From 2fba02f71b226be18059bdb15e7a4891e2b0f7e6 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 12 Nov 2020 09:29:18 -0500 Subject: [PATCH 01/32] Grab specific digest so re-installs work --- setup/so-functions | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/setup/so-functions b/setup/so-functions index b8616439d..3f6abd555 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -958,7 +958,8 @@ docker_seed_registry() { exit 1 fi # Dump our hash values - docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION | jq '.[0].Created, .[0].RepoDigests, .[0].RootFS.Layers' > $SIGNPATH/$i.txt + docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION | jq '.[0].RepoDigests[] | select(. | contains("$CONTAINER_REGISTRY"))' > $SIGNPATH/$i.txt + docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION | jq '.[0].Created, .[0].RootFS.Layers' >> $SIGNPATH/$i.txt if [[ $? -ne 0 ]]; then echo "Unable to inspect $i" exit 1 From 667800d830cd8e85c13800eadf72d9eec685d6ae Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 12 Nov 2020 09:35:19 -0500 Subject: [PATCH 02/32] Change docker inspect to variable to speed it up --- salt/common/tools/sbin/so-image-common | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/salt/common/tools/sbin/so-image-common b/salt/common/tools/sbin/so-image-common index 46f2d4a0f..9690f5ead 100755 --- a/salt/common/tools/sbin/so-image-common +++ b/salt/common/tools/sbin/so-image-common @@ -112,7 +112,11 @@ update_docker_containers() { exit 1 fi # Dump our hash values - docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION | jq '.[0].Created, .[0].RepoDigests, .[0].RootFS.Layers' > $SIGNPATH/$i.txt + DOCKERINSPECT=$(docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION) + + echo "$DOCKERINSPECT" | jq '.[0].RepoDigests[] | select(. | contains("$CONTAINER_REGISTRY"))' > $SIGNPATH/$i.txt + echo "$DOCKERINSPECT" | jq '.[0].Created, .[0].RootFS.Layers' >> $SIGNPATH/$i.txt + if [[ $? -ne 0 ]]; then echo "Unable to inspect $i:$VERSION" exit 1 @@ -130,4 +134,4 @@ update_docker_containers() { fi done -} \ No newline at end of file +} From 312f99966efa345f28a5642a449e1eff6e7a742b Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 12 Nov 2020 09:39:13 -0500 Subject: [PATCH 03/32] Change docker inspect to a variable to speed it up --- setup/so-functions | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 3f6abd555..6d93fecb8 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -958,9 +958,12 @@ docker_seed_registry() { exit 1 fi # Dump our hash values - docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION | jq '.[0].RepoDigests[] | select(. | contains("$CONTAINER_REGISTRY"))' > $SIGNPATH/$i.txt - docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION | jq '.[0].Created, .[0].RootFS.Layers' >> $SIGNPATH/$i.txt - if [[ $? -ne 0 ]]; then + DOCKERINSPECT=$(docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION) + + echo "$DOCKERINSPECT" | jq '.[0].RepoDigests[] | select(. | contains("$CONTAINER_REGISTRY"))' > $SIGNPATH/$i.txt + echo "$DOCKERINSPECT" | jq '.[0].Created, .[0].RootFS.Layers' >> $SIGNPATH/$i.txt + + if [[ $? -ne 0 ]]; then echo "Unable to inspect $i" exit 1 fi From 04263101cf53739825e72ac5259f7c6ed2146003 Mon Sep 17 00:00:00 2001 From: Automation Date: Thu, 12 Nov 2020 16:15:27 +0000 Subject: [PATCH 04/32] Auto-publish so-kibana image signature --- sigs/images/2.3.10/so-kibana.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-kibana.sig b/sigs/images/2.3.10/so-kibana.sig index d55179fbc91338f5ab799c0d0b8b5fa69a2825e6..ec6539f553d5d7ecd7ec7c2a334b0736f89515de 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KU!DL82@re`V7LBIa1%AO5C3XPP#rL7_q2nkazdMi z2r!AaS32tk(PG>b^rTT|+HhDBt7E{DtP~GRFpfn;FrdLcA$%R6Zs^lxV=tvqNi9Z( z@!2EgRhems`Ood&Ld%R8OpPt?S*XKdtZoe{qJ=A0*^j|9P|#;Z(G!zBc?fM8o6;hTGqI_VV{7#G=2TW-WX)Hq#MkeOa<^;HkXX zeAoE%3f`z2*_|lqucGS1lKs@8D+dzcs*Xl;$(tF%8qIIdzNwxHDk>w+{QMA^Ki^vy h8@Xk&SVUx(=Ef$i+SH4|9o~zb1~D|j1A|wd>uItG2eJSF literal 543 zcmV+)0^t3L0vrSY0RjL91p;5Jq9gzc2@re`V7LBIa1(!s5CDXt*c`Nw z2RLEMoy5~1{LKjADX;lnkO)IMRZygpU*v!^%vp+YUWB+jO9;1_D@8A%EgH8HN&6vd zb+U}A4ggYEV#-4(3YNGn(x>s}`G_5ZB#a}TeZsFxf##OM)^h90zZp8qimvBf5Z}%# z`U~16xEo1xYtpOMJ&l#4>L>HHOWWX?E1K$lF|oZ6!ho~Nh_IsDAib9^QHYf559~T} zIBKR5u-ytgU3zzh?uA|2rOZ?RN3U}fer(%w|M8DQ@Z6o$J<_TpFHOAPWS^lvBTMra zfed3;K1FNInH0Q^Y(>1-FlL-?j+@2cVz97(L8y&wTms)F$=!|2KFW`;d03l}U|xv2 zFhX$Tr?>*8Leur^o@TX05H>T&t`ikvp(git{0BwMQ&klIEZV|kuR_9G>fr@g%gIn$ zL5p-aGew_$N4Pya2!)|*Ah%^H`lqU#+p-|MfGB?G)!mYJ3#d`s`f^{_IXCD9Gaij# z{u;qu%4x-W;XO7C8Zxy^b^AwAhhAh$y2L#9bST Date: Thu, 12 Nov 2020 16:17:22 +0000 Subject: [PATCH 05/32] Auto-publish so-telegraf image signature --- sigs/images/2.3.10/so-telegraf.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-telegraf.sig b/sigs/images/2.3.10/so-telegraf.sig index 1ae3917e63b7a6805ca476aaad2cd626c70cfd19..ec5f07070dcd0a52cb1cc2cad2eee35b5dc03908 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KU=jcd2@re`V7LBIa1-Z05BdVlGRp&*6N$be2_Nhn z+Vj40IyPV5T|2&NVHCoESX_^V5wc1@x1w7@Pnps12jm9eG<(vMHF?CiMp(avVm9eC zO$nJE9ZA)uTeHw(zw!k!aZ|IGpNu$Jc?GCzpQ1 zGtUPFTOr9Sd!X6w2Z$0z=8eTegT80hpnn!F5K+c}J)+a=Jd}URwDdM|=?LfTJ)|;) z@;WjmPs~1f%|?{gaa~Sk(K{4TIBGpAE&eP&&+`Uf_{tVghPze-Lm$f_z}P^nb%Rox zJOEOdy0a?Asd9dkmt+Xlj}8E^r1He7ORfiz%r;zF3?^n<3fb$YM>;yFgEIbDK2?>d zpM*BG9l`#xh=B6v0l@MrcXOyzq~zWmEVx~qIwH0XloFk_J7k@xgwpimgcP!L%#7MUK z%)D#lX>-J*lm)!;^&R?IOJitUix8f2Zb~|#ymH{Co)2k{z40u8{T+{;=1ujBD)$=B zW9+p(nQ&Jg3iMqdKK%65VY~$7Vfq8~=j6b;z9l{&v#1u>st(UatH9Y?$wrG@Z?E`~ hE-3T0W@B*ao5wQ@t%omVyP!WJk>7Z-WtJWZlP>?10;vE1 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5JpJ@OJ2@re`V7LBIa1&Mt5CD(GOYa5h8)v0FXxI%vhYy>xq$PE(rpN=yAtnB9voyEJ(GN}0S0CB8Bkg{H-GHdDa; z6O7_ekOF3y(id@p;3E{>YIT@A?3Lkb*@Ka17xcoBJatp7-2EKc#rf37l{0NESL$2P zTfmlc-1B2;IN!?VCT7%Mm#Q#@A{!~-h`LmVqEecC zd$KaclWBLI^Mp2%2Rx`SIHE!FD%*X7b)Cg1(c3CFOqd__7wn|%V;v>g4hSs;{;g_* zxad;UV05|rq!Qv|-Sc-Vhmy%maTwH{*7$H-2v4EER>^)*3co>;MZ&C^embKTf`Tj~ zVOh;)J9m%sSnXK&rA4`*SAB+)k3&>{^z(}k3vmtJoDyi1U81U+0=X&TTBQe$zn+g? z1A8h+@LGQ!g+&R!G*Zz?X_Q#oglE_sI(sr6dORsNh-DTfZXEuIkKS9yJeRH`A9E)0JXcu&^ZIeJ1Hb?P From e434ccd3d3f3f4f66f3a7735f5fa4abb8e7322e9 Mon Sep 17 00:00:00 2001 From: Automation Date: Thu, 12 Nov 2020 16:18:25 +0000 Subject: [PATCH 06/32] Auto-publish so-soctopus image signature --- sigs/images/2.3.10/so-soctopus.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-soctopus.sig b/sigs/images/2.3.10/so-soctopus.sig index db4016176072d6183c51d2a50a3755b93f9ae782..af780c3ed4a9ab48750c63d3bcd0f32af026ad1b 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KU{L@H2@re`V7LBIa1&%e5C37j$inaH^`zua3WPA^ zolPdrF$)+}MOZs!E_#khPmIQRV-c6(22od*Y}QQ4n65qy|Yo)&)T#TmJ%S zJ5P^4`!CR_7&BI#e(4ql6pU12#KymuAtRTpR9#FNI(EA*m<;8p%jgYfzh>#TG!pDZe|e zKWoLVveyE<>^3Fk<3&W3aUdG4;F3rFf+BTeh6n^Cq;Y*lbu3}z%|nrS%wwH>udWZr z3~ubw9mzvT+YD!q8nWP}4#!THAvo90U<-+GA!0jBojEO!Ulg2u1`GS~V3BQR;oQ%> zpTz+h2SKYs-WYG!A4E5;E h;eLJ=4bo4syqZ4RShh$`TRTX*hx9Xs&3A4QH0z>o_`U!D literal 543 zcmV+)0^t3L0vrSY0RjL91p;5Jp5_1w2@re`V7LBIa1#xj5CFIPKN+wrXZ^3>l*diF z5|k;Q*=!_p4z{I!^E)w#%$Mn^#J(o1@a!%!f0~HE25%Cb*iuF_Y?^=#j}zF5HuZQ* z(W;YpuY(?rpKHn7&-EX6L><|jKtKR@+uD_!FEF}qlb14dR=T|)m@1M+`^JBL^{@(Z zuZ`syEo(8t87lnTVuJ#_!0rnG4s2p0n?_Cad2owM1z3NYq6_WmJ2c(wG z)B2VJDQDy_ZfpP=M0@$yHLnG#U`{0u*rRnE-S3{s*@E;ryu9Hl?|J$N2$lsdz*f&O zWw-A^1!i#oiA}Q^*o9?+V=STUn7m4J(h%7sAO?Y4A$M92DgbVr%7#P&cYO=l1erd-oc2ioqk7uZzLGQ%D3~-M#h%d=rjN}BUOr&k=lcHO@oa|Blj`n2Pee=f5hd4RQM4x9_8B=hi+4fuf^4i+YV01boUE_28kS~j6#Yi-VL2)I h&I3k%jg&5i>>bxUC*v@^i00Q;IO^H{0?;nj9UyEQ{yqQz From fee52f8b864ceb95be5f0ead7d9c65d98c9d499e Mon Sep 17 00:00:00 2001 From: Automation Date: Thu, 12 Nov 2020 16:28:23 +0000 Subject: [PATCH 07/32] Auto-publish so-redis image signature --- sigs/images/2.3.10/so-redis.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-redis.sig b/sigs/images/2.3.10/so-redis.sig index c6c1634cb3ac8b1208971f6c53c06c618cc0e914..73d8e21916c86b6b6a986809321dab44dbf9c9fa 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KVy6HK2@re`V7LBIa1(1i5CEm;%WJLfIAz}8qwgS! z;&a4-WM7HdW{2oP*7}C)E)WU?1-;PsFsPwSejQ<}I@xNML|1OExjk9Ug0v8jrodLn zMcm$SMiYI;Fkb(R5V&B0f|DK~>o%VtTBgFF3ps*1SPUdq_dfrKagfMxn3`+IY$=Mu zdCP1u&BKbM{B|f`1g(N0n7E9@d`|zxHON`le3`4!qTw1Zzer(?4c&5Y7AN}uslGWa zPh)NsAT+`LpjUvf2FKQkt7pTVMkl{p?UTC>To3|TKn}Zegdx@@{G_8An6i#en8*LP zLG>RU;3=4q*F%VZlv%h15aj8p>zumky~PfQu-btfjBb6)8**q@H7Za#20Jd5dAI*$o!4IMP~Ahm&PY3{%5IQ zIwxB!h0WHAmcSzaJ*#VX=CO34c$K&bk%6^`s&fK$e@brbfG*L(k=ZkFbTX9Wt|!+^ h(wrc3k{_5VX621+ zWC3MXE*iRbSv+`sbQW1-@Ya&Q(Q$EPA9lmrl<`Hgi#+JAA!-Fy3d+qS^^;msHVy;7 zPV+Gdo}&;g{d~J9Qe;**Oub;f1Gc(AelsHZH7B9xNc434)f<&*6K~v zx*DUSly}H492?(QEPuGQ|K97S>-&jMgeW>E&RL8QLHTvFSLit+dKCFBa+j*$GszQX zrk?Q%)o(m<3J2Ya4{0;a^cmT1cW5JoA5oj?Y&x<}BQl)%X6|Q~1|ed*Cp(mfMJAd* zllg=t&W!KI(hTMUOX$G&mY_&Cr)wxS)XtUO(6p}lfH4Q#M9G2-b;>ud4>?*}5_3q!sYow0DuFlDiB6L@JeU;^J0B+UFLx!igxb2+oBj2^$&` z%@g(MXkv9Nb~IFWa>o|$v{WN(`M+7U2*PF@0tBl*oL2wP4#$!YUj4@XrsD^k$ zzn^kwJsmzojB3Qf23sVgm6li*uag_hHw%y_z(SbXy+6d@L)AeH*EOAx6lycR4wT+a heOM9$14gxM!g`ajDhlao2S2>)e%&12u5BFD{SFep{j~r9 From aefcb9a491e46480973c80c4a038128cbbcb61df Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 12 Nov 2020 11:28:58 -0500 Subject: [PATCH 08/32] Fix Variable for docker --- setup/so-functions | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 6d93fecb8..cd0baf205 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -949,7 +949,7 @@ docker_seed_registry() { set_progress_str "$percent" "Downloading $i:$VERSION" { echo "Downloading $i" - docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION + docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION # Get signature curl https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/$BRANCH/sigs/images/$VERSION/$i.sig --output $SIGNPATH/$i.sig @@ -960,8 +960,8 @@ docker_seed_registry() { # Dump our hash values DOCKERINSPECT=$(docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION) - echo "$DOCKERINSPECT" | jq '.