stop cron before soup upgrades the manager, start cron at the end. add cron state that is in included in common

salt/common/init.sls

@@ -4,8 +4,9 @@
 {% set role = grains.id.split('_') | last %}
 {% from 'elasticsearch/auth.map.jinja' import ELASTICAUTH with context %}
 
-{% if grains.role in ['so-eval', 'so-manager', 'so-standalone', 'so-managersearch', 'so-import'] %}
 include:
+  - cron.running
+{% if grains.role in ['so-eval', 'so-manager', 'so-standalone', 'so-managersearch', 'so-import'] %}
   - manager.elasticsearch # needed for elastic_curl_config state
 {% endif %}
 

salt/common/tools/sbin/so-common

@@ -360,6 +360,13 @@ run_check_net_err() {
 		exit $exit_code
 	fi
 }
+set_cron_service_name() {
+  if [[ "$OS" == "centos" ]]; then
+    cron_service_name="crond"
+  else
+    cron_service_name="cron"
+  fi
+}
 
 set_os() {
 	if [ -f /etc/redhat-release ]; then

salt/common/tools/sbin/soup

@@ -988,6 +988,7 @@ main() {
   verify_latest_update_script
   echo ""
   set_os
+  set_cron_service_name
   set_palette
   check_elastic_license
   echo ""
@@ -1021,6 +1022,10 @@ main() {
     echo "Performing upgrade from Security Onion $INSTALLEDVERSION to Security Onion $NEWVERSION."
     echo ""
 
+    echo "Stopping $cron_service_name service at $(date +"%T.%6N")."
+    echo ""
+    systemctl stop "$cron_service_name"
+
     # update mine items prior to stopping salt-minion and salt-master
     update_salt_mine
 
@@ -1191,6 +1196,9 @@ main() {
       esac
     fi
 
+    echo "Starting $cron_service_name service at $(date +"%T.%6N")."
+    systemctl start "$cron_service_name"
+
     if [[ $NUM_MINIONS -gt 1 ]]; then
 
       cat << EOF