merge with master

HOTFIX

@@ -1 +1 @@
-WAZUH
+WAZUH AIRGAPFIX

README.md

@@ -1,6 +1,6 @@
-## Security Onion 2.3.90
+## Security Onion 2.3.90-WAZUH
 
-Security Onion 2.3.90 is here!
+Security Onion 2.3.90-AIRGAPFIX is here!
 
 ## Screenshots
 

VERIFY_ISO.md

@@ -1,18 +1,18 @@
-### 2.3.90 ISO image built on 2021/11/19
+### 2.3.90-AIRGAPFIX ISO image built on 2021/12/01
 
 
 
 ### Download and Verify
 
-2.3.90 ISO image:  
+2.3.90-AIRGAPFIX ISO image:  
-https://download.securityonion.net/file/securityonion/securityonion-2.3.90.iso
+https://download.securityonion.net/file/securityonion/securityonion-2.3.90-AIRGAPFIX.iso
 
-MD5: F214ECE9F32A6F881D9A735DEAF90E46  
+MD5: A87EEF66FEB2ED6E20ABD4ADDA4899C6  
-SHA1: 0B04FAA0FEC704CF6AD2030AA7A4AE80D9379AFA  
+SHA1: D1AD74D1481E9FF6F1A79D27DC569DA6749EC54B  
-SHA256: BE0E1516D83D7782AEAE9D52449FED45A45D72981515672C761C2A17B7AA613C 
+SHA256: E4FC40340357B098E881F13BC4960AA8CB5F5AC73C05E077C993078ED7F46D59 
 
 Signature for ISO image:  
-https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90.iso.sig
+https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90-AIRGAPFIX.iso.sig
 
 Signing key:  
 https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS  
@@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma
 
 Download the signature file for the ISO:  
 ```
-wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90.iso.sig
+wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90-AIRGAPFIX.iso.sig
 ```
 
 Download the ISO image:  
 ```
-wget https://download.securityonion.net/file/securityonion/securityonion-2.3.90.iso
+wget https://download.securityonion.net/file/securityonion/securityonion-2.3.90-AIRGAPFIX.iso
 ```
 
 Verify the downloaded ISO image using the signature file:  
 ```
-gpg --verify securityonion-2.3.90.iso.sig securityonion-2.3.90.iso
+gpg --verify securityonion-2.3.90-AIRGAPFIX.iso.sig securityonion-2.3.90-AIRGAPFIX.iso
 ```
 
 The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
 ```
-gpg: Signature made Fri 19 Nov 2021 05:15:29 PM EST using RSA key ID FE507013
+gpg: Signature made Wed 01 Dec 2021 11:07:16 AM EST using RSA key ID FE507013
 gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
 gpg: WARNING: This key is not certified with a trusted signature!
 gpg:          There is no indication that the signature belongs to the owner.

salt/common/tools/sbin/soup

@@ -846,8 +846,7 @@ apply_hotfix() {
   if [[ "$INSTALLEDVERSION" == "2.3.90" && "$HOTFIXVERSION" == "WAZUH" ]] ; then
     FILE="/nsm/wazuh/etc/ossec.conf"
     echo "Detecting if ossec.conf needs corrected..."
-    WAZUHHEADER=$(head -1 $FILE | grep "xml version")
+    if head -1 $FILE | grep -q "xml version"; then
-    if [[ ! -z "$WAZUHHEADER" ]]; then
       echo "$FILE has an XML header; removing"
       sed -i 1d $FILE
       so-wazuh-restart

salt/repo/client/init.sls

@@ -65,6 +65,10 @@ yumconf:
     - mode: 644
     - template: jinja
     - show_changes: False
+
+cleanairgap:
+  file.absent:
+    - name: /etc/yum.repos.d/airgap_repo.repo
 {% endif %}
 
 cleanyum:

setup/so-setup

@@ -318,7 +318,7 @@ if ! [[ -f $install_opt_file ]]; then
 	elif [[ $is_minion && $is_iso ]]; then
 		$sshcmd -i /root/.ssh/so.key soremote@"$MSRV" [[ -f /etc/yum.repos.d/airgap_repo.repo ]] >> $setup_log 2>&1
 		airgap_check=$?
-		[[ $airgap_check ]] && is_airgap=true >> $setup_log 2>&1
+		[[ $airgap_check == 0 ]] && is_airgap=true >> $setup_log 2>&1
 	fi
 
 	reset_proxy