CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-16 05:53:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

modify soup to update soup scripts without using salt

Browse Source
This commit is contained in:
m0duspwnens
2024-02-13 11:04:26 -05:00
parent e713b4c660
commit 3efaba1104
3 changed files with 20 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
salt/manager/tools/sbin/soup
View File

@@ -794,21 +794,14 @@ verify_latest_update_script() {
echo "This version of the soup script is up to date. Proceeding."
else
echo "You are not running the latest soup version. Updating soup and its components. This might take multiple runs to complete."
cp $UPDATE_DIR/salt/manager/tools/sbin/soup $DEFAULT_SALT_DIR/salt/manager/tools/sbin/
cp $UPDATE_DIR/salt/common/tools/sbin/so-common $DEFAULT_SALT_DIR/salt/common/tools/sbin/
cp $UPDATE_DIR/salt/common/tools/sbin/so-image-common $DEFAULT_SALT_DIR/salt/common/tools/sbin/
cp $UPDATE_DIR/salt/manager/tools/sbin/so-firewall $DEFAULT_SALT_DIR/salt/manager/tools/sbin/
salt-call state.apply common.soup_scripts queue=True -linfo --file-root=$UPDATE_DIR/salt --local
# Verify that soup scripts updated as expected
get_soup_script_hashes
if [[ "$CURRENTSOUP" == "$GITSOUP" && "$CURRENTCMN" == "$GITCMN" && "$CURRENTIMGCMN" == "$GITIMGCMN" && "$CURRENTSOFIREWALL" == "$GITSOFIREWALL" ]]; then
echo "Succesfully updated soup scripts."
else
# When STIGs are enabled soup scripts will fail to update using --file-root --local.
# After checking that the expected hashes are not present, retry updating soup scripts using salt master.
echo "There was a problem updating soup scripts.. Trying to rerun script update"
salt-call state.apply common.soup_scripts queue=True -linfo
fi
rm -f $DEFAULT_SALT_DIR/salt/common/tools/sbin/soup
rm -f $DEFAULT_SALT_DIR/salt/common/tools/sbin/so-firewall
cp $UPDATE_DIR/salt/common/tools/sbin/* $DEFAULT_SALT_DIR/salt/common/tools/sbin/.
cp $UPDATE_DIR/salt/common/tools/sbin/* /usr/sbin/.
cp $UPDATE_DIR/salt/manager/tools/sbin/* $DEFAULT_SALT_DIR/salt/manager/tools/sbin/.
cp $UPDATE_DIR/salt/manager/tools/sbin/* /usr/sbin/.
echo ""
echo "The soup script has been modified. Please run soup again to continue the upgrade."
exit 0