From 63eebdf6acf582b4d0c373b089bd91c55488729a Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Tue, 25 Jul 2023 09:58:26 -0400 Subject: [PATCH 1/7] installer_prereq_packages is run for debian during detect_os so not needed again --- setup/so-setup | 5 ----- 1 file changed, 5 deletions(-) diff --git a/setup/so-setup b/setup/so-setup index b696b6f7b..bd9347581 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -459,7 +459,6 @@ if ! [[ -f $install_opt_file ]]; then whiptail_end_settings elif [[ $is_sensor ]]; then info "Setting up as node type sensor" - installer_prereq_packages monints=true check_requirements "sensor" calculate_useable_cores @@ -489,7 +488,6 @@ if ! [[ -f $install_opt_file ]]; then elif [[ $is_searchnode ]]; then info "Setting up as node type searchnode" - installer_prereq_packages check_requirements "elasticsearch" networking_needful check_network_manager_conf @@ -503,7 +501,6 @@ if ! [[ -f $install_opt_file ]]; then elif [[ $is_heavynode ]]; then info "Setting up as node type heavynode" - installer_prereq_packages monints=true check_requirements "heavynode" calculate_useable_cores @@ -520,7 +517,6 @@ if ! [[ -f $install_opt_file ]]; then elif [[ $is_idh ]]; then info "Setting up as node type idh" - installer_prereq_packages check_requirements "idh" networking_needful collect_mngr_hostname @@ -553,7 +549,6 @@ if ! [[ -f $install_opt_file ]]; then elif [[ $is_receiver ]]; then info "Setting up as node type receiver" - installer_prereq_packages check_requirements "receiver" networking_needful collect_mngr_hostname From fd69d1c714ebec38127c8cab70716d965f82b95c Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Tue, 25 Jul 2023 09:59:02 -0400 Subject: [PATCH 2/7] remove quotes so sed will work in logCmd --- setup/so-functions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/so-functions b/setup/so-functions index de2e5cd40..4d65b6256 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1056,7 +1056,7 @@ installer_prereq_packages() { retry 150 10 "apt-get -y install network-manager ethtool" >> "$setup_log" 2>&1 || fail_setup if [[ $is_debian ]]; then info "Enabling network manager for the main interface" - logCmd "sed -i 's/managed=false/managed=true/g' /etc/NetworkManager/NetworkManager.conf" + logCmd "sed -i s/managed=false/managed=true/g /etc/NetworkManager/NetworkManager.conf" fi logCmd systemctl enable NetworkManager logCmd systemctl start NetworkManager From 39662ccf14751ca633d1f9d7df8c40238a638a8f Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Tue, 25 Jul 2023 10:21:44 -0400 Subject: [PATCH 3/7] import rpm logic change --- salt/common/tools/sbin/so-common | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/common/tools/sbin/so-common b/salt/common/tools/sbin/so-common index 551cff0ac..53c8664d2 100755 --- a/salt/common/tools/sbin/so-common +++ b/salt/common/tools/sbin/so-common @@ -210,7 +210,7 @@ gpg_rpm_import() { rpm --import $RPMKEYSLOC/$RPMKEY echo "Imported $RPMKEY" done - else + elif [[ $is_rpm ]]; then info "Importing the security onion GPG key" rpm --import ../salt/repo/client/files/oracle/keys/securityonion.pub fi From e334d44c95852d921a06d93018664adc59cddafc Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Tue, 25 Jul 2023 11:03:10 -0400 Subject: [PATCH 4/7] need quotes for logCmd --- setup/so-functions | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 4d65b6256..92ae30a6e 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1058,8 +1058,8 @@ installer_prereq_packages() { info "Enabling network manager for the main interface" logCmd "sed -i s/managed=false/managed=true/g /etc/NetworkManager/NetworkManager.conf" fi - logCmd systemctl enable NetworkManager - logCmd systemctl start NetworkManager + logCmd "systemctl enable NetworkManager" + logCmd "systemctl start NetworkManager" fi if ! command -v curl > /dev/null 2>&1; then retry 150 10 "apt-get -y install curl" >> "$setup_log" 2>&1 || fail_setup From 60eb1611ea36a512faf017180a73e9c1d50abe1f Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Tue, 25 Jul 2023 16:06:38 -0400 Subject: [PATCH 5/7] upgrade packages for debian and reboot prior to so installation --- setup/so-setup | 10 ++++++++++ setup/so-whiptail | 17 +++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/setup/so-setup b/setup/so-setup index bd9347581..47b9416ea 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -86,6 +86,16 @@ if [[ $not_supported ]]; then fi fi +# we need to upgrade packages on debian prior to install and reboot if there are due to iptables-restore not running properly +# if packages are updated and the box isn't rebooted +if [[ $is_debian ]]; then + update_packages + if [[ -f "/var/run/reboot-required" ]]; then + whiptail_debian_reboot_required + reboot + fi +fi + # Check to see if this is the setup type of "desktop". is_desktop= if [ "$setup_type" = 'desktop' ]; then diff --git a/setup/so-whiptail b/setup/so-whiptail index 3c5a2504e..7d3d1b70b 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -27,6 +27,23 @@ whiptail_airgap() { fi } +whiptail_debian_reboot_required() { + + [ -n "$TESTING" ] && return + + read -r -d '' message <<- EOM + + Packages were upgraded and a reboot is required prior to Security Onion installation. + + Press TAB and then the ENTER key to reboot the system. + + Once the reboot has completed, rerun Security Onion setup. + + EOM + + whiptail --title "$whiptail_title" --msgbox "$message" 24 75 --scrolltext +} + whiptail_desktop_install() { [ -n "$TESTING" ] && return From ba6043392c5403e4df1da3a70116ca46c7cf1cc5 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Tue, 25 Jul 2023 16:18:01 -0400 Subject: [PATCH 6/7] reorder whiptail text --- setup/so-whiptail | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/setup/so-whiptail b/setup/so-whiptail index 7d3d1b70b..4e9ccea60 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -35,10 +35,10 @@ whiptail_debian_reboot_required() { Packages were upgraded and a reboot is required prior to Security Onion installation. - Press TAB and then the ENTER key to reboot the system. - Once the reboot has completed, rerun Security Onion setup. + Press TAB and then the ENTER key to reboot the system. + EOM whiptail --title "$whiptail_title" --msgbox "$message" 24 75 --scrolltext From 0aab3e185e401ce1587dfaafb51db7a24b33cf9a Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Wed, 26 Jul 2023 15:16:44 -0400 Subject: [PATCH 7/7] dont manage interfaces listed in /etc/network/interfaces for debian --- setup/so-functions | 4 ---- 1 file changed, 4 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 92ae30a6e..491b2563a 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1054,10 +1054,6 @@ installer_prereq_packages() { if ! command -v nmcli > /dev/null 2>&1; then info "Installing network-manager" retry 150 10 "apt-get -y install network-manager ethtool" >> "$setup_log" 2>&1 || fail_setup - if [[ $is_debian ]]; then - info "Enabling network manager for the main interface" - logCmd "sed -i s/managed=false/managed=true/g /etc/NetworkManager/NetworkManager.conf" - fi logCmd "systemctl enable NetworkManager" logCmd "systemctl start NetworkManager" fi