[refactor] Use = instead of ==, more printf changes

2026-04-30 16:38:07 +02:00 · 2020-04-18 18:23:27 -04:00
parent 076f161c35
commit 6ca5827ce6
1 changed files with 167 additions and 180 deletions
@@ -64,7 +64,7 @@ so_add_user() {
 	groupadd --gid "$3" "$1"
-	if [ "$5" == 0 ]; then
+	if [ "$5" = 0 ]; then
 		useradd --uid "$2" --gid "$3" --home-dir "$4" --no-create-home "$1"
 	else
 		useradd --uid "$2" --gid "$3" --home-dir "$4" "$1"
@@ -133,7 +133,7 @@ bro_logs_enabled() {
 	echo "brologs:" > pillar/brologs.sls
 	echo "  enabled:" >> pillar/brologs.sls
-	if [ "$MASTERADV" == 'ADVANCED' ]; then
+	if [ "$MASTERADV" = 'ADVANCED' ]; then
 		for BLOG in "${BLOGS[@]}"; do
 			echo "    - $BLOG" | tr -d '"' >> pillar/brologs.sls
 		done
@@ -201,15 +201,17 @@ check_admin_pass() {
 check_hive_init_then_reboot() {
 	WAIT_STEP=0
 	MAX_WAIT=100
 	until [ -f /opt/so/state/thehive.txt ] ; do
-	WAIT_STEP=$(( WAIT_STEP + 1 ))
+		WAIT_STEP=$(( WAIT_STEP + 1 ))
-	echo "Waiting on the_hive to init ($WAIT_STEP/$MAX_WAIT)..."
+		echo "Waiting on the_hive to init ($WAIT_STEP/$MAX_WAIT)..."
 		if [ ${WAIT_STEP} -gt ${MAX_WAIT} ]; then
 			echo "ERROR: We waited ${MAX_WAIT} seconds but the_hive is not working."
 			return 5
 		fi
 		sleep 1s;
 	done
 	docker stop so-thehive
 	docker rm so-thehive
 	shutdown -r now
@@ -243,7 +245,7 @@ check_network_manager_conf() {
 # $2 => confirm password
 # $3 => variable to set
 check_pass_match() {
-	if [ "$1" == "$2" ]; then
+	if [ "$1" = "$2" ]; then
 		eval "$3"="\"yes\""
 	else
 		whiptail_passwords_dont_match
@@ -347,7 +349,7 @@ configure_minion() {
 copy_master_config() {
 	# Copy the master config template to the proper directory
-	if [ "$INSTALLMETHOD" == 'iso' ]; then
+	if [ "$INSTALLMETHOD" = 'iso' ]; then
 		cp /root/SecurityOnion/files/master /etc/salt/master
 	else
 		cp "$SCRIPTDIR"/../files/master /etc/salt/master
@@ -434,7 +436,6 @@ create_sensor_bond() {
 		# Check if the bond slave connection has already been created
 		if ! [[ $(nmcli -f name,uuid -p con | sed -n "s/bond0-slave-$BONDNIC //p" | tr -d ' ') ]]; then
 			# Create the slave interface and assign it to the bond
 			nmcli con add type ethernet ifname "$BONDNIC" con-name "bond0-slave-$BONDNIC" master bond0 -- \
 				ethernet.mtu $MTU \
 				connection.autoconnect "yes" >> "$SETUPLOG" 2>&1
@@ -462,7 +463,7 @@ detect_os() {
 			echo "We currently do not support CentOS $OSVER but we are working on it!"
 			exit
 		else
-			echo "We do not support the version of CentOS you are trying to use"
+			echo "We do not support the version of CentOS you are trying to use."
 			exit
 		fi
@@ -477,7 +478,7 @@ detect_os() {
 		elif grep -q "UBUNTU_CODENAME=xenial" /etc/os-release; then
 			OSVER=xenial
 		else
-			echo "We do not support your current version of Ubuntu"
+			echo "We do not support your current version of Ubuntu."
 			exit
 		fi
 		# Install network manager so we can do interface stuff
@@ -488,7 +489,7 @@ detect_os() {
 		} >> "$SETUPLOG" 2<&1
 	else
-		echo "We were unable to determine if you are using a supported OS." >> "$SETUPLOG" 2>&1
+		echo "We were unable to determine if you are using a supported OS."
