From d9416f3828124f562c68aab1164ae2f7c7e24a1a Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 11 Apr 2022 11:04:25 -0400 Subject: [PATCH 01/10] Salt local install of Analyst Workstation --- setup/so-functions | 15 +++++++++++++++ setup/so-setup | 14 +++++++++----- 2 files changed, 24 insertions(+), 5 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index ec1b25a26..2a1ab638b 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -138,6 +138,21 @@ analyze_system() { logCmd "ip a" } +analyst_salt_local() { + + # Install everything using local salt + # Set the repo + securityonion_repo + # Install salt + logCmd "yum -y install salt-minion-3004.1 httpd-tools python3 python36-docker python36-dateutil python36-m2crypto python36-mysql python36-packaging python36-lxml yum-utils device-mapper-persistent-data lvm2 openssl jq" + logCmd "yum -y update --exclude=salt*" + logCmd "systemctl enable salt-minion" + + salt-call state.apply workstation --local --file-root=$temp_install_dir/salt/ -l info + +} + + analyst_workstation_pillar() { local pillar_file=$temp_install_dir/pillar/minions/$MINION_ID.sls diff --git a/setup/so-setup b/setup/so-setup index 26f3aaea7..03a861e44 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -100,11 +100,15 @@ if [[ $is_analyst ]]; then fi if ! whiptail_analyst_install; then - # Lets make this a standalone - echo "Enabling graphical interface and setting it to load at boot" - systemctl set-default graphical.target - startx - exit 0 + if [[ $is_analyst_iso ]]; then + # Lets make this a standalone + echo "Enabling graphical interface and setting it to load at boot" + systemctl set-default graphical.target + startx + exit 0 + else + analyst_salt_local + fi fi # If you got this far then you want to join the grid From f7760394a17ef5a90ffa1ccff11633337b31c08b Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 11 Apr 2022 11:25:54 -0400 Subject: [PATCH 02/10] Import GPG --- setup/so-functions | 1 + 1 file changed, 1 insertion(+) diff --git a/setup/so-functions b/setup/so-functions index 2a1ab638b..7edf1a4df 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -143,6 +143,7 @@ analyst_salt_local() { # Install everything using local salt # Set the repo securityonion_repo + gpg_rpm_import # Install salt logCmd "yum -y install salt-minion-3004.1 httpd-tools python3 python36-docker python36-dateutil python36-m2crypto python36-mysql python36-packaging python36-lxml yum-utils device-mapper-persistent-data lvm2 openssl jq" logCmd "yum -y update --exclude=salt*" From 9ed49ef31817de30dbb4b581966a562ef0f90c70 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 11 Apr 2022 11:29:56 -0400 Subject: [PATCH 03/10] Import GPG --- setup/so-functions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/so-functions b/setup/so-functions index 7edf1a4df..96ae8a0db 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -149,7 +149,7 @@ analyst_salt_local() { logCmd "yum -y update --exclude=salt*" logCmd "systemctl enable salt-minion" - salt-call state.apply workstation --local --file-root=$temp_install_dir/salt/ -l info + logCmd "salt-call state.apply workstation --local --file-root=$temp_install_dir/salt/ -l info" } From a3bf904e2d6302cf81ecec98d56d2cda0c6fa55b Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 11 Apr 2022 11:32:08 -0400 Subject: [PATCH 04/10] Import GPG --- setup/so-functions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/so-functions b/setup/so-functions index 96ae8a0db..1710069e7 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -149,7 +149,7 @@ analyst_salt_local() { logCmd "yum -y update --exclude=salt*" logCmd "systemctl enable salt-minion" - logCmd "salt-call state.apply workstation --local --file-root=$temp_install_dir/salt/ -l info" + logCmd "salt-call state.apply workstation --local --file-root=../salt/ -l info" } From 97e691c321913fbef5549c7f3dc7782a2cac24d4 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 11 Apr 2022 11:43:13 -0400 Subject: [PATCH 05/10] Sending things to the screen --- setup/so-functions | 4 +++- so-analyst-install | 4 ++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 1710069e7..bdf206235 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -149,7 +149,9 @@ analyst_salt_local() { logCmd "yum -y update --exclude=salt*" logCmd "systemctl enable salt-minion" - logCmd "salt-call state.apply workstation --local --file-root=../salt/ -l info" + salt-call state.apply workstation --local --file-root=$(dirname "$0")/salt/ -l info 2>&1 | tee -a outfile + echo "Whiptail to reboot here" + exit 0 } diff --git a/so-analyst-install b/so-analyst-install index 50417c23d..c78756c98 100755 --- a/so-analyst-install +++ b/so-analyst-install @@ -15,6 +15,6 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . -cd "$(dirname "$0")/salt/common/tools/sbin" || exit 255 +cd "$(dirname "$0")/setup" || exit 255 -./so-analyst-install +./so-setup network "$@" From ea34b697950f347126e578ee0ada415ceabdb6dd Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 11 Apr 2022 11:46:42 -0400 Subject: [PATCH 06/10] Sending things to the screen --- so-analyst-install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/so-analyst-install b/so-analyst-install index c78756c98..ac92afd77 100755 --- a/so-analyst-install +++ b/so-analyst-install @@ -17,4 +17,4 @@ cd "$(dirname "$0")/setup" || exit 255 -./so-setup network "$@" +./so-setup analyst "$@" From 0b2745b342f8dac8c931d048afa431e2b030c57f Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 