CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Multi OS Support

Browse Source
This commit is contained in:
Mike Reeves
2023-07-13 18:27:21 -04:00
parent f0c391e801
commit 20c76abac4
1 changed files with 4 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
setup/so-functions
View File

@@ -1931,11 +1931,10 @@ remove_package() {
securityonion_repo() {
# Remove all the current repos
if [[ $is_rpm ]]; then
if [[ $is_supported ]]; then
logCmd "dnf -v clean all"
logCmd "mkdir -vp /root/oldrepos"
logCmd "mv -v /etc/yum.repos.d/* /root/oldrepos/"
logCmd "ls -la /etc/yum.repos.d/"
if [[ ! $waitforstate ]]; then
echo "[securityonion]" > /etc/yum.repos.d/securityonion.repo
echo "name=Security Onion Repo" >> /etc/yum.repos.d/securityonion.repo
@@ -1950,26 +1949,7 @@ securityonion_repo() {
echo "enabled=1" >> /etc/yum.repos.d/securityonion.repo
echo "gpgcheck=1" >> /etc/yum.repos.d/securityonion.repo
fi
# need to yum clean all before repo conf files are removed or clean,cleans nothing
logCmd "dnf repolist all"
# update this package because the repo config files get added back
# if the package is updated when the update_packages function is called
if [ -f "/etc/yum.repos.d/rocky.repo" ]; then
info "Backing up the .repo files that were added by the rocky-release package."
logCmd "mv -bvf /etc/yum.repos.d/rocky* /root/oldrepos/"
logCmd "dnf repolist all"
fi
if [ -f "/etc/yum.repos.d/centos.repo" ]; then
info "Backing up the .repo files that were added by the centos-release package."
logCmd "mv -bvf /etc/yum.repos.d/centos* /root/oldrepos/"
logCmd "dnf repolist all"
fi
if [ -f "/etc/yum.repos.d/redhat.repo" ]; then
info "Backing up the .repo files that were added by the redhat-release package."
logCmd "mv -bvf /etc/yum.repos.d/redhat* /root/oldrepos/"
logCmd "dnf repolist all"
fi
if [[ $waitforstate ]]; then
if [[ ! $is_airgap ]]; then
# Build the repo locally so we can use it
@@ -1987,16 +1967,6 @@ repo_sync_local() {
info "Backing up old repos"
mkdir -p /nsm/repo
mkdir -p /opt/so/conf/reposync/cache
#if [[ $is_rocky ]]; then
# echo "https://repo.securityonion.net/file/so-repo/prod/2.4/rocky/9" > /opt/so/conf/reposync/mirror.txt
# echo "https://so-repo-east.s3.us-east-005.backblazeb2.com/prod/2.4/rocky/9" >> /opt/so/conf/reposync/mirror.txt
#elif [[ $is_centos ]]; then
# echo "https://repo.securityonion.net/file/so-repo/prod/2.4/centos/9" > /opt/so/conf/reposync/mirror.txt
# echo "https://so-repo-east.s3.us-east-005.backblazeb2.com/prod/2.4/centos/9" >> /opt/so/conf/reposync/mirror.txt
#elif [[ $is_rhel ]]; then
# echo "https://repo.securityonion.net/file/so-repo/prod/2.4/rhel/9" > /opt/so/conf/reposync/mirror.txt
# echo "https://so-repo-east.s3.us-east-005.backblazeb2.com/prod/2.4/rhel/9" >> /opt/so/conf/reposync/mirror.txt
#fi
echo "https://repo.securityonion.net/file/so-repo/prod/2.4/oracle/9" > /opt/so/conf/reposync/mirror.txt
echo "https://so-repo-east.s3.us-east-005.backblazeb2.com/prod/2.4/oracle/9" >> /opt/so/conf/reposync/mirror.txt
echo "[main]" > /opt/so/conf/reposync/repodownload.conf
@@ -2014,17 +1984,16 @@ repo_sync_local() {
echo "gpgcheck=1" >> /opt/so/conf/reposync/repodownload.conf
logCmd "dnf repolist"
# Make sure we can get to the sig repo
# TODO Add if for ISO install
if [[ ! $is_airgap ]]; then
curl --retry 5 --retry-delay 60 -A "netinstall/$SOVERSION/$OS/$(uname -r)/1" https://sigs.securityonion.net/checkup --output /tmp/install
logCmd "dnf reposync --norepopath -g --delete -m -c /opt/so/conf/reposync/repodownload.conf --repoid=securityonionsync --download-metadata -p /nsm/repo/"
fi
logCmd "dnf reposync --norepopath -g --delete -m -c /opt/so/conf/reposync/repodownload.conf --repoid=securityonionsync --download-metadata -p /nsm/repo/"
# After the download is complete run createrepo
create_repo
else
# Add the proper repos
# Add the proper repos for unsupported stuff
echo "Adding Repos"
if [[ $is_rpm ]]; then
dnf -y install epel-release
@@ -2122,12 +2091,6 @@ saltify() {
logCmd "salt-pip install docker --no-index --only-binary=:all: --find-links files/salt_module_deps/docker/"
logCmd "salt-pip install pymysql --no-index --only-binary=:all: --find-links files/salt_module_deps/pymysql/"
# this can be removed when https://github.com/saltstack/salt/issues/64195 is resolved
if [ $SALTVERSION == "3006.1" ]; then
info "Salt version 3006.1 found. Patching /opt/saltstack/salt/lib/python3.10/site-packages/salt/states/x509_v2.py"
\cp -v ./files/patch/states/x509_v2.py /opt/saltstack/salt/lib/python3.10/site-packages/salt/states/x509_v2.py
fi
}