 		exit
 	fi
@@ -522,7 +523,7 @@ disable_misc_network_features() {
 docker_install() {
-	if [ $OS == 'centos' ]; then
+	if [ $OS = 'centos' ]; then
 		yum clean expire-cache
 		yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
 		yum -y update
@@ -630,14 +631,14 @@ es_heapsize() {
 	# Determine ES Heap Size
 	if [ "$TOTAL_MEM" -lt 8000 ] ; then
-			ES_HEAP_SIZE="600m"
+		ES_HEAP_SIZE="600m"
 	elif [ "$TOTAL_MEM" -ge 100000 ]; then
-			# Set a max of 25GB for heap size
+		# Set a max of 25GB for heap size
-			# https://www.elastic.co/guide/en/elasticsearch/guide/current/heap-sizing.html
+		# https://www.elastic.co/guide/en/elasticsearch/guide/current/heap-sizing.html
-			ES_HEAP_SIZE="25000m"
+		ES_HEAP_SIZE="25000m"
 	else
-			# Set heap size to 25% of available memory
+		# Set heap size to 25% of available memory
-			ES_HEAP_SIZE=$(( TOTAL_MEM / 4 ))"m"
+		ES_HEAP_SIZE=$(( TOTAL_MEM / 4 ))"m"
 	fi
 }
@@ -721,7 +722,7 @@ get_main_ip() {
 	# Get the main IP address the box is using
 	# Add some logic because Bubntu 18.04 like to be different
-	if [ $OSVER == 'bionic' ]; then
+	if [ $OSVER = 'bionic' ]; then
 		MAINIP=$(ip route get 1 | awk '{print $7;exit}')
 	else
 		MAINIP=$(ip route get 1 | awk '{print $NF;exit}')
@@ -734,7 +735,7 @@ get_main_ip() {
 get_redirect() {
 	whiptail_set_redirect_info
 	whiptail_set_redirect
-	if [ "$REDIRECTINFO" == "OTHER" ]; then
+	if [ "$REDIRECTINFO" = "OTHER" ]; then
 		whiptail_set_redirect_host
 	fi
 }
@@ -768,16 +769,7 @@ install_prep() {
 install_master() {
 	# Install the salt master package
-	if [ $OS == 'centos' ]; then
+	if [ $OS != 'centos' ]; then
 		#yum -y install wget salt-common salt-master python36-mysql python36-dateutil python36-m2crypto >> "$SETUPLOG" 2>&1
 		echo ""
 		# Create a place for the keys for Ubuntu minions
 		#mkdir -p /opt/so/gpg
 		#wget --inet4-only -O /opt/so/gpg/SALTSTACK-GPG-KEY.pub https://repo.saltstack.com/apt/ubuntu/16.04/amd64/latest/SALTSTACK-GPG-KEY.pub
 		#wget --inet4-only -O /opt/so/gpg/docker.pub https://download.docker.com/linux/ubuntu/gpg
 		#wget --inet4-only -O /opt/so/gpg/GPG-KEY-WAZUH https://packages.wazuh.com/key/GPG-KEY-WAZUH
 	else
 		if [ $OSVER != "xenial" ]; then
 			apt-get install -y salt-common=2019.2.3+ds-1 salt-master=2019.2.3+ds-1 salt-minion=2019.2.3+ds-1 libssl-dev python-m2crypto
 			apt-mark hold salt-common salt-master salt-minion
@@ -794,9 +786,9 @@ install_master() {
 ls_heapsize() {
  # Determine LS Heap Size
-  if [ $TOTAL_MEM -ge 32000 ] || [ $INSTALLTYPE == 'MASTERSEARCH' ] || [ $INSTALLTYPE == 'HEAVYNODE' ] ||  [ $INSTALLTYPE == 'HELIXSENSOR' ]; then
+  if [ "$TOTAL_MEM" -ge 32000 ] || [ "$INSTALLTYPE" = 'MASTERSEARCH' ] || [ "$INSTALLTYPE" = 'HEAVYNODE' ] ||  [ "$INSTALLTYPE" = 'HELIXSENSOR' ]; then
 	  LS_HEAP_SIZE="1000m"
-  elif [ $INSTALLTYPE == 'EVAL' ]; then
+  elif [ "$INSTALLTYPE" = 'EVAL' ]; then
 	  LS_HEAP_SIZE="700m"
  else
 	  # If minimal RAM, then set minimal heap
@@ -807,96 +799,94 @@ ls_heapsize() {
 master_pillar() {
