Merge pull request #6949 from Security-Onion-Solutions/issue/6811

Issue/6811

salt/common/tools/sbin/so-common

@@ -405,6 +405,21 @@ set_version() {
 	fi
 }
 
+systemctl_func() {
+	local action=$1
+	local echo_action=$1
+	local service_name=$2
+
+	if [[ "$echo_action" == "stop" ]]; then
+		echo_action="stopp"
+	fi
+
+	echo ""
+	echo "${echo_action^}ing $service_name service at $(date +"%T.%6N")"
+    systemctl $action $service_name && echo "Successfully ${echo_action}ed $service_name." || echo "Failed to $action $service_name."
+	echo ""
+}
+
 has_uppercase() {
 	local string=$1
 

salt/common/tools/sbin/soup

@@ -92,6 +92,10 @@ check_err() {
     if [[ $exit_code -ge 64 && $exit_code -le 113 ]]; then
       echo "$err_msg"
     fi
+    set +e
+    systemctl_func "start" "$cron_service_name"
+    echo "Ensuring highstate is enabled."
+    salt-call state.enable highstate --local
     exit $exit_code
   fi
 
@@ -483,10 +487,7 @@ stop_salt_master() {
     echo "Storing salt-master pid."
     MASTERPID=$(pgrep salt-master | head -1)
     echo "Found salt-master PID $MASTERPID"
-    echo ""
-    echo "Stopping Salt Master service at $(date +"%T.%6N")"
-    systemctl stop salt-master
-    echo ""
+    systemctl_func "stop" "salt-master"
     timeout 30 tail --pid=$MASTERPID -f /dev/null || echo "salt-master still running at $(date +"%T.%6N") after waiting 30s. We cannot kill due to systemd restart option."
 }
 
@@ -505,8 +506,7 @@ stop_salt_minion() {
     echo "Storing salt-minion pid."
     MINIONPID=$(pgrep salt-minion | head -1)
     echo "Found salt-minion PID $MINIONPID"
-    echo "Stopping Salt Minion service at $(date +"%T.%6N")."
-    systemctl stop salt-minion
+    systemctl_func "stop" "salt-minion"
 
     set +e
     timeout 30 tail --pid=$MINIONPID -f /dev/null || echo "Killing salt-minion at $(date +"%T.%6N") after waiting 30s" && pkill -9 -ef /usr/bin/salt-minion
@@ -1033,9 +1033,7 @@ main() {
     echo "Performing upgrade from Security Onion $INSTALLEDVERSION to Security Onion $NEWVERSION."
     echo ""
 
-    echo "Stopping $cron_service_name service at $(date +"%T.%6N")."
-    echo ""
-    systemctl stop "$cron_service_name"
+    systemctl_func "stop" "$cron_service_name"
 
     # update mine items prior to stopping salt-minion and salt-master
     update_salt_mine
@@ -1104,9 +1102,7 @@ main() {
     echo "Locking down Salt Master for upgrade at $(date +"%T.%6N")."
     masterlock
 
-    echo ""
-    echo "Starting Salt Master service at $(date +"%T.%6N")."
-    systemctl start salt-master
+    systemctl_func "start" "salt-master"
 
     # Testing that salt-master is up by checking that is it connected to itself
     set +e
@@ -1150,9 +1146,7 @@ main() {
 
     masterunlock
 
-    echo ""
-    echo "Starting Salt Master service at $(date +"%T.%6N") ."
-    systemctl start salt-master
+    systemctl_func "start" "salt-master"
 
     set +e
     echo "Waiting on the Salt Master service to be ready."
@@ -1191,6 +1185,8 @@ main() {
     echo "Checking for necessary user migrations."
     so-user migrate
 
+    systemctl_func "start" "$cron_service_name"
+
     if [[ -n $lsl_msg ]]; then
       case $lsl_msg in
         'distributed')
@@ -1207,9 +1203,6 @@ main() {
       esac
     fi
 
-    echo "Starting $cron_service_name service at $(date +"%T.%6N")."
-    systemctl start "$cron_service_name"
-
     if [[ $NUM_MINIONS -gt 1 ]]; then
 
       cat << EOF

salt/salt/enable_highstate.sls

@@ -1,7 +0,0 @@
-enable_highstate:
-  module.run:
-    - state.enable:
-      - states:
-        - highstate
-    - unless: pgrep soup
-  

salt/top.sls

@@ -20,7 +20,6 @@
 base:
 
   '*':
-    - salt.enable_highstate
     - cron.running
 
   'not G@saltversion:{{saltversion}}':