None}
-        )
+            )
+            ret = postgres_extension.present('foo')
+            self.assertEqual(
+                ret,
+                {'comment': "Extension foo is set to be upgraded",
+                 'changes': {}, 'name': 'foo', 'result': None}
+            )
 
     @patch.dict(SALT_STUB, {
         'postgres.is_installed_extension': Mock(side_effect=[
@@ -477,7 +481,8 @@
         ]),
     })
     def test_absent_failedtest(self):
-        ret = postgres_extension.absent('foo')
+        with patch.dict(postgres_extension.__opts__, {'test': True}):
+            ret = postgres_extension.absent('foo')
         self.assertEqual(
             ret,
             {'comment': 'Extension foo is set to be removed',
@@ -488,7 +493,8 @@
 @skipIf(NO_MOCK, NO_MOCK_REASON)
 @patch.multiple(postgres_schema,
                 __grains__={'os_family': 'Linux'},
-                __salt__=SALT_STUB)
+                __salt__=SALT_STUB,
+                __opts__={'test': False})
 @patch('salt.utils.which', Mock(return_value='/usr/bin/pgsql'))
 class PostgresSchemaTestCase(TestCase):
 
diff -Nru salt-2015.5.2+ds/tests/unit/states/powerpath_test.py salt-2015.5.3+ds/tests/unit/states/powerpath_test.py
--- salt-2015.5.2+ds/tests/unit/states/powerpath_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/powerpath_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,122 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import powerpath
+
+powerpath.__opts__ = {}
+powerpath.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class PowerpathTestCase(TestCase):
+    '''
+    Test cases for salt.states.powerpath
+    '''
+    # 'license_present' function tests: 1
+
+    def test_license_present(self):
+        '''
+        Test to ensures that the specified PowerPath license key is present
+        on the host.
+        '''
+        name = 'mylic'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock_t = MagicMock(side_effect=[{'result': True, 'output': name},
+                                        {'result': False, 'output': name}])
+        mock = MagicMock(side_effect=[False, True, True, True, True])
+        mock_l = MagicMock(return_value=[{'key': name}])
+        with patch.dict(powerpath.__salt__,
+                        {'powerpath.has_powerpath': mock,
+                         'powerpath.list_licenses': mock_l,
+                         'powerpath.add_license': mock_t}):
+            comt = ('PowerPath is not installed.')
+            ret.update({'comment': comt, 'result': False})
+            self.assertDictEqual(powerpath.license_present(name), ret)
+
+            comt = ('License key {0} already present'.format(name))
+            ret.update({'comment': comt, 'result': True})
+            self.assertDictEqual(powerpath.license_present(name), ret)
+
+            with patch.dict(powerpath.__opts__, {'test': True}):
+                comt = ('License key Mylic is set to be added')
+                ret.update({'comment': comt, 'result': None, 'name': 'Mylic'})
+                self.assertDictEqual(powerpath.license_present('Mylic'), ret)
+
+            with patch.dict(powerpath.__opts__, {'test': False}):
+                ret.update({'comment': name, 'result': True,
+                            'changes': {'Mylic': 'added'}})
+                self.assertDictEqual(powerpath.license_present('Mylic'), ret)
+
+                ret.update({'result': False, 'changes': {}})
+                self.assertDictEqual(powerpath.license_present('Mylic'), ret)
+
+    # 'license_absent' function tests: 1
+
+    def test_license_absent(self):
+        '''
+        Test to ensures that the specified PowerPath license key is absent
+        on the host.
+        '''
+        name = 'mylic'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock_t = MagicMock(side_effect=[{'result': True, 'output': name},
+                                        {'result': False, 'output': name}])
+        mock = MagicMock(side_effect=[False, True, True, True, True])
+        mock_l = MagicMock(return_value=[{'key': 'salt'}])
+        with patch.dict(powerpath.__salt__,
+                        {'powerpath.has_powerpath': mock,
+                         'powerpath.list_licenses': mock_l,
+                         'powerpath.remove_license': mock_t}):
+            comt = ('PowerPath is not installed.')
+            ret.update({'comment': comt, 'result': False})
+            self.assertDictEqual(powerpath.license_absent(name), ret)
+
+            comt = ('License key {0} not present'.format(name))
+            ret.update({'comment': comt, 'result': True})
+            self.assertDictEqual(powerpath.license_absent(name), ret)
+
+            with patch.dict(powerpath.__opts__, {'test': True}):
+                comt = ('License key salt is set to be removed')
+                ret.update({'comment': comt, 'result': None, 'name': 'salt'})
+                self.assertDictEqual(powerpath.license_absent('salt'), ret)
+
+            with patch.dict(powerpath.__opts__, {'test': False}):
+                ret.update({'comment': name, 'result': True,
+                            'changes': {'salt': 'removed'}})
+                self.assertDictEqual(powerpath.license_absent('salt'), ret)
+
+                ret.update({'result': False, 'changes': {}})
+                self.assertDictEqual(powerpath.license_absent('salt'), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(PowerpathTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/process_test.py salt-2015.5.3+ds/tests/unit/states/process_test.py
--- salt-2015.5.2+ds/tests/unit/states/process_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/process_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,61 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import process
+
+process.__opts__ = {}
+process.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class ProcessTestCase(TestCase):
+    '''
+    Test cases for salt.states.process
+    '''
+    # 'absent' function tests: 1
+
+    def test_absent(self):
+        '''
+        Test to ensures that the named command is not running.
+        '''
+        name = 'apache2'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': None,
+               'comment': ''}
+
+        mock = MagicMock(return_value='')
+        with patch.dict(process.__salt__, {'ps.pgrep': mock,
+                                           'ps.pkill': mock}):
+            with patch.dict(process.__opts__, {'test': True}):
+                comt = ('No matching processes running')
+                ret.update({'comment': comt})
+                self.assertDictEqual(process.absent(name), ret)
+
+            with patch.dict(process.__opts__, {'test': False}):
+                ret.update({'result': True})
+                self.assertDictEqual(process.absent(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(ProcessTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/pyenv_test.py salt-2015.5.3+ds/tests/unit/states/pyenv_test.py
--- salt-2015.5.2+ds/tests/unit/states/pyenv_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/pyenv_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,139 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import pyenv
+
+pyenv.__opts__ = {}
+pyenv.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class PyenvTestCase(TestCase):
+    '''
+    Test cases for salt.states.pyenv
+    '''
+    # 'installed' function tests: 1
+
+    def test_installed(self):
+        '''
+        Test to verify that the specified python is installed with pyenv.
+        '''
+        name = 'python-2.7.6'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': None,
+               'comment': ''}
+
+        with patch.dict(pyenv.__opts__, {'test': True}):
+            comt = ('python 2.7.6 is set to be installed')
+            ret.update({'comment': comt})
+            self.assertDictEqual(pyenv.installed(name), ret)
+
+        with patch.dict(pyenv.__opts__, {'test': False}):
+            mock_f = MagicMock(side_effect=[False, False, True])
+            mock_fa = MagicMock(side_effect=[False, True])
+            mock_str = MagicMock(return_value='2.7.6')
+            mock_lst = MagicMock(return_value=['2.7.6'])
+            with patch.dict(pyenv.__salt__, {'pyenv.is_installed': mock_f,
+                                             'pyenv.install': mock_fa,
+                                             'pyenv.default': mock_str,
+                                             'pyenv.versions': mock_lst}):
+                comt = ('pyenv failed to install')
+                ret.update({'comment': comt, 'result': False})
+                self.assertDictEqual(pyenv.installed(name), ret)
+
+                comt = ('Requested python exists.')