-  PILLARFILE=$TMP/pillar/minions/$MINION_ID.sls
+	PILLARFILE=$TMP/pillar/minions/$MINION_ID.sls
-  # Create the master pillar
+	# Create the master pillar
-  echo "master:" >> $PILLARFILE
+	printf '%s\n'\
-  echo "  mainip: $MAINIP" >> $PILLARFILE
+		"master:"\
-  echo "  mainint: $MAININT" >> $PILLARFILE
+		"  mainip: $MAINIP"\
-  echo "  esheap: $ES_HEAP_SIZE" >> $PILLARFILE
+		"  esheap: $ES_HEAP_SIZE"\
-  echo "  esclustername: {{ grains.host }}" >> $PILLARFILE
+		"  esclustername: {{ grains.host }}"\
-  if [ $INSTALLTYPE == 'EVAL' ] || [ $INSTALLTYPE == 'HELIXSENSOR' ] || [ $INSTALLTYPE == 'MASTERSEARCH' ]; then
+		"  freq: 0"\
-	echo "  freq: 0" >> $PILLARFILE
+		"  domainstats: 0" >> "$PILLARFILE"
 	echo "  domainstats: 0" >> $PILLARFILE
 	echo "  ls_pipeline_batch_size: 125" >> $PILLARFILE
 	echo "  ls_input_threads: 1" >> $PILLARFILE
 	echo "  ls_batch_count: 125" >> $PILLARFILE
 	echo "  mtu: 1500" >> $PILLARFILE
-  else
+	if [ "$INSTALLTYPE" = 'EVAL' ] || [ "$INSTALLTYPE" = 'HELIXSENSOR' ] || [ "$INSTALLTYPE" = 'MASTERSEARCH' ]; then
-	echo "  freq: 0" >> $PILLARFILE
+		printf '%s\n'\
-	echo "  domainstats: 0" >> $PILLARFILE
+			"  ls_pipeline_batch_size: 125"\
-  fi
+			"  ls_input_threads: 1"\
-  echo "  lsheap: $LS_HEAP_SIZE" >> $PILLARFILE
+			"  ls_batch_count: 125"\
-  echo "  lsaccessip: 127.0.0.1" >> $PILLARFILE
+			"  mtu: $MTU" >> "$PILLARFILE"
-  echo "  elastalert: 1" >> $PILLARFILE
+	fi
-  echo "  ls_pipeline_workers: $CPUCORES" >> $PILLARFILE
+	printf '%s\n'\
-  echo "  nids_rules: $RULESETUP" >> $PILLARFILE
+	"  lsheap: $LS_HEAP_SIZE"\
-  echo "  oinkcode: $OINKCODE" >> $PILLARFILE
+	"  lsaccessip: 127.0.0.1"\
-  #echo "  access_key: $ACCESS_KEY" >> $PILLARFILE
+	"  elastalert: 1"\
-  #echo "  access_secret: $ACCESS_SECRET" >> $PILLARFILE
+	"  ls_pipeline_workers: $CPUCORES"\
-  echo "  es_port: $NODE_ES_PORT" >> $PILLARFILE
+	"  nids_rules: $RULESETUP"\
-  echo "  log_size_limit: $LOG_SIZE_LIMIT" >> $PILLARFILE
+	"  oinkcode: $OINKCODE"\
-  echo "  cur_close_days: $CURCLOSEDAYS" >> $PILLARFILE
+	"  es_port: $NODE_ES_PORT"\
-  #echo "  mysqlpass: $MYSQLPASS" >> $PILLARFILE
+	"  log_size_limit: $LOG_SIZE_LIMIT"\
-  #echo "  fleetpass: $FLEETPASS" >> $PILLARFILE
+	"  cur_close_days: $CURCLOSEDAYS"\
-  echo "  grafana: $GRAFANA" >> $PILLARFILE
+	"  grafana: $GRAFANA"\
-  echo "  osquery: $OSQUERY" >> $PILLARFILE
+	"  osquery: $OSQUERY"\
-  echo "  wazuh: $WAZUH" >> $PILLARFILE
+	"  wazuh: $WAZUH"\
-  echo "  thehive: $THEHIVE" >> $PILLARFILE
+	"  thehive: $THEHIVE"\
-  echo "  playbook: $PLAYBOOK" >> $PILLARFILE
+	"  playbook: $PLAYBOOK"\
-  echo "  strelka: $STRELKA" >> $PILLARFILE
+	"  strelka: $STRELKA"\
-  echo "" >> $PILLARFILE
+	""\
-  echo "kratos:" >> $PILLARFILE
+	"kratos:" >> "$PILLARFILE"
-  if [[ $REDIRECTINFO == 'OTHER' ]]; then
+
-	REDIRECTIT=$REDIRECT
+	case $REDIRECTINFO in
-  elif [[ $REDIRECTINFO == 'IP' ]]; then
+		'IP')
-	REDIRECTIT=$MAINIP
+		REDIRECTIT="$MAINIP"
-  elif [[ $REDIRECTINFO == 'HOSTNAME' ]]; then
+		;;
