CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 18:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

[feat] Init network + soremote key early

Browse Source
This commit is contained in:
William Wernert
2020-12-08 14:03:21 -05:00
parent 65d994a2f8
commit 4210d25fae
2 changed files with 41 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
setup/so-setup
View File

@@ -205,14 +205,12 @@ fi
# Check if this is an airgap install # Check if this is an airgap install
if [[ $is_manager ]]; then if [[ $is_manager && $is_iso ]]; then
if [[ $is_iso ]]; then
whiptail_airgap whiptail_airgap
if [[ "$INTERWEBS" == 'AIRGAP' ]]; then if [[ "$INTERWEBS" == 'AIRGAP' ]]; then
is_airgap=true is_airgap=true
fi fi
fi fi
fi
if [[ $is_manager && $is_sensor ]]; then if [[ $is_manager && $is_sensor ]]; then
check_requirements "standalone" check_requirements "standalone"
@@ -226,10 +224,6 @@ elif [[ $is_import ]]; then
check_requirements "import" check_requirements "import"
fi fi
if [[ ! $is_import ]]; then
whiptail_patch_schedule
fi
case "$setup_type" in case "$setup_type" in
'iso') 'iso')
whiptail_set_hostname whiptail_set_hostname
@@ -243,8 +237,6 @@ case "$setup_type" in
whiptail_management_interface_dns whiptail_management_interface_dns
whiptail_management_interface_dns_search whiptail_management_interface_dns_search
fi fi
#collect_adminuser_inputs
;; ;;
'network') 'network')
whiptail_network_notice whiptail_network_notice
@@ -254,6 +246,22 @@ case "$setup_type" in
;; ;;
esac esac
if [[ $is_minion ]]; then
whiptail_management_server
fi
whiptail_management_interface_setup
if [[ "$setup_type" == 'iso' ]]; then
# Init networking so rest of install works
set_hostname
set_management_interface
fi
if [[ $is_minion || $is_import ]]; then
[ "$automated" == no ] && copy_ssh_key >> $setup_log 2>&1
fi
short_name=$(echo "$HOSTNAME" | awk -F. '{print $1}') short_name=$(echo "$HOSTNAME" | awk -F. '{print $1}')
MINION_ID=$(echo "${short_name}_${install_type}" | tr '[:upper:]' '[:lower:]') MINION_ID=$(echo "${short_name}_${install_type}" | tr '[:upper:]' '[:lower:]')
@@ -320,6 +328,10 @@ if [[ $is_helix || $is_sensor || $is_import ]]; then
calculate_useable_cores calculate_useable_cores
fi fi
if [[ ! $is_import ]]; then
whiptail_patch_schedule
fi
whiptail_homenet_manager whiptail_homenet_manager
whiptail_dockernet_check whiptail_dockernet_check
@@ -365,10 +377,6 @@ if [[ $is_distmanager || ( $is_sensor || $is_node || $is_fleet_standalone ) && !
fi fi
fi fi
if [[ $is_minion ]]; then
whiptail_management_server
fi
if [[ $is_distmanager ]]; then if [[ $is_distmanager ]]; then
collect_soremote_inputs collect_soremote_inputs
fi fi
@@ -436,11 +444,6 @@ if [[ -n "$TURBO" ]]; then
use_turbo_proxy use_turbo_proxy
fi fi
if [[ "$setup_type" == 'iso' ]]; then
set_hostname >> $setup_log 2>&1
set_management_interface
fi
disable_ipv6 disable_ipv6
if [[ "$setup_type" != 'iso' ]]; then if [[ "$setup_type" != 'iso' ]]; then
@@ -495,7 +498,6 @@ fi
if [[ $is_minion || $is_import ]]; then if [[ $is_minion || $is_import ]]; then
set_updates >> $setup_log 2>&1 set_updates >> $setup_log 2>&1
[ "$automated" == no ] && copy_ssh_key >> $setup_log 2>&1
fi fi
if [[ $is_manager && $is_airgap ]]; then if [[ $is_manager && $is_airgap ]]; then

16
setup/so-whiptail
View File

@@ -765,6 +765,22 @@ whiptail_management_nic() {
} }
whiptail_management_interface_setup() {
[ -n "$TESTING" ] && return
local minion_msg
if [[ $is_minion || $is_import ]]; then
minion_msg=" and copy the ssh key for soremote to the manager"
else
minion_msg=""
fi
whiptail --title "Security Onion Setup" --yesno "Setup will now initialize networking$minion_msg. Select YES to continue or NO to cancel." 8 75
local exitstatus=$?
whiptail_check_exitstatus $exitstatus
}
whiptail_nids() { whiptail_nids() {
[ -n "$TESTING" ] && return [ -n "$TESTING" ] && return