[0].RepoDigests[] | select(. | contains("$CONTAINER_REGISTRY"))' > $SIGNPATH/$i.txt - echo "$DOCKERINSPECT" | jq '.[0].Created, .[0].RootFS.Layers' >> $SIGNPATH/$i.txt + echo "$DOCKERINSPECT" | jq ".[0].RepoDigests[] | select(. | contains(\"$CONTAINER_REGISTRY\"))" > $SIGNPATH/$i.txt + echo "$DOCKERINSPECT" | jq ".[0].Created, .[0].RootFS.Layers" >> $SIGNPATH/$i.txt if [[ $? -ne 0 ]]; then echo "Unable to inspect $i" From 9b33201ba5b456da0102e10606ca74409dab357d Mon Sep 17 00:00:00 2001 From: Automation Date: Thu, 12 Nov 2020 16:30:56 +0000 Subject: [PATCH 09/32] Auto-publish so-minio image signature --- sigs/images/2.3.10/so-minio.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-minio.sig b/sigs/images/2.3.10/so-minio.sig index 823b0105431330d0971f5cfa00986da57b065181..7826b69cf045ccd65b92816fffc819d5446ff533 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KV?Y232@re`V7LBIa1$Sk5CFgWp*k?Q=Q0}d_jKhQ zj4-bs`F(hhDm(2S!|UgnLet`x5BcSmNxW!^HWdDCIA(-i$w8uYTgJQ&to41oKy&eZ z;@zwX5tIZAo3J7+_q#(9)HaK(u2Pl16rgWQ(!IJ|SKI<*sfFNzYLTgxJa*2*9Ci-t zN5y$h_Ko*~t-5K{_78;pOs{C%`#ikfRaAC|BlD{lfxgF;dZ7ILuO+T{``gz%vaG>x zP8n1nT!4((m7xLq<-1us3)9-Sn@OPQpc_CI4S{5N#uxYp#QSgmV!^D8-m!AWoiiEW z*7t#FCKTrrxh2t#q@5T8{sZp{;qht8q4GOg!??tnRf@}Fa@(j1+bs2P0bpV$ zvs7966#Pn3O?#jhvJv!u$YP50py}!s!;Qp&w*_!sL2^EOrZQf&AnuF8p$s~ zlmUU2A0|A`zE-YR+AWU_nB<7yC7g2W2R|p8>%5=Ix|V=0JLFyDD7sg-u=0E#+&>bL zN|P!11ldue3@2JQwp@XhJ+mXcYx(p3-o4sWA)Amm6%n`eI@r*WN}Y%l>=dQ}iswMv hY!)ne;%Oz>cBGWBTrWl+sg zT|glW*#r1m!L6c7XzOj}+t=q@>IBqOBN&dci+FG(5U{y*if}ppe$?pz0lu8 zbBrM3qCs&n8OHEm_5^N#L1kpoE2^7?dXQNd1XZEfJ%ZKyjKuW;c;#M&rZOd;f$p$#D`>5nk From 7f491545fa57d052d5359451b814661ee2f50ffd Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 12 Nov 2020 11:31:27 -0500 Subject: [PATCH 10/32] Fix Variable for docker inspect --- salt/common/tools/sbin/so-image-common | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/salt/common/tools/sbin/so-image-common b/salt/common/tools/sbin/so-image-common index 9690f5ead..b0c4e5bca 100755 --- a/salt/common/tools/sbin/so-image-common +++ b/salt/common/tools/sbin/so-image-common @@ -113,10 +113,10 @@ update_docker_containers() { fi # Dump our hash values DOCKERINSPECT=$(docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION) - - echo "$DOCKERINSPECT" | jq '.[0].RepoDigests[] | select(. | contains("$CONTAINER_REGISTRY"))' > $SIGNPATH/$i.txt - echo "$DOCKERINSPECT" | jq '.[0].Created, .[0].RootFS.Layers' >> $SIGNPATH/$i.txt - + + echo "$DOCKERINSPECT" | jq ".[0].RepoDigests[] | select(. | contains(\"$CONTAINER_REGISTRY\"))" > $SIGNPATH/$i.txt + echo "$DOCKERINSPECT" | jq ".[0].Created, .[0].RootFS.Layers" >> $SIGNPATH/$i.txt + if [[ $? -ne 0 ]]; then echo "Unable to inspect $i:$VERSION" exit 1 From 67f18a02ea7d6778df6867408d94fa7a941cac74 Mon Sep 17 00:00:00 2001 From: Automation Date: Thu, 12 Nov 2020 16:33:37 +0000 Subject: [PATCH 11/32] Auto-publish so-strelka-frontend image signature --- sigs/images/2.3.10/so-strelka-frontend.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-strelka-frontend.sig b/sigs/images/2.3.10/so-strelka-frontend.sig index 2ab8027e70b4b61ee11798a748137ffacf8e88bc..aa858871e86800c7c1ef20185b4ce479be1925b2 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KW8nY_2@re`V7LBIa1*n{5B(espOkW6Yaag!Xk$(3 zYqSYoI0P-N>d{~*Mesa<9c7D;3ARn`=#!frsprN+MI*#V+#b(3W-+X(-sO9lx|gMN zK5K*6L8_fJ%k+<3bk+O(EM4mAgzfpWb+PkciSyyH7?e+=Mf(r;2uBmL=3!HIh1^E> z62JC+69e`qSAMlt(5#)1vplhE#ach()eWGTZSgeYU;LoRXb-Q05rE&Y!~>9m2-eZz z%BOkG)ocp52ucyDXr8VfNZpy+dhicF8OA}YkYjo{1SbEhl?hG$$gV@U0q|@MzM=Yx z90e&wyvS}GQruNlZD;$`#CsilMWx<Oy+U&FG5F66JE2KtqYTuj+6L(+*Aj;h-tBrYE=${} zc(hSEVF{@B>I_8Jj@9Fhs<#tN$g;P$<7{I2QZ{g%a$ChF=s|}zSgoyBcQSo|*pyM| h+s77{i&@1BJ3;j9@f}NA0O$eB=jyqX(dUEeE_iD55vTwF literal 543 zcmV+)0^t3L0vrSY0RjL91p;5JqdEWz2@re`V7LBIa1({A5CD$C8&VhZ9#8@tJT=ne z^xqHwKu@HOp9o_~!CULhO9k4Q6BBre_i>?26At15?|J*r28~Y)4;|^u0NK~gRo|RO zfw|}TV4qVcyUI>(S0FO{@bsUTY1kF~4*@Gt4_M2`WSV4%43L>7Q-)Ck$SI^f5fyH=gL9H2Ox0*9jf*Xq89{zs8HSIJt0*c1Z^ooB)UAf9DGUn>#KYb`$#* zTJp@*!PbKT1yq}Q`1+ZHhWj){9Ar|3#d94)gC=&k<=TO{`5x)QVOs8DPW@G;tX?XB zc!Fb@NgO5q)?KlxlpC{7TXlGIWso7VA5*t%qqSrLz)ogv53}2|K~B(S#>e{6RD5Az z2o{G_zkzNfOY-24d5QI*-ePyyzzI`$K@vs(GgTFHrXR%z(0>frW(}!gXWBa!5H4n( zCw=(OZo$(DxKRT{{R=;diT6cZ?~wNrQ!Vi_NcwlP{)EAZPgLxR_WAZWnhK2K&PQLy zTqhW|RBvgK3TUMvo7pApQtiT*5Ba{lLNBs5J-`|22b`?RtZr_2 zkdkrK9<-Z%c|$O#>~u#9!H@soh}X?zW07aq7JV`=O85f*3H390ukE>N@ngXCb5^k? h2necsj?%q&l;~LPsQ72c>X{#MI2qas9Na;_s(Tr11Wy0} From f50e6ab929a752f1b47aea1213d671360bbfdfe5 Mon Sep 17 00:00:00 2001 From: Automation Date: Thu, 12 Nov 2020 16:34:12 +0000 Subject: [PATCH 12/32] Auto-publish so-strelka-filestream image signature --- sigs/images/2.3.10/so-strelka-filestream.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-strelka-filestream.sig b/sigs/images/2.3.10/so-strelka-filestream.sig index e20af1d3171163095423f2eb2a0e8ba8b6c9e047..23a22173892311f9d437b884902f8beec60a599c 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWCQ>T2@re`V7LBIa1&Y@5C3>Gi>`${eHtTyEG+e& zb`G;(_O`(8ISdLYPsaof`=v^uX?u*jg5&TLsQb6dZZsMW*^I}s<_lLxf#GT)XR+mX zSM^m7K>RtsjaWIy{nVB>TB$rnzG?|ii_)s=U_*ceaF#oIq##a4{MO5{e6bnTx_(`G zYs46T|4hn80EsDkY9b1vkdn(@0@08gl>t&O3s)@YH2FOXF>>Y{7V#NZjU;V$dd@L) zniy)CRilTH+*`GMf3t!AN(?KuUeJh5j_Lw3fqb(la*KgbX&5cK$7@n6HbB9(g2;F| zbjP}hKLqlUDVIsLU0`tA!o@HRL2SDXFE$tX5Jhfkh_UiSFz^BWpFLTbS5YZEZLhxS z-34UZYOdJb4?@=brFx}W>){t9H$hnFkU|FB+;RW|q_CER!NbnZtB)Dz>iy3&A1G>2 zv-9azL6@1*5@|ioUXA{1U(L0Kq$KAD_q_Pld(QnEY2@fjiT3ZFO7&N^yLO3N4I^>G z{B3ljOhdnW#azluW?q$m)+TqTDd1TnlQ2yo`ztk7Xrq>JHR(Qy5YF7j|B96Z_?61V8`) literal 543 zcmV+)0^t3L0vrSY0RjL91p;5JqY3~D2@re`V7LBIa1%@(5C2PCv~kkjfA%(TV;b5% z&I1!(2_1?@+_1o8tb4H|xVB3i#fJ>5+X!5zxVX-vT$uyAqD$YueH3t$b$2?K#Xfov>I z)$J?=+87Lck`AKYXLw`OtbMUlt)Zl!J|;Ny+gqL%cEpa9?03m$4{Ar)msHaKIN@{{ zpT1d6DH%Um(PRB~kjtApV|0xaKN$vhM!&)>+$7~RLbi8{&2Hley{1vhQcGQFQkNGo zLoQ1NqS@hHzzhny*h(N26YbAt4#uA(2e?w8)rMNnscob4l*cO)%3?ols>W8f#(&2S z14ZS(n0=~QT|XbJ%k>$BkQmB{#_TO|Q|9h+7jOGAeo@`1UW4X)Ax%rbfS8Dik!wSN zCdUDzqsgXF?>V=7u8)(E2>Tbeo6z!fxNoMd4DnN6So}5t%liOsr#$6gSt7Y(=rtMG zE_AKH84p;Q{dd6vdfcR(=UQ%}*sZf{*86#{ABoY24w5HKVy0b)Knzg{v=BAEWl#0< zARE0cG4CzEMM4E%s}XR1DPFrxBubeh%S%(n-(tq5&oh3SS$DIVmSriBd&kR`b^~2d h>_=2M8EUox;JdbH<@;C;!UShVu%=hgR_{TiCj_zx1R4MU From 6c1d5451eb4753f2c07def6a52ddbdcc992e1d13 Mon Sep 17 00:00:00 2001 From: Automation Date: Thu, 12 Nov 2020 16:35:16 +0000 Subject: [PATCH 13/32] Auto-publish so-strelka-backend image signature --- sigs/images/2.3.10/so-strelka-backend.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-strelka-backend.sig b/sigs/images/2.3.10/so-strelka-backend.sig index 10db903c43234104e83b533724aaccd1d629e86e..b7177d12d48fefb77c62c4ffb4f0d9750567dc1a 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWJCZ82@re`V7LBIa1%`35CFQB1JQ$>q4{2vzOq>d z|6}jrHl=I7OE&C!41pj>Z`=!9g~fnVP@MpQYBOfXHwq(16)+w89Q_;QbyNKKJd?QE zI42+3#zG)nu^i)BYJb@xT(>N+)k3RD7j_JmgtN6?@CG7&d3T9Xo44_+{5n{65=$9LL(f=D$NMF%AKq%fxHv^ zd->&8q>D?eyXvSCzH_G9?VY5*MC>e%4{SCwWp?Jo6pt$5v?JENnQPd40bQsEcqxw?gn^#4&Pmf# z(eNgy_3`nf?1Vc)hA3-j0o157tOW*Sgys=_?x2PF!6uXSRaz}CI~*kJaXnu#oV zQ6b*7tk=E))u%0(#i)s;P&QvCyZ?xjO3)prziWmiY^jJ=?{fKr>Nop^P})Wj`D2A{ hNs7l=P0Au>tmu@v&4QsK#S=|WG8xZNQ9*3J51~NJ1knHh literal 543 zcmV+)0^t3L0vrSY0RjL91p;5JqRRjZ2@re`V7LBIa1#;B5CFgU8CIS_zk=t}xEsA| zYP_1*)qrQ+FF8FVZ0`Y11Mq-KTvekDqd$hK5~EW`=mZD)CINX~XX|P6GgaXqFC_~$ z*I$P>V$-e|3QqX2Kp+MD4oA>r#9sm*DRmQ#6Z9Pj{pR$a)xy%b=%D=Fu-n`iU}hS= zi)YZ%EFp=Rh`oA@d>_hhx+bW{G8u1gO$lQgR`VmtgR}J9&*0n-d-RmY1R!Zy8GZ>h zTiS2SFdLwRE{-40T%B;ArgG_gjW6QNf6;h(9tDYw$9PdQZc=D32U2}$ocPL%Q#GoZ zL~oJrC3Nmjc%wnC&;zntvmc5v~8b=&l&B5I@+W3)%x{NV_dx!C# zT3lTeE!8@&r*as#E-WGy?&Bvi45e#zI~J?ri5n(9*mUS4THe)zUVWOM45Sfn(o+Ts z!C(ebSo-58WTF+FJ2C~ql?)bg_%Qn?JA#6na%c(Sp!XihIK6j2;%TxCUYcILgE4Td zKUw438(2YsK`UfB+w%3rLzp`rBVyu+s%=lg7KlnYQZY Date: Thu, 12 Nov 2020 16:36:01 +0000 Subject: [PATCH 14/32] Auto-publish so-freqserver image signature --- sigs/images/2.3.10/so-freqserver.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-freqserver.sig b/sigs/images/2.3.10/so-freqserver.sig index e324d53e087f400ed90bc07972838ae24d5bd2e9..c082343fc02ddd479a94b12ed299e2e6394835af 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWN`or2@re`V7LBIa1&S85C3rnwmt+3$5~yb)e83d zF;cj~o@MphL@g?PJUaLN%2ZJ_1UxBIUOXb4ya4jDv^A;Y<9LUWu7f6y%j%KhsOP*mM0lTyb zaC4S`Co{h~S7b^tVXW3Zh9_~oV$_bOq-ey6oeK3>>y-^?-V402&RKq+6$=9h;eOr&%>c{^uR2a>K!anI8WFUNY^1(7~wS|HB5 z)5#4$Syl#_7OY0{6IfAz?L$SL`1vNVOX>+ehwmGfAigYlZb4m(e_3FMdSou3qSM08#N=FjOsh5f zXR^xRuIv?XaXLAh^GeeLE~7Vhfb8BEfX4p|BO=%r&e{g&MUjDDwx5bs(p2KYOo@Q! za#bgD5fnn$W7EZuQPiKCV{n~WiZw+kza4qU8HMk20lUGjVJA>ss#gAd|gH# z^~`f4e0xpmfla`nxu^?Qbd*nRFdAUB_~$!rEGFK4j5tGOumZT4_KuAdo4Qcy(KOc> znPThH94p;><4fB?7KlCYC#%B2nqY6WKJghAI~ Date: Thu, 12 Nov 2020 16:36:51 +0000 Subject: [PATCH 15/32] Auto-publish so-fleet-launcher image signature --- sigs/images/2.3.10/so-fleet-launcher.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-fleet-launcher.sig b/sigs/images/2.3.10/so-fleet-launcher.sig index 776978800c766d02e6467baa0f1df6f4d71e1eec..e1360dab4ad70becaaa9de2b393c1a88a1818c86 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWTOBI2@re`V7LBIa1%G)5B@mhKDzAJ-A{}DB_VX4 zVjZmGMY2y=NiYJAsfblCgaMG(nw>o)aln-!U6#1X|BBi1!(L3t&wsM6z>6BXt*QW< z|LR)Vb7NHPHIJ65)D#k3alB7=l={A#m(U(R-6YMn==B%l6&W&2NG}uE9zXNbcoq=b z!mn>p+nJjB9>%EG`S~u)4(O}7-p$W!W@s9#X?r-_fc~hA)-dcO`3Z>owFuqlke)O8 zEWZng+aL)ZACdoi)jg|kQ`=O{EB`t6J<z zgog`}rC6Pi6+`3rz^H!O#iJ9WnC$Ev-XLh5w2nJXuTs6QbXqg1V_Eg#s$=msasDQ< zBoA=kNPqwL7LJqW=u!Ee8-E1pm@pO(lF2HCef7ezW!U4TZI_`5fJokxo-}D=00cuZ z&#jdbr%N{B9=hV3u~MkLY5af&s*^%v%eQnrCJlns5F>b`qvl@)?