-	REDIRECTIT=$HOSTNAME
+		'HOSTNAME')
-  fi    
+		REDIRECTIT=$HOSTNAME
-  echo "  kratoskey: $KRATOSKEY" >> $PILLARFILE
+		;;
-  echo "  redirect: $REDIRECTIT" >> $PILLARFILE
+		*)
-  echo "" >> $PILLARFILE
+		REDIRECTIT="$REDIRECT"
 		;;
 	esac
 	printf '%s\n'\
 		"  kratoskey: $KRATOSKEY"\
 		"  redirect: $REDIRECTIT"\
 		"" >> "$PILLARFILE"
  }
 master_static() {
 	local static_pillar="/opt/so/saltstack/pillar/static.sls"
-  # Create a static file for global values
+	# Create a static file for global values
-  touch /opt/so/saltstack/pillar/static.sls
+	printf '%s\n'\
-
+		"static:"\
-  echo "static:" > /opt/so/saltstack/pillar/static.sls
+		"  soversion: HH$SOVERSION"\
-  echo "  soversion: HH$SOVERSION" >> /opt/so/saltstack/pillar/static.sls
+		"  hnmaster: $HNMASTER"\
-  echo "  hnmaster: $HNMASTER" >> /opt/so/saltstack/pillar/static.sls
+		"  ntpserver: $NTPSERVER"\
-  echo "  ntpserver: $NTPSERVER" >> /opt/so/saltstack/pillar/static.sls
+		"  proxy: $PROXY"\
-  echo "  proxy: $PROXY" >> /opt/so/saltstack/pillar/static.sls
+		"  broversion: $BROVERSION"\
-  echo "  broversion: $BROVERSION" >> /opt/so/saltstack/pillar/static.sls
+		"  ids: $NIDS"\
-  echo "  ids: $NIDS" >> /opt/so/saltstack/pillar/static.sls
+		"  masterip: $MAINIP"\
-  echo "  masterip: $MAINIP" >> /opt/so/saltstack/pillar/static.sls
+		"  hiveuser: hiveadmin"\
-  echo "  hiveuser: hiveadmin" >> /opt/so/saltstack/pillar/static.sls
+		"  hivepassword: hivechangeme"\
-  echo "  hivepassword: hivechangeme" >> /opt/so/saltstack/pillar/static.sls
+		"  hivekey: $HIVEKEY"\
-  echo "  hivekey: $HIVEKEY" >> /opt/so/saltstack/pillar/static.sls
+		"  cortexuser: cortexadmin"\
-  echo "  cortexuser: cortexadmin" >> /opt/so/saltstack/pillar/static.sls
+		"  cortexpassword: cortexchangeme"\
-  echo "  cortexpassword: cortexchangeme" >> /opt/so/saltstack/pillar/static.sls
+		"  cortexkey: $CORTEXKEY"\
-  echo "  cortexkey: $CORTEXKEY" >> /opt/so/saltstack/pillar/static.sls
+		"  cortexorgname: SecurityOnion"\
-  echo "  cortexorgname: SecurityOnion" >> /opt/so/saltstack/pillar/static.sls
+		"  cortexorguser: soadmin"\
-  echo "  cortexorguser: soadmin" >> /opt/so/saltstack/pillar/static.sls
+		"  cortexorguserkey: $CORTEXORGUSERKEY"\
-  echo "  cortexorguserkey: $CORTEXORGUSERKEY" >> /opt/so/saltstack/pillar/static.sls
+		"  fleet_master: False"\
-  echo "  fleet_master: False" >> /opt/so/saltstack/pillar/static.sls
+		"  fleet_node: False"\
-  echo "  fleet_node: False" >> /opt/so/saltstack/pillar/static.sls
+		"  fleet_packages-timestamp: N/A"\
-  echo "  fleet_packages-timestamp: N/A" >> /opt/so/saltstack/pillar/static.sls
+		"  fleet_hostname: N/A"\
-  echo "  fleet_hostname: N/A" >> /opt/so/saltstack/pillar/static.sls
+		"  fleet_ip: N/A"\
-  echo "  fleet_ip: N/A" >> /opt/so/saltstack/pillar/static.sls
+		"  sensoronikey: $SENSORONIKEY" 
-  echo "  sensoronikey: $SENSORONIKEY" >> /opt/so/saltstack/pillar/static.sls
+		"  masterupdate: $MASTERUPDATES" > "$static_pillar"
-  if [[ $MASTERUPDATES == 'MASTER' ]]; then
