CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1020 from Security-Onion-Solutions/fix/telegrafperms

Browse Source 
Fix/telegrafperms
This commit is contained in:
Mike Reeves
2020-07-16 16:34:04 -04:00
committed by GitHub
parent 5634446fcb d31ce4aa48
commit 20446ed3aa
2 changed files with 11 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
salt/common/tools/sbin/soup
View File

@@ -23,11 +23,12 @@ default_salt_dir=/opt/so/saltstack/default
manager_check() { manager_check() {
# Check to see if this is a manager # Check to see if this is a manager
MANAGERCHECK=$(cat /etc/salt/grains | grep role | awk '{print $2}') MANAGERCHECK=$(cat /etc/salt/grains | grep role | awk '{print $2}')
if [ $MANAGERCHECK == 'so-eval' OR $MANAGERCHECK == 'so-manager' OR $MANAGERCHECK == 'so-managersearch' ]; then if [[ "$MANAGERCHECK" =~ ^('so-eval'|'so-manager'|'so-managersearch')$ ]]; then
echo "This is a manager. We can proceed" echo "This is a manager. We can proceed"
else else
echo "Please run soup on the manager. The manager controls all updates." echo "Please run soup on the manager. The manager controls all updates."
exit 0 exit 0
fi
} }
clean_dockers() { clean_dockers() {
@@ -143,7 +144,7 @@ update_version() {
upgrade_check() { upgrade_check() {
# Let's make sure we actually need to update. # Let's make sure we actually need to update.
NEWVERSION=$(cat $UPDATE_DIR/VERSION) NEWVERSION=$(cat $UPDATE_DIR/VERSION)
if [ $INSTALLEDVERSION == $NEWVERSION ]; then if [ "$INSTALLEDVERSION" == "$NEWVERSION" ]; then
echo "You are already running the latest version of Security Onion." echo "You are already running the latest version of Security Onion."
exit 0 exit 0
else else
@@ -155,12 +156,13 @@ verify_latest_update_script() {
# Check to see if the update scripts match. If not run the new one. # Check to see if the update scripts match. If not run the new one.
CURRENTSOUP=$(md5sum /usr/sbin/soup) CURRENTSOUP=$(md5sum /usr/sbin/soup)
GITSOUP=$(md5sum /tmp/sogh/securityonion/salt/common/tools/sbin/soup) GITSOUP=$(md5sum /tmp/sogh/securityonion/salt/common/tools/sbin/soup)
if [ $CURRENTSOUP == $GITSOUP ]; then if [ "$CURRENTSOUP" == "$GITSOUP" ]; then
echo "The scripts match" echo "This version of the soup script is up to date. Verifying versions."
else else
echo "They don't match" echo "You are not running the latest soup version. Updating soup."
cp $UPDATE_DIR/salt/sommon/tools/sbin/soup /usr/sbin/soup
cp $UPDATE_DIR/salt/common/tools/sbin/soup $default_salt_dir/salt/common/tools/sbin/ cp $UPDATE_DIR/salt/common/tools/sbin/soup $default_salt_dir/salt/common/tools/sbin/
salt-call state.apply common queue=True
echo ""
echo "soup has been updated. Please run soup again" echo "soup has been updated. Please run soup again"
exit 0 exit 0
fi fi
@@ -176,9 +178,3 @@ update_dockers
copy_new_files copy_new_files
highstate highstate
update_version update_version

4
salt/telegraf/init.sls
View File

@@ -21,9 +21,9 @@ tgrafetsdir:
tgrafsyncscripts: tgrafsyncscripts:
file.recurse: file.recurse:
- name: /opt/so/conf/telegraf/scripts - name: /opt/so/conf/telegraf/scripts
- user: 939 - user: 0
- group: 939 - group: 939
- file_mode: 755 - file_mode: 700
- template: jinja - template: jinja
- source: salt://telegraf/scripts - source: salt://telegraf/scripts