@hlMkyPsFu@`P$pVXV4Y#At%YG$Y@X1)Wnhp6u^$BCo@CRnqYmhV&qk;B zuJs$_WBc8sA-t8prAD_;qWtW7$yU7>E~W}ux2#{C`v?lTNKrJfl@LdF8_Eku6%s2S zcxIiVS{;CAqjZ*)cKbx%cU2`+Dr8U(_gh>y*JL&vL=DoZ~ zqGY-ib2rXVH@EK_b-mcv>g-L{iuFDv&suaXP&DK>3<^^T{Y(|!%HD8{B;Bw-4EkwW zx(_WrZ6Qo=)R;%5A}>>jS=&AX#md=6_K>7DX|3>uTMUt2pcYeF0r_tkDYkr&6LlFN z;TlTAC0zoeCGgR?7h|N-3jJH@9fK@MV3*u759~|PQcNij3T+FVJ0(6ObWy|li>lL?X-)} z3VF`QIVlC{q~~tXnVIxAZ#3h)#h_`!96)2Mh2)=^>6~U14nUKxYJUsb*?&$R9Ch20 hDw6Z`t_a~Y^IL47B^gP0x`IWmjr6E15Xyvn)&4+G2dw}A From 9c0a1bc8b9b2750b79b06c27813dd6bc7ff1f3ee Mon Sep 17 00:00:00 2001 From: Automation Date: Thu, 12 Nov 2020 16:37:24 +0000 Subject: [PATCH 16/32] Auto-publish so-fleet image signature --- sigs/images/2.3.10/so-fleet.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-fleet.sig b/sigs/images/2.3.10/so-fleet.sig index 33afe07229a1f049871bbfd7227e4f012cf646a0..77326a44fb0c963fff541dab636aab477cd60d52 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWWxXo2@re`V7LBIa1(>_5C3EBk>0heq~)1CxgVD) z6Og8`rKxOA=kd5ss416jjqe1IxiM3ngXlr&1L}#-fs&pY=P>-4A2L%auZqe zU_mtVjo?^{pzL|Unn?(^C>7ozOtZHd&vw9NM7JT>Hmx9qO$6EzfG{n9$_N4%Lsa91 zi3sx3(hGisPTg!@?favPBtH%}bQ<>RZLoIO{3K86hS=bXmpsqK6ZcSEPXt6ZV?;Xx zp#D0U53Tw=}6s z9c{KY^t%(-2cYoiG!$HYAPIjX6UJBiL^Kv0b$}1FJdX-R=|A5ZcaNV4%a`+wetOW9 zKF_AkB3gE{BEKEZH>v)Pv)|qcks@q<4X!dHiy6y+7BEhKj-{kRPEhL25VntUm!)kK z5UDGL+Hnxtxxl||IR5fJS5g)o=`Q$ol%Wx hguh;tU!|9+RSXfrPyq`^OUj$B1HHgnF5y>mg!llv1Kt1t literal 543 zcmV+)0^t3L0vrSY0RjL91p;5Jns5LL2@re`V7LBIa1&c}5CEMexO~vCnKFwor$3J+ z4rqfOUWJ*sH7i;JUK32j-%s?vvnX1DP%%_3pPsxXIN&f#bRX?Grc^jB9tS{e>@X=>bo%%RNKG?>(d%=W zrs_~(RNMyT0C?(RgpWESA()q$@CJ{aKtp)1(PAZYO-ZCX6sULgS{BX+F?wqLZ zH)I|`n#3wM=tTNH_PwtDun^)%TonEnl}Z+h7ADuw-+ATYPl3926ybWCEc9RBSz~hZeykxHek+&cxz}&!X zTPTMb?YE$S+=~tG$<@-{Hulf7l+fX-HRc4n_y04CD^x9z5yL@tYP7@sI_8b4#G zAXPQSWkg&r{E(dmAB@1lE*~6KPL?Elul>lPi_CKWn0(jrgPvic6BgMQ*d#vA+3A0J hNYDr@x(o Date: Thu, 12 Nov 2020 16:37:53 +0000 Subject: [PATCH 17/32] Auto-publish so-strelka-manager image signature --- sigs/images/2.3.10/so-strelka-manager.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-strelka-manager.sig b/sigs/images/2.3.10/so-strelka-manager.sig index 63e2c3a2b596acbe5182e6eca1ea5d841c9cd154..51db7bba95d2bb7e764b64562667be61431f7935 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWZ?h`2@re`V7LBIa1&;45Bv$XYDEQFcucq4XpuTf zEGG%rhZvuqpD2Xk#j>h(T};+n077RxWM%Xn1JcB!Wnr2a z1nyRG4V;&=Ke)@B; zDg*j5x2w`FAw-1|Qu(WT1V{#FoOMz3UX`qX>itrr!So@+dRn4#?8JIymw=7CoEOD% zkZ11o=iPuIZHKm0=k!d!XgfXg+$5wI8a1(+KrOIqOWa~xv$fb_*K&t~Nr^~D@1aq_ z9K_Plmf|}csPF+CL?1jwO9yz85u<8rtIVp$bGG?Pq?VEAO&9k2(G=)@UGQ%AY5dyx zG|P)Qua+HH1yqUKmc(0&z4N6X|=f3#yftHovj@(vlPWv73 z;e!)f0cHaAME2i7I5)_oonfA=ELFsvqwP42ykcCG0^ki!#2~`&y8RIV#nU09@2T9f zm5k40p4zWhqnW7=lAFujJ8&~B>2TOK69=S8lv9}?yr(RzwkPtGiP8Ehzm=ZJc?{Us hvSp8KAa-~#UC0%deFF%FB7cegdEFq3P=LAHJLd}B5k~+3 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5Jqi6sM2@re`V7LBIa1;8e5CFfw=Y}5*T<@NSh8 z(#A(E+@(874$e*rCi1ptM44ReNZn*O1iHnR%z#bl zf|Ld&zN3cwn6K$x{j|40Heh From 6194d85180878ed19b98101ee12f643bc5a130db Mon Sep 17 00:00:00 2001 From: Automation Date: Thu, 12 Nov 2020 16:38:38 +0000 Subject: [PATCH 18/32] Auto-publish so-idstools image signature --- sigs/images/2.3.10/so-idstools.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-idstools.sig b/sigs/images/2.3.10/so-idstools.sig index f0ed287f54494120a44f3d0860d8af8bc8a148a0..c8bb591f8d2ef87f66c8560b25b893838686d5e8 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWexxe2@re`V7LBIa1-L85CEgmR#>|HieNfj4fJvN zuc}n{=TO=DM{|M)(gMjg{pL^jBdWL1Md3vflrE|K(weV=YQ9$F72@jU+^B~c;e@7g zu=bvAS1KbwgdB?O1*1>=hmR?1=H@mLk+0lBG^Y<72Z7~W)?i&@pV0rV+c8-8ou+|~ z^KlW~*8vKqBy>+{mz$f<5~3(-XJ_^^c#ageW#WS>FNzo3NIjOveF{P$r9GR~I|8YR zQ~!&nc4lr%w?~ve&z%FTdbv~#EyfWb()2;uY@D*zLb^q^$|T!ZC1noLdWf5{+ zq`G0N63&e6K^%m}eG^6}RNvUcbF@Km=-rwLy zCt^IQ1yp-xkUk8+-Y(z~t!RJ>^iyKri4tRIIgS1kG53N~jTiN1D@F%|@(2y)&DZ4n zUp>aN)1u787k}RY&Hn=1O`hpwksF(LE}23tD_b+=zHJqg*!vPwbBExX7nni;51!K4d%zw#o>s{bQnoM)pJlR!^&fp^*j ziF3&CvZ&v^_1;O5aP18XlVxINa}FVM7&xuaquu7XyoYFk>KrncN`K!73-1=^?c@~X z$ql@|*0QEiu|pP+K;IJ3Y6y7@{2T9HsIDX_4ftA8rHik5m9#?GOqMLa#KyKIq`X1F zh{QcogspcpAW>-nWj<&vvZYiK$f9RjE~tzqzTCF`9lP%M{@XiGe|7<}FFy_Z58j^& zr3iLS)X1hpR<4PXU$e(RO(D&KeHbPYsozJ@!}PO@kt>(4=E-Kg(1D9=2O;on3~X2$ zym?N}4@tN8iuCadPkq0r53dU+1XR?Qfcmz8w#y1HRQwZ;Qg52XZtPkMYYP<}WGGQs z9<`3dkK!SK5$xG8=}kukujE`F;Yr>SRh~g`2o@g&pSJZ8Yge-|LR*|cKqrzwG-kMY zn>;>PZLBoxfhQSCfMOV9sSYLG6vXs?1^Wwu2Grhu8FhpfGncq4!KxUOGL#gDF`D&7 hA}t-8=A~+H=>Yl&NLn8pNL`KInNGmjNr)L+XMMm^{U87U From 7d810800766414b03e2f9e030a33d930ad4be3fe Mon Sep 17 00:00:00 2001 From: Automation Date: Thu, 12 Nov 2020 16:39:24 +0000 Subject: [PATCH 19/32] Auto-publish so-grafana image signature --- sigs/images/2.3.10/so-grafana.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-grafana.sig b/sigs/images/2.3.10/so-grafana.sig index 74300c1e33fbab3e39b09b5a3ccb3d2eb7850ae8..d8fd398104ddc157b26e7dd30579e34e5921bfea 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWjp{12@re`V7LBIa1*ZW5B?{T#e}DmGoP?==DB@m zDXWq3p7(qyQWI5dkqzvtj6?NHt&E3tIb6+8B3dmDqvI=lo|m0?@`d+Y)Gd;gw3q4s zJP6IM{f!F{5oo41^DgxzRgGT>gyz#+SVtd}(2H8m7gaH#Bq%~m&K_`i( zNX|QlVn8Y(%0Tx>EKil+A&mIHR3_TmA1g~#Mr}*N8qYn zQ!B`X5{a6TmOAExq0lVp;Y1H-K< zNo4U>A*v&XunKsICmji^Yh&mL{oDkFPs3jHV_;k`d{MBU&CusCM=_=CUo@CRAM}sn hH^?bzDq3@~^^32Wk&iV}qZu1SO(-<8LY&1dkhhUS3Z4J} literal 543 zcmV+)0^t3L0vrSY0RjL91p;5JoYMdb2@re`V7LBIa1#@65B?%WV-oZ~FRxD17EWqN z(%U~YgC zFTck_Xe<0U+s>Vv&wHMGK>qqs|5^J+t|bltjj%3Kg-hm`|4EecB=y(0U~?~$LjGZo z=sYi3@LF}_5y?%5urh@yt7zhtjjrUGEz$Z#I}#(rtf1*X|8=KH-WG{~%PGh3LJ8KH z6|Lgt`IWys&Zz74`wc|9Bo(b$F+ki3Gpbut6^Bl$(9$==;@Hp{^O}JGG5+nF)kxg?wXP;nrqu z=K6VpSvjy8y6$)$_e_CLh8$~{MQ#5}EdM9H9Ge4^9K(+rdsNkF9J$=a;WvIyX_o?l zN=5A$msm5Q9_#xhNG8fw@n4|~^kIq_#`@ZraMrDdw++ZR_yib|pU6{vWVqqwBc6ut8(xd#^jE+2bqLW@WB*q;xqh6aMQ*t)v3~2xW From af44cce42306b67b48b0e9324787c3ccc7ce39fe Mon Sep 17 00:00:00 2001 From: Automation Date: Thu, 12 Nov 2020 16:39:54 +0000 Subject: [PATCH 20/32] Auto-publish so-acng image signature --- sigs/images/2.3.10/so-acng.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/images/2.3.10/so-acng.sig b/sigs/images/2.3.10/so-acng.sig index 5f2f413ede033fd972caed3354adefac8c20e637..a4c70c3ebb837daef88795a87ad0c4a48d78fa87 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWm*6V2@re`V7LBIa1&4R5C2Nw553BwDY~_zaxXKL zMFsm643A_zjcs~RuGnLkE5p#!-9OCdf0{t3_|dtH-<)kZap;{wvSWf7p$w3MFkJ%7 zT(;Hgxrp>Yt1G0(S$hVh-#)`l(%!y?`= z<0_+F=u`0bvMN>f4QjltzWDCfym~NX;BewiDt4y+iM(Q=CIikuJUNK5i@rlI*Gvsq2LmD5Pndm#dOh6C80wyUQ literal 543 zcmV+)0^t3L0vrSY0RjL91p;5JnaBVN2@re`V7LBIa1#k=5CEAUI4;UK_({u>+z|I< ztsVzdzOSPT#{7rlk@*xl(%J9zB{=|&K;Ea>cW19o^WDu{d40ww%{5E7xPF{h1Ws+-{Ql2-wBIZuX8}(w{$iC@B_hW$4fX zFPnb;-TMgD;zlD}q81g1NmXqdDoZF!Dkhl8Oc#|;WS#1{e`oq29+Kdjq$g7EYzvj` zwFC{@*56p|LzUn0H!kxM$9iBzqf@L{t}4VpFsyC`6yM83kSGG?HSaF7H7II6vg&pe zmxHW4j}H$zuhS4@nrMBG4zAgYH@gqPfV;J`lFJ`kg8(DE^VBvjVu3$DS`!^%>Zyy hLO8C2Z1O}b{Hj3#FFR(aR2O2}_a|iN6}y2CWDKQO|0)0g From cbca2d702f9aee9cf845104f63125485ad1dd89a Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 12 Nov 2020 11:53:30 -0500 Subject: [PATCH 21/32] Add Version back to sig files --- salt/common/tools/sbin/so-features-enable | 57 +++++++++++++++++++---- salt/common/tools/sbin/so-image-common | 8 ++-- setup/so-functions | 8 ++-- 3 files changed, 56 insertions(+), 17 deletions(-) diff --git a/salt/common/tools/sbin/so-features-enable b/salt/common/tools/sbin/so-features-enable index 0f2d694fe..65e9bcec7 100755 --- a/salt/common/tools/sbin/so-features-enable +++ b/salt/common/tools/sbin/so-features-enable @@ -51,22 +51,61 @@ manager_check() { } manager_check + +# Let's make sure we have the public key +curl -sSL https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS | gpg --import - + +CONTAINER_REGISTRY=quay.io +SIGNPATH=/root/sosigs +rm -rf $SIGNPATH +mkdir -p $SIGNPATH +if [ -z "$BRANCH" ]; then + BRANCH="master" +fi + VERSION=$(lookup_pillar soversion) # Modify global.sls to enable Features -sed -i 's/features: False/features: True/' $local_salt_dir/pillar/global.sls SUFFIX="-features" TRUSTED_CONTAINERS=( \ - "so-elasticsearch:$VERSION$SUFFIX" \ - "so-filebeat:$VERSION$SUFFIX" \ - "so-kibana:$VERSION$SUFFIX" \ - "so-logstash:$VERSION$SUFFIX" ) + "so-elasticsearch" \ + "so-filebeat" \ + "so-kibana" \ + "so-logstash" ) for i in "${TRUSTED_CONTAINERS[@]}" do # Pull down the trusted docker image echo "Downloading $i" - docker pull --disable-content-trust=false docker.io/$IMAGEREPO/$i - # Tag it with the new registry destination - docker tag $IMAGEREPO/$i $HOSTNAME:5000/$IMAGEREPO/$i - docker push $HOSTNAME:5000/$IMAGEREPO/$i + docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION$SUFFIX + + # Get signature + curl https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/$BRANCH/sigs/images/$VERSION/$i:$VERSION$SUFFIX.sig --output $SIGNPATH/$i:$VERSION$SUFFIX.sig + if [[ $? -ne 0 ]]; then + echo "Unable to pull signature file for $i:$VERSION$SUFFIX" + exit 1 + fi + # Dump our hash values + DOCKERINSPECT=$(docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION$SUFFIX) + + echo "$DOCKERINSPECT" | jq ".[0].RepoDigests[] | select(. | contains(\"$CONTAINER_REGISTRY\"))" > $SIGNPATH/$i:$VERSION$SUFFIX.txt + echo "$DOCKERINSPECT" | jq ".[0].Created, .