diff --git a/.github/DISCUSSION_TEMPLATE/2-4.yml b/.github/DISCUSSION_TEMPLATE/2-4.yml index d192a0eec..dca40818a 100644 --- a/.github/DISCUSSION_TEMPLATE/2-4.yml +++ b/.github/DISCUSSION_TEMPLATE/2-4.yml @@ -29,6 +29,7 @@ body: - 2.4.141 - 2.4.150 - 2.4.160 + - 2.4.170 - Other (please provide detail below) validations: required: true diff --git a/DOWNLOAD_AND_VERIFY_ISO.md b/DOWNLOAD_AND_VERIFY_ISO.md index 0e726eaeb..2e0b2aa5d 100644 --- a/DOWNLOAD_AND_VERIFY_ISO.md +++ b/DOWNLOAD_AND_VERIFY_ISO.md @@ -1,17 +1,17 @@ -### 2.4.150-20250522 ISO image released on 2025/05/22 +### 2.4.160-20250625 ISO image released on 2025/06/25 ### Download and Verify -2.4.150-20250522 ISO image: -https://download.securityonion.net/file/securityonion/securityonion-2.4.150-20250522.iso +2.4.160-20250625 ISO image: +https://download.securityonion.net/file/securityonion/securityonion-2.4.160-20250625.iso -MD5: 239E69B83072BBF2602D4043FE53A160 -SHA1: C62893D3C7F5592665BFDCBC9A45BB20A926F9A8 -SHA256: 2ADE037C7FD34591030B1FAC10392C4E6613F152DD24BFBD897E57EE300895B9 +MD5: 78CF5602EFFAB84174C56AD2826E6E4E +SHA1: FC7EEC3EC95D97D3337501BAA7CA8CAE7C0E15EA +SHA256: 0ED965E8BEC80EE16AE90A0F0F96A3046CEF2D92720A587278DDDE3B656C01C2 Signature for ISO image: -https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.150-20250522.iso.sig +https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.160-20250625.iso.sig Signing key: https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2.4/main/KEYS @@ -25,22 +25,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2. Download the signature file for the ISO: ``` -wget https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.150-20250522.iso.sig +wget https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.160-20250625.iso.sig ``` Download the ISO image: ``` -wget https://download.securityonion.net/file/securityonion/securityonion-2.4.150-20250522.iso +wget https://download.securityonion.net/file/securityonion/securityonion-2.4.160-20250625.iso ``` Verify the downloaded ISO image using the signature file: ``` -gpg --verify securityonion-2.4.150-20250522.iso.sig securityonion-2.4.150-20250522.iso +gpg --verify securityonion-2.4.160-20250625.iso.sig securityonion-2.4.160-20250625.iso ``` The output should show "Good signature" and the Primary key fingerprint should match what's shown below: ``` -gpg: Signature made Thu 22 May 2025 11:15:06 AM EDT using RSA key ID FE507013 +gpg: Signature made Wed 25 Jun 2025 10:13:33 AM EDT using RSA key ID FE507013 gpg: Good signature from "Security Onion Solutions, LLC " gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. diff --git a/VERSION b/VERSION index 3fe7dce73..032d0bb01 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.4.160 +2.4.170 diff --git a/salt/common/tools/sbin/so-common b/salt/common/tools/sbin/so-common index 3e05614d6..203b54cd0 100755 --- a/salt/common/tools/sbin/so-common +++ b/salt/common/tools/sbin/so-common @@ -99,6 +99,17 @@ add_interface_bond0() { fi } +airgap_playbooks() { + SRC_DIR=$1 + # Copy playbooks if using airgap + mkdir -p /nsm/airgap-resources + # Purge old airgap playbooks to ensure SO only uses the latest released playbooks + rm -fr /nsm/airgap-resources/playbooks + tar xf $SRC_DIR/airgap-resources/playbooks.tgz -C /nsm/airgap-resources/ + chown -R socore:socore /nsm/airgap-resources/playbooks + git config --global --add safe.directory /nsm/airgap-resources/playbooks +} + check_container() { docker ps | grep "$1:" > /dev/null 2>&1 return $? diff --git a/salt/manager/tools/sbin/soup b/salt/manager/tools/sbin/soup index bb6a83d86..c8fb38969 100755 --- a/salt/manager/tools/sbin/soup +++ b/salt/manager/tools/sbin/soup @@ -1090,13 +1090,6 @@ update_airgap_rules() { rsync -a $UPDATE_DIR/agrules/securityonion-resources/* /nsm/securityonion-resources/ } -update_airgap_playbooks() { - # Copy the playbooks over to update them for airgap. - mkdir -p /nsm/airgap-resources/playbooks - chown -R socore:socore /nsm/airgap-resources/playbooks - rsync -a --delete --chown=socore:socore $UPDATE_DIR/airgap-resources/playbooks/ /nsm/airgap-resources/playbooks/ -} - update_airgap_repo() { # Update the files in the repo echo "Syncing new updates to /nsm/repo" @@ -1447,7 +1440,7 @@ main() { echo "Updating Rule Files to the Latest." update_airgap_rules echo "Updating Playbooks to the Latest." - update_airgap_playbooks + airgap_playbooks "$UPDATE_DIR" fi # since we don't run the backup.config_backup state on import we wont snapshot previous version states and pillars diff --git a/setup/so-functions b/setup/so-functions index 3a7610a4b..c2eb0b349 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -56,12 +56,6 @@ airgap_detection_summaries() { logCmd "git config --global --add safe.directory /opt/so/conf/soc/ai_summary_repos/securityonion-resources" logCmd "git -C /opt/so/conf/soc/ai_summary_repos/securityonion-resources checkout generated-summaries-published" } -airgap_playbooks() { - # Copy playbooks if using airgap - mkdir -p /nsm/airgap-resources/playbooks - logCmd "rsync -av --chown=socore:socore /root/SecurityOnion/airgap-resources/playbooks/ /nsm/airgap-resources/playbooks/" - logCmd "git config --global --add safe.directory /nsm/airgap-resources/playbooks" -} add_admin_user() { title "Adding $ADMINUSER to the system with sudo rights" diff --git a/setup/so-setup b/setup/so-setup index 690ef3644..f955917bc 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -810,7 +810,7 @@ if ! [[ -f $install_opt_file ]]; then fi if [[ $is_airgap ]]; then title "Syncing Playbooks" - airgap_playbooks + logCmd "airgap_playbooks /root/SecurityOnion" fi title "Setting up Kibana Default Space" logCmd "so-kibana-space-defaults" diff --git a/sigs/securityonion-2.4.160-20250625.iso.sig b/sigs/securityonion-2.4.160-20250625.iso.sig new file mode 100644 index 000000000..0145af053 Binary files /dev/null and b/sigs/securityonion-2.4.160-20250625.iso.sig differ