mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-08 10:12:53 +01:00
[feat] Update salt ver to 2019.2.4
This commit is contained in:
William Wernert
@@ -1,52 +0,0 @@
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1
|
||||
|
||||
mQINBFeeyYwBEACyf4VwV8c2++J5BmCl6ofLCtSIW3UoVrF4F+P19k/0ngnSfjWb
|
||||
8pSWB11HjZ3Mr4YQeiD7yY06UZkrCXk+KXDlUjMK3VOY7oNPkqzNaP6+8bDwj4UA
|
||||
hADMkaXBvWooGizhCoBtDb1bSbHKcAnQ3PTdiuaqF5bcyKk8hv939CHulL2xH+BP
|
||||
mmTBi+PM83pwvR+VRTOT7QSzf29lW1jD79v4rtXHJs4KCz/amT/nUm/tBpv3q0sT
|
||||
9M9rH7MTQPdqvzMl122JcZST75GzFJFl0XdSHd5PAh2mV8qYak5NYNnwA41UQVIa
|
||||
+xqhSu44liSeZWUfRdhrQ/Nb01KV8lLAs11Sz787xkdF4ad25V/Rtg/s4UXt35K3
|
||||
klGOBwDnzPgHK/OK2PescI5Ve1z4x1C2bkGze+gk/3IcfGJwKZDfKzTtqkZ0MgpN
|
||||
7RGghjkH4wpFmuswFFZRyV+s7jXYpxAesElDSmPJ0O07O4lQXQMROE+a2OCcm0eF
|
||||
3+Cr6qxGtOp1oYMOVH0vOLYTpwOkAM12/qm7/fYuVPBQtVpTojjV5GDl2uGq7p0o
|
||||
h9hyWnLeNRbAha0px6rXcF9wLwU5n7mH75mq5clps3sP1q1/VtP/Fr84Lm7OGke4
|
||||
9eD+tPNCdRx78RNWzhkdQxHk/b22LCn1v6p1Q0qBco9vw6eawEkz1qwAjQARAQAB
|
||||
tDFXYXp1aC5jb20gKFdhenVoIFNpZ25pbmcgS2V5KSA8c3VwcG9ydEB3YXp1aC5j
|
||||
b20+iQI9BBMBCAAnBQJXnsmMAhsDBQkFo5qABQsJCAcDBRUKCQgLBRYCAwEAAh4B
|
||||
AheAAAoJEJaz7l8pERFFHEsQAIaslejcW2NgjgOZuvn1Bht4JFMbCIPOekg4Z5yF
|
||||
binRz0wmA7JNaawDHTBYa6L+A2Xneu/LmuRjFRMesqopUukVeGQgHBXbGMzY46eI
|
||||
rqq/xgvgWzHSbWweiOX0nn+exbEAM5IyW+efkWNz0e8xM1LcxdYZxkVOqFqkp3Wv
|
||||
J9QUKw6z9ifUOx++G8UO307O3hT2f+x4MUoGZeOF4q1fNy/VyBS2lMg2HF7GWy2y
|
||||
kjbSe0p2VOFGEZLuu2f5tpPNth9UJiTliZKmgSk/zbKYmSjiVY2eDqNJ4qjuqes0
|
||||
vhpUaBjA+DgkEWUrUVXG5yfQDzTiYIF84LknjSJBYSLZ4ABsMjNO+GApiFPcih+B
|
||||
Xc9Kx7E9RNsNTDqvx40y+xmxDOzVIssXeKqwO8r5IdG3K7dkt2Vkc/7oHOpcKwE5
|
||||
8uASMPiqqMo+t1RVa6Spckp3Zz8REILbotnnVwDIwo2HmgASirMGUcttEJzubaIa
|
||||
Mv43GKs8RUH9s5NenC02lfZG7D8WQCz5ZH7yEWrt5bCaQRNDXjhsYE17SZ/ToHi3
|
||||
OpWu050ECWOHdxlXNG3dOWIdFDdBJM7UfUNSSOe2Y5RLsWfwvMFGbfpdlgJcMSDV
|
||||
X+ienkrtXhBteTu0dwPu6HZTFOjSftvtAo0VIqGQrKMvKelkkdNGdDFLQw2mUDcw
|
||||
EQj6uQINBFeeyYwBEADD1Y3zW5OrnYZ6ghTd5PXDAMB8Z1ienmnb2IUzLM+i0yE2
|
||||
TpKSP/XYCTBhFa390rYgFO2lbLDVsiz7Txd94nHrdWXGEQfwrbxsvdlLLWk7iN8l
|
||||
Fb4B60OfRi3yoR96a/kIPNa0x26+n79LtDuWZ/DTq5JSHztdd9F1sr3h8i5zYmtv
|
||||
luj99ZorpwYejbBVUm0+gP0ioaXM37uO56UFVQk3po9GaS+GtLnlgoE5volgNYyO
|
||||
rkeIua4uZVsifREkHCKoLJip6P7S3kTyfrpiSLhouEZ7kV1lbMbFgvHXyjm+/AIx