+	echo "elastic:" >> /opt/so/saltstack/pillar/static.sls
-	echo "  masterupdate: 1" >> /opt/so/saltstack/pillar/static.sls
+	echo "  features: False" >> /opt/so/saltstack/pillar/static.sls
  else
 	echo "  masterupdate: 0" >> /opt/so/saltstack/pillar/static.sls
  fi
  echo "elastic:" >> /opt/so/saltstack/pillar/static.sls
  echo "  features: False" >> /opt/so/saltstack/pillar/static.sls
 }
 minio_generate_keys() {
@@ -933,55 +923,55 @@ network_setup() {
 node_pillar() {
-	PILLARFILE=$TMP/pillar/minions/$MINION_ID.sls
+	local PILLARFILE=$TMP/pillar/minions/$MINION_ID.sls
 	# Create the node pillar
-	echo "node:" >> $PILLARFILE
+	printf '%s\n'\
-	echo "  mainip: $MAINIP" >> $PILLARFILE
+		"node:"\
-	echo "  mainint: $MAININT" >> $PILLARFILE
+		"  mainip: $MAINIP"\
-	echo "  esheap: $NODE_ES_HEAP_SIZE" >> $PILLARFILE
+		"  mainint: $MAININT"\
-	echo "  esclustername: {{ grains.host }}" >> $PILLARFILE
+		"  esheap: $NODE_ES_HEAP_SIZE"\
-	echo "  lsheap: $NODE_LS_HEAP_SIZE" >> $PILLARFILE
+		"  esclustername: {{ grains.host }}"\
-	echo "  ls_pipeline_workers: $LSPIPELINEWORKERS" >> $PILLARFILE
+		"  lsheap: $NODE_LS_HEAP_SIZE"\
-	echo "  ls_pipeline_batch_size: $LSPIPELINEBATCH" >> $PILLARFILE
+		"  ls_pipeline_workers: $LSPIPELINEWORKERS"\
-	echo "  ls_input_threads: $LSINPUTTHREADS" >> $PILLARFILE
+		"  ls_pipeline_batch_size: $LSPIPELINEBATCH"\
-	echo "  ls_batch_count: $LSINPUTBATCHCOUNT" >> $PILLARFILE
+		"  ls_input_threads: $LSINPUTTHREADS"\
-	echo "  es_shard_count: $SHARDCOUNT" >> $PILLARFILE
+		"  ls_batch_count: $LSINPUTBATCHCOUNT"\
-	echo "  node_type: $NODETYPE" >> $PILLARFILE
+		"  es_shard_count: $SHARDCOUNT"\
-	echo "  es_port: $NODE_ES_PORT" >> $PILLARFILE
+		"  node_type: $NODETYPE"\
-	echo "  log_size_limit: $LOG_SIZE_LIMIT" >> $PILLARFILE
+		"  es_port: $NODE_ES_PORT"\
-	echo "  cur_close_days: $CURCLOSEDAYS" >> $PILLARFILE
+		"  log_size_limit: $LOG_SIZE_LIMIT"\
-	echo "" >> $PILLARFILE
+		"  cur_close_days: $CURCLOSEDAYS"\
 		"" >> "$PILLARFILE"
 }
 patch_pillar() {
-	PILLARFILE=$TMP/pillar/minions/$MINION_ID.sls
+	local PILLARFILE=$TMP/pillar/minions/$MINION_ID.sls
-	echo "" >> $PILLARFILE
+	printf '%s\n'\
-	echo "patch:" >> $PILLARFILE
+		""\
-	echo "  os:" >> $PILLARFILE
+		"patch:"\
-	echo "    schedule_name: $PATCHSCHEDULENAME" >> $PILLARFILE
+		"  os:"\
-	echo "    enabled: True" >> $PILLARFILE
+		"    schedule_name: $PATCHSCHEDULENAME"\
-	echo "    splay: 300" >> $PILLARFILE
+		"    enabled: True"\
-	echo "" >> $PILLARFILE
+		"    splay: 300"\
 		"" >> "$PILLARFILE"
 }
 patch_schedule_os_new() {
-	OSPATCHSCHEDULEDIR="$TMP/salt/patch/os/schedules"
+	local OSPATCHSCHEDULEDIR="$TMP/salt/patch/os/schedules"
-	OSPATCHSCHEDULE="$OSPATCHSCHEDULEDIR/$PATCHSCHEDULENAME.yml"
+	local OSPATCHSCHEDULE="$OSPATCHSCHEDULEDIR/$PATCHSCHEDULENAME.yml"
-	if [ ! -d $OSPATCHSCHEDULEDIR ] ; then
+	mkdir -p $OSPATCHSCHEDULEDIR
 		mkdir -p $OSPATCHSCHEDULEDIR
 	fi
-	echo "patch:" > "$OSPATCHSCHEDULE"
+	printf '%s\n'\
-	echo "  os:" >> "$OSPATCHSCHEDULE"
+		"patch:"\
-	echo "    schedule:" >> "$OSPATCHSCHEDULE"
+		"  os:"\
-	for psd in "${PATCHSCHEDULEDAYS[@]}"
+		"    schedule:"> "$OSPATCHSCHEDULE"
-	do
+	for psd in "${PATCHSCHEDULEDAYS[@]}";do
 		psd="${psd//\"/}"
 		echo "      - $psd:" >> "$OSPATCHSCHEDULE"
 		for psh in "${PATCHSCHEDULEHOURS[@]}"
@@ -1031,10 +1021,8 @@ reserve_group_ids() {
 saltify() {
  # Install updates and Salt
-  if [ $OS == 'centos' ]; then
+  if [ $OS = 'centos' ]; then
-	ADDUSER=adduser
+	if [ $INSTALLTYPE = 'MASTER' ] || [ $INSTALLTYPE = 'EVAL' ] || [ $INSTALLTYPE = 'HELIXSENSOR' ] || [ $INSTALLTYPE = 'MASTERSEARCH' ]; then
 	if [ $INSTALLTYPE == 'MASTER' ] || [ $INSTALLTYPE == 'EVAL' ] || [ $INSTALLTYPE == 'HELIXSENSOR' ] || [ $INSTALLTYPE == 'MASTERSEARCH' ]; then
 	  reserve_group_ids
 	  yum -y install epel-release
 	  yum -y install wget https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest-2.el7.noarch.rpm
@@ -1058,7 +1046,7 @@ EOF
 		else
-			if [ $MASTERUPDATES == 'MASTER' ]; then
+			if [ "$MASTERUPDATES" = 1 ]; then
 				# Create the GPG Public Key for the Salt Repo
 				cp "$SCRIPTDIR"/public_keys/salt.pem /etc/pki/rpm-gpg/saltstack-signing-key
@@ -1114,10 +1102,10 @@ EOF
 	yum -y update exclude=salt*
 	systemctl enable salt-minion
-	if [ $INSTALLTYPE == 'MASTER' ] || [ $INSTALLTYPE == 'EVAL' ] || [ $INSTALLTYPE == 'HELIXSENSOR' ] || [ $INSTALLTYPE == 'MASTERSEARCH' ]; then
+	if [ "$INSTALLTYPE" = 'MASTER' ] || [ "$INSTALLTYPE" = 'EVAL' ] || [ "$INSTALLTYPE" = 'HELIXSENSOR' ] || [ "$INSTALLTYPE" = 'MASTERSEARCH' ]; then
 	  yum -y install salt-master-2019.2.3 python3 python36-m2crypto salt-minion-2019.2.3 python36-dateutil python36-mysql python36-docker
 	  systemctl enable salt-master
-	elif [ $INSTALLTYPE == 'FLEET' ]; then 
+	elif [ "$INSTALLTYPE" = 'FLEET' ]; then 
 	  yum -y install salt-minion-2019.2.3 python3 python36-m2crypto python36-dateutil python36-docker python36-mysql 
 	else
 	  yum -y install salt-minion-2019.2.3 python3 python36-m2crypto python36-dateutil python36-docker
@@ -1126,7 +1114,6 @@ EOF
  # Our OS is not CentOS
  else
 	ADDUSER=useradd
 	DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" upgrade
 	if [ $OSVER != "xenial" ]; then
@@ -1142,7 +1129,7 @@ EOF
 	UVER=$(grep VERSION_ID /etc/os-release | awk -F '[ "]' '{print $2}')
 	# Nasty hack but required for now
-	if [ $INSTALLTYPE == 'MASTER' ] || [ $INSTALLTYPE == 'EVAL' ] || [ $INSTALLTYPE == 'MASTERSEARCH' ]; then
+	if [ $INSTALLTYPE = 'MASTER' ] || [ $INSTALLTYPE = 'EVAL' ] || [ $INSTALLTYPE = 'MASTERSEARCH' ]; then
 	  if [ $OSVER != "xenial" ]; then
 		# Install the repo for salt py3 edition
@@ -1211,7 +1198,7 @@ EOF
 salt_checkin() {
  # Master State to Fix Mine Usage
-  if [ $INSTALLTYPE == 'MASTER' ] || [ $INSTALLTYPE == 'EVAL' ] || [ $INSTALLTYPE == 'HELIXSENSOR' ] || [ $INSTALLTYPE == 'MASTERSEARCH' ]; then
+  if [ $INSTALLTYPE = 'MASTER' ] || [ $INSTALLTYPE = 'EVAL' ] || [ $INSTALLTYPE = 'HELIXSENSOR' ] || [ $INSTALLTYPE = 'MASTERSEARCH' ]; then
  echo "Building Certificate Authority"
