diff --git a/setup/so-functions b/setup/so-functions index 06dcd10de..b3ea2b476 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1377,6 +1377,45 @@ minio_generate_keys() { } +network_init() { + case "$setup_type" in + 'iso') + whiptail_set_hostname + whiptail_management_nic + whiptail_dhcp_or_static + + if [ "$address_type" != 'DHCP' ]; then + whiptail_management_interface_ip + whiptail_management_interface_mask + whiptail_management_interface_gateway + whiptail_management_interface_dns + whiptail_management_interface_dns_search + fi + ;; + 'network') + whiptail_network_notice + whiptail_dhcp_warn + whiptail_set_hostname + whiptail_management_nic + ;; + esac + + if [[ $is_minion ]]; then + whiptail_management_server + fi + + if [[ $is_minion || $is_iso ]]; then + whiptail_management_interface_setup + fi + + # Init networking so rest of install works + disable_ipv6 + set_hostname + if [[ "$setup_type" == 'iso' ]]; then + set_management_interface + fi +} + network_setup() { { echo "Finishing up network setup"; diff --git a/setup/so-setup b/setup/so-setup index 8300fe6ae..f0954fa3a 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -67,7 +67,7 @@ while [[ $# -gt 0 ]]; do esac done -if ! [ -f /root/install_opt ] && [ -d /root/manager_setup/securityonion ] && [[ $(pwd) != /root/manager_setup/securityonion/setup ]]; then +if ! [ -f $install_opt_file ] && [ -d /root/manager_setup/securityonion ] && [[ $(pwd) != /root/manager_setup/securityonion/setup ]]; then exec bash /root/manager_setup/securityonion/setup/so-setup "${original_args[@]}" fi @@ -81,7 +81,7 @@ fi parse_install_username -if ! [ -f /root/install_opt ]; then +if ! [ -f $install_opt_file ]; then # Begin Installation pre-processing title "Initializing Setup" info "Installing as the $INSTALLUSERNAME user" @@ -164,17 +164,33 @@ if [ "$automated" == no ]; then fi fi -if ! [ -f /root/install_opt ]; then +if ! [[ -f $install_opt_file ]]; then if (whiptail_you_sure); then true else echo "User cancelled setup." | tee -a "$setup_log" whiptail_cancel fi - - whiptail_install_type + if [[ $setup_type == 'iso' ]]; then + whiptail_first_menu_iso + if [[ $option == "Configure Network" ]] && ! [[ -f $net_init_file ]]; then + network_init + printf '%s\n' \ + "MNIC=$MNIC" \ + "HOSTNAME=$HOSTNAME" \ + "MSRV=$MSRV" \ + "MSRVIP=$MSRVIP" > "$net_init_file" + whiptail --title "Security Onion Setup" \ + --msgbox "Successfully set up networking, setup will now exit." 7 75 + exit 0 + else + whiptail_install_type + fi + else + whiptail_install_type + fi else - source /root/install_opt + source $install_opt_file fi if [ "$install_type" = 'EVAL' ]; then @@ -230,7 +246,7 @@ if [[ ( $is_manager || $is_import ) && $is_iso ]]; then fi fi -if ! [ -f /root/install_opt ]; then +if ! [ -f $install_opt_file ]; then if [[ $is_manager && $is_sensor ]]; then check_requirements "standalone" elif [[ $is_fleet_standalone ]]; then @@ -243,41 +259,10 @@ if ! [ -f /root/install_opt ]; then check_requirements "import" fi - case "$setup_type" in - 'iso') - whiptail_set_hostname - whiptail_management_nic - whiptail_dhcp_or_static - - if [ "$address_type" != 'DHCP' ]; then - whiptail_management_interface_ip - whiptail_management_interface_mask - whiptail_management_interface_gateway - whiptail_management_interface_dns - whiptail_management_interface_dns_search - fi - ;; - 'network') - whiptail_network_notice - whiptail_dhcp_warn - whiptail_set_hostname - whiptail_management_nic - ;; - esac - - if [[ $is_minion ]]; then - whiptail_management_server - fi - - if [[ $is_minion || $is_iso ]]; then - whiptail_management_interface_setup - fi - - # Init networking so rest of install works - disable_ipv6 - set_hostname - if [[ "$setup_type" == 'iso' ]]; then - set_management_interface + if [[ -f $net_init_file ]]; then + network_init + else + source $net_init_file fi if [[ -n "$TURBO" ]]; then @@ -298,8 +283,8 @@ if ! [ -f /root/install_opt ]; then "install_type=$install_type" \ "MNIC=$MNIC" \ "HOSTNAME=$HOSTNAME" \ - "MSRV=$MSRV"\ - "MSRVIP=$MSRVIP" > /root/install_opt + "MSRV=$MSRV" \ + "MSRVIP=$MSRVIP" > "$install_opt_file" download_repo_tarball exec bash /root/manager_setup/securityonion/setup/so-setup "${original_args[@]}" fi @@ -396,7 +381,10 @@ if [[ $is_manager && ! $is_eval ]]; then whiptail_manager_adv_escluster fi fi - whiptail_zeek_version + whiptail_metadata_tool + if [ "$MANAGERADV" = 'ADVANCED' ] && [ "$ZEEKVERSION" != 'SURICATA' ]; then + whiptail_manager_adv_service_zeeklogs + fi # Don't run this function for now since Snort is not yet supported # whiptail_nids NIDS=Suricata @@ -406,9 +394,6 @@ if [[ $is_manager && ! $is_eval ]]; then whiptail_oinkcode fi - if [ "$MANAGERADV" = 'ADVANCED' ] && [ "$ZEEKVERSION" != 'SURICATA' ]; then - whiptail_manager_adv_service_zeeklogs - fi fi if [[ $is_manager ]]; then diff --git a/setup/so-variables b/setup/so-variables index 1f154a5c0..e3ae8cbc8 100644 --- a/setup/so-variables +++ b/setup/so-variables @@ -66,3 +66,9 @@ mkdir -p "$local_salt_dir" SCRIPTDIR=$(pwd) export SCRIPTDIR + +install_opt_file=/root/install_opt +export install_opt_file + +net_init_file=/root/net_int +export net_init_file diff --git a/setup/so-whiptail b/setup/so-whiptail index d60352bdd..2cee5f7f1 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -658,6 +658,17 @@ whiptail_log_size_limit() { } +whiptail_first_menu_iso() { + [ -n "$TESTING" ] && return + + option=$(whiptail --title "Security Onion Setup" --menu "Select an option" 10 75 2 \ + "Configure Network" "Configure networking only " \ + "Security Onion Installer" "Run the standard Security Onion installation " \ + 3>&1 1>&2 2>&3 + ) + local exitstatus=$? + whiptail_check_exitstatus $exitstatus +} whiptail_make_changes() { [ -n "$TESTING" ] && return