CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' of github.com:Security-Onion-Solutions/securityonion-saltstack into dev

Browse Source
This commit is contained in:
William Wernert
2020-07-17 11:09:11 -04:00
parent ede250d9e4 17e3bde2f8
commit 1bd154760d
3 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
salt/ssl/init.sls
View File

@@ -142,6 +142,7 @@ regkeyperms:
- signing_policy: managerssl - signing_policy: managerssl
- public_key: /etc/pki/managerssl.key - public_key: /etc/pki/managerssl.key
- CN: {{ manager }} - CN: {{ manager }}
- subjectAltName: DNS:{{ HOSTNAME }}, IP:{{ MAINIP }} {% if CUSTOM_FLEET_HOSTNAME != None %},DNS:{{ CUSTOM_FLEET_HOSTNAME }} {% endif %}
- days_remaining: 0 - days_remaining: 0
- days_valid: 820 - days_valid: 820
- backup: True - backup: True

2
salt/wazuh/files/agent/ossec.conf
View File

@@ -6,7 +6,7 @@
{%- set ip = salt['pillar.get']('sensor:mainip', '') %} {%- set ip = salt['pillar.get']('sensor:mainip', '') %}
{%- endif %} {%- endif %}
<!-- <!--
Wazuh - Agent - Default configuration for ubuntu 16.04 Wazuh - Agent Configuration
More info at: https://documentation.wazuh.com More info at: https://documentation.wazuh.com
Mailing list: https://groups.google.com/forum/#!forum/wazuh Mailing list: https://groups.google.com/forum/#!forum/wazuh
--> -->

8
setup/so-functions
View File

@@ -79,7 +79,7 @@ so_add_user() {
echo "Add $username user" >> "$setup_log" 2>&1 echo "Add $username user" >> "$setup_log" 2>&1
groupadd --gid "$gid" "$username" groupadd --gid "$gid" "$username"
useradd --uid "$uid" --gid "$gid" --home-dir "$home_dir" "$username" useradd -m --uid "$uid" --gid "$gid" --home-dir "$home_dir" "$username"
# If a password has been passed in, set the password # If a password has been passed in, set the password
if [ "$pass" ]; then if [ "$pass" ]; then
@@ -465,7 +465,11 @@ copy_minion_tmp_files() {
ssh -i /root/.ssh/so.key soremote@"$MSRV" mkdir -p /tmp/"$MINION_ID"/pillar; ssh -i /root/.ssh/so.key soremote@"$MSRV" mkdir -p /tmp/"$MINION_ID"/pillar;
ssh -i /root/.ssh/so.key soremote@"$MSRV" mkdir -p /tmp/"$MINION_ID"/schedules; ssh -i /root/.ssh/so.key soremote@"$MSRV" mkdir -p /tmp/"$MINION_ID"/schedules;
scp -prv -i /root/.ssh/so.key "$temp_install_dir"/pillar/minions/* soremote@"$MSRV":/tmp/"$MINION_ID"/pillar/; scp -prv -i /root/.ssh/so.key "$temp_install_dir"/pillar/minions/* soremote@"$MSRV":/tmp/"$MINION_ID"/pillar/;
scp -prv -i /root/.ssh/so.key "$temp_install_dir"/salt/patch/os/schedules/* soremote@"$MSRV":/tmp/"$MINION_ID"/schedules; if [ -d "$temp_install_dir"/salt/patch/os/schedules/ ]; then
if [ "$(ls -A $temp_install_dir/salt/patch/os/schedules/)" ]; then
scp -prv -i /root/.ssh/so.key "$temp_install_dir"/salt/patch/os/schedules/* soremote@"$MSRV":/tmp/"$MINION_ID"/schedules;
fi
fi
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/salt/manager/files/add_minion.sh "$MINION_ID"; ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/salt/manager/files/add_minion.sh "$MINION_ID";
} >> "$setup_log" 2>&1 } >> "$setup_log" 2>&1
;; ;;