  salt-call state.apply ca >> "$SETUPLOG" 2>&1
  echo " *** Restarting Salt to fix any SSL errors. ***"
@@ -1251,7 +1238,7 @@ salt_master_directories() {
 	mkdir -p /opt/so/saltstack/pillar
 	# Copy over the salt code and templates
-	if [ $INSTALLMETHOD == 'iso' ]; then
+	if [ $INSTALLMETHOD = 'iso' ]; then
 		rsync -avh --exclude 'TRANS.TBL' /home/onion/SecurityOnion/pillar/* /opt/so/saltstack/pillar/
 		rsync -avh --exclude 'TRANS.TBL' /home/onion/SecurityOnion/salt/* /opt/so/saltstack/salt/
 	else
@@ -1266,9 +1253,9 @@ salt_master_directories() {
 salt_install_mysql_deps() {
-	if [ $OS == 'centos' ]; then
+	if [ $OS = 'centos' ]; then
 		yum -y install mariadb-devel
-	elif [ $OS == 'ubuntu' ]; then
+	elif [ $OS = 'ubuntu' ]; then
 		if [ $OSVER != "xenial" ]; then
 			apt-get -y install python3-mysqldb >> "$SETUPLOG" 2>&1
 		else
@@ -1288,7 +1275,7 @@ sensor_pillar() {
 	echo "  interface: bond0" >> $PILLARFILE
 	echo "  mainip: $MAINIP" >> $PILLARFILE
 	echo "  mainint: $MAININT" >> $PILLARFILE
-	if [ $NSMSETUP == 'ADVANCED' ]; then
+	if [ $NSMSETUP = 'ADVANCED' ]; then
 		echo "  bro_pins:" >> $PILLARFILE
 		for PIN in $BROPINS; do
 			PIN=$(echo $PIN |  cut -d\" -f2)
@@ -1299,7 +1286,7 @@ sensor_pillar() {
 			SPIN=$(echo $SPIN |  cut -d\" -f2)
 		echo "    - $SPIN" >> $PILLARFILE
 		done
-	elif [ $INSTALLTYPE == 'HELIXSENSOR' ]; then
+	elif [ $INSTALLTYPE = 'HELIXSENSOR' ]; then
 		echo "  bro_lbprocs: $LBPROCS" >> $PILLARFILE
 		echo "  suriprocs: $LBPROCS" >> $PILLARFILE
 	else
@@ -1362,43 +1349,43 @@ set_hostname_iso() {
 set_initial_firewall_policy() {
  get_main_ip
-  if [ $INSTALLTYPE == 'MASTER' ]; then
+  if [ $INSTALLTYPE = 'MASTER' ]; then
 	printf "  - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/minions.sls
 	printf "  - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/masterfw.sls
 	/opt/so/saltstack/pillar/data/addtotab.sh mastertab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM
  fi
-  if [ $INSTALLTYPE == 'EVAL' ] || [ $INSTALLTYPE == 'MASTERSEARCH' ]; then
+  if [ $INSTALLTYPE = 'EVAL' ] || [ $INSTALLTYPE = 'MASTERSEARCH' ]; then
 	printf "  - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/minions.sls
 	printf "  - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/masterfw.sls
 	printf "  - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/forward_nodes.sls
 	printf "  - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/search_nodes.sls
-	  if [ $INSTALLTYPE == 'EVAL' ]; then
+	  if [ $INSTALLTYPE = 'EVAL' ]; then
 		/opt/so/saltstack/pillar/data/addtotab.sh evaltab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM bond0
-	  elif [ $INSTALLTYPE == 'MASTERSEARCH' ]; then
+	  elif [ $INSTALLTYPE = 'MASTERSEARCH' ]; then
 		/opt/so/saltstack/pillar/data/addtotab.sh nodestab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM
 	  fi
  fi
-  if [ $INSTALLTYPE == 'HELIXSENSOR' ]; then
+  if [ $INSTALLTYPE = 'HELIXSENSOR' ]; then
 	printf "  - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/minions.sls