+                ret.update({'comment': comt, 'result': True, 'default': True})
+                self.assertDictEqual(pyenv.installed(name), ret)
+
+                self.assertDictEqual(pyenv.installed(name), ret)
+
+    # 'absent' function tests: 1
+
+    def test_absent(self):
+        '''
+        Test to verify that the specified python is not installed with pyenv.
+        '''
+        name = 'python-2.7.6'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': None,
+               'comment': ''}
+
+        with patch.dict(pyenv.__opts__, {'test': True}):
+            comt = ('python 2.7.6 is set to be uninstalled')
+            ret.update({'comment': comt})
+            self.assertDictEqual(pyenv.absent(name), ret)
+
+        with patch.dict(pyenv.__opts__, {'test': False}):
+            mock_f = MagicMock(side_effect=[False, True])
+            mock_t = MagicMock(return_value=True)
+            mock_str = MagicMock(return_value='2.7.6')
+            mock_lst = MagicMock(return_value=['2.7.6'])
+            with patch.dict(pyenv.__salt__, {'pyenv.is_installed': mock_f,
+                                             'pyenv.uninstall_python': mock_t,
+                                             'pyenv.default': mock_str,
+                                             'pyenv.versions': mock_lst}):
+                comt = ('pyenv not installed, 2.7.6 not either')
+                ret.update({'comment': comt, 'result': True})
+                self.assertDictEqual(pyenv.absent(name), ret)
+
+                comt = ('Successfully removed python')
+                ret.update({'comment': comt, 'result': True, 'default': True,
+                            'changes': {'2.7.6': 'Uninstalled'}})
+                self.assertDictEqual(pyenv.absent(name), ret)
+
+    # 'install_pyenv' function tests: 1
+
+    def test_install_pyenv(self):
+        '''
+        Test to install pyenv if not installed.
+        '''
+        name = 'python-2.7.6'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': None,
+               'comment': ''}
+
+        with patch.dict(pyenv.__opts__, {'test': True}):
+            comt = ('pyenv is set to be installed')
+            ret.update({'comment': comt})
+            self.assertDictEqual(pyenv.install_pyenv(name), ret)
+
+        with patch.dict(pyenv.__opts__, {'test': False}):
+            mock_t = MagicMock(return_value=True)
+            mock_str = MagicMock(return_value='2.7.6')
+            mock_lst = MagicMock(return_value=['2.7.6'])
+            with patch.dict(pyenv.__salt__, {'pyenv.install_python': mock_t,
+                                             'pyenv.default': mock_str,
+                                             'pyenv.versions': mock_lst}):
+                comt = ('Successfully installed python')
+                ret.update({'comment': comt, 'result': True, 'default': False,
+                            'changes': {None: 'Installed'}})
+                self.assertDictEqual(pyenv.install_pyenv(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(PyenvTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/pyrax_queues_test.py salt-2015.5.3+ds/tests/unit/states/pyrax_queues_test.py
--- salt-2015.5.2+ds/tests/unit/states/pyrax_queues_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/pyrax_queues_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,94 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import pyrax_queues
+
+pyrax_queues.__opts__ = {}
+pyrax_queues.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class PyraxQueuesTestCase(TestCase):
+    '''
+    Test cases for salt.states.pyrax_queues
+    '''
+    # 'present' function tests: 1
+
+    def test_present(self):
+        '''
+        Test to ensure the RackSpace queue exists.
+        '''
+        name = 'myqueue'
+        provider = 'my-pyrax'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock_dct = MagicMock(side_effect=[{provider: {'salt': True}},
+                                          {provider: {'salt': False}},
+                                          {provider: {'salt': False}}, False])
+        with patch.dict(pyrax_queues.__salt__, {'cloud.action': mock_dct}):
+            comt = ('{0} present.'.format(name))
+            ret.update({'comment': comt})
+            self.assertDictEqual(pyrax_queues.present(name, provider), ret)
+
+            with patch.dict(pyrax_queues.__opts__, {'test': True}):
+                comt = ('Rackspace queue myqueue is set to be created.')
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(pyrax_queues.present(name, provider), ret)
+
+            with patch.dict(pyrax_queues.__opts__, {'test': False}):
+                comt = ('Failed to create myqueue Rackspace queue.')
+                ret.update({'comment': comt, 'result': False})
+                self.assertDictEqual(pyrax_queues.present(name, provider), ret)
+
+    # 'absent' function tests: 1
+
+    def test_absent(self):
+        '''
+        Test to ensure the named Rackspace queue is deleted.
+        '''
+        name = 'myqueue'
+        provider = 'my-pyrax'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock_dct = MagicMock(side_effect=[{provider: {'salt': False}},
+                                          {provider: {'salt': True}}])
+        with patch.dict(pyrax_queues.__salt__, {'cloud.action': mock_dct}):
+            comt = ('myqueue does not exist.')
+            ret.update({'comment': comt})
+            self.assertDictEqual(pyrax_queues.absent(name, provider), ret)
+
+            with patch.dict(pyrax_queues.__opts__, {'test': True}):
+                comt = ('Rackspace queue myqueue is set to be removed.')
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(pyrax_queues.absent(name, provider), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(PyraxQueuesTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/rabbitmq_plugin_test.py salt-2015.5.3+ds/tests/unit/states/rabbitmq_plugin_test.py
--- salt-2015.5.2+ds/tests/unit/states/rabbitmq_plugin_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/rabbitmq_plugin_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,86 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import rabbitmq_plugin
+
+rabbitmq_plugin.__opts__ = {}
+rabbitmq_plugin.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class RabbitmqPluginTestCase(TestCase):
+    '''
+    Test cases for salt.states.rabbitmq_plugin
+    '''
+    # 'enabled' function tests: 1
+
+    def test_enabled(self):
+        '''
+        Test to ensure the RabbitMQ plugin is enabled.
+        '''
+        name = 'some_plugin'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock = MagicMock(side_effect=[True, False])
+        with patch.dict(rabbitmq_plugin.__salt__,
+                        {'rabbitmq.plugin_is_enabled': mock}):
+            comt = ('Plugin some_plugin is already enabled')
+            ret.update({'comment': comt})
+            self.assertDictEqual(rabbitmq_plugin.enabled(name), ret)
+
+            with patch.dict(rabbitmq_plugin.__opts__, {'test': True}):
+                comt = ('Plugin some_plugin is set to be enabled')
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(rabbitmq_plugin.enabled(name), ret)
+
+    # 'disabled' function tests: 1
+
+    def test_disabled(self):
+        '''
+        Test to ensure the RabbitMQ plugin is disabled.
+        '''
+        name = 'some_plugin'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock = MagicMock(side_effect=[False, True])
+        with patch.dict(rabbitmq_plugin.__salt__,
+                        {'rabbitmq.plugin_is_enabled': mock}):
+            comt = ('Plugin some_plugin is not enabled')
+            ret.update({'comment': comt})
+            self.assertDictEqual(rabbitmq_plugin.disabled(name), ret)
+
+            with patch.dict(rabbitmq_plugin.__opts__, {'test': True}):
+                comt = ('Plugin some_plugin is set to be disabled')
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(rabbitmq_plugin.disabled(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(RabbitmqPluginTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/rabbitmq_policy_test.py salt-2015.5.3+ds/tests/unit/states/rabbitmq_policy_test.py
--- salt-2015.5.2+ds/tests/unit/states/rabbitmq_policy_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/rabbitmq_policy_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,92 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import rabbitmq_policy
+
+rabbitmq_policy.__opts__ = {}
+rabbitmq_policy.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class RabbitmqPolicyTestCase(TestCase):
+    '''
+    Test cases for salt.states.rabbitmq_policy
+    '''
+    # 'present' function tests: 1
+
+    def test_present(self):
+        '''
+        Test to ensure the RabbitMQ policy exists.
+        '''
+        name = 'HA'
+        pattern = '.*'
+        definition = '{"ha-mode":"all"}'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock = MagicMock(side_effect=[{'/': {name: {'pattern': pattern,
+                                                    'definition': definition,
+                                                    'priority': 0}}}, {}])
+        with patch.dict(rabbitmq_policy.__salt__,
+                        {'rabbitmq.list_policies': mock}):
+            comt = ('Policy / HA is already present')
+            ret.update({'comment': comt})
+            self.assertDictEqual(rabbitmq_policy.present(name, pattern,
+                                                         definition), ret)
+
+            with patch.dict(rabbitmq_policy.__opts__, {'test': True}):
+                comt = ('Policy / HA is set to be created')
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(rabbitmq_policy.present(name, pattern,
+                                                             definition), ret)
+
+    # 'absent' function tests: 1
+
+    def test_absent(self):
+        '''
+        Test to ensure the named policy is absent.
+        '''
+        name = 'HA'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock = MagicMock(side_effect=[False, True])
+        with patch.dict(rabbitmq_policy.__salt__,
+                        {'rabbitmq.policy_exists': mock}):
+            comt = ('Policy / HA is not present')
+            ret.update({'comment': comt})
+            self.assertDictEqual(rabbitmq_policy.absent(name), ret)
+
+            with patch.dict(rabbitmq_policy.__opts__, {'test': True}):
+                comt = ('Removing policy / HA')
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(rabbitmq_policy.absent(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(RabbitmqPolicyTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/rabbitmq_user_test.py salt-2015.5.3+ds/tests/unit/states/rabbitmq_user_test.py
--- salt-2015.5.2+ds/tests/unit/states/rabbitmq_user_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/rabbitmq_user_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,113 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import rabbitmq_user
+
+rabbitmq_user.__opts__ = {}
+rabbitmq_user.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class RabbitmqUserTestCase(TestCase):
+    '''
+    Test cases for salt.states.rabbitmq_user
+    '''
+    # 'present' function tests: 1
+
+    def test_present(self):
+        '''
+        Test to ensure the RabbitMQ user exists.
+        '''
+        name = 'foo'
+        passwd = 'password'
+        tag = 'user'
+        perms = [{'/': ['.*', '.*']}]
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock = MagicMock(side_effect=[True, False, True, True,
+                                      True, True, True])
+        mock_dct = MagicMock(return_value={name: set(tag)})
+        mock_pr = MagicMock(return_value=perms)
+        mock_add = MagicMock(return_value={'Added': name})
+        with patch.dict(rabbitmq_user.__salt__,
+                        {'rabbitmq.user_exists': mock,
+                         'rabbitmq.list_users': mock_dct,
+                         'rabbitmq.list_user_permissions': mock_pr,
+                         'rabbitmq.set_user_tags': mock_add}):
+            comt = ('User foo already presents')
+            ret.update({'comment': comt})
+            self.assertDictEqual(rabbitmq_user.present(name), ret)
+
+            with patch.dict(rabbitmq_user.__opts__, {'test': True}):
+                comt = ('User foo is set to be created')
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(rabbitmq_user.present(name), ret)
+
+                comt = ("User foo's password is set to be updated")
+                ret.update({'comment': comt})
+                self.assertDictEqual(rabbitmq_user.present(name,
+                                                           password=passwd,
+                                                           force=True), ret)
+
+                comt = ("User foo's password is set to be removed")
+                ret.update({'comment': comt})
+                self.assertDictEqual(rabbitmq_user.present(name, force=True),
+                                     ret)
+
+                comt = ('Tags for user foo is set to be changed')
+                ret.update({'comment': comt})
+                self.assertDictEqual(rabbitmq_user.present(name, tags=tag), ret)
+
+                comt = ('Permissions for user foo is set to be changed')
+                ret.update({'comment': comt})
+                self.assertDictEqual(rabbitmq_user.present(name, perms=perms),
+                                     ret)
+
+            with patch.dict(rabbitmq_user.__opts__, {'test': False}):
+                ret.update({'comment': name, 'result': True,
+                            'changes': {'new': 'Set tags: user\n', 'old': ''}})
+                self.assertDictEqual(rabbitmq_user.present(name, tags=tag), ret)
+
+    # 'absent' function tests: 1
+
+    def test_absent(self):
+        '''
+        Test to ensure the named user is absent.
+        '''
+        name = 'foo'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': 'User {0} is not present'.format(name)}
+
+        mock = MagicMock(return_value=False)
+        with patch.dict(rabbitmq_user.__salt__, {'rabbitmq.user_exists': mock}):
+            self.assertDictEqual(rabbitmq_user.absent(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(RabbitmqUserTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/rabbitmq_vhost_test.py salt-2015.5.3+ds/tests/unit/states/rabbitmq_vhost_test.py
--- salt-2015.5.2+ds/tests/unit/states/rabbitmq_vhost_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/rabbitmq_vhost_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,73 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import rabbitmq_vhost
+
+rabbitmq_vhost.__opts__ = {}
+rabbitmq_vhost.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class RabbitmqVhostTestCase(TestCase):
+    '''
+    Test cases for salt.states.rabbitmq_vhost
+    '''
+    # 'present' function tests: 1
+
+    def test_present(self):
+        '''
+        Test to ensure the RabbitMQ VHost exists.
+        '''
+        name = 'virtual_host'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': None,
+               'comment': 'Creating VHost virtual_host'}
+
+        mock = MagicMock(return_value=False)
+        with patch.dict(rabbitmq_vhost.__salt__,
+                        {'rabbitmq.vhost_exists': mock}):
+            with patch.dict(rabbitmq_vhost.__opts__, {'test': True}):
+                self.assertDictEqual(rabbitmq_vhost.present(name), ret)
+
+    # 'absent' function tests: 1
+
+    def test_absent(self):
+        '''
+        Test to ensure the named user is absent.
+        '''
+        name = 'myqueue'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': 'Virtual Host {0} is not present'.format(name)}
+
+        mock = MagicMock(return_value=False)
+        with patch.dict(rabbitmq_vhost.__salt__,
+                        {'rabbitmq.vhost_exists': mock}):
+            self.assertDictEqual(rabbitmq_vhost.absent(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(RabbitmqVhostTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/rbenv_test.py salt-2015.5.3+ds/tests/unit/states/rbenv_test.py
--- salt-2015.5.2+ds/tests/unit/states/rbenv_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/rbenv_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,135 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import rbenv
+
+rbenv.__opts__ = {}
+rbenv.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class RbenvTestCase(TestCase):
+    '''
+    Test cases for salt.states.rbenv
+    '''
+    # 'installed' function tests: 1
+
+    def test_installed(self):
+        '''
+        Test to verify that the specified ruby is installed with rbenv.
+        '''
+        name = 'rbenv-deps'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock_t = MagicMock(side_effect=[False, True, True])
+        mock_f = MagicMock(return_value=False)
+        mock_def = MagicMock(return_value='2.7')
+        mock_ver = MagicMock(return_value=['2.7'])
+        with patch.dict(rbenv.__salt__,
+                        {'rbenv.is_installed': mock_f,
+                         'rbenv.install': mock_t,
+                         'rbenv.default': mock_def,
+                         'rbenv.versions': mock_ver,
+                         'rbenv.install_ruby': mock_t}):
+            with patch.dict(rbenv.__opts__, {'test': True}):
+                comt = ('Ruby rbenv-deps is set to be installed')
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(rbenv.installed(name), ret)
+
+            with patch.dict(rbenv.__opts__, {'test': False}):
+                comt = ('Rbenv failed to install')
+                ret.update({'comment': comt, 'result': False})
+                self.assertDictEqual(rbenv.installed(name), ret)
+
+                comt = ('Successfully installed ruby')
+                ret.update({'comment': comt, 'result': True, 'default': False,
+                            'changes': {name: 'Installed'}})
+                self.assertDictEqual(rbenv.installed(name), ret)
+
+    # 'absent' function tests: 1
+
+    def test_absent(self):
+        '''
+        Test to verify that the specified ruby is not installed with rbenv.
+        '''
+        name = 'myqueue'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock = MagicMock(side_effect=[False, True])
+        mock_def = MagicMock(return_value='2.7')
+        mock_ver = MagicMock(return_value=['2.7'])
+        with patch.dict(rbenv.__salt__,
+                        {'rbenv.is_installed': mock,
+                         'rbenv.default': mock_def,
+                         'rbenv.versions': mock_ver}):
+            with patch.dict(rbenv.__opts__, {'test': True}):
+                comt = ('Ruby myqueue is set to be uninstalled')
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(rbenv.absent(name), ret)
+
+            with patch.dict(rbenv.__opts__, {'test': False}):
+                comt = ('Rbenv not installed, myqueue not either')
+                ret.update({'comment': comt, 'result': True})
+                self.assertDictEqual(rbenv.absent(name), ret)
+
+                comt = ('Ruby myqueue is already absent')
+                ret.update({'comment': comt, 'result': True})
+                self.assertDictEqual(rbenv.absent(name), ret)
+
+    # 'install_rbenv' function tests: 1
+
+    def test_install_rbenv(self):
+        '''
+        Test to install rbenv if not installed.
+        '''
+        name = 'myqueue'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        with patch.dict(rbenv.__opts__, {'test': True}):
+            comt = ('Rbenv is set to be installed')
+            ret.update({'comment': comt, 'result': None})
+            self.assertDictEqual(rbenv.install_rbenv(name), ret)
+
+        with patch.dict(rbenv.__opts__, {'test': False}):
+            mock = MagicMock(side_effect=[False, True])
+            with patch.dict(rbenv.__salt__,
+                            {'rbenv.is_installed': mock,
+                             'rbenv.install': mock}):
+                comt = ('Rbenv installed')
+                ret.update({'comment': comt, 'result': True})
+                self.assertDictEqual(rbenv.install_rbenv(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(RbenvTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/rdp_test.py salt-2015.5.3+ds/tests/unit/states/rdp_test.py
--- salt-2015.5.2+ds/tests/unit/states/rdp_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/rdp_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,102 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import rdp
+
+rdp.__opts__ = {}
+rdp.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class RdpTestCase(TestCase):
+    '''
+    Test cases for salt.states.rdp
+    '''
+    # 'enabled' function tests: 1
+
+    def test_enabled(self):
+        '''
+        Test to enable the RDP service and make sure access
+        to the RDP port is allowed in the firewall configuration.
+        '''
+        name = 'my_service'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock_t = MagicMock(side_effect=[False, False, True])
+        mock_f = MagicMock(return_value=False)
+        with patch.dict(rdp.__salt__,
+                        {'rdp.status': mock_t,
+                         'rdp.enable': mock_f}):
+            with patch.dict(rdp.__opts__, {'test': True}):
+                comt = ('RDP will be enabled')
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(rdp.enabled(name), ret)
+
+            with patch.dict(rdp.__opts__, {'test': False}):
+                ret.update({'comment': '', 'result': False,
+                            'changes': {'RDP was enabled': True}})
+                self.assertDictEqual(rdp.enabled(name), ret)
+
+                comt = ('RDP is enabled')
+                ret.update({'comment': comt, 'result': True,
+                            'changes': {}})
+                self.assertDictEqual(rdp.enabled(name), ret)
+
+    # 'disabled' function tests: 1
+
+    def test_disabled(self):
+        '''
+        Test to disable the RDP service.
+        '''
+        name = 'my_service'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock = MagicMock(side_effect=[True, True, False])
+        mock_t = MagicMock(return_value=True)
+        with patch.dict(rdp.__salt__,
+                        {'rdp.status': mock,
+                         'rdp.disable': mock_t}):
+            with patch.dict(rdp.__opts__, {'test': True}):
+                comt = ('RDP will be disabled')
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(rdp.disabled(name), ret)
+
+            with patch.dict(rdp.__opts__, {'test': False}):
+                ret.update({'comment': '', 'result': True,
+                            'changes': {'RDP was disabled': True}})
+                self.assertDictEqual(rdp.disabled(name), ret)
+
+                comt = ('RDP is disabled')
+                ret.update({'comment': comt, 'result': True, 'changes': {}})
+                self.assertDictEqual(rdp.disabled(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(RdpTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/redismod_test.py salt-2015.5.3+ds/tests/unit/states/redismod_test.py
--- salt-2015.5.2+ds/tests/unit/states/redismod_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/redismod_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,88 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import redismod
+
+redismod.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class RedismodTestCase(TestCase):
+    '''
+    Test cases for salt.states.redismod
+    '''
+    # 'string' function tests: 1
+
+    def test_string(self):
+        '''
+        Test to ensure that the key exists in redis with the value specified.
+        '''
+        name = 'key_in_redis'
+        value = 'string data'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': 'Key already set to defined value'}
+
+        mock = MagicMock(return_value=value)
+        with patch.dict(redismod.__salt__, {'redis.get_key': mock}):
+            self.assertDictEqual(redismod.string(name, value), ret)
+
+    # 'absent' function tests: 1
+
+    def test_absent(self):
+        '''
+        Test to ensure key absent from redis.
+        '''
+        name = 'key_in_redis'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock = MagicMock(side_effect=[False, True, True])
+        mock_t = MagicMock(return_value=False)
+        with patch.dict(redismod.__salt__,
+                        {'redis.exists': mock,
+                         'redis.delete': mock_t}):
+            comt = ('`keys` not formed as a list type')
+            ret.update({'comment': comt, 'result': False})
+            self.assertDictEqual(redismod.absent(name, 'key'), ret)
+
+            comt = ('Key(s) specified already absent')
+            ret.update({'comment': comt, 'result': True})
+            self.assertDictEqual(redismod.absent(name, ['key']), ret)
+
+            comt = ('Keys deleted')
+            ret.update({'comment': comt, 'changes': {'deleted': ['key']}})
+            self.assertDictEqual(redismod.absent(name, ['key']), ret)
+
+            comt = ('Key deleted')
+            ret.update({'comment': comt,
+                        'changes': {'deleted': ['key_in_redis']}})
+            self.assertDictEqual(redismod.absent(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(RedismodTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/reg_test.py salt-2015.5.3+ds/tests/unit/states/reg_test.py
--- salt-2015.5.2+ds/tests/unit/states/reg_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/reg_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,93 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import reg
+
+reg.__opts__ = {}
+reg.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class RegTestCase(TestCase):
+    '''
+    Test cases for salt.states.reg
+    '''
+    # 'present' function tests: 1
+
+    def test_present(self):
+        '''
+        Test to set a registry entry.
+        '''
+        name = 'HKEY_CURRENT_USER\\SOFTWARE\\Salt\\version'
+        value = '0.15.3'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': '{0} is already configured'.format(name)}
+
+        mock = MagicMock(side_effect=[value, 'a', 'a'])
+        mock_t = MagicMock(return_value=True)
+        with patch.dict(reg.__salt__, {'reg.read_key': mock,
+                                       'reg.set_key': mock_t}):
+            self.assertDictEqual(reg.present(name, value), ret)
+
+            with patch.dict(reg.__opts__, {'test': True}):
+                ret.update({'comment': '', 'result': None,
+                            'changes': {'reg': 'configured to 0.15.3'}})
+                self.assertDictEqual(reg.present(name, value), ret)
+
+            with patch.dict(reg.__opts__, {'test': False}):
+                ret.update({'result': True})
+                self.assertDictEqual(reg.present(name, value), ret)
+
+    # 'absent' function tests: 1
+
+    def test_absent(self):
+        '''
+        Test to remove a registry entry.