[0].RootFS.Layers" >> $SIGNPATH/$i:$VERSION$SUFFIX.txt + + if [[ $? -ne 0 ]]; then + echo "Unable to inspect $i:$VERSION:$SUFFIX" + exit 1 + fi + GPGTEST=$(gpg --verify $SIGNPATH/$i:$VERSION$SUFFIX.sig $SIGNPATH/$i:$VERSION$SUFFIX.txt 2>&1) + if [[ $? -eq 0 ]]; then + # Tag it with the new registry destination + docker tag $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION$SUFFIX $HOSTNAME:5000/$IMAGEREPO/$i:$VERSION$SUFFIX + docker push $HOSTNAME:5000/$IMAGEREPO/$i:$VERSION$SUFFIX + else + echo "There is a problem downloading the $i:$VERSION$SUFFIX image. Details: " + echo "" + echo $GPGTEST + exit 1 + fi + + done +sed -i 's/features: False/features: True/' $local_salt_dir/pillar/global.sls diff --git a/salt/common/tools/sbin/so-image-common b/salt/common/tools/sbin/so-image-common index b0c4e5bca..fe89a0c4a 100755 --- a/salt/common/tools/sbin/so-image-common +++ b/salt/common/tools/sbin/so-image-common @@ -106,7 +106,7 @@ update_docker_containers() { docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION # Get signature - curl https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/$BRANCH/sigs/images/$VERSION/$i.sig --output $SIGNPATH/$i.sig + curl https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/$BRANCH/sigs/images/$VERSION/$i:$VERSION.sig --output $SIGNPATH/$i:$VERSION.sig if [[ $? -ne 0 ]]; then echo "Unable to pull signature file for $i:$VERSION" exit 1 @@ -114,14 +114,14 @@ update_docker_containers() { # Dump our hash values DOCKERINSPECT=$(docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION) - echo "$DOCKERINSPECT" | jq ".[0].RepoDigests[] | select(. | contains(\"$CONTAINER_REGISTRY\"))" > $SIGNPATH/$i.txt - echo "$DOCKERINSPECT" | jq ".[0].Created, .[0].RootFS.Layers" >> $SIGNPATH/$i.txt + echo "$DOCKERINSPECT" | jq ".[0].RepoDigests[] | select(. | contains(\"$CONTAINER_REGISTRY\"))" > $SIGNPATH/$i:$VERSION.txt + echo "$DOCKERINSPECT" | jq ".[0].Created, .[0].RootFS.Layers" >> $SIGNPATH/$i:$VERSION.txt if [[ $? -ne 0 ]]; then echo "Unable to inspect $i:$VERSION" exit 1 fi - GPGTEST=$(gpg --verify $SIGNPATH/$i.sig $SIGNPATH/$i.txt 2>&1) + GPGTEST=$(gpg --verify $SIGNPATH/$i:$VERSION.sig $SIGNPATH/$i:$VERSION.txt 2>&1) if [[ $? -eq 0 ]]; then # Tag it with the new registry destination docker tag $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION $HOSTNAME:5000/$IMAGEREPO/$i:$VERSION diff --git a/setup/so-functions b/setup/so-functions index cd0baf205..86233b4de 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -952,7 +952,7 @@ docker_seed_registry() { docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION # Get signature - curl https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/$BRANCH/sigs/images/$VERSION/$i.sig --output $SIGNPATH/$i.sig + curl https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/$BRANCH/sigs/images/$VERSION/$i:$VERSION.sig --output $SIGNPATH/$i:$VERSION.sig if [[ $? -ne 0 ]]; then echo "Unable to pull signature file for $i:$VERSION" exit 1 @@ -960,14 +960,14 @@ docker_seed_registry() { # Dump our hash values DOCKERINSPECT=$(docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION) - echo "$DOCKERINSPECT" | jq ".[0].RepoDigests[] | select(. | contains(\"$CONTAINER_REGISTRY\"))" > $SIGNPATH/$i.txt - echo "$DOCKERINSPECT" | jq ".[0].Created, .[0].RootFS.Layers" >> $SIGNPATH/$i.txt + echo "$DOCKERINSPECT" | jq ".[0].RepoDigests[] | select(. | contains(\"$CONTAINER_REGISTRY\"))" > $SIGNPATH/$i:$VERSION.txt + echo "$DOCKERINSPECT" | jq ".[0].Created, .[0].RootFS.Layers" >> $SIGNPATH/$i:$VERSION.txt if [[ $? -ne 0 ]]; then echo "Unable to inspect $i" exit 1 fi - GPGTEST=$(gpg --verify $SIGNPATH/$i.sig $SIGNPATH/$i.txt 2>&1) + GPGTEST=$(gpg --verify $SIGNPATH/$i:$VERSION.sig $SIGNPATH/$i:$VERSION.txt 2>&1) if [[ $? -eq 0 ]]; then # Tag it with the new registry destination docker tag $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION $HOSTNAME:5000/$IMAGEREPO/$i:$VERSION From 52e909007f4e6c33787de88a7bdef1e810dda89c Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 12 Nov 2020 16:08:27 -0500 Subject: [PATCH 22/32] Change url and clean up sigs --- salt/common/scripts/dockernet.sh | 8 -------- salt/common/tools/sbin/so-features-enable | 2 +- salt/common/tools/sbin/so-image-common | 2 +- setup/so-functions | 10 +++++----- sigs/images/2.3.10/so-acng.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-curator.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-domainstats.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-elastalert.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-elasticsearch.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-filebeat.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-fleet-launcher.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-fleet.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-freqserver.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-grafana.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-idstools.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-influxdb.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-kibana.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-kratos.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-logstash.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-minio.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-mysql.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-nginx.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-pcaptools.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-playbook.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-redis.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-soc.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-soctopus.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-steno.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-strelka-backend.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-strelka-filestream.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-strelka-frontend.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-strelka-manager.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-suricata.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-tcpreplay.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-telegraf.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-thehive-cortex.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-thehive-es.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-thehive.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-wazuh.sig | Bin 543 -> 0 bytes sigs/images/2.3.10/so-zeek.sig | Bin 543 -> 0 bytes 40 files changed, 7 insertions(+), 15 deletions(-) delete mode 100755 salt/common/scripts/dockernet.sh delete mode 100644 sigs/images/2.3.10/so-acng.sig delete mode 100644 sigs/images/2.3.10/so-curator.sig delete mode 100644 sigs/images/2.3.10/so-domainstats.sig delete mode 100644 sigs/images/2.3.10/so-elastalert.sig delete mode 100644 sigs/images/2.3.10/so-elasticsearch.sig delete mode 100644 sigs/images/2.3.10/so-filebeat.sig delete mode 100644 sigs/images/2.3.10/so-fleet-launcher.sig delete mode 100644 sigs/images/2.3.10/so-fleet.sig delete mode 100644 sigs/images/2.3.10/so-freqserver.sig delete mode 100644 sigs/images/2.3.10/so-grafana.sig delete mode 100644 sigs/images/2.3.10/so-idstools.sig delete mode 100644 sigs/images/2.3.10/so-influxdb.sig delete mode 100644 sigs/images/2.3.10/so-kibana.sig delete mode 100644 sigs/images/2.3.10/so-kratos.sig delete mode 100644 sigs/images/2.3.10/so-logstash.sig delete mode 100644 sigs/images/2.3.10/so-minio.sig delete mode 100644 sigs/images/2.3.10/so-mysql.sig delete mode 100644 sigs/images/2.3.10/so-nginx.sig delete mode 100644 sigs/images/2.3.10/so-pcaptools.sig delete mode 100644 sigs/images/2.3.10/so-playbook.sig delete mode 100644 sigs/images/2.3.10/so-redis.sig delete mode 100644 sigs/images/2.3.10/so-soc.sig delete mode 100644 sigs/images/2.3.10/so-soctopus.sig delete mode 100644 sigs/images/2.3.10/so-steno.sig delete mode 100644 sigs/images/2.3.10/so-strelka-backend.sig delete mode 100644 sigs/images/2.3.10/so-strelka-filestream.sig delete mode 100644 sigs/images/2.3.10/so-strelka-frontend.sig delete mode 100644 sigs/images/2.3.10/so-strelka-manager.sig delete mode 100644 sigs/images/2.3.10/so-suricata.sig delete mode 100644 sigs/images/2.3.10/so-tcpreplay.sig delete mode 100644 sigs/images/2.3.10/so-telegraf.sig delete mode 100644 sigs/images/2.3.10/so-thehive-cortex.sig delete mode 100644 sigs/images/2.3.10/so-thehive-es.sig delete mode 100644 sigs/images/2.3.10/so-thehive.sig delete mode 100644 sigs/images/2.3.10/so-wazuh.sig delete mode 100644 sigs/images/2.3.10/so-zeek.sig diff --git a/salt/common/scripts/dockernet.sh b/salt/common/scripts/dockernet.sh deleted file mode 100755 index b317e4006..000000000 --- a/salt/common/scripts/dockernet.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash - -if [ ! -f /opt/so/state/dockernet.state ]; then - docker network create -d bridge so-elastic-net - touch /opt/so/state/dockernet.state -else - exit -fi diff --git a/salt/common/tools/sbin/so-features-enable b/salt/common/tools/sbin/so-features-enable index 65e9bcec7..3590fca22 100755 --- a/salt/common/tools/sbin/so-features-enable +++ b/salt/common/tools/sbin/so-features-enable @@ -79,7 +79,7 @@ do docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION$SUFFIX # Get signature - curl https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/$BRANCH/sigs/images/$VERSION/$i:$VERSION$SUFFIX.sig --output $SIGNPATH/$i:$VERSION$SUFFIX.sig + curl https://sigs.securityonion.net/$VERSION/$i:$VERSION$SUFFIX.sig --output $SIGNPATH/$i:$VERSION$SUFFIX.sig if [[ $? -ne 0 ]]; then echo "Unable to pull signature file for $i:$VERSION$SUFFIX" exit 1 diff --git a/salt/common/tools/sbin/so-image-common b/salt/common/tools/sbin/so-image-common index fe89a0c4a..c10f255f8 100755 --- a/salt/common/tools/sbin/so-image-common +++ b/salt/common/tools/sbin/so-image-common @@ -106,7 +106,7 @@ update_docker_containers() { docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION # Get signature - curl https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/$BRANCH/sigs/images/$VERSION/$i:$VERSION.sig --output $SIGNPATH/$i:$VERSION.sig + curl https://sigs.securityonion.net/$VERSION/$i:$VERSION.sig --output $SIGNPATH/$i:$VERSION.sig if [[ $? -ne 0 ]]; then echo "Unable to pull signature file for $i:$VERSION" exit 1 diff --git a/setup/so-functions b/setup/so-functions index 86233b4de..00b7ea28c 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -952,18 +952,18 @@ docker_seed_registry() { docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION # Get signature - curl https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/$BRANCH/sigs/images/$VERSION/$i:$VERSION.sig --output $SIGNPATH/$i:$VERSION.sig + curl https://sigs.securityonion.net/$VERSION/$i:$VERSION.sig --output $SIGNPATH/$i:$VERSION.sig if [[ $? -ne 0 ]]; then echo "Unable to pull signature file for $i:$VERSION" exit 1 fi # Dump our hash values - DOCKERINSPECT=$(docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION) + DOCKERINSPECT=$(docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION) - echo "$DOCKERINSPECT" | jq ".