From 348c2feee2dc7fb65d078c968ce115a3e785ce75 Mon Sep 17 00:00:00 2001
From: Jason Ertel <jason.ertel@securityonionsolutions.com>
Date: Wed, 28 Oct 2020 11:06:57 -0400
Subject: [PATCH] Prevent usage of dollar signs in admin passwords during setup

---
 salt/common/tools/sbin/so-common | 2 +-
 setup/so-whiptail                | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/salt/common/tools/sbin/so-common b/salt/common/tools/sbin/so-common
index b1dd425f8..43fdb8e01 100755
--- a/salt/common/tools/sbin/so-common
+++ b/salt/common/tools/sbin/so-common
@@ -48,6 +48,6 @@ check_container() {
 
 check_password() {
     local password=$1
-    echo "$password" | egrep -v "'|\"|\\\\" > /dev/null 2>&1
+    echo "$password" | egrep -v "'|\"|\\$|\\\\" > /dev/null 2>&1
     return $?
 }
\ No newline at end of file
diff --git a/setup/so-whiptail b/setup/so-whiptail
index 393c2c4af..cc37f0545 100755
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -384,7 +384,7 @@ whiptail_invalid_pass_characters_warning() {
 
 	[ -n "$TESTING" ] && return
 
-	whiptail --title "Security Onion Setup" --msgbox "Password is invalid. Please exclude single quotes, double quotes and backslashes from the password." 8 75
+	whiptail --title "Security Onion Setup" --msgbox "Password is invalid. Please exclude single quotes, double quotes, dollar signs, and backslashes from the password." 8 75
 }
 
 whiptail_cur_close_days() {