+        '''
+        name = 'HKEY_CURRENT_USER\\SOFTWARE\\Salt\\version'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': '{0} is already absent'.format(name)}
+
+        mock = MagicMock(side_effect=[False, True, True])
+        mock_t = MagicMock(return_value=True)
+        with patch.dict(reg.__salt__, {'reg.read_key': mock,
+                                       'reg.delete_key': mock_t}):
+            self.assertDictEqual(reg.absent(name), ret)
+
+            with patch.dict(reg.__opts__, {'test': True}):
+                ret.update({'comment': '', 'result': None,
+                            'changes': {'reg': 'Removed {0}'.format(name)}})
+                self.assertDictEqual(reg.absent(name), ret)
+
+            with patch.dict(reg.__opts__, {'test': False}):
+                ret.update({'result': True})
+                self.assertDictEqual(reg.absent(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(RegTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/schedule_test.py salt-2015.5.3+ds/tests/unit/states/schedule_test.py
--- salt-2015.5.2+ds/tests/unit/states/schedule_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/schedule_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,94 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import schedule
+
+schedule.__opts__ = {}
+schedule.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class ScheduleTestCase(TestCase):
+    '''
+    Test cases for salt.states.schedule
+    '''
+    # 'present' function tests: 1
+
+    def test_present(self):
+        '''
+        Test to ensure a job is present in the schedule.
+        '''
+        name = 'job1'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': False,
+               'comment': ''}
+
+        mock_dict = MagicMock(side_effect=[ret, []])
+        mock_mod = MagicMock(return_value=ret)
+        mock_lst = MagicMock(side_effect=[{name: {}}, {name: {}}, {}, {}])
+        with patch.dict(schedule.__salt__,
+                        {'schedule.list': mock_lst,
+                         'schedule.build_schedule_item': mock_dict,
+                         'schedule.modify': mock_mod,
+                         'schedule.add': mock_mod}):
+            self.assertDictEqual(schedule.present(name), ret)
+
+            with patch.dict(schedule.__opts__, {'test': False}):
+                self.assertDictEqual(schedule.present(name), ret)
+
+                self.assertDictEqual(schedule.present(name), ret)
+
+            with patch.dict(schedule.__opts__, {'test': True}):
+                ret.update({'result': True})
+                self.assertDictEqual(schedule.present(name), ret)
+
+    # 'absent' function tests: 1
+
+    def test_absent(self):
+        '''
+        Test to ensure a job is absent from the schedule.
+        '''
+        name = 'job1'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': False,
+               'comment': ''}
+
+        mock_mod = MagicMock(return_value=ret)
+        mock_lst = MagicMock(side_effect=[{name: {}}, {}])
+        with patch.dict(schedule.__salt__,
+                        {'schedule.list': mock_lst,
+                         'schedule.delete': mock_mod}):
+            with patch.dict(schedule.__opts__, {'test': False}):
+                self.assertDictEqual(schedule.absent(name), ret)
+
+            with patch.dict(schedule.__opts__, {'test': True}):
+                comt = ('Job job1 not present in schedule')
+                ret.update({'comment': comt, 'result': True})
+                self.assertDictEqual(schedule.absent(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(ScheduleTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/selinux_test.py salt-2015.5.3+ds/tests/unit/states/selinux_test.py
--- salt-2015.5.2+ds/tests/unit/states/selinux_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/selinux_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,136 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import selinux
+
+selinux.__opts__ = {}
+selinux.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class SelinuxTestCase(TestCase):
+    '''
+    Test cases for salt.states.selinux
+    '''
+    # 'mode' function tests: 1
+
+    def test_mode(self):
+        '''
+        Test to verifies the mode SELinux is running in,
+        can be set to enforcing or permissive.
+        '''
+        ret = {'name': '',
+               'changes': {},
+               'result': False,
+               'comment': ''}
+
+        comt = ('unknown is not an accepted mode')
+        ret.update({'name': 'unknown', 'comment': comt})
+        self.assertDictEqual(selinux.mode('unknown'), ret)
+
+        mock_en = MagicMock(return_value='Enforcing')
+        mock_pr = MagicMock(side_effect=['Permissive', 'Enforcing'])
+        with patch.dict(selinux.__salt__,
+                        {'selinux.getenforce': mock_en,
+                         'selinux.setenforce': mock_pr}):
+            comt = ('SELinux is already in Enforcing mode')
+            ret.update({'name': 'Enforcing', 'comment': comt, 'result': True})
+            self.assertDictEqual(selinux.mode('Enforcing'), ret)
+
+            with patch.dict(selinux.__opts__, {'test': True}):
+                comt = ('SELinux mode is set to be changed to Permissive')
+                ret.update({'name': 'Permissive', 'comment': comt,
+                            'result': None})
+                self.assertDictEqual(selinux.mode('Permissive'), ret)
+
+            with patch.dict(selinux.__opts__, {'test': False}):
+                comt = ('SELinux has been set to Permissive mode')
+                ret.update({'name': 'Permissive', 'comment': comt,
+                            'result': True})
+                self.assertDictEqual(selinux.mode('Permissive'), ret)
+
+                comt = ('Failed to set SELinux to Permissive mode')
+                ret.update({'name': 'Permissive', 'comment': comt,
+                            'result': False})
+                self.assertDictEqual(selinux.mode('Permissive'), ret)
+
+    # 'boolean' function tests: 1
+
+    def test_boolean(self):
+        '''
+        Test to set up an SELinux boolean.
+        '''
+        name = 'samba_create_home_dirs'
+        value = True
+        ret = {'name': name,
+               'changes': {},
+               'result': False,
+               'comment': ''}
+
+        mock_en = MagicMock(return_value=[])
+        with patch.dict(selinux.__salt__,
+                        {'selinux.list_sebool': mock_en}):
+            comt = ('Boolean {0} is not available'.format(name))
+            ret.update({'comment': comt})
+            self.assertDictEqual(selinux.boolean(name, value), ret)
+
+        mock_bools = MagicMock(return_value={name: {'State': 'on',
+                                                    'Default': 'on'}})
+        with patch.dict(selinux.__salt__,
+                        {'selinux.list_sebool': mock_bools}):
+            comt = ('None is not a valid value for the boolean')
+            ret.update({'comment': comt})
+            self.assertDictEqual(selinux.boolean(name, None), ret)
+
+            comt = ('Boolean is in the correct state')
+            ret.update({'comment': comt, 'result': True})
+            self.assertDictEqual(selinux.boolean(name, value, True), ret)
+
+            comt = ('Boolean is in the correct state')
+            ret.update({'comment': comt, 'result': True})
+            self.assertDictEqual(selinux.boolean(name, value), ret)
+
+        mock_bools = MagicMock(return_value={name: {'State': 'off',
+                                                    'Default': 'on'}})
+        mock = MagicMock(side_effect=[True, False])
+        with patch.dict(selinux.__salt__,
+                        {'selinux.list_sebool': mock_bools,
+                         'selinux.setsebool': mock}):
+            with patch.dict(selinux.__opts__, {'test': True}):
+                comt = ('Boolean samba_create_home_dirs'
+                        ' is set to be changed to on')
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(selinux.boolean(name, value), ret)
+
+            with patch.dict(selinux.__opts__, {'test': False}):
+                comt = ('Boolean samba_create_home_dirs has been set to on')
+                ret.update({'comment': comt, 'result': True})
+                self.assertDictEqual(selinux.boolean(name, value), ret)
+
+                comt = ('Failed to set the boolean '
+                        'samba_create_home_dirs to on')
+                ret.update({'comment': comt, 'result': True})
+                self.assertDictEqual(selinux.boolean(name, value), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(SelinuxTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/serverdensity_device_test.py salt-2015.5.3+ds/tests/unit/states/serverdensity_device_test.py
--- salt-2015.5.2+ds/tests/unit/states/serverdensity_device_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/serverdensity_device_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,70 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import serverdensity_device
+
+serverdensity_device.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class ServerdensityDeviceTestCase(TestCase):
+    '''
+    Test cases for salt.states.serverdensity_device
+    '''
+    # 'monitored' function tests: 1
+
+    def test_monitored(self):
+        '''
+        Test to device is monitored with Server Density.
+        '''
+        name = 'my_special_server'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock_dict = MagicMock(return_value={'id': name})
+        mock_t = MagicMock(side_effect=[True, {'agentKey': True},
+                                        [{'agentKey': True}]])
+        mock_sd = MagicMock(side_effect=[['sd-agent'], [], True])
+        with patch.dict(serverdensity_device.__salt__,
+                        {'status.all_status': mock_dict,
+                         'grains.items': mock_dict,
+                         'serverdensity_device.ls': mock_t,
+                         'pkg.list_pkgs': mock_sd,
+                         'serverdensity_device.install_agent': mock_sd}):
+            comt = ('Such server name already exists in this'
+                    ' Server Density account. And sd-agent is installed')
+            ret.update({'comment': comt})
+            self.assertDictEqual(serverdensity_device.monitored(name), ret)
+
+            comt = ('Successfully installed agent and created'
+                    ' device in Server Density db.')
+            ret.update({'comment': comt, 'changes': {'created_device':
+                                                     {'agentKey': True},
+                                                     'installed_agent': True}})
+            self.assertDictEqual(serverdensity_device.monitored(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(ServerdensityDeviceTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/slack_test.py salt-2015.5.3+ds/tests/unit/states/slack_test.py
--- salt-2015.5.2+ds/tests/unit/states/slack_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/slack_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,83 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import slack
+
+slack.__salt__ = {}
+slack.__opts__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class SlackTestCase(TestCase):
+    '''
+    Test cases for salt.states.slack
+    '''
+    # 'post_message' function tests: 1
+
+    def test_post_message(self):
+        '''
+        Test to send a message to a Slack channel.
+        '''
+        name = 'slack-message'
+        channel = '#general'
+        from_name = 'SuperAdmin'
+        message = 'This state was executed successfully.'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': None,
+               'comment': ''}
+
+        with patch.dict(slack.__opts__, {'test': True}):
+            comt = ('The following message is to be sent to Slack: {0}'
+                    .format(message))
+            ret.update({'comment': comt})
+            self.assertDictEqual(slack.post_message(name, channel, from_name,
+                                                    message), ret)
+
+        with patch.dict(slack.__opts__, {'test': False}):
+            comt = ('Slack channel is missing: None')
+            ret.update({'comment': comt, 'result': False})
+            self.assertDictEqual(slack.post_message(name, None, from_name,
+                                                    message), ret)
+
+            comt = ('Slack from name is missing: None')
+            ret.update({'comment': comt, 'result': False})
+            self.assertDictEqual(slack.post_message(name, channel, None,
+                                                    message), ret)
+
+            comt = ('Slack message is missing: None')
+            ret.update({'comment': comt, 'result': False})
+            self.assertDictEqual(slack.post_message(name, channel, from_name,
+                                                    None), ret)
+
+            mock = MagicMock(return_value=True)
+            with patch.dict(slack.__salt__, {'slack.post_message': mock}):
+                comt = ('Sent message: slack-message')
+                ret.update({'comment': comt, 'result': True})
+                self.assertDictEqual(slack.post_message(name, channel,
+                                                        from_name, message),
+                                     ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(SlackTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/splunk_search_test.py salt-2015.5.3+ds/tests/unit/states/splunk_search_test.py
--- salt-2015.5.2+ds/tests/unit/states/splunk_search_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/splunk_search_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,90 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import splunk_search
+
+splunk_search.__salt__ = {}
+splunk_search.__opts__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class SplunkSearchTestCase(TestCase):
+    '''
+    Test cases for salt.states.splunk_search
+    '''
+    # 'present' function tests: 1
+
+    def test_present(self):
+        '''
+        Test to ensure a search is present.
+        '''
+        name = 'API Error Search'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': None,
+               'comment': ''}
+
+        mock = MagicMock(side_effect=[True, False, False, True])
+        with patch.dict(splunk_search.__salt__, {'splunk_search.get': mock,
+                                                 'splunk_search.create': mock}):
+            with patch.dict(splunk_search.__opts__, {'test': True}):
+                comt = ("Would update {0}".format(name))
+                ret.update({'comment': comt})
+                self.assertDictEqual(splunk_search.present(name), ret)
+
+                comt = ("Would create {0}".format(name))
+                ret.update({'comment': comt})
+                self.assertDictEqual(splunk_search.present(name), ret)
+
+            with patch.dict(splunk_search.__opts__, {'test': False}):
+                ret.update({'comment': '', 'result': True,
+                            'changes': {'new': {}, 'old': False}})
+                self.assertDictEqual(splunk_search.present(name), ret)
+
+    # 'absent' function tests: 1
+
+    def test_absent(self):
+        '''
+        Test to ensure a search is absent.
+        '''
+        name = 'API Error Search'
+
+        ret = {'name': name,
+               'result': None,
+               'comment': ''}
+
+        mock = MagicMock(side_effect=[True, False])
+        with patch.dict(splunk_search.__salt__, {'splunk_search.get': mock}):
+            with patch.dict(splunk_search.__opts__, {'test': True}):
+                comt = ("Would delete {0}".format(name))
+                ret.update({'comment': comt})
+                self.assertDictEqual(splunk_search.absent(name), ret)
+
+            comt = ('{0} is absent.'.format(name))
+            ret.update({'comment': comt, 'result': True,
+                        'changes': {}})
+            self.assertDictEqual(splunk_search.absent(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(SplunkSearchTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/ssh_auth_test.py salt-2015.5.3+ds/tests/unit/states/ssh_auth_test.py
--- salt-2015.5.2+ds/tests/unit/states/ssh_auth_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/ssh_auth_test.py	2015-07-07 20:42:37.000000000 +0000
@@ -0,0 +1,112 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import ssh_auth
+
+ssh_auth.__salt__ = {}
+ssh_auth.__opts__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class SshAuthTestCase(TestCase):
+    '''
+    Test cases for salt.states.ssh_auth
+    '''
+    # 'present' function tests: 1
+
+    def test_present(self):
+        '''
+        Test to verifies that the specified SSH key
+        is present for the specified user.
+        '''
+        name = 'sshkeys'
+        user = 'root'
+        source = 'salt://ssh_keys/id_rsa.pub'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        mock = MagicMock(return_value='exists')
+        mock_data = MagicMock(side_effect=['replace', 'new'])
+        with patch.dict(ssh_auth.__salt__, {'ssh.check_key': mock,
+                                            'ssh.set_auth_key': mock_data}):
+            with patch.dict(ssh_auth.__opts__, {'test': True}):
+                comt = ('The authorized host key sshkeys is already '
+                        'present for user root')
+                ret.update({'comment': comt})
+                self.assertDictEqual(ssh_auth.present(name, user, source), ret)
+
+            with patch.dict(ssh_auth.__opts__, {'test': False}):
+                comt = ('The authorized host key sshkeys '
+                        'for user root was updated')
+                ret.update({'comment': comt, 'changes': {name: 'Updated'}})
+                self.assertDictEqual(ssh_auth.present(name, user, source), ret)
+
+                comt = ('The authorized host key sshkeys '
+                        'for user root was added')
+                ret.update({'comment': comt, 'changes': {name: 'New'}})
+                self.assertDictEqual(ssh_auth.present(name, user, source), ret)
+
+    # 'absent' function tests: 1
+
+    def test_absent(self):
+        '''
+        Test to verifies that the specified SSH key is absent.