|
||||
HIBy+H+e+HNt5gZzTKUJsuBjx44+4jYsOR67EjOdtPOpgiuJXhedzShEO6rbu/O4
|
||||
wM1rX45ZXDYa2FGblHCQ/VaS0ttFtztk91xwlWvjTR8vGvp5tIfCi+1GixPRQpbN
|
||||
Y/oq8Kv4A7vB3JlJscJCljvRgaX0gTBzlaF6Gq0FdcWEl5F1zvsWCSc/Fv5WrUPY
|
||||
5mG0m69YUTeVO6cZS1aiu9Qh3QAT/7NbUuGXIaAxKnu+kkjLSz+nTTlOyvbG7BVF
|
||||
a6sDmv48Wqicebkc/rCtO4g8lO7KoA2xC/K/6PAxDrLkVyw8WPsAendmezNfHU+V
|
||||
32pvWoQoQqu8ysoaEYc/j9fN4H3mEBCN3QUJYCugmHP0pu7VtpWwwMUqcGeUVwAR
|
||||
AQABiQIlBBgBCAAPBQJXnsmMAhsMBQkFo5qAAAoJEJaz7l8pERFFz8IP/jfBxJSB
|
||||
iOw+uML+C4aeYxuHSdxmSsrJclYjkw7Asha/fm4Kkve00YAW8TGxwH2kgS72ooNJ
|
||||
1Q7hUxNbVyrJjQDSMkRKwghmrPnUM3UyHmE0dq+G2NhaPdFo8rKifLOPgwaWAfSV
|
||||
wgMTK86o0kqRbGpXgVIG5eRwv2FcxM3xGfy7sub07J2VEz7Ba6rYQ3NTbPK42AtV
|
||||
+wRJDXcgS7y6ios4XQtSbIB5f6GI56zVlwfRd3hovV9ZAIJQ6DKM31wD6Kt/pRun
|
||||
DjwMZu0/82JMoqmxX/00sNdDT1S13guCfl1WhBu7y1ja9MUX5OpUzyEKg5sxme+L
|
||||
iY2Rhs6CjmbTm8ER4Uj8ydKyVTy8zbumbB6T8IwCAbEMtPxm6pKh/tgLpoJ+Bj0y
|
||||
AsGjmhV7R6PKZSDXg7/qQI98iC6DtWc9ibC/QuHLcvm3hz40mBgXAemPJygpxGst
|
||||
mVtU7O3oHw9cIUpkbMuVqSxgPFmSSq5vEYkka1CYeg8bOz6aCTuO5J0GDlLrpjtx
|
||||
6lyImbZAF/8zKnW19aq5lshT2qJlTQlZRwwDZX5rONhA6T8IEUnUyD4rAIQFwfJ+
|
||||
gsXa4ojD/tA9NLdiNeyEcNfyX3FZwXWCtVLXflzdRN293FKamcdnMjVRjkCnp7iu
|
||||
7eO7nMgcRoWddeU+2aJFqCoQtKCp/5EKhFey
|
||||
=UIVm
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
@@ -127,7 +127,7 @@ secrets_pillar(){
|
||||
bro_logs_enabled() {
|
||||
echo "Enabling Bro Logs" >> "$setup_log" 2>&1
|
||||
|
||||
local brologs_pillar="./pillar/brologs.sls"
|
||||
local brologs_pillar=./pillar/brologs.sls
|
||||
|
||||
printf '%s\n'\
|
||||
"brologs:"\
|
||||
@@ -361,7 +361,7 @@ copy_master_config() {
|
||||
if [ "$setup_type" = 'iso' ]; then
|
||||
cp /root/SecurityOnion/files/master /etc/salt/master >> "$setup_log" 2>&1
|
||||
else
|
||||
cp "../files/master" /etc/salt/master >> "$setup_log" 2>&1
|
||||
cp ../files/master /etc/salt/master >> "$setup_log" 2>&1
|
||||
fi
|
||||
|
||||
# Restart the service so it picks up the changes
|
||||
@@ -967,12 +967,13 @@ saltify() {
|
||||
|
||||
# Install updates and Salt
|
||||
if [ $OS = 'centos' ]; then
|
||||
set_progress_str 6 'Installing various dependencies'
|
||||
set_progress_str 5 'Installing Salt repo'
|
||||
{
|
||||
yum -y install wget nmap https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest-2.el7.noarch.rpm;