11 Apr 2022 11:49:24 -0400 Subject: [PATCH 07/10] Sending things to the screen --- setup/so-functions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/so-functions b/setup/so-functions index bdf206235..26b6b640e 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -149,7 +149,7 @@ analyst_salt_local() { logCmd "yum -y update --exclude=salt*" logCmd "systemctl enable salt-minion" - salt-call state.apply workstation --local --file-root=$(dirname "$0")/salt/ -l info 2>&1 | tee -a outfile + salt-call state.apply workstation --local --file-root=../salt/ -l info 2>&1 | tee -a outfile echo "Whiptail to reboot here" exit 0 From f9633e72871307de621fadc86e49f0eade5dfea8 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 11 Apr 2022 14:51:17 -0400 Subject: [PATCH 08/10] Add more whiptail menus --- setup/so-functions | 1 - setup/so-setup | 21 +++++++++++++++------ setup/so-whiptail | 37 ++++++++++++++++++++++++++++++++++++- 3 files changed, 51 insertions(+), 8 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 26b6b640e..63da982a3 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -147,7 +147,6 @@ analyst_salt_local() { # Install salt logCmd "yum -y install salt-minion-3004.1 httpd-tools python3 python36-docker python36-dateutil python36-m2crypto python36-mysql python36-packaging python36-lxml yum-utils device-mapper-persistent-data lvm2 openssl jq" logCmd "yum -y update --exclude=salt*" - logCmd "systemctl enable salt-minion" salt-call state.apply workstation --local --file-root=../salt/ -l info 2>&1 | tee -a outfile echo "Whiptail to reboot here" diff --git a/setup/so-setup b/setup/so-setup index 03a861e44..46f95b3e3 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -101,13 +101,22 @@ if [[ $is_analyst ]]; then if ! whiptail_analyst_install; then if [[ $is_analyst_iso ]]; then - # Lets make this a standalone - echo "Enabling graphical interface and setting it to load at boot" - systemctl set-default graphical.target - startx - exit 0 + if whiptail_analyst_nongrid_iso; then + echo "Enabling graphical interface and setting it to load at boot" + systemctl set-default graphical.target + startx + exit 0 + else + # Abort! + exit 0 + fi else - analyst_salt_local + if whiptail_analyst_nongrid_network; then + analyst_salt_local + else + # Abort! + exit 0 + fi fi fi diff --git a/setup/so-whiptail b/setup/so-whiptail index b25ab0fbc..b4e954b85 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -43,7 +43,42 @@ whiptail_analyst_install() { Would you like to join this workstation to an existing grid? - NOTE: Selecting "no" will enable X Windows and set it to load at boot. + EOM + whiptail --title "$whiptail_title" \ + --yesno "$message" 11 75 --defaultno + +} + +whiptail_analyst_nongrid_iso() { + + [ -n "$TESTING" ] && return + + read -r -d '' message <<- EOM + + You have selected this Analyst workstation to be independant. + + Would you still like to have the graphical interface loaded at boot? + + NOTE: Selecting no will exit without making changes. + + EOM + whiptail --title "$whiptail_title" \ + --yesno "$message" 11 75 --defaultno + +} + +whiptail_analyst_nongrid_network() { + + [ -n "$TESTING" ] && return + + read -r -d '' message <<- EOM + + You have selected this Analyst workstation to be independant. + + Would you still like to install and load the graphical interface? + + NOTE: Selecting no will exit without making changes. + EOM whiptail --title "$whiptail_title" \ --yesno "$message" 11 75 --defaultno From 5ed7361e3a9c38a86d08cac78e35068172b30dc7 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 11 Apr 2022 15:14:06 -0400 Subject: [PATCH 09/10] Add more whiptail menus --- setup/so-functions | 4 ++-- setup/so-setup | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 63da982a3..accc0e991 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -2440,8 +2440,8 @@ securityonion_repo() { # update this package because the repo config files get added back # if the package is updated when the update_packages function is called logCmd "yum -v -y update centos-release" - echo "Move the .repo files that were added by the centos-release package." - find /etc/yum.repos.d/ -type f -not -name 'securityonion*repo' -print0 | xargs -0 -I {} mv -bvf {} /root/oldrepos/ + echo "Backing up the .repo files that were added by the centos-release package." + logCmd "find /etc/yum.repos.d/ -type f -not -name 'securityonion*repo' -print0 | xargs -0 -I {} mv -bvf {} /root/oldrepos/" logCmd "yum repolist all" fi else diff --git a/setup/so-setup b/setup/so-setup index 46f95b3e3..19c97b252 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -112,6 +112,9 @@ if [[ $is_analyst ]]; then fi else if whiptail_analyst_nongrid_network; then + echo "" + echo "" + echo "Kicking off the automated setup of the analyst workstation. This can take a while depending on your network connection." analyst_salt_local else # Abort! From eb2d759bf80c1f25136a111bf90f9bdd8fd5538f Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 11 Apr 2022 15:14:29 -0400 Subject: [PATCH 10/10] Add more whiptail menus --- setup/so-setup | 2 ++ 1 file changed, 2 insertions(+) diff --git a/setup/so-setup b/setup/so-setup index 19c97b252..1b6725181 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -115,6 +115,8 @@ if [[ $is_analyst ]]; then echo "" echo "" echo "Kicking off the automated setup of the analyst workstation. This can take a while depending on your network connection." + echo "" + echo "" analyst_salt_local else # Abort!