CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-20 16:03:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/2.4/dev' into vlb2

Browse Source
This commit is contained in:
Josh Patterson
2025-03-05 08:58:03 -05:00
parent 2c5861a0c2 2f6c7d2643
commit 6c472dd383
27 changed files with 187 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
salt/manager/init.sls
View File

@@ -66,6 +66,7 @@ repo_dir:
- recurse:
- user
- group
- show_changes: False
manager_sbin:
file.recurse:
@@ -76,6 +77,7 @@ manager_sbin:
- file_mode: 755
- exclude_pat:
- "*_test.py"
- show_changes: False
manager_sbin_jinja:
file.recurse:
@@ -85,6 +87,7 @@ manager_sbin_jinja:
- group: socore
- file_mode: 755
- template: jinja
- show_changes: False
so-repo-file:
file.managed:
@@ -92,6 +95,7 @@ so-repo-file:
- source: salt://manager/files/repodownload.conf
- user: socore
- group: socore
- show_changes: False
so-repo-mirrorlist:
file.managed:

14
salt/manager/tools/sbin/soup
View File

@@ -166,7 +166,7 @@ airgap_update_dockers() {
docker stop so-dockerregistry
docker rm so-dockerregistry
echo "Copying the new dockers over"
tar xvf "$AGDOCKER/registry.tar" -C /nsm/docker-registry/docker
tar xf "$AGDOCKER/registry.tar" -C /nsm/docker-registry/docker
echo "Add Registry back"
docker load -i "$AGDOCKER/registry_image.tar"
fi
@@ -1002,21 +1002,21 @@ unmount_update() {
update_airgap_rules() {
# Copy the rules over to update them for airgap.
rsync -av $UPDATE_DIR/agrules/suricata/* /nsm/rules/suricata/
rsync -av $UPDATE_DIR/agrules/detect-sigma/* /nsm/rules/detect-sigma/
rsync -av $UPDATE_DIR/agrules/detect-yara/* /nsm/rules/detect-yara/
rsync -a $UPDATE_DIR/agrules/suricata/* /nsm/rules/suricata/
rsync -a $UPDATE_DIR/agrules/detect-sigma/* /nsm/rules/detect-sigma/
rsync -a $UPDATE_DIR/agrules/detect-yara/* /nsm/rules/detect-yara/
# Copy the securityonion-resorces repo over for SOC Detection Summaries and checkout the published summaries branch
rsync -av --delete --chown=socore:socore $UPDATE_DIR/agrules/securityonion-resources /opt/so/conf/soc/ai_summary_repos
rsync -a --delete --chown=socore:socore $UPDATE_DIR/agrules/securityonion-resources /opt/so/conf/soc/ai_summary_repos
git config --global --add safe.directory /opt/so/conf/soc/ai_summary_repos/securityonion-resources
git -C /opt/so/conf/soc/ai_summary_repos/securityonion-resources checkout generated-summaries-published
# Copy the securityonion-resorces repo over to nsm
rsync -av $UPDATE_DIR/agrules/securityonion-resources/* /nsm/securityonion-resources/
rsync -a $UPDATE_DIR/agrules/securityonion-resources/* /nsm/securityonion-resources/
}
update_airgap_repo() {
# Update the files in the repo
echo "Syncing new updates to /nsm/repo"
rsync -av $AGREPO/* /nsm/repo/
rsync -a $AGREPO/* /nsm/repo/
echo "Creating repo"
dnf -y install yum-utils createrepo_c
createrepo /nsm/repo