|
||||
cp /etc/yum.repos.d/salt-py3-latest.repo /etc/yum.repos.d/salt-2019-2.repo;
|
||||
sed -i 's/latest/2019.2/g' /etc/yum.repos.d/salt-2019-2.repo;
|
||||
sudo rpm --import https://repo.saltstack.com/py3/redhat/7/x86_64/2019.2/SALTSTACK-GPG-KEY.pub;
|
||||
cp ./yum_repos/salt-2019-2.repo /etc/yum.repos.d/salt-2019-2.repo;
|
||||
} >> "$setup_log" 2>&1
|
||||
set_progress_str 6 'Installing various dependencies'
|
||||
yum -y install wget nmap >> "$setup_log" 2>&1
|
||||
case "$install_type" in
|
||||
'MASTER' | 'EVAL' | 'MASTERSEARCH' | 'FLEET' | 'HELIXSENSOR')
|
||||
reserve_group_ids >> "$setup_log" 2>&1
|
||||
@@ -982,9 +983,9 @@ saltify() {
|
||||
wget --inet4-only -O /opt/so/gpg/SALTSTACK-GPG-KEY.pub https://repo.saltstack.com/apt/ubuntu/16.04/amd64/latest/SALTSTACK-GPG-KEY.pub >> "$setup_log" 2>&1
|
||||
wget --inet4-only -O /opt/so/gpg/docker.pub https://download.docker.com/linux/ubuntu/gpg >> "$setup_log" 2>&1
|
||||
wget --inet4-only -O /opt/so/gpg/GPG-KEY-WAZUH https://packages.wazuh.com/key/GPG-KEY-WAZUH >> "$setup_log" 2>&1
|
||||
cp "./yum_repos/wazuh.repo" /etc/yum.repos.d/wazuh.repo >> "$setup_log" 2>&1
|
||||
cp ./yum_repos/wazuh.repo /etc/yum.repos.d/wazuh.repo >> "$setup_log" 2>&1
|
||||
set_progress_str 7 'Installing salt-master'
|
||||
yum -y install salt-master-2019.2.3 >> "$setup_log" 2>&1
|
||||
yum -y install salt-master-2019.2.4 >> "$setup_log" 2>&1
|
||||
systemctl enable salt-master >> "$setup_log" 2>&1
|
||||
;;
|
||||
*)
|
||||
@@ -993,22 +994,19 @@ saltify() {
|
||||
# Create the GPG Public Key for the Salt Repo
|
||||
cp ./public_keys/salt.pem /etc/pki/rpm-gpg/saltstack-signing-key;
|
||||
|
||||
# Add the Wazuh Key
|
||||
cp ./public_keys/wazuh.pem /etc/pki/rpm-gpg/GPG-KEY-WAZUH;
|
||||
|
||||
# Copy repo files over
|
||||
cp "./yum_repos/salt-latest.repo" /etc/yum.repos.d/salt-latest.repo;
|
||||
cp "./yum_repos/salt-2019-2.repo" /etc/yum.repos.d/salt-2019-2.repo;
|
||||
cp ./yum_repos/salt-latest.repo /etc/yum.repos.d/salt-latest.repo;
|
||||
cp ./yum_repos/salt-2019-2.repo /etc/yum.repos.d/salt-2019-2.repo;
|
||||
} >> "$setup_log" 2>&1
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
cp "./yum_repos/wazuh.repo" /etc/yum.repos.d/wazuh.repo >> "$setup_log" 2>&1
|
||||
cp ./yum_repos/wazuh.repo /etc/yum.repos.d/wazuh.repo >> "$setup_log" 2>&1
|
||||
yum clean expire-cache >> "$setup_log" 2>&1
|
||||
set_progress_str 8 'Installing salt-minion & python modules'
|
||||
{
|
||||
yum -y install epel-release\
|
||||
salt-minion-2019.2.3\
|
||||
salt-minion-2019.2.4\
|
||||
python3\
|
||||
python36-docker\
|
||||
python36-dateutil\
|
||||
@@ -1074,7 +1072,7 @@ saltify() {
|
||||
set_progress_str 6 'Installing various dependencies'
|
||||
apt-get -y install sqlite3 argon2 libssl-dev >> "$setup_log" 2>&1
|
||||
set_progress_str 7 'Installing salt-master'
|
||||
apt-get -y salt-master=2019.2.3+ds-1 >> "$setup_log" 2>&1
|
||||
apt-get -y salt-master=2019.2.4+ds-1 >> "$setup_log" 2>&1
|
||||
apt-mark hold salt-master >> "$setup_log" 2>&1
|
||||
;;
|
||||
*)
|
||||
@@ -1091,8 +1089,8 @@ saltify() {
|
||||
esac
|
||||
apt-get update >> "$setup_log" 2>&1
|
||||
set_progress_str 8 'Installing salt-minion & python modules'
|
||||
apt-get -y install salt-minion=2019.2.3+ds-1\
|
||||
salt-common=2019.2.3+ds-1 >> "$setup_log" 2>&1
|
||||
apt-get -y install salt-minion=2019.2.4+ds-1\
|
||||
salt-common=2019.2.4+ds-1 >> "$setup_log" 2>&1
|
||||
apt-mark hold salt-minion salt-common >> "$setup_log" 2>&1
|
||||
if [ "$OSVER" != 'xenial' ]; then
|
||||
apt-get -y install python3-dateutil python3-m2crypto python3-mysqldb >> "$setup_log" 2>&1
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
[salt-2019.2]
|
||||
name=SaltStack Latest Release Channel for RHEL/Centos $releasever
|
||||
baseurl=https://repo.saltstack.com/py3/redhat/7/$basearch/2019.2
|
||||
failovermethod=priority
|
||||
[saltstack-repo]
|
||||
name=SaltStack repo for RHEL/CentOS $releasever PY3
|
||||
baseurl=https://repo.saltstack.com/py3/redhat/$releasever/$basearch/2019.2
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
gpgkey=file:///etc/pki/rpm-gpg/saltstack-signing-key
|
||||
gpgkey=https://repo.saltstack.com/py3/redhat/$releasever/$basearch/2019.2/SALTSTACK-GPG-KEY.pub
|
||||
|
||||
@@ -4,4 +4,4 @@ baseurl=https://repo.saltstack.com/py3/redhat/7/$basearch/latest
|
||||
failovermethod=priority
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
gpgkey=file:///etc/pki/rpm-gpg/saltstack-signing-key
|
||||
gpgkey=https://repo.saltstack.com/py3/redhat/$releasever/$basearch/latest/SALTSTACK-GPG-KEY.pub
|
||||
Reference in New Issue
Block a user