diff --git a/modules/salt/manifests/master.pp b/modules/salt/manifests/master.pp
index 729590a33a..19406bc43d 100644
--- a/modules/salt/manifests/master.pp
+++ b/modules/salt/manifests/master.pp
@@ -18,6 +18,27 @@ class salt::master {
     require => Apt::Ppa['ppa:saltstack/salt'],
   }
 
+  group { 'salt':
+    ensure => present,
+    system => true,
+  }
+
+  user { 'salt':
+    ensure => present,
+    gid    => 'salt',
+    home   => '/home/salt',
+    shell  => '/bin/bash',
+    system => true,
+  }
+
+  file { '/home/salt':
+    ensure  => directory,
+    owner   => 'salt',
+    group   => 'salt',
+    mode    => '0755',
+    require => User['salt'],
+  }
+
   file { '/etc/salt/master':
     ensure => present,
     owner   => 'root',
@@ -31,7 +52,10 @@ class salt::master {
   service { 'salt-master':
     ensure    => running,
     enable    => true,
-    require   => File['/etc/salt/master'],
+    require   => [
+      User['salt'],
+      File['/etc/salt/master'],
+    ],
     subscribe => [
       Package['salt-master'],
       File['/etc/salt/master'],
diff --git a/modules/salt/templates/master.erb b/modules/salt/templates/master.erb
index ad73a74568..30fbfe2658 100644
--- a/modules/salt/templates/master.erb
+++ b/modules/salt/templates/master.erb
@@ -18,7 +18,7 @@
 # The user to run the salt-master as. Salt will update all permissions to
 # allow the specified user to run the master. If the modified files cause
 # conflicts set verify_env to False.
-#user: root
+user: salt
 
 # Max open files
 # Each minion connecting to the master uses AT LEAST one file descriptor, the