[0].RepoDigests[] | select(. | contains(\"$CONTAINER_REGISTRY\"))" > $SIGNPATH/$i:$VERSION.txt - echo "$DOCKERINSPECT" | jq ".[0].Created, .[0].RootFS.Layers" >> $SIGNPATH/$i:$VERSION.txt + echo "$DOCKERINSPECT" | jq ".[0].RepoDigests[] | select(. | contains(\"$CONTAINER_REGISTRY\"))" > $SIGNPATH/$i:$VERSION.txt + echo "$DOCKERINSPECT" | jq ".[0].Created, .[0].RootFS.Layers" >> $SIGNPATH/$i:$VERSION.txt - if [[ $? -ne 0 ]]; then + if [[ $? -ne 0 ]]; then echo "Unable to inspect $i" exit 1 fi diff --git a/sigs/images/2.3.10/so-acng.sig b/sigs/images/2.3.10/so-acng.sig deleted file mode 100644 index a4c70c3ebb837daef88795a87ad0c4a48d78fa87..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWm*6V2@re`V7LBIa1&4R5C2Nw553BwDY~_zaxXKL zMFsm643A_zjcs~RuGnLkE5p#!-9OCdf0{t3_|dtH-<)kZap;{wvSWf7p$w3MFkJ%7 zT(;Hgxrp>Yt1G0(S$hVh-#)`l(%!y?`= z<0_+F=u`0bvMN>f4QjltzWDCfym~NX;BewiDt4y+iM(Q=CIikuJUNK5i@rlI*Gvsq2LmD5Pndm#dOh6C80wyUQ diff --git a/sigs/images/2.3.10/so-curator.sig b/sigs/images/2.3.10/so-curator.sig deleted file mode 100644 index 04319eb5a8dde529246ba3c1191f44ae1891d3c1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5JoPYod2@re`V7LBIa1$V$5C2B`@rCoOhN*uuId+-F zJm8_N`%Sny=^N1A!_lRG$|!T$jd8a`SwKnU6Nn9M_^7J-$cs6p6}#*$P%XKhbHRxJ z25CzR+}>%!(t@?~;kSJ{5E?{h0L)BtOWmE(ok zpd61j{bgW$i)2H_fuf{Gl2niQOTtx@FKBXu2)I)6ZG1h~Uooo#ciBs|@q%kJqS7xy zt-FhfDY*PK8W4%!eV#tC1SJ5#NSuuzK^;7r=~f1x=8IC}12BIV042MPls?WQt5kyc zh2%n6^ zYF6Rg=?j)8$km;N3wIIINfskufl--D5#Mg~GenbjbhC%{RnBxyk{8$y&iK*N6{1K? z^!Afidx=%D`!LgXB%!`D&LnQ-<&}HOl7JZZF@_2iE^r$EbCGhq5!SV%H*QY}y!c|< zq=HR*i%+B;z(iDVURLinc@u^`{~Lp`#A8^3B&kQ&I|7B+imNJ$V$kQe&N&VMaLN!) zudk7eimfqL3UQgs)~8YkSaMH(o~cmJbWU|r<@c?MzOBO+3BM938QdB6hoZrz6Ih|M zcQxKjiQJ7MR^CBTa-fLoxR*OfUYLQ;ucdCt_}f$HWE|P6A`|{f?f$#qJY3ppu2|_q zu@GZSDO$N7P=FC+2Pev*rwk!GrLqIf*|PH9*Y7%yL)Tr{6fJvs`>%)( hr;gRAFzr-47XO{?RN4Z(BhH*5zl0=g83>GvG@Lf5{Ih#8TkO`J9!P=4yy zsj=V?@LI`}Pl_@pwF>Py2-%w{r1QR|DM<0jw}EexgU@o`a^tS@*=XFmgyG5#`}h)D z3?{mx7y8x$Kv+D%m;pbfTF$ZX=;*SE70a+(Fewtvk4t>XTN9`HF?u@wn!;>FJ3nH14B4wo27oon{h`eR8VqO++J-**PxbQA-Cl8U(#1xE zx~_BoT&p;A=Zwmp?n>)Jw+JrJ31f2#8HZbA&KCr#rQ1#xk`BDG@HKac(LD%%G6cKU?ciADB& hZ|GDxWaM<%H>sSX+zi0`G#n$GltnRe&-?O(c_u2lwA|C}_e=Bog2F(uvKy z0GK~(lmsfER`2Y)3kI0u!9C>;AqgdN#{=)_GQzSc{~PK>S+BssvpF|Fb-n@OWJTt> zGcc2^zhPG4Yi(lD1=Nr$!VIQ^iYY3A(4#7>$$L z10z{7+I^IKF&?x<&QA9%M;*Sa9mZ6mdfCkdJX-OcxU`o3~gdk)3rQO)u+?8TO0uEhz4 hL@p9czjzHpQm1CqwtXDE`0mavwP3I>YnZr4=Fy2o2L%8C diff --git a/sigs/images/2.3.10/so-filebeat.sig b/sigs/images/2.3.10/so-filebeat.sig deleted file mode 100644 index b543d83101550a23c6b9e1a877c32947eb5a5ce1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5Jp-%t`2@re`V7LBIa1*GP5C3}j4>z}3TR004e|xt+ z9-#%MD94p@hu$R|i?8XUmprynyE>B&%XEcW!%e9To9@uOS5t8HwKV^e_ir_l~PLX`92wfXQmt}G+6CZmTLgBH#6%6~EU!lMXHe~vG z2vWw#7&sW%I={5%LZK*3m?(nu?xWI-)I~{YX-zM=U$;+m@~s0W64w&`RbTuK4L)1s8xYM74>s z?WBvSaf23;2I7iDTd*OYMEZd9fUAR~ZDa64JPPF3tUs3MR#*IXZCRJ@iKVW6RmxF1 z#mPIpY44FV!6>PduliB7g#1Gag&{a$-;ZlaK%)wxU*vLmfJ zyhhOtIcKI<#Vk=MK~(amRcyqKF~N(W%48Wz=|yQ6^e_165@U%(CTg%FflRH_>mDKa h`>+lO&&&LQXvl6q5l8ey{=dahv6LuD`o_?O$tXQ_0%HIG diff --git a/sigs/images/2.3.10/so-fleet-launcher.sig b/sigs/images/2.3.10/so-fleet-launcher.sig deleted file mode 100644 index e1360dab4ad70becaaa9de2b393c1a88a1818c86..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWTOBI2@re`V7LBIa1%G)5B@mhKDzAJ-A{}DB_VX4 zVjZmGMY2y=NiYJAsfblCgaMG(nw>o)aln-!U6#1X|BBi1!(L3t&wsM6z>6BXt*QW< z|LR)Vb7NHPHIJ65)D#k3alB7=l={A#m(U(R-6YMn==B%l6&W&2NG}uE9zXNbcoq=b z!mn>p+nJjB9>%EG`S~u)4(O}7-p$W!W@s9#X?r-_fc~hA)-dcO`3Z>owFuqlke)O8 zEWZng+aL)ZACdoi)jg|kQ`=O{EB`t6J<z zgog`}rC6Pi6+`3rz^H!O#iJ9WnC$Ev-XLh5w2nJXuTs6QbXqg1V_Eg#s$=msasDQ< zBoA=kNPqwL7LJqW=u!Ee8-E1pm@pO(lF2HCef7ezW!U4TZI_`5fJokxo-}D=00cuZ z&#jdbr%N{B9=hV3u~MkLY5af&s*^%v%eQnrCJlns5F>b`qvl@)?@hlM_5C3EBk>0heq~)1CxgVD) z6Og8`rKxOA=kd5ss416jjqe1IxiM3ngXlr&1L}#-fs&pY=P>-4A2L%auZqe zU_mtVjo?^{pzL|Unn?(^C>7ozOtZHd&vw9NM7JT>Hmx9qO$6EzfG{n9$_N4%Lsa91 zi3sx3(hGisPTg!@?favPBtH%}bQ<>RZLoIO{3K86hS=bXmpsqK6ZcSEPXt6ZV?;Xx zp#D0U53Tw=}6s z9c{KY^t%(-2cYoiG!$HYAPIjX6UJBiL^Kv0b$}1FJdX-R=|A5ZcaNV4%a`+wetOW9 zKF_AkB3gE{BEKEZH>v)Pv)|qcks@q<4X!dHiy6y+7BEhKj-{kRPEhL25VntUm!)kK z5UDGL+Hnxtxxl||IR5fJS5g)o=`Q$ol%Wx hguh;tU!|9+RSXfrPyq`^OUj$B1HHgnF5y>mg!llv1Kt1t diff --git a/sigs/images/2.3.10/so-freqserver.sig b/sigs/images/2.3.10/so-freqserver.sig deleted file mode 100644 index c082343fc02ddd479a94b12ed299e2e6394835af..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWN`or2@re`V7LBIa1&S85C3rnwmt+3$5~yb)e83d zF;cj~o@MphL@g?PJUaLN%2ZJ_1UxBIUOXb4ya4jDv^A;Y<9LUWu7f6y%j%KhsOP*mM0lTyb zaC4S`Co{h~S7b^tVXW3Zh9_~oV$_bOq-ey6oeK3>>y-^?-V402&RKq+6$=9h;eOr&%>c{^uR2a>K!anI8WFUNY^1(7~wS|HB5 z)5#4$Syl#_7OY0{6IfAz?L$SL`1vNVOX>+ehwmGfAigYlZb4m(e_3FMdSou3qSM08#Ngyz#+SVtd}(2H8m7gaH#Bq%~m&K_`i( zNX|QlVn8Y(%0Tx>EKil+A&mIHR3_TmA1g~#Mr}*N8qYn zQ!B`X5{a6TmOAExq0lVp;Y1H-K< zNo4U>A*v&XunKsICmji^Yh&mL{oDkFPs3jHV_;k`d{MBU&CusCM=_=CUo@CRAM}sn hH^?bzDq3@~^^32Wk&iV}qZu1SO(-<8LY&1dkhhUS3Z4J} diff --git a/sigs/images/2.3.10/so-idstools.sig b/sigs/images/2.3.10/so-idstools.sig deleted file mode 100644 index c8bb591f8d2ef87f66c8560b25b893838686d5e8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWexxe2@re`V7LBIa1-L85CEgmR#>|HieNfj4fJvN zuc}n{=TO=DM{|M)(gMjg{pL^jBdWL1Md3vflrE|K(weV=YQ9$F72@jU+^B~c;e@7g zu=bvAS1KbwgdB?O1*1>=hmR?1=H@mLk+0lBG^Y<72Z7~W)?i&@pV0rV+c8-8ou+|~ z^KlW~*8vKqBy>+{mz$f<5~3(-XJ_^^c#ageW#WS>FNzo3NIjOveF{P$r9GR~I|8YR zQ~!&nc4lr%w?~ve&z%FTdbv~#EyfWb()2;uY@D*zLb^q^$|T!ZC1noLdWf5{+ zq`G0N63&e6K^%m}eG^6}RNvUcbF@Km=-rwLy zCt^IQ1yp-xkUk8+-Y(z~t!RJ>^iyKri4tRIIgS1kG53N~jTiN1D@F%|@(2y)&DZ4n zUp>aN)1u787k}RY&Hn=1O`hpwksF(LE}23tD_b+=zHJo6CxGr^#MKfMx;tSWF zjiq5YfxMiOMpYU%^c(sh_D&y9+UpLlrEK6^bvkhS&J+)3q7n&TIt?KZt6-d~h~^w#6-wkZX% z#PR3|LNyIOTapy_8}2uRYeWyaqpcu z=vKO50&IUsjk~}_=LFLZwgdHjn{aO#A-VVjH!ew9Hr#RNtRq`3!gjZIXnGi#ns8^T z)YsXr#vMs}3n?dL@nQvXTwgEAl&QGjV(9~Ye(+{uqMA^d&m!ad<;r#Kx<;5$XpRx# zh;bp@<|ju-b^rTT|+HhDBt7E{DtP~GRFpfn;FrdLcA$%R6Zs^lxV=tvqNi9Z( z@!2EgRhems`Ood&Ld%R8OpPt?S*XKdtZoe{qJ=A0*^j|9P|#;Z(G!zBc?fM8o6;hTGqI_VV{7#G=2TW-WX)Hq#MkeOa<^;HkXX zeAoE%3f`z2*_|lqucGS1lKs@8D+dzcs*Xl;$(tF%8qIIdzNwxHDk>w+{QMA^Ki^vy h8@Xk&SVUx(=Ef$i+SH4|9o~zb1~D|j1A|wd>uItG2eJSF diff --git a/sigs/images/2.3.10/so-kratos.sig b/sigs/images/2.3.10/so-kratos.sig deleted file mode 100644 index ff10115bbf4fbc0d74047de8e81ecc45a2b11b46..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5JoKpY_2@re`V7LBIa1(FL5CFB{`0&-+4W`0<3nHQ{ ziXB0QvK1Ve8FXA3@BV^;lOKCcg1t``A>o4%Kd7?o>z-5dJGh!+0jDeg45e$mdp&OF z)d~mwRlOb-qNb#O|NHRz*0^(v)l-{`$Z^fdX6xK{+=U4hy7uAC zc`+-EX5JPfQ$}e@s1Zup`Ly!MqZCC=)XyaemiYyb@D^0-?p7MOCSO&>r=_fPUs6vV zkc@Z10sO)@wvci^X0aUtfSZ9M4my`?ooAwBojYM&Jf{=Ft6eoWYz`H{ONZ%-@xb_< z-#`-qu8{aP43`pQ>w*NSvf14RUB+uMSjY_ZA^q(jZ=)@y1gZZF{a>*#XQg;3VV8I+ z&jnNswO%rlr7s{JLvj{ad)6@5YDU)Bktee!|3*~heZg*N|gSdf3!I( zj+%?}vKNO(HA?Wj&iT{c-n6mVTj{HO0e0%oIJdT{%DrmvMYrTSv#dL(a7NNP(tY=8 zy}acv>1n`w>nUK%Tme1s*}h!}BM*}06e;H-_^BE`MC|(Be^>t0ybr~Tl252vYvADE hz+9V$Nlh`~t(PF$`Ii8io*`JI5v|bh;*h$5cGk#B6O{k} diff --git a/sigs/images/2.3.10/so-logstash.sig b/sigs/images/2.3.10/so-logstash.sig deleted file mode 100644 index 54cb8d2b87e74ec885d3bc23b8cdf8b1f0986017..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5JqI>`f2@re`V7LBIa1$yP5CE-#ZPB@foH`LkCSY#$ z?H8E)^YJPXFduzp)!c;I4k?`=eGm;_!ouIqg$u%WDY@yyPPbNz-_1!sWg>5-hCg>a zvN_k<$6GJ2&$C7Pu+!sPMD6sM`~`j8bV zMq&q584lg8yh@|onz3?K*o7ycKDpF^rG5E;w9nI-KR3@!F7S{CL!pF)y~J|`ATJtu zT+2_DejBFyJ?0y-$^?`>W}4w&(I@`z4<@(>S4`)_g2}nmHh8bzo)vRLF2cXQ)|R`~ z%kiXPOwQH|IKU1Nz>(-v*#LX!s zoc%(_+^uea53rjKs-wVFPgyaG6tFri3VF;=<16VCmY`a>h?adiljK1mLlF+q&*Wj>8Y*b>gAMU(nxkr@bcEZe z3^g=TX(7IjZQpFxOZs*6oTwr! h6|dxNp^@EZX>wx>2p&g|_DElZllE5&6e#`|AjK|11zG?A diff --git a/sigs/images/2.3.10/so-minio.sig b/sigs/images/2.3.10/so-minio.sig deleted file mode 100644 index 7826b69cf045ccd65b92816fffc819d5446ff533..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KV?Y232@re`V7LBIa1$Sk5CFgWp*k?Q=Q0}d_jKhQ zj4-bs`F(hhDm(2S!|UgnLet`x5BcSmNxW!^HWdDCIA(-i$w8uYTgJQ&to41oKy&eZ z;@zwX5tIZAo3J7+_q#(9)HaK(u2Pl16rgWQ(!IJ|SKI<*sfFNzYLTgxJa*2*9Ci-t zN5y$h_Ko*~t-5K{_78;pOs{C%`#ikfRaAC|BlD{lfxgF;dZ7ILuO+T{``gz%vaG>x zP8n1nT!4((m7xLq<-1us3)9-Sn@OPQpc_CI4S{5N#uxYp#QSgmV!^D8-m!AWoiiEW z*7t#FCKTrrxh2t#q@5T8{sZp{;qht8q4GOg!??tnRf@}Fa@(j1+bs2P0bpV$ zvs7966#Pn3O?#jhvJv!u$YP50py}!s!;Qp&w*_!sL2^EOrZQf&AnuF8p$s~ zlmUU2A0|A`zE-YR+AWU_nB<7yC7g2W2R|p8>%5=Ix|V=0JLFyDD7sg-u=0E#+&>bL zN|P!11ldue3@2JQwp@XhJ+mXcYx(p3-o4sWA)Amm6%n`eI@r*WN}Y%l>=dQ}iswMv hY!)ne;%Oz>cBGWBTrWB*1S6{HGx_^mz2j>mAZ@dpkQcNf>ax=&d_q&q^qvX%kG~|7_$1;5H7Jvl+ z8E?*0+u`#VU$BoKVsm!zm0W0PPum=qMnSA@|Md@YbQ_;MpZ6(kxKWp}79=Wp^h{R+ z)VP99W4p-E^74P~Di~fIYmr^0}<_2rVQ`QSXU%Tv*WLgT3b>A!&IM`eCxqADo7gBSRPb>Hk%iL*g?lI4474csn*Ur}Am?