## added to sudoers filejenkins ALL=(ALL) NOPASSWD: /usr/bin/salt-call event.

1. ## added to sudoers file
2. jenkins  ALL=(ALL) NOPASSWD: /usr/bin/salt-call event.fire_master*
3.  
4. # cli command to send event to Salt Master
5. jenkins@daveMinion:/test$ sudo salt-call event.fire_master 'tests passed' 'jenkins'
6. local:
7.     True
8.  
9. # attempted use of other salt commands.
10. jenkins@daveMinion:/test$ sudo salt-call pkg.install vim
11. [sudo] password for jenkins:
12. Sorry, user jenkins is not allowed to execute '/usr/bin/salt-call pkg.install vim' as root on localhost.
13.  
14. # attempted potentially malicious command from cli
15. jenkins@daveMinion:/test$ sudo salt-call cmd.run 'cat /etc/shadow'
16. [sudo] password for jenkins:
17. Sorry, user jenkins is not allowed to execute '/usr/bin/salt-call cmd.run cat /etc/shadow' as root on localhost.
18.  
19. jenkins@daveMinion:/test$ salt-call cmd.run 'cat /etc/shadow'
20. Error parsing configuration file: /etc/salt/minion - [Errno 13] Permission denied: '/etc/salt/minion'
21. Failed to create directory path "/etc/salt/pki/minion" - [Errno 13] Permission denied: '/etc/salt/pki/minion'