CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-02-20 22:15:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

lock and unlock master during soup

Browse Source
This commit is contained in:
m0duspwnens
2020-08-19 11:46:29 -04:00
parent f57e0fbc56
commit 2f0ffffca4
1 changed files with 10 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
salt/common/tools/sbin/soup
View File

@@ -88,25 +88,19 @@ highstate() {
} }
masterlock() { masterlock() {
# Lock the ACL to just the manager TOPFILE=/opt/so/saltstack/default/salt/top.sls
cp -v /etc/salt/master /etc/salt/master.upgrade BACKUPTOPFILE=/opt/so/saltstack/default/salt/top.sls.backup
echo "peer:" >> /etc/salt/master mv -v $TOPFILE $BACKUPTOPFILE
echo " *_manager:" >> /etc/salt/master echo "base:" > $TOPFILE
echo " - .*" >> /etc/salt/master echo " $MINIONID:" >> $TOPFILE
echo " *_standalone:" >> /etc/salt/master echo " - ca" >> $TOPFILE
echo " - .*" >> /etc/salt/master echo " - ssl" >> $TOPFILE
echo " *_managersearch:" >> /etc/salt/master echo " - elasticsearch" >> $TOPFILE
echo " - .*" >> /etc/salt/master
echo " *_eval:" >> /etc/salt/master
echo " - .*" >> /etc/salt/master
echo " *_helix:" >> /etc/salt/master
echo " - .*" >> /etc/salt/master
echo " *_import:" >> /etc/salt/master
echo " - .*" >> /etc/salt/master
} }
masterunlock() { masterunlock() {
mv /etc/salt/master.upgrade /etc/salt/master mv -v $BACKUPTOPFILE $TOPFILE
} }
pillar_changes() { pillar_changes() {