-y=eoE2V z9fnY^@^>O2s6$&hDA`}8<+9&Dklg8~TfA@Ft;+l6?6JudpstY0k3YGR@^7By@X#Qu h8blvfxTtmTeY*g5qum93x#pdXavFM!2C{(C64fb%2b2H+ diff --git a/sigs/images/2.3.10/so-nginx.sig b/sigs/images/2.3.10/so-nginx.sig deleted file mode 100644 index 1f42909b3e25cc21c222ecb80b8320baeaf88b37..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5Jh=~9S2@re`V7LBIa1$rh5C43XMfEQyn`ddIfe%-L z@s}(};S{37lnw91f{Pr70sdHRl9(;D0n_fM-oQZ3w97p<^!s5&2;zYyjxNIZ3LpSG z2q@o?ji8g^{M#2Cv|SjCsqKut5Ap>NU?G>qMP8&*Z0b|muyD_%WCyr9Jh(%;v5dUbNX+J&%uENVaXPndcTkeK0KaJWX$HR)W{!g^%*p1(qP z%vAJmXy~9@Tvy2vG|AG=2qd50LhCW%PH#kTTL@|gA!nXWYl5zH@ljUl=_vvzAT>1&-L@*vk_~TvoS-iONx>)G=G}3Ml)_$l3 zC<=cTuh07BvDiiUaeoIc%vQyXy^Ucja|DfS9T*rJp4wo}q_3}H0kaCL>zL`93S$5O diff --git a/sigs/images/2.3.10/so-pcaptools.sig b/sigs/images/2.3.10/so-pcaptools.sig deleted file mode 100644 index 8755e142b69ae07acd94223aa7e0e150b4562ecc..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5JpQHc^2@re`V7LBIa1+DL5CD|(ysc$0LHbg>mIkNi zw*j1j8`3uYF{?epa*L>3(m(A_|E3Dmqd8oQV-bQ$MAH5tRmo`zW&Fs*Xkw^}j|jUv zmD?8scyKnolV#h@3p#_xio1rwZrN8I89PZ$DVNeZQj(tw{|J6}o3R`rJIJ=QT!~yH zh^3aKtELmFB%u|>a0NFSr|_}<(E#iiBTBdDj=V+!p+JYoOH=2kcXfh?{i>iL$MlU%|Ckci}=t-G0T!(W8V;RB&h9_ zZng%R!K*iIC;9(Fmm@LYan(Ano?#MQj$vPwz|3>>0TuNCl4(4OQ#_!Fg;PL_K>KG? hEw``ZS|0*vISIYmbWX;&Wyy;rw{utJsY>`m=3D^Jt diff --git a/sigs/images/2.3.10/so-playbook.sig b/sigs/images/2.3.10/so-playbook.sig deleted file mode 100644 index 0a3d501404d5c02eb9cbd48574e2c5ca2a646e8a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5Jo}T~;2@re`V7LBIa1*t45B(Sza?%rr)u^h%s1VIW z@b&0=qtD#4WCaSH)q6-WA)U*_&dj<`Vf$sdOqu6BR#VU97k#+WGB;CnC`8wM`2u!29l5@L_wY5nr#^K(ejmOM0e+~;0N}zr zw(u!u|GJIo_BLVFUk!JXnp#f{z*{zlEOwS%gVjo4CtpGTVqDATgv}(0*?)N)?2I4O zB-Vti<9;67^&m90rI+R=>5c!Wf}}Hb>t;$vq@dV^^>Nk&LK@`OIO>ApgS&+LuH72k za#vH<+{3X&OD%g!Zs?=!SLI43V*N5r_*Xwk0Qx9A!C99jej0WJuZDhzzu_Ihyq);1xkc? z3#W5^Yv#7do@@d={5t-xRdN&_f#w55?8|_wQ`r~)0%Qzm{*nR7xy$Oy_;;gLh-lbBsB zPB;j>rDW-!{V&d<(S0K-sc8Ro`ztjbWZN;m0AO)=x@#t8n^9mdOF`c;<}mPwA=tQ4 h!%G3?J$09xs1zceVv)We2{ki|pP_Y(z~#NSIKP|R2g?8e diff --git a/sigs/images/2.3.10/so-redis.sig b/sigs/images/2.3.10/so-redis.sig deleted file mode 100644 index 73d8e21916c86b6b6a986809321dab44dbf9c9fa..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KVy6HK2@re`V7LBIa1(1i5CEm;%WJLfIAz}8qwgS! z;&a4-WM7HdW{2oP*7}C)E)WU?1-;PsFsPwSejQ<}I@xNML|1OExjk9Ug0v8jrodLn zMcm$SMiYI;Fkb(R5V&B0f|DK~>o%VtTBgFF3ps*1SPUdq_dfrKagfMxn3`+IY$=Mu zdCP1u&BKbM{B|f`1g(N0n7E9@d`|zxHON`le3`4!qTw1Zzer(?4c&5Y7AN}uslGWa zPh)NsAT+`LpjUvf2FKQkt7pTVMkl{p?UTC>To3|TKn}Zegdx@@{G_8An6i#en8*LP zLG>RU;3=4q*F%VZlv%h15aj8p>zumky~PfQu-btfjBb6)8**q@H7Za#20Jd5dAI*$o!4IMP~Ahm&PY3{%5IQ zIwxB!h0WHAmcSzaJ*#VX=CO34c$K&bk%6^`s&fK$e@brbfG*L(k=ZkFbTX9Wt|!+^ h(wrBmIDQ;>N>6ITSt>-Zt2C0J3NA0)WWGM$Po*s6p}(1FI?~NBPEvJLq>1jdPpy&XED(2vzDQj_tu^vi zXLeG7vZT~m5^R6Lasl0TVUV?kM}iExnj#xq)e5E?&P5nVaKE9fp>F~`KRFSPWUep} z4UuP)=ehUD5<*PGx`VprGtk7GPOD|)*`u)hx4;FJeEhuP(NHGTuy zJ9)vv^W0GTsQkRs>G%Vh{Gz&L6N^uq?&xiQ8Wv^N__k ze8p;BsoSA|wEAn1U~Jxe%3f9v%p@p2qb@|;9(`-~+&9MX>bIa|Bfki#t?Gm2 hjzFUJb9tn{OG0Ee&Dl;Vv;E>vwq6MkD=fM7fIc9C57+_#khPmIQRV-c6(22od*Y}QQ4n65qy|Yo)&)T#TmJ%S zJ5P^4`!CR_7&BI#e(4ql6pU12#KymuAtRTpR9#FNI(EA*m<;8p%jgYfzh>#TG!pDZe|e zKWoLVveyE<>^3Fk<3&W3aUdG4;F3rFf+BTeh6n^Cq;Y*lbu3}z%|nrS%wwH>udWZr z3~ubw9mzvT+YD!q8nWP}4#!THAvo90U<-+GA!0jBojEO!Ulg2u1`GS~V3BQR;oQ%> zpTz+h2SKYs-WYG!A4E5;E h;eLJ=4bo4syqZ4RShh$`TRTX*hx9Xs&3A4QH0z>o_`U!D diff --git a/sigs/images/2.3.10/so-steno.sig b/sigs/images/2.3.10/so-steno.sig deleted file mode 100644 index a3d9704e0cc1de28aaa5a3b86d8cf35bf4a5726a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5Jn{faN2@re`V7LBIa1)Gx5B@WfEy7BZ%IA*m{Wdv} zW9Q88Fj@+@-LZ>4v_=M>gw$Tz{g!BB8%KZIOeY;W0@+&^R?_{dgW~Q(GD7~;J@hL< zMVYORIl83|`MJGJ7(c+9?6C$tEbL#Xs2&84xXRi_Z%w&2-_LWeo)a<{LkV0?*I$Ge zqiaP(*yHE>PY~u!I4DESvamd>`0P}(PKh&e#i(z;NK;(DwROhoBcTpO(Yb&a3nZ6N zauv$`gn@(0Z(EdUxM6;O4--m0#ivu_FrxVOx4fEag72e#3OB8l8D}!uy|EqHa9S=q zDQ|=CVo`wLs4BeYeud-ehZJ^V)gl2JaYI|0{*h)wx)d0~9oWqZ1dsSV;ASn`(Y>K-QBE ze?>keC?LoCO#ACuITI5|50iht^InXfXkubN9gjpcKm#hTVq4PCY8zbhPIeZU>XyLo ze2j8Rg8$Hl>(X_EA&7QI&PJLo%v0BLT#htoTo-myqxw-s2(3>v-|B|F6fZSh?uSy< zutWSF2w@)`t|(HaLwK-GiRx6?3NN_$?#Yjt4yh5^>Ad(A3!|L}HjaQ+5KOUJ*6J7L h9NZ5S;g4HEY%TO@Uv1R&WRmE1-jev?AL;r2?*qP{2n_%L diff --git a/sigs/images/2.3.10/so-strelka-backend.sig b/sigs/images/2.3.10/so-strelka-backend.sig deleted file mode 100644 index b7177d12d48fefb77c62c4ffb4f0d9750567dc1a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWJCZ82@re`V7LBIa1%`35CFQB1JQ$>q4{2vzOq>d z|6}jrHl=I7OE&C!41pj>Z`=!9g~fnVP@MpQYBOfXHwq(16)+w89Q_;QbyNKKJd?QE zI42+3#zG)nu^i)BYJb@xT(>N+)k3RD7j_JmgtN6?@CG7&d3T9Xo44_+{5n{65=$9LL(f=D$NMF%AKq%fxHv^ zd->&8q>D?eyXvSCzH_G9?VY5*MC>e%4{SCwWp?Jo6pt$5v?JENnQPd40bQsEcqxw?gn^#4&Pmf# z(eNgy_3`nf?1Vc)hA3-j0o157tOW*Sgys=_?x2PF!6uXSRaz}CI~*kJaXnu#oV zQ6b*7tk=E))u%0(#i)s;P&QvCyZ?xjO3)prziWmiY^jJ=?{fKr>Nop^P})Wj`D2A{ hNs7l=P0Au>tmu@v&4QsK#S=|WG8xZNQ9*3J51~NJ1knHh diff --git a/sigs/images/2.3.10/so-strelka-filestream.sig b/sigs/images/2.3.10/so-strelka-filestream.sig deleted file mode 100644 index 23a22173892311f9d437b884902f8beec60a599c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWCQ>T2@re`V7LBIa1&Y@5C3>Gi>`${eHtTyEG+e& zb`G;(_O`(8ISdLYPsaof`=v^uX?u*jg5&TLsQb6dZZsMW*^I}s<_lLxf#GT)XR+mX zSM^m7K>RtsjaWIy{nVB>TB$rnzG?|ii_)s=U_*ceaF#oIq##a4{MO5{e6bnTx_(`G zYs46T|4hn80EsDkY9b1vkdn(@0@08gl>t&O3s)@YH2FOXF>>Y{7V#NZjU;V$dd@L) zniy)CRilTH+*`GMf3t!AN(?KuUeJh5j_Lw3fqb(la*KgbX&5cK$7@n6HbB9(g2;F| zbjP}hKLqlUDVIsLU0`tA!o@HRL2SDXFE$tX5Jhfkh_UiSFz^BWpFLTbS5YZEZLhxS z-34UZYOdJb4?@=brFx}W>){t9H$hnFkU|FB+;RW|q_CER!NbnZtB)Dz>iy3&A1G>2 zv-9azL6@1*5@|ioUXA{1U(L0Kq$KAD_q_Pld(QnEY2@fjiT3ZFO7&N^yLO3N4I^>G z{B3ljOhdnW#azluW?q$m)+TqTDd1TnlQ2yo`ztk7Xrq>JHR(Qy5YF7j|B96Z_?61V8`) diff --git a/sigs/images/2.3.10/so-strelka-frontend.sig b/sigs/images/2.3.10/so-strelka-frontend.sig deleted file mode 100644 index aa858871e86800c7c1ef20185b4ce479be1925b2..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KW8nY_2@re`V7LBIa1*n{5B(espOkW6Yaag!Xk$(3 zYqSYoI0P-N>d{~*Mesa<9c7D;3ARn`=#!frsprN+MI*#V+#b(3W-+X(-sO9lx|gMN zK5K*6L8_fJ%k+<3bk+O(EM4mAgzfpWb+PkciSyyH7?e+=Mf(r;2uBmL=3!HIh1^E> z62JC+69e`qSAMlt(5#)1vplhE#ach()eWGTZSgeYU;LoRXb-Q05rE&Y!~>9m2-eZz z%BOkG)ocp52ucyDXr8VfNZpy+dhicF8OA}YkYjo{1SbEhl?hG$$gV@U0q|@MzM=Yx z90e&wyvS}GQruNlZD;$`#CsilMWx<Oy+U&FG5F66JE2KtqYTuj+6L(+*Aj;h-tBrYE=${} zc(hSEVF{@B>I_8Jj@9Fhs<#tN$g;P$<7{I2QZ{g%a$ChF=s|}zSgoyBcQSo|*pyM| h+s77{i&@1BJ3;j9@f}NA0O$eB=jyqX(dUEeE_iD55vTwF diff --git a/sigs/images/2.3.10/so-strelka-manager.sig b/sigs/images/2.3.10/so-strelka-manager.sig deleted file mode 100644 index 51db7bba95d2bb7e764b64562667be61431f7935..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KWZ?h`2@re`V7LBIa1&;45Bv$XYDEQFcucq4XpuTf zEGG%rhZvuqpD2Xk#j>h(T};+n077RxWM%Xn1JcB!Wnr2a z1nyRG4V;&=Ke)@B; zDg*j5x2w`FAw-1|Qu(WT1V{#FoOMz3UX`qX>itrr!So@+dRn4#?8JIymw=7CoEOD% zkZ11o=iPuIZHKm0=k!d!XgfXg+$5wI8a1(+KrOIqOWa~xv$fb_*K&t~Nr^~D@1aq_ z9K_Plmf|}csPF+CL?1jwO9yz85u<8rtIVp$bGG?Pq?VEAO&9k2(G=)@UGQ%AY5dyx zG|P)Qua+HH1yqUKmc(0&z4N6X|=f3#yftHovj@(vlPWv73 z;e!)f0cHaAME2i7I5)_oonfA=ELFsvqwP42ykcCG0^ki!#2~`&y8RIV#nU09@2T9f zm5k40p4zWhqnW7=lAFujJ8&~B>2TOK69=S8lv9}?yr(RzwkPtGiP8Ehzm=ZJc?{Us hvSp8KAa-~#UC0%deFF%FB7cegdEFq3P=LAHJLd}B5k~+3 diff --git a/sigs/images/2.3.10/so-suricata.sig b/sigs/images/2.3.10/so-suricata.sig deleted file mode 100644 index d94b58866cde9bd4dd80c72382c3d09501670b54..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5JpDF+f2@re`V7LBIa1*Fb5B?&fNajM;wLUSfr|U25 z<@$_SD?GLQ>)`c5- zAi9QT#U#Cl@6o0NOQ&7#PQOdkV-#^A>(#2aYR@>Nq^kY5wm|H7&Sh0S&tw`SA!YoR zIDGZkp@#*)HGn+>v6D3V8!!ZUuIFByKsxvSyNr{FML2D)7qzMD>D*hf)oM_*(Kyy2(!?a(Tl+S;gaIY$560R~T_pI4fd_qpHU<1#W?nm5e#whIqgpFXv zQ)!Lkd4uV@5aYQGo92q22$_q77oPw$w31azGBTDO`~^?O&HBm@zqwSI0C&?uP-_*a zcrvsddV7MgXo?8{%k=$zabFl*7T72T2ADgXr1126RPe@Q_hnM|KmUtI;KKviPHrx~ z!nX1Yz5*Yh;GA31%+ahWcExlAj9{OR$rIve2#l^Fw+0Wk0gM-CykW2jD1Y{h&;;hc z)|xAMLU{AM341v@e$QYp-pzyDC-+?D{vJ;`W4G-Oh&Fsv{c!PK-n7g`!-q{Bc!Mqx z)Kv7hp$Ow0rBl@fZ~$V2Ur1s|PjF43audTgvxEBCj#6T!;IlgC2EBuHJkH7&G_pv~ hByYgHfhdfN-q1%w1Zi~>u)wIVeWK+oeojRxp}2Oj_c diff --git a/sigs/images/2.3.10/so-tcpreplay.sig b/sigs/images/2.3.10/so-tcpreplay.sig deleted file mode 100644 index b8c02f2ecbadb41c842051676601f7bc3ce2f832..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5JpYs3;2@re`V7LBIa1$Pk5CDLebjeZX7i^)?NQf%y z2T#9RHZ6WzN_%GI%3625oZfWy>zsIz3OM}28?(I`KP&w$sUFE#Awrn(3Yl-Gz3VKd z&$d8GjXS-$HQxc*9-NpS%~YZ-j7Ze$b7D;Y_biDk9*DFZwNr@nk|^zc`|ZOI$=B{=kX#hW9Y^ zNXCeA-Z|5>03EPCJvp1-KVZb<061J8gI4vNl5kG+p`lwfKpTc;`+VS4JfHyz+`}V z8f(oaO!R1H=Kpje?gMyh)I2ACBdEslC`Q+J`tRerlP#vQ>-N|D4%6T4V&ADD%?xAk zlAO#t3O|rk7kqzZ9E0r3M6w&sat^6}G!{<1K*>?Jf@ah>W6~fl>`8k1->N(H*!nog hQGryZ(`)}{#nXI1z6g$?t33LfKjNcbg*mzbRfpqM1(g5* diff --git a/sigs/images/2.3.10/so-telegraf.sig b/sigs/images/2.3.10/so-telegraf.sig deleted file mode 100644 index ec5f07070dcd0a52cb1cc2cad2eee35b5dc03908..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5KU=jcd2@re`V7LBIa1-Z05BdVlGRp&*6N$be2_Nhn z+Vj40IyPV5T|2&NVHCoESX_^V5wc1@x1w7@Pnps12jm9eG<(vMHF?CiMp(avVm9eC zO$nJE9ZA)uTeHw(zw!k!aZ|IGpNu$Jc?GCzpQ1 zGtUPFTOr9Sd!X6w2Z$0z=8eTegT80hpnn!F5K+c}J)+a=Jd}URwDdM|=?LfTJ)|;) z@;WjmPs~1f%|?{gaa~Sk(K{4TIBGpAE&eP&&+`Uf_{tVghPze-Lm$f_z}P^nb%Rox zJOEOdy0a?Asd9dkmt+Xlj}8E^r1He7ORfiz%r;zF3?^n<3fb$YM>;yFgEIbDK2?>d zpM*BG9l`#xh=B6v0l@MrcXOyzq~zWmEVx~qIwH0XloFk_J7k@xgwpimgcP!L%#7MUK z%)D#lX>-J*lm)!;^&R?IOJitUix8f2Zb~|#ymH{Co)2k{z40u8{T+{;=1ujBD)$=B zW9+p(nQ&Jg3iMqdKK%65VY~$7Vfq8~=j6b;z9l{&v#1u>st(UatH9Y?$wrG@Z?E`~ hE-3T0W@B*ao5wQ@t%omVyP!WJk>7Z-WtJWZlP>?10;vE1 diff --git a/sigs/images/2.3.10/so-thehive-cortex.sig b/sigs/images/2.3.10/so-thehive-cortex.sig deleted file mode 100644 index 7d3321db0d1e54d61400498270405ad6bfd7ce94..