+        '''
+        name = 'sshkeys'
+        user = 'root'
+        source = 'salt://ssh_keys/id_rsa.pub'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': None,
+               'comment': ''}
+
+        mock = MagicMock(side_effect=['User authorized keys file not present',
+                                      'Key removed'])
+        mock_up = MagicMock(side_effect=['update', 'updated'])
+        with patch.dict(ssh_auth.__salt__, {'ssh.rm_auth_key': mock,
+                                            'ssh.check_key': mock_up}):
+            with patch.dict(ssh_auth.__opts__, {'test': True}):
+                comt = ('Key sshkeys is set for removal')
+                ret.update({'comment': comt})
+                self.assertDictEqual(ssh_auth.absent(name, user, source), ret)
+
+                comt = ('Key is already absent')
+                ret.update({'comment': comt, 'result': True})
+                self.assertDictEqual(ssh_auth.absent(name, user, source), ret)
+
+            with patch.dict(ssh_auth.__opts__, {'test': False}):
+                comt = ('User authorized keys file not present')
+                ret.update({'comment': comt, 'result': False})
+                self.assertDictEqual(ssh_auth.absent(name, user, source), ret)
+
+                comt = ('Key removed')
+                ret.update({'comment': comt, 'result': True,
+                            'changes': {name: 'Removed'}})
+                self.assertDictEqual(ssh_auth.absent(name, user, source), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(SshAuthTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/ssh_known_hosts_test.py salt-2015.5.3+ds/tests/unit/states/ssh_known_hosts_test.py
--- salt-2015.5.2+ds/tests/unit/states/ssh_known_hosts_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/ssh_known_hosts_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,177 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+import os
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import ssh_known_hosts
+
+ssh_known_hosts.__salt__ = {}
+ssh_known_hosts.__opts__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class SshKnownHostsTestCase(TestCase):
+    '''
+    Test cases for salt.states.ssh_known_hosts
+    '''
+    # 'present' function tests: 1
+
+    def test_present(self):
+        '''
+        Test to verifies that the specified host is known by the specified user.
+        '''
+        name = 'github.com'
+        user = 'root'
+        key = '16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48'
+        fingerprint = [key]
+
+        ret = {'name': name,
+               'changes': {},
+               'result': False,
+               'comment': ''}
+
+        with patch.dict(ssh_known_hosts.__opts__, {'test': True}):
+            with patch.object(os.path, 'isabs', MagicMock(return_value=False)):
+                comt = ('If not specifying a "user", '
+                        'specify an absolute "config".')
+                ret.update({'comment': comt})
+                self.assertDictEqual(ssh_known_hosts.present(name), ret)
+
+            comt = ('Specify either "key" or "fingerprint", not both.')
+            ret.update({'comment': comt})
+            self.assertDictEqual(ssh_known_hosts.present(name, user, key=key,
+                                                         fingerprint=[key]),
+                                 ret)
+
+            comt = ('Required argument "enc" if using "key" argument.')
+            ret.update({'comment': comt})
+            self.assertDictEqual(ssh_known_hosts.present(name, user, key=key),
+                                 ret)
+
+            mock = MagicMock(side_effect=['exists', 'add', 'update'])
+            with patch.dict(ssh_known_hosts.__salt__,
+                            {'ssh.check_known_host': mock}):
+                comt = ('Host github.com is already in .ssh/known_hosts')
+                ret.update({'comment': comt, 'result': True})
+                self.assertDictEqual(ssh_known_hosts.present(name, user), ret)
+
+                comt = ('Key for github.com is set to be'
+                        ' added to .ssh/known_hosts')
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(ssh_known_hosts.present(name, user), ret)
+
+                comt = ('Key for github.com is set to be '
+                        'updated in .ssh/known_hosts')
+                ret.update({'comment': comt})
+                self.assertDictEqual(ssh_known_hosts.present(name, user), ret)
+
+        with patch.dict(ssh_known_hosts.__opts__, {'test': False}):
+            result = {'status': 'exists', 'error': ''}
+            mock = MagicMock(return_value=result)
+            with patch.dict(ssh_known_hosts.__salt__,
+                            {'ssh.set_known_host': mock}):
+                comt = ('github.com already exists in .ssh/known_hosts')
+                ret.update({'comment': comt, 'result': True})
+                self.assertDictEqual(ssh_known_hosts.present(name, user), ret)
+
+            result = {'status': 'error', 'error': ''}
+            mock = MagicMock(return_value=result)
+            with patch.dict(ssh_known_hosts.__salt__,
+                            {'ssh.set_known_host': mock}):
+                ret.update({'comment': '', 'result': False})
+                self.assertDictEqual(ssh_known_hosts.present(name, user), ret)
+
+            result = {'status': 'updated', 'error': '',
+                      'new': {'fingerprint': fingerprint, 'key': key},
+                      'old': ''}
+            mock = MagicMock(return_value=result)
+            with patch.dict(ssh_known_hosts.__salt__,
+                            {'ssh.set_known_host': mock}):
+                comt = ("{0}'s key saved to .ssh/known_hosts (key: {1})"
+                        .format(name, key))
+                ret.update({'comment': comt, 'result': True,
+                            'changes': {'new': {'fingerprint': fingerprint,
+                                                'key': key}, 'old': ''}})
+                self.assertDictEqual(ssh_known_hosts.present(name, user,
+                                                             key=key), ret)
+
+                comt = ("{0}'s key saved to .ssh/known_hosts (fingerprint: {1})"
+                        .format(name, fingerprint))
+                ret.update({'comment': comt})
+                self.assertDictEqual(ssh_known_hosts.present(name, user), ret)
+
+    # 'absent' function tests: 1
+
+    def test_absent(self):
+        '''
+        Test to verifies that the specified host is not known by the given user.
+        '''
+        name = 'github.com'
+        user = 'root'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': False,
+               'comment': ''}
+
+        with patch.object(os.path, 'isabs', MagicMock(return_value=False)):
+            comt = ('If not specifying a "user", '
+                    'specify an absolute "config".')
+            ret.update({'comment': comt})
+            self.assertDictEqual(ssh_known_hosts.absent(name), ret)
+
+        mock = MagicMock(return_value=False)
+        with patch.dict(ssh_known_hosts.__salt__,
+                        {'ssh.get_known_host': mock}):
+            comt = ('Host is already absent')
+            ret.update({'comment': comt, 'result': True})
+            self.assertDictEqual(ssh_known_hosts.absent(name, user), ret)
+
+        mock = MagicMock(return_value=True)
+        with patch.dict(ssh_known_hosts.__salt__,
+                        {'ssh.get_known_host': mock}):
+            with patch.dict(ssh_known_hosts.__opts__, {'test': True}):
+                comt = ('Key for github.com is set to be'
+                        ' removed from .ssh/known_hosts')
+                ret.update({'comment': comt, 'result': None})
+                self.assertDictEqual(ssh_known_hosts.absent(name, user), ret)
+
+            with patch.dict(ssh_known_hosts.__opts__, {'test': False}):
+                result = {'status': 'error', 'error': ''}
+                mock = MagicMock(return_value=result)
+                with patch.dict(ssh_known_hosts.__salt__,
+                                {'ssh.rm_known_host': mock}):
+                    ret.update({'comment': '', 'result': False})
+                    self.assertDictEqual(ssh_known_hosts.absent(name, user),
+                                         ret)
+
+                result = {'status': 'removed', 'error': '',
+                          'comment': 'removed'}
+                mock = MagicMock(return_value=result)
+                with patch.dict(ssh_known_hosts.__salt__,
+                                {'ssh.rm_known_host': mock}):
+                    ret.update({'comment': 'removed', 'result': True,
+                                'changes': {'new': None, 'old': True}})
+                    self.assertDictEqual(ssh_known_hosts.absent(name, user),
+                                         ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(SshKnownHostsTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/status_test.py salt-2015.5.3+ds/tests/unit/states/status_test.py
--- salt-2015.5.2+ds/tests/unit/states/status_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/status_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,99 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import status
+
+status.__salt__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class StatusTestCase(TestCase):
+    '''
+    Test cases for salt.states.status
+    '''
+    # 'loadavg' function tests: 1
+
+    def test_loadavg(self):
+        '''
+        Test to return the current load average for the specified minion.
