CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 10:12:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2872 from Security-Onion-Solutions/automation/ami

Browse Source 
Add locking to so-firewall
This commit is contained in:
Jason Ertel
2021-02-04 16:14:16 -05:00
committed by GitHub
parent d4e5ab477f e427f8178d
commit 4d6d2edd17
2 changed files with 31 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
salt/common/tools/sbin/so-firewall
View File

@@ -15,10 +15,13 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import os
import subprocess
import sys
import time
import yaml
lockFile = "/tmp/so-firewall.lock"
hostgroupsFilename = "/opt/so/saltstack/local/salt/firewall/hostgroups.local.yaml"
portgroupsFilename = "/opt/so/saltstack/local/salt/firewall/portgroups.local.yaml"
defaultPortgroupsFilename = "/opt/so/saltstack/default/salt/firewall/portgroups.yaml"
@@ -356,8 +359,30 @@ def main():
"addportgroup": addportgroup
}
code=1
try:
lockAttempts = 0
maxAttempts = 30
while lockAttempts < maxAttempts:
lockAttempts = lockAttempts + 1
try:
f = open(lockFile, "x")
f.close()
break
except:
time.sleep(2)
if lockAttempts == maxAttempts:
print("Lock file (" + lockFile + ") could not be created; proceeding without lock.")
cmd = commands.get(args[0], showUsage)
code = cmd(options, args[1:])
finally:
try:
os.remove(lockFile)
except:
print("Lock file (" + lockFile + ") already removed")
sys.exit(code)

6
salt/common/tools/sbin/so-user
View File

@@ -26,9 +26,9 @@ if [[ $# -lt 1 || $# -gt 2 ]]; then
echo " update: Updates a user's password; requires 'email' parameter"
echo " enable: Enables a user; requires 'email' parameter"
echo " disable: Disables a user; requires 'email' parameter"
echo " validate: Validates that the given email address and password are acceptable for defining a new user; requires 'email' parameter"
echo " valemail: Validates that the given email address is acceptable for defining a new user; requires 'email' parameter"
echo " valpass: Validates that a password is acceptable for defining a new user"
echo " validate: Validates that the given email address and password are acceptable; requires 'email' parameter"
echo " valemail: Validates that the given email address is acceptable; requires 'email' parameter"
echo " valpass: Validates that a password is acceptable"
echo ""
echo " Note that the password can be piped into STDIN to avoid prompting for it"
exit 1