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5Jqr?CT2@re`V7LBIa1&qW5B(gKd8-VpmykIk4vwp6 zGAi?(|4bD`I(yW!>VYx?F7UZAxd*wn6fcSOvTJ#vjjCOdHI65Aqt>+{>(D9F8EEqiB`C;qzv zvO((m`k(v7+3U>;8CJ=6!~F;gx=2^V{()uLVDCWhThU))HP#tW4ir8lbzDZmMr=~g zL_LJVu={Ib53z>=;FO#(CjW>TtNVic$&JBIC`nU{X}QR@j9t>cxgA6W0|5>ta@@SdvP97TVA}rCW6fgdNHkZVBbSzXNQ<4Ph7Mo8WU@i z3Di~he9@0@#E;X6`{uMXPxyL~lmt8poRp-0idgFq0U$6JqVvI5(#bB z%$chDOHD~gQKRk<+DUgFyf%(;>RXpdaL39JB0YH)j6PM#aJkw4k%ZsC0^fygd;DHB*|vSPhAgR6v0i+`-U;M~UU*8jbwI(u%Lot= hKpl}zupNB&%}=%p2uB2J>`{{oR=%mjy(Jm$}H( zq{x$T){g$MbRLn3);`!s}*D`CE?X zCwKm8<>F0<95wCwKKq0pc3@;D7E7i(MtYOaxk0v{d`281IQb<@0?~im zswU35$5n>IzU(UFx42Jr`UGmCcGO`z`*N*F8`Up_abrZlNOPO4B0M7h@^25V1~~!R z(D`w2DzlK8E1Z1+#s054bWN&_%v!%$*~$o{ICX*r;w}*pVrhD^lI4Dsm^Lz?QeA~b z;artGEOm@eh2MUgfG~T$B$A7{JT+&xL*%pj;QkTAQQp;tdWK?Y2-jugq7s8=y_pir zgYT%cImDRDL{%eB0eV<+(3cv|1&O|-2&dN) hvd#Lu(LjU<9$*6D6Rz2;Xl-0EUZlv+1Pe^-qV8}v0g3FixB5MXB z?g}G<9bj#ithZI0jm78iiwaQ=dptc9XSe^J#bg&eY7R!?>t+8a5Ao{}GCz7Ss>?BE zaMfJ`!;7lv5P@Pl0Q~rb;?)ZWND;M$8){A{*;!43S3D2FJ#Zex*_I8evWO#2P9M4G zx>eLOae2WE8NVm3$j#9=428=AK>`>wF!l$M1~!5Z7;izq^E_Yr=>2}&uG=&_^15{7 zrdhRl;rq62GJ%sxoZ4Hjy7@332_r&X-ND$?5rLinWh>9(`#CqL9?Jv>S`m(V9juPD z<)#9E@DKiSjp=qA_m{CmY1JR;PYgxB=e#md1V$%TW7Yr#22!|?fz)oP*So0bTbat- z1ITTSp3+Sl0kS+Q5-ODYEcP&;Qp^B?qgIZSRojS2LlCt=C4KLpJlAyhrG5GgUuH_N zwj9|pINQM(`GrBjYLJg_s4`coF8;UkJI4o$JUoy^E8EzPEs6?2ewZ2X!L*V20z3~*fu!(dNiWYc h+mSlHShAA;3grP+d_qJC(Z$glrp%Q7oV-gJPx1nK zS=IrwGj7Ak*kq3}K#ow1^e4{c!ED`$WSW(x#lOla7<_^GN)NuAdFsr~Qx@FbeBnke z5-bBljOKBM0QVQpxoVXUvnTV4V%|v=$ojjvrih$#0ajwOHz7OQhk&iffAPke@}O^Q zg1>Qf?f;4*Hf55my@n)m@3W_c6qJ?+dwMDC_w(ywEYnmW2vh0T1eSfhUBuH*vISK) znH(S=kW>0pjaZ{9E9MQ!;al^Yar7zS5Z?!7ru_n*X4|lyL;siIs1T<&FsefSgml>F zc0sHA(0OWSklL^^BRSYw^Z*$old+_4aYOh<6HQlsV5aAEE z5#(~`xlv66&%X_K#O0hYJ96`-_~FoFl~OO5=)acf`PGW&cz0lM!xxkzKp2{Rx*oD& z0WahN>jvOK*U@6{cR_LMj~#0)C2_HWQT#Mujt0Vc{r$7K~{3mH-fW`MSF5s(0 zSN}K5R4={yoa`l~`2Sg7A%M3ToNk{N+cIR8nvZ6Bu7cPKLe4gCeBwdJQejO}5 h9mb)Ys31yobJ3#C3T#9)V`Qu{hIPE+5Wo_ROd(F^3lIPR diff --git a/sigs/images/2.3.10/so-zeek.sig b/sigs/images/2.3.10/so-zeek.sig deleted file mode 100644 index f88f86a0ff9134af5d177828f37b55a6e9318bc0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;5JnkoPa2@re`V7LBIa1%v&5Bv-$3yQ*jYu_V}m*Cqk zG~IgUCHfiSuipnt2Ot^_ZXs1$V(FUY=s`*@!Q~ikn+I^Z+gM|szU^J`S8dA25Q=4Jrlyg(okiL6~iQCT)s#*Kqe??ebtaU7fDsqAOSR3 z_(~%cBd-b$pg&pbPZew(msIFs$NH`*X)%Rp{GOaZdLJcRx^C9?Sg>hP5bkKu)~;11>};iJNLSfcKlFYhLNcptaqL3jYCE9} z-JuTYE)cqmPqipx;yebTbe>H_oA7NO%)MzGZUenqV=MLsuX@QbuatJf$68>Tx6<`U zMkUa@1G6Fr78*wpDZ^Qe@z1S??K~R@367175*AiuZVLoeClUbv;|x Date: Fri, 13 Nov 2020 08:51:28 -0500 Subject: [PATCH 23/32] [feat] Add ssh-harden script --- salt/common/tools/sbin/so-ssh-harden | 49 ++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 salt/common/tools/sbin/so-ssh-harden diff --git a/salt/common/tools/sbin/so-ssh-harden b/salt/common/tools/sbin/so-ssh-harden new file mode 100644 index 000000000..2f78a7af8 --- /dev/null +++ b/salt/common/tools/sbin/so-ssh-harden @@ -0,0 +1,49 @@ +#!/bin/bash + +. /usr/sbin/so-common + +if [[ $1 =~ ^(q|--quiet) ]]; then + quiet=true +fi + +print_sshd_t() { + local string=$1 + local state=$2 + echo "${state}:" + sshd -T | grep "^${string}" +} + +if ! [[ $quiet ]]; then print_sshd_t "ciphers" "Before"; fi +sshd -T | grep "^ciphers" | sed -e "s/\(3des-cbc\|aes128-cbc\|aes192-cbc\|aes256-cbc\|arcfour\|arcfour128\|arcfour256\|blowfish-cbc\|cast128-cbc\|rijndael-cbc@lysator.liu.se\)\,\?//g" >> /etc/ssh/sshd_config +if ! [[ $quiet ]]; then + print_sshd_t "ciphers" "After" + echo "" +fi + +if ! [[ $quiet ]]; then print_sshd_t "kexalgorithms" "Before"; fi +sshd -T | grep "^kexalgorithms" | sed -e "s/\(diffie-hellman-group14-sha1\|ecdh-sha2-nistp256\|diffie-hellman-group-exchange-sha256\|diffie-hellman-group1-sha1\|diffie-hellman-group-exchange-sha1\|ecdh-sha2-nistp521\|ecdh-sha2-nistp384\)\,\?//g" >> /etc/ssh/sshd_config +if ! [[ $quiet ]]; then + print_sshd_t "kexalgorithms" "After" + echo "" +fi + +if ! [[ $quiet ]]; then print_sshd_t "macs" "Before"; fi +sshd -T | grep "^macs" | sed -e "s/\(hmac-sha2-512,\|umac-128@openssh.com,\|hmac-sha2-256,\|umac-64@openssh.com,\|hmac-sha1,\|hmac-sha1-etm@openssh.com,\|umac-64-etm@openssh.com,\|hmac-sha1\)//g" >> /etc/ssh/sshd_config +if ! [[ $quiet ]]; then + print_sshd_t "macs" "After" + echo "" +fi + +if ! [[ $quiet ]]; then print_sshd_t "hostkeyalgorithms" "Before"; fi +sshd -T | grep "^hostkeyalgorithms" | sed "s|ecdsa-sha2-nistp256,||g" | sed "s|ssh-rsa,||g" >> /etc/ssh/sshd_config +if ! [[ $quiet ]]; then + print_sshd_t "hostkeyalgorithms" "After" + echo "" +fi + +{% if grains['os'] != 'CentOS' %} +echo "----" +echo "[ WARNING ] Any new ssh sessions will need to remove and reaccept the ECDSA key for this server before reconnecting." +echo "----" +{% endif %} + From 210a7bc65b6bb6965676202055e4358a0e965dd1 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Fri, 13 Nov 2020 10:05:23 -0500 Subject: [PATCH 24/32] Merge curator closed-delete-delete changes from the abandoned 2.3.3 release --- .../files/bin/so-curator-closed-delete-delete | 61 ++++++------------- salt/soc/files/soc/changes.json | 1 + 2 files changed, 18 insertions(+), 44 deletions(-) diff --git a/salt/curator/files/bin/so-curator-closed-delete-delete b/salt/curator/files/bin/so-curator-closed-delete-delete index ac5a1aba2..c892bf23f 100755 --- a/salt/curator/files/bin/so-curator-closed-delete-delete +++ b/salt/curator/files/bin/so-curator-closed-delete-delete @@ -1,28 +1,5 @@ -#!/bin/bash -# -# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . -APP=closedeletedelete -lf=/tmp/$APP-pidLockFile -# create empty lock file if none exists -cat /dev/null >> $lf -read lastPID < $lf -# if lastPID is not null and a process with that pid exists , exit -[ ! -z "$lastPID" -a -d /proc/$lastPID ] && exit -echo $$ > $lf +#!/bin/bash {%- if grains['role'] in ['so-node', 'so-heavynode'] %} {%- set ELASTICSEARCH_HOST = salt['pillar.get']('elasticsearch:mainip', '') -%} @@ -49,40 +26,36 @@ echo $$ > $lf # You should have received a copy of the GNU General Public License # along with this program. If not, see . -#. /usr/sbin/so-elastic-common -#. /etc/nsm/securityonion.conf - LOG="/opt/so/log/curator/so-curator-closed-delete.log" +overlimit() { + + [[ $(du -hs --block-size=1GB /nsm/elasticsearch/nodes | awk '{print $1}' ) -gt "{{LOG_SIZE_LIMIT}}" ]] +} + +closedindices() { + + INDICES=$(curl -s -k {% if grains['role'] in ['so-node','so-heavynode'] %}https://{% endif %}{{ELASTICSEARCH_HOST}}:{{ELASTICSEARCH_PORT}}/_cat/indices?h=index\&expand_wildcards=closed 2> /dev/null) + [ $? -eq 1 ] && return false + echo ${INDICES} | grep -q -E "(logstash-|so-)" +} + # Check for 2 conditions: # 1. Are Elasticsearch indices using more disk space than LOG_SIZE_LIMIT? # 2. Are there any closed indices that we can delete? # If both conditions are true, keep on looping until one of the conditions is false. -while [[ $(du -hs --block-size=1GB /nsm/elasticsearch/nodes | awk '{print $1}' ) -gt "{{LOG_SIZE_LIMIT}}" ]] && -{% if grains['role'] in ['so-node','so-heavynode'] %} -curl -s -k -L https://{{ELASTICSEARCH_HOST}}:{{ELASTICSEARCH_PORT}}/_cat/indices?h=index\&expand_wildcards=closed > /dev/null; do -{% else %} -curl -s -L {{ELASTICSEARCH_HOST}}:{{ELASTICSEARCH_PORT}}/_cat/indices?h=index\&expand_wildcards=closed > /dev/null; do -{% endif %} +while overlimit && closedindices; do # We need to determine OLDEST_INDEX: # First, get the list of closed indices using _cat/indices?h=index\&expand_wildcards=closed. # Then, sort by date by telling sort to use hyphen as delimiter and then sort on the third field. # Finally, select the first entry in that sorted list. - {% if grains['role'] in ['so-node','so-heavynode'] %} - OLDEST_INDEX=$(curl -s -k -L https://{{ELASTICSEARCH_HOST}}:{{ELASTICSEARCH_PORT}}/_cat/indices?h=index\&expand_wildcards=closed | sort -t- -k3 | head -1) - {% else %} - OLDEST_INDEX=$(curl -s -L {{ELASTICSEARCH_HOST}}:{{ELASTICSEARCH_PORT}}/_cat/indices?h=index\&expand_wildcards=closed | sort -t- -k3 | head -1) - {% endif %} + OLDEST_INDEX=$(curl -s -k {% if grains['role'] in ['so-node','so-heavynode'] %}https://{% endif %}{{ELASTICSEARCH_HOST}}:{{ELASTICSEARCH_PORT}}/_cat/indices?h=index\&expand_wildcards=closed | grep -E "(logstash-|so-)" | sort -t- -k3 | head -1) # Now that we've determined OLDEST_INDEX, ask Elasticsearch to delete it. - {% if grains['role'] in ['so-node','so-heavynode'] %} - curl -XDELETE -k -L https://{{ELASTICSEARCH_HOST}}:{{ELASTICSEARCH_PORT}}/${OLDEST_INDEX} - {% else %} - curl -XDELETE -L {{ELASTICSEARCH_HOST}}:{{ELASTICSEARCH_PORT}}/${OLDEST_INDEX} - {% endif %} + curl -XDELETE -k {% if grains['role'] in ['so-node','so-heavynode'] %}https://{% endif %}{{ELASTICSEARCH_HOST}}:{{ELASTICSEARCH_PORT}}/${OLDEST_INDEX} # Finally, write a log entry that says we deleted it. echo "$(date) - Used disk space exceeds LOG_SIZE_LIMIT ({{LOG_SIZE_LIMIT}} GB) - Index ${OLDEST_INDEX} deleted ..." >> ${LOG} -done +done \ No newline at end of file diff --git a/salt/soc/files/soc/changes.json b/salt/soc/files/soc/changes.json index e9556aee6..ec54844cf 100644 --- a/salt/soc/files/soc/changes.json +++ b/salt/soc/files/soc/changes.json @@ -3,6 +3,7 @@ "changes": [ { "summary": "Updated salt to 3002.1 to address CVE-2020-16846, CVE-2020-17490, CVE-2020-25592." }, { "summary": "Cheat sheet is now available for airgap installs." }, + { "summary": "Updated Go to correct DST/Timezone issue in SOC." }, { "summary": "Known Issues
  • It is still possible to update your grid from any release candidate to 2.3. However, if you have a true production deployment, then we recommend a fresh image and install for best results.