 	printf "  - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/masterfw.sls
 	printf "  - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/forward_nodes.sls
  fi
-  if [ $INSTALLTYPE == 'SENSOR' ]; then
+  if [ $INSTALLTYPE = 'SENSOR' ]; then
 	ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh minions $MAINIP
 	ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh forward_nodes $MAINIP
 	ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/data/addtotab.sh sensorstab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM bond0
  fi
-  if [ $INSTALLTYPE == 'SEARCHNODE' ]; then
+  if [ $INSTALLTYPE = 'SEARCHNODE' ]; then
 	ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh minions $MAINIP
 	ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh search_nodes $MAINIP
 	ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/data/addtotab.sh nodestab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM
  fi
-  if [ $INSTALLTYPE == 'HEAVYNODE' ]; then
+  if [ $INSTALLTYPE = 'HEAVYNODE' ]; then
 	ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh minions $MAINIP
 	ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh forward_nodes $MAINIP
 	ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh search_nodes $MAINIP
@@ -1406,19 +1393,19 @@ set_initial_firewall_policy() {
 	ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/data/addtotab.sh nodestab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM
  fi
-  if [ $INSTALLTYPE == 'FLEET' ]; then
+  if [ $INSTALLTYPE = 'FLEET' ]; then
 	ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh minions $MAINIP
  fi
-  if [ $INSTALLTYPE == 'PARSINGNODE' ]; then
+  if [ $INSTALLTYPE = 'PARSINGNODE' ]; then
 	echo "blah"
  fi
-  if [ $INSTALLTYPE == 'HOTNODE' ]; then
+  if [ $INSTALLTYPE = 'HOTNODE' ]; then
 	echo "blah"
  fi
-  if [ $INSTALLTYPE == 'WARMNODE' ]; then
+  if [ $INSTALLTYPE = 'WARMNODE' ]; then
 	echo "blah"
  fi
@@ -1427,7 +1414,7 @@ set_initial_firewall_policy() {
 # Set up the management interface on the ISO
 set_management_interface() {
-	if [ $ADDRESSTYPE == 'DHCP' ]; then
+	if [ $ADDRESSTYPE = 'DHCP' ]; then
 		/usr/bin/nmcli con up $MNIC
 		/usr/bin/nmcli con mod $MNIC connection.autoconnect yes
 	else
@@ -1443,16 +1430,16 @@ set_management_interface() {
 set_node_type() {
  # Determine the node type based on whiplash choice
-  if [ $INSTALLTYPE == 'SEARCHNODE' ] || [ $INSTALLTYPE == 'EVAL' ] || [ $INSTALLTYPE == 'MASTERSEARCH' ] || [ $INSTALLTYPE == 'HEAVYNODE' ] ; then
+  if [ $INSTALLTYPE = 'SEARCHNODE' ] || [ $INSTALLTYPE = 'EVAL' ] || [ $INSTALLTYPE = 'MASTERSEARCH' ] || [ $INSTALLTYPE = 'HEAVYNODE' ] ; then
 	NODETYPE='search'
  fi
-  if [ $INSTALLTYPE == 'PARSINGNODE' ]; then
+  if [ $INSTALLTYPE = 'PARSINGNODE' ]; then
 	NODETYPE='parser'
  fi
-  if [ $INSTALLTYPE == 'HOTNODE' ]; then
+  if [ $INSTALLTYPE = 'HOTNODE' ]; then
 	NODETYPE='hot'
  fi
-  if [ $INSTALLTYPE == 'WARMNODE' ]; then
+  if [ $INSTALLTYPE = 'WARMNODE' ]; then
 	NODETYPE='warm'
  fi