+        '''
+        name = 'mymonitor'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'data': {},
+               'comment': ''}
+
+        mock = MagicMock(return_value=[])
+        with patch.dict(status.__salt__, {'status.loadavg': mock}):
+            comt = ('Requested load average mymonitor not available ')
+            ret.update({'comment': comt, 'result': False})
+            self.assertDictEqual(status.loadavg(name), ret)
+
+        mock = MagicMock(return_value={name: 3})
+        with patch.dict(status.__salt__, {'status.loadavg': mock}):
+            comt = ('Min must be less than max')
+            ret.update({'comment': comt, 'result': False})
+            self.assertDictEqual(status.loadavg(name, 1, 5), ret)
+
+            comt = ('Load avg is below minimum of 4 at 3.0')
+            ret.update({'comment': comt, 'data': 3})
+            self.assertDictEqual(status.loadavg(name, 5, 4), ret)
+
+            comt = ('Load avg above maximum of 2 at 3.0')
+            ret.update({'comment': comt, 'data': 3})
+            self.assertDictEqual(status.loadavg(name, 2, 1), ret)
+
+            comt = ('Load avg in acceptable range')
+            ret.update({'comment': comt, 'result': True})
+            self.assertDictEqual(status.loadavg(name, 3, 1), ret)
+
+    # 'process' function tests: 1
+
+    def test_process(self):
+        '''
+        Test to return whether the specified signature
+        is found in the process tree.
+        '''
+        name = 'mymonitor'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'data': {},
+               'comment': ''}
+
+        mock = MagicMock(side_effect=[{}, {name: 1}])
+        with patch.dict(status.__salt__, {'status.pid': mock}):
+            comt = ('Process signature "mymonitor" not found ')
+            ret.update({'comment': comt, 'result': False})
+            self.assertDictEqual(status.process(name), ret)
+
+            comt = ('Process signature "mymonitor" was found ')
+            ret.update({'comment': comt, 'result': True,
+                        'data': {name: 1}})
+            self.assertDictEqual(status.process(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(StatusTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/supervisord_test.py salt-2015.5.3+ds/tests/unit/states/supervisord_test.py
--- salt-2015.5.2+ds/tests/unit/states/supervisord_test.py	1970-01-01 00:00:00.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/supervisord_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -0,0 +1,102 @@
+# -*- coding: utf-8 -*-
+'''
+    :codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
+'''
+# Import Python libs
+from __future__ import absolute_import
+
+# Import Salt Testing Libs
+from salttesting import skipIf, TestCase
+from salttesting.mock import (
+    NO_MOCK,
+    NO_MOCK_REASON,
+    MagicMock,
+    patch
+)
+
+from salttesting.helpers import ensure_in_syspath
+
+ensure_in_syspath('../../')
+
+# Import Salt Libs
+from salt.states import supervisord
+
+supervisord.__salt__ = {}
+supervisord.__opts__ = {}
+
+
+@skipIf(NO_MOCK, NO_MOCK_REASON)
+class SupervisordTestCase(TestCase):
+    '''
+    Test cases for salt.states.supervisord
+    '''
+    # 'running' function tests: 1
+
+    def test_running(self):
+        '''
+        Test to ensure the named service is running.
+        '''
+        name = 'wsgi_server'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': True,
+               'comment': ''}
+
+        comt = ('Supervisord module not activated.'
+                ' Do you need to install supervisord?')
+        ret.update({'comment': comt, 'result': False})
+        self.assertDictEqual(supervisord.running(name), ret)
+
+        mock = MagicMock(return_value={name: {'state': 'running'}})
+        with patch.dict(supervisord.__salt__, {'supervisord.status': mock}):
+            with patch.dict(supervisord.__opts__, {'test': True}):
+                comt = ('Service wsgi_server is already running')
+                ret.update({'comment': comt, 'result': True})
+                self.assertDictEqual(supervisord.running(name), ret)
+
+            with patch.dict(supervisord.__opts__, {'test': False}):
+                comt = ('Not starting already running service: wsgi_server')
+                ret.update({'comment': comt})
+                self.assertDictEqual(supervisord.running(name), ret)
+
+    # 'dead' function tests: 1
+
+    def test_dead(self):
+        '''
+        Test to ensure the named service is dead (not running).
+        '''
+        name = 'wsgi_server'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': None,
+               'comment': ''}
+
+        with patch.dict(supervisord.__opts__, {'test': True}):
+            comt = ('Service {0} is set to be stopped'.format(name))
+            ret.update({'comment': comt})
+            self.assertDictEqual(supervisord.dead(name), ret)
+
+    # 'mod_watch' function tests: 1
+
+    def test_mod_watch(self):
+        '''
+        Test to always restart on watch.
+        '''
+        name = 'wsgi_server'
+
+        ret = {'name': name,
+               'changes': {},
+               'result': None,
+               'comment': ''}
+
+        comt = ('Supervisord module not activated.'
+                ' Do you need to install supervisord?')
+        ret.update({'comment': comt, 'result': False})
+        self.assertDictEqual(supervisord.mod_watch(name), ret)
+
+
+if __name__ == '__main__':
+    from integration import run_tests
+    run_tests(SupervisordTestCase, needs_daemon=False)
diff -Nru salt-2015.5.2+ds/tests/unit/states/win_servermanager_test.py salt-2015.5.3+ds/tests/unit/states/win_servermanager_test.py
--- salt-2015.5.2+ds/tests/unit/states/win_servermanager_test.py	2015-05-28 18:09:42.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/states/win_servermanager_test.py	2015-07-01 21:33:42.000000000 +0000
@@ -56,7 +56,7 @@
 
                 with patch.dict(win_servermanager.__opts__, {"test": False}):
                     ret.update({'changes': {'feature': {'Success': 'True'}},
-                                'result': True})
+                                'result': True, 'comment': 'Installed salt'})
                     self.assertDictEqual(win_servermanager.installed('salt'),
                                          ret)
 
diff -Nru salt-2015.5.2+ds/tests/unit/utils/vt_test.py salt-2015.5.3+ds/tests/unit/utils/vt_test.py
--- salt-2015.5.2+ds/tests/unit/utils/vt_test.py	2015-06-04 16:38:15.000000000 +0000
+++ salt-2015.5.3+ds/tests/unit/utils/vt_test.py	2015-07-07 20:42:37.000000000 +0000
@@ -118,6 +118,7 @@
                 # We're pushing the system resources, let's keep going
                 continue
 
+    @skipIf(True, 'Disabled until we can figure out how to make this more reliable.')
     def test_isalive_while_theres_data_to_read(self):
         expected_data = 'Alive!\n'
         term = vt.Terminal('echo "Alive!"', shell=True, stream_stdout=False, stream_stderr=False)