  • In 2.3.0 we made some changes to data types in the elastic index templates. This will cause some errors in Kibana around field conflicts. You can address this in 2 ways:
    1. Delete all the data on the ES nodes preserving all of your other settings suchs as BPFs by running sudo so-elastic-clear on all the search nodes
    2. Re-Index the data. This is not a quick process but you can find more information at https://docs.securityonion.net/en/2.3/elasticsearch.html#re-indexing
  • Please be patient as we update our documentation. We have made a concerted effort to update as much as possible but some things still may be incorrect or ommited. If you have questions or feedback, please start a discussion at https://securityonion.net/discuss.
  • Once you update your grid to 2.3.0, any new nodes that join the grid must be 2.3.0. For example, if you try to join a new RC1 node it will fail. For best results, use the latest ISO (or 2.3.0 installer from github) when joining to an 2.3.0 grid.
  • Shipping Windows Eventlogs with Osquery will fail intermittently with utf8 errors logged in the Application log. This is scheduled to be fixed in Osquery 4.5.
  • When running soup to upgrade from RC1/RC2/RC3 to 2.3.0, there is a Salt error that occurs during the final highstate. This error is related to the patch_os_schedule and can be ignored as it will not occur again in subsequent highstates.
  • When Search Nodes are upgraded from RC1 to 2.3.0, there is a chance of a race condition where certificates are missing. This will show errors in the manager log to the remote node. To fix this run the following on the search node that is having the issue:
    1. Stop elasticsearch - sudo so-elasticsearch-stop
    2. Run the SSL state - sudo salt-call state.apply ssl
    3. Restart elasticsearch - sudo so-elasticsearch-restart
  • If you are upgrading from RC1 you might see errors around registry:2 missing. This error does not break the actual upgrade. To fix, run the following on the manager:
    1. Stop the Docker registry - sudo docker stop so-dockerregistry
    2. Remove the container - sudo docker rm so-dockerregistry
    3. Run the registry state - sudo salt-call state.apply registry
" } ] } From fddfb8eb92cc2176818501b5c66a552798735425 Mon Sep 17 00:00:00 2001 From: Wes Lambert Date: Fri, 13 Nov 2020 16:06:22 +0000 Subject: [PATCH 25/32] Syslog updates --- salt/elasticsearch/files/ingest/syslog | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/salt/elasticsearch/files/ingest/syslog b/salt/elasticsearch/files/ingest/syslog index 2f35c5961..b08a62187 100644 --- a/salt/elasticsearch/files/ingest/syslog +++ b/salt/elasticsearch/files/ingest/syslog @@ -12,22 +12,23 @@ "ignore_failure": true } }, - { - "grok": - { - "field": "message", - "patterns": [ - "^<%{INT:syslog.priority}>%{DATA:syslog.timestamp} %{WORD:source.application}: %{GREEDYDATA:real_message}$", - "^%{SYSLOGTIMESTAMP:syslog.timestamp} %{SYSLOGHOST:syslog.host} %{SYSLOGPROG:syslog.program}: CEF:0\\|%{DATA:vendor}\\|%{DATA:product}\\|%{GREEDYDATA:message2}$" + { + "grok": + { + "field": "message", + "patterns": [ + "^<%{INT:syslog.priority}>%{DATA:syslog.timestamp} %{WORD:source.application}: %{GREEDYDATA:real_message}$", + "^%{SYSLOGTIMESTAMP:syslog.timestamp} %{SYSLOGHOST:syslog.host} %{SYSLOGPROG:syslog.program}: CEF:0\\|%{DATA:vendor}\\|%{DATA:product}\\|%{GREEDYDATA:message2}$" ], - "ignore_failure": true - } + "ignore_failure": true + } }, { "set": { "if": "ctx.source?.application == 'filterlog'", "field": "dataset", "value": "firewall", "ignore_failure": true } }, { "set": { "if": "ctx.vendor != null", "field": "module", "value": "{{ vendor }}", "ignore_failure": true } }, { "set": { "if": "ctx.product != null", "field": "dataset", "value": "{{ product }}", "ignore_failure": true } }, { "set": { "field": "ingest.timestamp", "value": "{{ @timestamp }}" } }, { "date": { "if": "ctx.syslog?.timestamp != null", "field": "syslog.timestamp", "target_field": "@timestamp", "formats": ["MMM d HH:mm:ss", "MMM dd HH:mm:ss", "ISO8601", "UNIX"], "ignore_failure": true } }, + { "remove": { "field": ["pid", "program"], "ignore_missing": true, "ignore_failure": true } }, { "pipeline": { "if": "ctx.vendor != null && ctx.product != null", "name": "{{ vendor }}.{{ product }}", "ignore_failure": true } }, { "pipeline": { "if": "ctx.dataset == 'firewall'", "name": "filterlog", "ignore_failure": true } }, { "pipeline": { "name": "common" } } From 8b3262ce1b885f3a0dc0e1a5c79f89aa8afc9574 Mon Sep 17 00:00:00 2001 From: Josh Brower Date: Fri, 13 Nov 2020 11:20:39 -0500 Subject: [PATCH 26/32] Add so-playbook-reset --- salt/common/tools/sbin/so-playbook-reset | 26 ++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 salt/common/tools/sbin/so-playbook-reset diff --git a/salt/common/tools/sbin/so-playbook-reset b/salt/common/tools/sbin/so-playbook-reset new file mode 100644 index 000000000..f07df2142 --- /dev/null +++ b/salt/common/tools/sbin/so-playbook-reset @@ -0,0 +1,26 @@ +#!/bin/bash +# +# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +. /usr/sbin/so-common + +salt-call state.apply playbook.db_init,playbook,playbook.automation_user_create + +/usr/sbin/so-soctopus-restart + +echo "Importing Plays - this will take some time...." +wait 5 +/usr/sbin/so-playbook-ruleupdate \ No newline at end of file From 09f3199cc2a9bf7dd15ab93d6e5c42c8a71d8620 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 13 Nov 2020 13:39:52 -0500 Subject: [PATCH 27/32] Change user agent string for docker refresh --- salt/common/tools/sbin/so-docker-refresh | 1 + salt/common/tools/sbin/so-image-common | 10 +++++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/salt/common/tools/sbin/so-docker-refresh b/salt/common/tools/sbin/so-docker-refresh index b39513990..cf1b1a117 100755 --- a/salt/common/tools/sbin/so-docker-refresh +++ b/salt/common/tools/sbin/so-docker-refresh @@ -45,4 +45,5 @@ version_check HOSTNAME=$(hostname) # List all the containers container_list +CURLTYPE=refresh update_docker_containers diff --git a/salt/common/tools/sbin/so-image-common b/salt/common/tools/sbin/so-image-common index c10f255f8..c1b6fae8f 100755 --- a/salt/common/tools/sbin/so-image-common +++ b/salt/common/tools/sbin/so-image-common @@ -87,6 +87,14 @@ container_list() { fi } +operating_system() { + if [ -f /etc/redhat-release ]; then + OS=CentOS + else + OS=Ubuntu + fi +} + update_docker_containers() { # Let's make sure we have the public key curl -sSL https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS | gpg --import - @@ -106,7 +114,7 @@ update_docker_containers() { docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION # Get signature - curl https://sigs.securityonion.net/$VERSION/$i:$VERSION.sig --output $SIGNPATH/$i:$VERSION.sig + curl -A "$OS $CURLTYPE" https://sigs.securityonion.net/$VERSION/$i:$VERSION.sig --output $SIGNPATH/$i:$VERSION.sig if [[ $? -ne 0 ]]; then echo "Unable to pull signature file for $i:$VERSION" exit 1 From 069908ec569b1f5edb372f5a5cf7a60e5188b0da Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 13 Nov 2020 13:55:26 -0500 Subject: [PATCH 28/32] Change user agent string for docker refresh --- salt/common/tools/sbin/so-docker-refresh | 1 + 1 file changed, 1 insertion(+) diff --git a/salt/common/tools/sbin/so-docker-refresh b/salt/common/tools/sbin/so-docker-refresh index cf1b1a117..4706f8981 100755 --- a/salt/common/tools/sbin/so-docker-refresh +++ b/salt/common/tools/sbin/so-docker-refresh @@ -40,6 +40,7 @@ version_check() { manager_check version_check +operating_system # Use the hostname HOSTNAME=$(hostname) From 3173c6fd3c455b6104b1f279975056dfacf34399 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 13 Nov 2020 14:09:29 -0500 Subject: [PATCH 29/32] Change user agent string for docker refresh --- salt/common/tools/sbin/so-image-common | 6 +++--- salt/common/tools/sbin/soup | 8 ++++++-- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/salt/common/tools/sbin/so-image-common b/salt/common/tools/sbin/so-image-common index c1b6fae8f..f5d18ec2f 100755 --- a/salt/common/tools/sbin/so-image-common +++ b/salt/common/tools/sbin/so-image-common @@ -89,9 +89,9 @@ container_list() { operating_system() { if [ -f /etc/redhat-release ]; then - OS=CentOS + OS=centos else - OS=Ubuntu + OS=ubuntu fi } @@ -114,7 +114,7 @@ update_docker_containers() { docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION # Get signature - curl -A "$OS $CURLTYPE" https://sigs.securityonion.net/$VERSION/$i:$VERSION.sig --output $SIGNPATH/$i:$VERSION.sig + curl -A "$CURLTYPE/$OS/$(uname -r)" https://sigs.securityonion.net/$VERSION/$i:$VERSION.sig --output $SIGNPATH/$i:$VERSION.sig if [[ $? -ne 0 ]]; then echo "Unable to pull signature file for $i:$VERSION" exit 1 diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup index 538ac1c56..c2c1260a5 100755 --- a/salt/common/tools/sbin/soup +++ b/salt/common/tools/sbin/soup @@ -16,13 +16,17 @@ # along with this program. If not, see . . /usr/sbin/so-common -. /usr/sbin/so-image-common +if [ -f /usr/sbin/so-image-common ]; then + . /usr/sbin/so-image-common +fi UPDATE_DIR=/tmp/sogh/securityonion INSTALLEDVERSION=$(cat /etc/soversion) INSTALLEDSALTVERSION=$(salt --versions-report | grep Salt: | awk {'print $2'}) DEFAULT_SALT_DIR=/opt/so/saltstack/default BATCHSIZE=5 SOUP_LOG=/root/soup.log +CURLTYPE=soup + exec 3>&1 1>${SOUP_LOG} 2>&1 manager_check() { @@ -119,7 +123,6 @@ clean_dockers() { } clone_to_tmp() { - # TODO Need to add a air gap option # Clean old files rm -rf /tmp/sogh # Make a temp location for the files @@ -379,6 +382,7 @@ verify_latest_update_script() { else echo "You are not running the latest soup version. Updating soup." cp $UPDATE_DIR/salt/common/tools/sbin/soup $DEFAULT_SALT_DIR/salt/common/tools/sbin/ + cp $UPDATE_DIR/salt/common/tools/sbin/soup $DEFAULT_SALT_DIR/salt/common/tools/sbin/ salt-call state.apply common queue=True echo "" echo "soup has been updated. Please run soup again." From 50175f7e427ef61cff2486d5662cc6ff009fea2f Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 13 Nov 2020 14:25:29 -0500 Subject: [PATCH 30/32] soup should now copy the common image functions --- salt/common/tools/sbin/soup | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup index c2c1260a5..f6bf446b9 100755 --- a/salt/common/tools/sbin/soup +++ b/salt/common/tools/sbin/soup @@ -382,7 +382,7 @@ verify_latest_update_script() { else echo "You are not running the latest soup version. Updating soup." cp $UPDATE_DIR/salt/common/tools/sbin/soup $DEFAULT_SALT_DIR/salt/common/tools/sbin/ - cp $UPDATE_DIR/salt/common/tools/sbin/soup $DEFAULT_SALT_DIR/salt/common/tools/sbin/ + cp $UPDATE_DIR/salt/common/tools/sbin/so-image-common $DEFAULT_SALT_DIR/salt/common/tools/sbin/ salt-call state.apply common queue=True echo "" echo "soup has been updated. Please run soup again." From 8577fa63a3c7c7f344adb37121f434f3d182453f Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 13 Nov 2020 14:28:27 -0500 Subject: [PATCH 31/32] fix network install download --- setup/so-functions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/so-functions b/setup/so-functions index 00b7ea28c..b36cd1537 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -952,7 +952,7 @@ docker_seed_registry() { docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION # Get signature - curl https://sigs.securityonion.net/$VERSION/$i:$VERSION.sig --output $SIGNPATH/$i:$VERSION.sig + curl -A "netinstall/$OS/$(uname -r)" https://sigs.securityonion.net/$VERSION/$i:$VERSION.sig --output $SIGNPATH/$i:$VERSION.sig if [[ $? -ne 0 ]]; then echo "Unable to pull signature file for $i:$VERSION" exit 1 From ee97f5eaac9c10a280521c311e78bbfa407758c6 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Fri, 13 Nov 2020 16:17:09 -0500 Subject: [PATCH 32/32] Remove unnecessary branch var; allow skipping of tag/push step --- salt/common/tools/sbin/so-image-common | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/salt/common/tools/sbin/so-image-common b/salt/common/tools/sbin/so-image-common index f5d18ec2f..1a006f6fc 100755 --- a/salt/common/tools/sbin/so-image-common +++ b/salt/common/tools/sbin/so-image-common @@ -103,9 +103,7 @@ update_docker_containers() { SIGNPATH=/root/sosigs rm -rf $SIGNPATH mkdir -p $SIGNPATH - if [ -z "$BRANCH" ]; then - BRANCH="master" - fi + # Download the containers from the interwebs for i in "${TRUSTED_CONTAINERS[@]}" do @@ -131,9 +129,11 @@ update_docker_containers() { fi GPGTEST=$(gpg --verify $SIGNPATH/$i:$VERSION.sig $SIGNPATH/$i:$VERSION.txt 2>&1) if [[ $? -eq 0 ]]; then - # Tag it with the new registry destination - docker tag $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION $HOSTNAME:5000/$IMAGEREPO/$i:$VERSION - docker push $HOSTNAME:5000/$IMAGEREPO/$i:$VERSION + if [[ -z "$SKIP_TAGPUSH" ]]; then + # Tag it with the new registry destination + docker tag $CONTAINER_REGISTRY/$IMAGEREPO/$i:$VERSION $HOSTNAME:5000/$IMAGEREPO/$i:$VERSION + docker push $HOSTNAME:5000/$IMAGEREPO/$i:$VERSION + fi else echo "There is a problem downloading the $i:$VERSION image. Details: " echo ""