Merge pull request #11465 from Security-Onion-Solutions/fix/pkgs

Fix/pkgs
2025-12-25 10:23:20 +01:00 · 2023-10-03 10:17:37 -04:00
parent 62e9472f1a d78b55873d
commit 194178a250
5 changed files with 9 additions and 31 deletions
--- a/salt/common/init.sls
+++ b/salt/common/init.sls
@@ -91,6 +91,7 @@ vimconfig:
 alwaysupdated:
  pkg.latest:
    - pkgs:
+      - openssl
      - openssh-server
      - bash
    - skip_suggestions: True
--- a/salt/common/packages.sls
+++ b/salt/common/packages.sls
@@ -47,35 +47,15 @@ python-rich:

 {% if GLOBALS.os_family == 'RedHat' %}

-# install versionlock first so we can hold packages in the next states
-install_versionlock:
-  pkg.installed:
-    - name: python3-dnf-plugin-versionlock
-
-# holding these since openssl-devel-1:3.0.7-16.0.1.el9_2 seems to be a requirement for mariadb-devel-3:10.5.16-2.el9_0
-# https://github.com/Security-Onion-Solutions/securityonion/discussions/11443
-holdversion_openssl:
-  pkg.held:
-    - name: openssl
-    - version: 1:3.0.7-16.0.1.el9_2
-
-holdversion_openssl-libs:
-  pkg.held:
-    - name: openssl-libs
-    - version: 1:3.0.7-16.0.1.el9_2
-
-openssl_pkgs:
-  pkg.installed:
-    - skip_suggestions: True
-    - update_holds: True
-    - pkgs:
-      - openssl: 1:3.0.7-16.0.1.el9_2
-      - openssl-libs: 1:3.0.7-16.0.1.el9_2
+remove_mariadb:
+  pkg.removed:
+    - name: mariadb-devel

 commonpkgs:
  pkg.installed:
    - skip_suggestions: True
    - pkgs:
+      - python3-dnf-plugin-versionlock
      - curl
      - device-mapper-persistent-data
      - fuse
@@ -88,7 +68,6 @@ commonpkgs:
      - httpd-tools
      - jq
      - lvm2
-      - mariadb-devel
      - net-tools
      - nmap-ncat
      - procps-ng
--- a/salt/common/tools/sbin/so-common
+++ b/salt/common/tools/sbin/so-common
@@ -240,7 +240,7 @@ gpg_rpm_import() {
 	    else
 	        local RPMKEYSLOC="$UPDATE_DIR/salt/repo/client/files/$OS/keys"
 	    fi
-		RPMKEYS=('RPM-GPG-KEY-oracle' 'RPM-GPG-KEY-EPEL-9' 'SALT-PROJECT-GPG-PUBKEY-2023.pub' 'docker.pub' 'securityonion.pub' 'MariaDB-Server-GPG-KEY')
+		RPMKEYS=('RPM-GPG-KEY-oracle' 'RPM-GPG-KEY-EPEL-9' 'SALT-PROJECT-GPG-PUBKEY-2023.pub' 'docker.pub' 'securityonion.pub')
 		for RPMKEY in "${RPMKEYS[@]}"; do
    	        rpm --import $RPMKEYSLOC/$RPMKEY
 	        echo "Imported $RPMKEY"