diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup index d5a73666b..14c803faf 100755 --- a/salt/common/tools/sbin/soup +++ b/salt/common/tools/sbin/soup @@ -399,6 +399,7 @@ preupgrade_changes() { [[ "$INSTALLEDVERSION" == 2.3.30 || "$INSTALLEDVERSION" == 2.3.40 ]] && up_to_2.3.50 [[ "$INSTALLEDVERSION" == 2.3.50 || "$INSTALLEDVERSION" == 2.3.51 || "$INSTALLEDVERSION" == 2.3.52 || "$INSTALLEDVERSION" == 2.3.60 || "$INSTALLEDVERSION" == 2.3.61 || "$INSTALLEDVERSION" == 2.3.70 ]] && up_to_2.3.80 [[ "$INSTALLEDVERSION" == 2.3.80 ]] && up_to_2.3.90 + [[ "$INSTALLEDVERSION" == 2.3.90 || "$INSTALLEDVERSION" == 2.3.91 ]] && up_to_2.3.100 true } @@ -410,6 +411,7 @@ postupgrade_changes() { [[ "$POSTVERSION" == 2.3.21 || "$POSTVERSION" == 2.3.30 ]] && post_to_2.3.40 [[ "$POSTVERSION" == 2.3.40 || "$POSTVERSION" == 2.3.50 || "$POSTVERSION" == 2.3.51 || "$POSTVERSION" == 2.3.52 ]] && post_to_2.3.60 [[ "$POSTVERSION" == 2.3.60 || "$POSTVERSION" == 2.3.61 || "$POSTVERSION" == 2.3.70 || "$POSTVERSION" == 2.3.80 ]] && post_to_2.3.90 + [[ "$POSTVERSION" == 2.3.90 || "$POSTVERSION" == 2.3.91 ]] && post_to_2.3.100 true } @@ -459,11 +461,12 @@ post_to_2.3.90() { fi fi - - POSTVERSION=2.3.90 } +post_to_2.3.100() { + echo "Post Processing for .100" +} up_to_2.3.20(){ DOCKERSTUFFBIP=$(echo $DOCKERSTUFF | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24 @@ -615,6 +618,9 @@ up_to_2.3.90() { fi done + # There was a bug in 2.3.0 so-firewall addhostgroup that was resolved in 2.3.1 - commit 32294eb2ed30ac74b15bb4bfab687084a928daf2 + echo "Verify so-firewall is up to date" + verify_latest_so-firewall_script # Create Endgame Hostgroup echo "Adding endgame hostgroup with so-firewall" if so-firewall addhostgroup endgame 2>&1 | grep -q 'Already exists'; then @@ -657,6 +663,14 @@ up_to_2.3.90() { INSTALLEDVERSION=2.3.90 } +up_to_2.3.100() { + echo "Updating to Security Onion to 2.3.100" + echo "Populating the mine with network.ip_addrs pillar.host.mainint for each host." + set +e + salt \* cmd.run cmd='MAININT=$(salt-call pillar.get host:mainint --out=newline_values_only) && salt-call mine.send name=network.ip_addrs interface="$MAININT"' + set -e + fix_wazuh +} verify_upgradespace() { CURRENTSPACE=$(df -BG / | grep -v Avail | awk '{print $4}' | sed 's/.$//') @@ -853,22 +867,45 @@ verify_latest_update_script() { fi } +verify_latest_so-firewall_script() { + # Check to see if the so-firewall script matches. If not run the new one. + CURRENTSOFIREWALL=$(md5sum /usr/sbin/so-firewall | awk '{print $1}') + GITSOFIREWALL=$(md5sum $UPDATE_DIR/salt/common/tools/sbin/so-firewall | awk '{print $1}') + + if [[ "$CURRENTSOFIREWALL" == "$GITSOFIREWALL" ]]; then + echo "This version of the so-firewall script is up to date. Proceeding." + else + echo "You are not running the latest version of so-firewall. Updating so-firewall." + cp $UPDATE_DIR/salt/common/tools/sbin/so-firewall $DEFAULT_SALT_DIR/salt/common/tools/sbin/ + cp $UPDATE_DIR/salt/common/tools/sbin/so-firewall /usr/sbin/ + echo "" + echo "so-firewall has been updated." + fi +} + apply_hotfix() { if [[ "$INSTALLEDVERSION" == "2.3.90" ]] ; then - FILE="/nsm/wazuh/etc/ossec.conf" - echo "Detecting if ossec.conf needs corrected..." - if head -1 $FILE | grep -q "xml version"; then - echo "$FILE has an XML header; removing" - sed -i 1d $FILE - so-wazuh-restart - else - echo "$FILE does not have an XML header, so no changes are necessary." - fi + fix_wazuh else echo "No actions required. ($INSTALLEDVERSION/$HOTFIXVERSION)" fi } +fix_wazuh() { + FILE="/nsm/wazuh/etc/ossec.conf" + echo "Detecting if $FILE needs corrected..." + if [ -f "$FILE" ]; then + if head -1 $FILE | grep -q "xml version"; then + echo "$FILE has an XML header; removing" + sed -i 1d $FILE + so-wazuh-restart + else + echo "$FILE does not have an XML header, so no changes are necessary." + fi + else + echo "$FILE does not exist, so no changes are necessary." + fi +} main() { trap 'check_err $?' EXIT