From a885baf9603061784bb7641749e3c7039376cc9b Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Wed, 23 Aug 2023 15:24:32 -0400 Subject: [PATCH 01/13] add desktop to grid --- salt/manager/tools/sbin/so-minion | 11 ++++------- setup/so-setup | 15 +++++++++++++-- 2 files changed, 17 insertions(+), 9 deletions(-) diff --git a/salt/manager/tools/sbin/so-minion b/salt/manager/tools/sbin/so-minion index edc0b1404..de55c3a5b 100755 --- a/salt/manager/tools/sbin/so-minion +++ b/salt/manager/tools/sbin/so-minion @@ -187,15 +187,9 @@ function add_logstash_to_minion() { # Security Onion Desktop function add_desktop_to_minion() { printf '%s\n'\ - "host:"\ - " mainint: '$MNIC'"\ "desktop:"\ " gui:"\ - " enabled: true"\ - "sensoroni:"\ - " enabled: True"\ - " config:"\ - " node_description: '${NODE_DESCRIPTION//\'/''}'" >> $PILLARFILE + " enabled: true"\ >> $PILLARFILE } # Add basic host info to the minion file @@ -556,6 +550,9 @@ function createRECEIVER() { add_telegraf_to_minion } +function createDESKTOP() { + add_desktop_to_minion +} function testConnection() { retry 15 3 "salt '$MINION_ID' test.ping" True diff --git a/setup/so-setup b/setup/so-setup index c3172280f..8e8b7af43 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -333,7 +333,7 @@ if [[ $is_desktop ]]; then exit 1 fi -# if ! whiptail_desktop_install; then + if ! whiptail_desktop_install; then if [[ $is_desktop_iso ]]; then if whiptail_desktop_nongrid_iso; then # Remove setup from auto launching @@ -365,7 +365,7 @@ if [[ $is_desktop ]]; then exit 0 fi fi -# fi + fi # If you got this far then you want to join the grid is_minion=true @@ -574,6 +574,17 @@ if ! [[ -f $install_opt_file ]]; then check_manager_connection set_minion_info whiptail_end_settings + + elif [[ $is_desktop ]]; then + info "Setting up as node type desktop" + #check_requirements "desktop" + networking_needful + collect_mngr_hostname + add_mngr_ip_to_hosts + check_manager_connection + set_minion_info + whiptail_end_settings + fi if [[ $waitforstate ]]; then From 1c3d3d703ce4baf6e445721afd8facd53905c232 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Tue, 29 Aug 2023 08:56:01 -0400 Subject: [PATCH 02/13] add desktop.map.jinja for global vars --- salt/vars/desktop.map.jinja | 1 + 1 file changed, 1 insertion(+) create mode 100644 salt/vars/desktop.map.jinja diff --git a/salt/vars/desktop.map.jinja b/salt/vars/desktop.map.jinja new file mode 100644 index 000000000..964f69663 --- /dev/null +++ b/salt/vars/desktop.map.jinja @@ -0,0 +1 @@ +{% set ROLE_GLOBALS = {} %} From a1b1294247d2464b66a56a22a400bb7341daff1c Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Tue, 29 Aug 2023 09:05:01 -0400 Subject: [PATCH 03/13] desktop doesnt need docker state --- salt/logrotate/init.sls | 1 + salt/top.sls | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/salt/logrotate/init.sls b/salt/logrotate/init.sls index 1b096f9db..bdfc3b86c 100644 --- a/salt/logrotate/init.sls +++ b/salt/logrotate/init.sls @@ -3,6 +3,7 @@ logrotateconfdir: file.directory: - name: /opt/so/conf/logrotate + - makedirs: True commonlogrotatescript: file.managed: diff --git a/salt/top.sls b/salt/top.sls index 2323731a1..4a605b13c 100644 --- a/salt/top.sls +++ b/salt/top.sls @@ -28,12 +28,12 @@ base: - motd - salt.minion-check - salt.lasthighstate - - docker 'not *_desktop and G@saltversion:{{saltversion}}': - match: compound - common - + - docker + '*_sensor and G@saltversion:{{saltversion}}': - match: compound - sensor From 67ea7d31e110da56301dda1f49b84df7f1888df8 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Tue, 29 Aug 2023 09:32:10 -0400 Subject: [PATCH 04/13] dont exec so-setup desktop --- setup/so-functions | 4 +--- setup/so-whiptail | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index fc0876248..9f7e61fa1 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1664,9 +1664,7 @@ process_installtype() { elif [ "$install_type" = 'RECEIVER' ]; then is_receiver=true elif [ "$install_type" = 'DESKTOP' ]; then - if [ "$setup_type" != 'desktop' ]; then - exec bash so-setup desktop - fi + is_desktop=true fi } diff --git a/setup/so-whiptail b/setup/so-whiptail index c55e2db8f..01c0ffde9 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -678,9 +678,7 @@ whiptail_install_type_dist_existing() { elif [ "$install_type" = 'RECEIVER' ]; then is_receiver=true elif [ "$install_type" = 'DESKTOP' ]; then - if [ "$setup_type" != 'desktop' ]; then - exec bash so-setup desktop - fi + is_desktop=true fi local exitstatus=$? From 532b2c222a1180663dbc5420fe7cbd157c7c49d9 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Tue, 29 Aug 2023 10:16:51 -0400 Subject: [PATCH 05/13] edit other/desktop install whiptail --- setup/so-whiptail | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/so-whiptail b/setup/so-whiptail index 01c0ffde9..702949813 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -692,7 +692,7 @@ whiptail_install_type_other() { install_type=$(whiptail --title "$whiptail_title" --menu \ "Choose node type:" 10 65 2 \ - "DESKTOP" "Setup will run 'so-setup desktop' " 3>&1 1>&2 2>&3) + "DESKTOP" 3>&1 1>&2 2>&3) local exitstatus=$? whiptail_check_exitstatus $exitstatus From 0455063a39500fad28ba6fb8c0521244211dd01c Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Tue, 29 Aug 2023 10:26:29 -0400 Subject: [PATCH 06/13] edit other/desktop install whiptail --- setup/so-whiptail | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/so-whiptail b/setup/so-whiptail index 702949813..6188406cb 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -692,7 +692,7 @@ whiptail_install_type_other() { install_type=$(whiptail --title "$whiptail_title" --menu \ "Choose node type:" 10 65 2 \ - "DESKTOP" 3>&1 1>&2 2>&3) + "DESKTOP" "Install Security Onion Desktop " 3>&1 1>&2 2>&3) local exitstatus=$? whiptail_check_exitstatus $exitstatus From a4dc48237215eb3f87e377a28d5077f08be915ba Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Tue, 29 Aug 2023 13:10:06 -0400 Subject: [PATCH 07/13] add is_desktop_grid var --- setup/so-functions | 2 +- setup/so-whiptail | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/setup/so-functions b/setup/so-functions index 9f7e61fa1..4e105dcd6 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1883,7 +1883,7 @@ securityonion_repo() { if [ -n "$(ls -A /etc/yum.repos.d/ 2>/dev/null)" ]; then logCmd "mv -v /etc/yum.repos.d/* /root/oldrepos/" fi - if [[ $is_desktop_iso ]]; then + if [[ ! $is_desktop_grid ]]; then gpg_rpm_import if [[ ! $is_airgap ]]; then echo "https://repo.securityonion.net/file/so-repo/prod/2.4/oracle/9" > /etc/yum/mirror.txt diff --git a/setup/so-whiptail b/setup/so-whiptail index 6188406cb..62f60a84a 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -58,6 +58,8 @@ whiptail_desktop_install() { whiptail --title "$whiptail_title" \ --yesno "$message" 11 75 --defaultno + is_desktop_grid=$? + } whiptail_desktop_nongrid_iso() { From ae01da780e242ddc084e3fb7907a952d0599cb88 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Wed, 30 Aug 2023 09:10:59 -0400 Subject: [PATCH 08/13] desktop network install nongrid --- setup/so-functions | 2 +- setup/so-setup | 61 +++++++++++++++++++++++----------------------- setup/so-whiptail | 6 ++++- 3 files changed, 37 insertions(+), 32 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 4e105dcd6..1c0cad2a7 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1883,7 +1883,7 @@ securityonion_repo() { if [ -n "$(ls -A /etc/yum.repos.d/ 2>/dev/null)" ]; then logCmd "mv -v /etc/yum.repos.d/* /root/oldrepos/" fi - if [[ ! $is_desktop_grid ]]; then + if ! $is_desktop_grid; then gpg_rpm_import if [[ ! $is_airgap ]]; then echo "https://repo.securityonion.net/file/so-repo/prod/2.4/oracle/9" > /etc/yum/mirror.txt diff --git a/setup/so-setup b/setup/so-setup index b946c06c8..61c0d88e3 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -333,38 +333,39 @@ if [[ $is_desktop ]]; then exit 1 fi - if ! whiptail_desktop_install; then - if [[ $is_desktop_iso ]]; then - if whiptail_desktop_nongrid_iso; then - # Remove setup from auto launching - parse_install_username - sed -i '$ d' /home/$INSTALLUSERNAME/.bash_profile >> "$setup_log" 2>&1 - securityonion_repo - info "Enabling graphical interface and setting it to load at boot" - systemctl set-default graphical.target - info "Setting desktop background" - set_desktop_background - echo "Desktop Install Complete!" - echo "" - echo "Please reboot to start graphical interface." - exit 0 + whiptail_desktop_install + if ! is_desktop_grid; then + if [[ $is_desktop_iso ]]; then + if whiptail_desktop_nongrid_iso; then + # Remove setup from auto launching + parse_install_username + sed -i '$ d' /home/$INSTALLUSERNAME/.bash_profile >> "$setup_log" 2>&1 + securityonion_repo + info "Enabling graphical interface and setting it to load at boot" + systemctl set-default graphical.target + info "Setting desktop background" + set_desktop_background + echo "Desktop Install Complete!" + echo "" + echo "Please reboot to start graphical interface." + exit 0 + else + # Abort! + exit 0 + fi else - # Abort! - exit 0 + if whiptail_desktop_nongrid_network; then + info "" + info "" + info "Kicking off the automated setup of the Security Onion Desktop. This can take a while depending on your network connection." + info "" + info "" + desktop_salt_local + else + # Abort! + exit 0 + fi fi - else - if whiptail_desktop_nongrid_network; then - info "" - info "" - info "Kicking off the automated setup of the Security Onion Desktop. This can take a while depending on your network connection." - info "" - info "" - desktop_salt_local - else - # Abort! - exit 0 - fi - fi fi # If you got this far then you want to join the grid diff --git a/setup/so-whiptail b/setup/so-whiptail index 62f60a84a..8fd3b5fdd 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -58,7 +58,11 @@ whiptail_desktop_install() { whiptail --title "$whiptail_title" \ --yesno "$message" 11 75 --defaultno - is_desktop_grid=$? + if [ $? -eq 0 ]; then + is_desktop_grid=true + else + is_desktop_grid=false + fi } From 97587064f8dd55b427d362c76748e73c581ce936 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Wed, 30 Aug 2023 09:48:52 -0400 Subject: [PATCH 09/13] remove packages from nongrid desktop install --- setup/so-functions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/so-functions b/setup/so-functions index 1c0cad2a7..eab98b849 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -91,7 +91,7 @@ desktop_salt_local() { securityonion_repo gpg_rpm_import # Install salt - logCmd "yum -y install salt-minion-$SALTVERSION httpd-tools python3 python36-docker python36-dateutil python36-m2crypto python36-mysql python36-packaging python36-lxml yum-utils device-mapper-persistent-data lvm2 openssl jq" + logCmd "yum -y install salt-minion-$SALTVERSION httpd-tools python3 python3-dateutil yum-utils device-mapper-persistent-data lvm2 openssl jq" logCmd "yum -y update --exclude=salt*" logCmd "salt-call state.apply desktop --local --file-root=../salt/ -l info" From a3eeba4761991448fbaf3eb0ae48383e5681a3dc Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Wed, 30 Aug 2023 09:51:09 -0400 Subject: [PATCH 10/13] do networking_needful for nongrid desktop network install --- setup/so-setup | 1 + 1 file changed, 1 insertion(+) diff --git a/setup/so-setup b/setup/so-setup index 61c0d88e3..de117331d 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -355,6 +355,7 @@ if [[ $is_desktop ]]; then fi else if whiptail_desktop_nongrid_network; then + networking_needful info "" info "" info "Kicking off the automated setup of the Security Onion Desktop. This can take a while depending on your network connection." From 8381fa1d4220d0943eb5efc703c8040bf505d923 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Wed, 30 Aug 2023 10:26:24 -0400 Subject: [PATCH 11/13] cant import globals because of nongrid desktop install~ --- salt/desktop/xwindows.sls | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/salt/desktop/xwindows.sls b/salt/desktop/xwindows.sls index b18109d45..66e4c9a05 100644 --- a/salt/desktop/xwindows.sls +++ b/salt/desktop/xwindows.sls @@ -1,7 +1,5 @@ -{% from 'vars/globals.map.jinja' import GLOBALS %} - {# we only want this state to run it is CentOS #} -{% if GLOBALS.os == 'OEL' %} +{% if grains.os == 'OEL' %} include: - desktop.packages From b14614ae53f055cb75be9fab8744dfcf7a811639 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Wed, 30 Aug 2023 10:32:13 -0400 Subject: [PATCH 12/13] need $ for vars --- setup/so-setup | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/so-setup b/setup/so-setup index de117331d..f6e5c8c4e 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -334,7 +334,7 @@ if [[ $is_desktop ]]; then fi whiptail_desktop_install - if ! is_desktop_grid; then + if ! $is_desktop_grid; then if [[ $is_desktop_iso ]]; then if whiptail_desktop_nongrid_iso; then # Remove setup from auto launching From b45e114ef25389be5fb97d1a8dc896e8b872d887 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Wed, 30 Aug 2023 10:41:34 -0400 Subject: [PATCH 13/13] cant use GLOBALS var due to desktop nongrid install --- salt/desktop/packages.sls | 4 +--- salt/desktop/remove_gui.sls | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index 524c2c266..3817f2e80 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -1,7 +1,5 @@ -{% from 'vars/globals.map.jinja' import GLOBALS %} - {# we only want this state to run it is CentOS #} -{% if GLOBALS.os == 'OEL' %} +{% if grains.os == 'OEL' %} desktop_packages: pkg.installed: diff --git a/salt/desktop/remove_gui.sls b/salt/desktop/remove_gui.sls index 53d927cbe..d8de07a9a 100644 --- a/salt/desktop/remove_gui.sls +++ b/salt/desktop/remove_gui.sls @@ -1,7 +1,5 @@ -{% from 'vars/globals.map.jinja' import GLOBALS %} - {# we only want this state to run it is CentOS #} -{% if GLOBALS.os == 'OEL' %} +{% if grains.os == 'OEL' %} remove_graphical_target: file.symlink: