[BUG] Salt master tries to access /etc/salt/grains when it shouldn't need to

[Sxderp]

Description
When running the salt-master as non-root the service attempts to access /etc/salt/grains. As far as I'm aware it shouldn't need to access that file. The grains file should be reserved for the minion running on the host.

Setup
RHEL9

• on-prem machine
• VM (Redhat Virtualization)
• VM running on a cloud service, please be explicit and add details
• container (Kubernetes, Docker, containerd, etc. please specify)
• or a combination, please be explicit
• jails if it is FreeBSD
• classic packaging
• onedir packaging
• used bootstrap to install

Steps to Reproduce the behavior
Install salt-master.
Configure master to run as non-root.

cat << EOF > /etc/systemd/system/salt-master.service.d/override.conf
[Service]
User=salt
Group=salt
ExecStartPre=+chown salt:salt -R /etc/salt/pki/master /etc/salt/master /etc/salt/master.d /var/cache/salt/master /var/run/salt/master /var/log/salt
EOF
systemctl daemon-reload

Expected behavior
To not try and access the grains file. Or at least don't error.

Screenshots

Traceback (most recent call last):
  File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/loader/__init__.py", line 1188, in grains
    ret = funcs[key](**kwargs)
  File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/loader/lazy.py", line 160, in __call__
    ret = self.loader.run(run_func, *args, **kwargs)
  File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/loader/lazy.py", line 1269, in run
    return self._last_context.run(self._run_as, _func_or_method, *args, **kwargs)
  File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/loader/lazy.py", line 1284, in _run_as
    return _func_or_method(*args, **kwargs)
  File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/grains/extra.py", line 57, in config
    with salt.utils.files.fopen(gfn, "rb") as fp_:
  File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/utils/files.py", line 388, in fopen
    f_handle = open(  # pylint: disable=resource-leakage,unspecified-encoding 
PermissionError: [Errno 13] Permission denied: '/etc/salt/grains'

Versions Report

salt --versions-report

Salt Version:
          Salt: 3007.1
 
Python Version:
        Python: 3.10.14 (main, Apr  3 2024, 21:30:09) [GCC 11.2.0]
 
Dependency Versions:
          cffi: 1.16.0
      cherrypy: unknown
      dateutil: 2.8.2
     docker-py: Not Installed
         gitdb: Not Installed
     gitpython: Not Installed
        Jinja2: 3.1.4
       libgit2: Not Installed
  looseversion: 1.3.0
      M2Crypto: Not Installed
          Mako: Not Installed
       msgpack: 1.0.7
  msgpack-pure: Not Installed
  mysql-python: Not Installed
     packaging: 23.1
     pycparser: 2.21
      pycrypto: Not Installed
  pycryptodome: 3.19.1
        pygit2: Not Installed
  python-gnupg: 0.5.2
        PyYAML: 6.0.1
         PyZMQ: 25.1.2
        relenv: 0.16.0
         smmap: Not Installed
       timelib: 0.3.0
       Tornado: 6.3.3
           ZMQ: 4.3.4
 
Salt Package Information:
  Package Type: onedir
 
System Versions:
          dist: rhel 9.4 Plow
        locale: utf-8
       machine: x86_64
       release: 5.14.0-427.20.1.el9_4.x86_64
        system: Linux
       version: Red Hat Enterprise Linux 9.4 Plow

[dwoz]

This should be fixed in 3007.x and back ported to 3006.x, or fixed in 3006.x and merged forward.