In order to fix potential shell injection vulnerabilities in salt
modules, a change has been made to the various cmd module functions.
These functions now default to python_shell=False, which means that
the commands will not be sent to an actual shell.
The largest side effect of this change is that "shellisms", such as
pipes, will not work by default. The modules shipped with salt have
been audited to fix any issues that might have arisen from this
change. Additionally, the cmd state module has been unaffected, and
use of cmd.run in jinja is also unaffected. cmd.run calls on the
CLI will also allow shellisms.
However, custom execution modules which use shellisms in cmd calls
will break, unless you pass python_shell=True to these calls.
As a temporary workaround, you can set cmd_safe: False in your
minion and master configs. This will revert the default, but is
also less secure, as it will allow shell injection vulnerabilities
to be written in custom code. We recommend you only set this
setting for as long as it takes to resolve these issues in your
custom code, then remove the override.