CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

[refactor] More case statements. local vars, and double quoted strings

Browse Source
This commit is contained in:
William Wernert
2020-04-18 18:36:12 -04:00
parent a7539c111e
commit 74375fe839
1 changed files with 211 additions and 215 deletions
Download Patch File Download Diff File Expand all files Collapse all files

360
setup/so-functions
View File

@@ -248,8 +248,12 @@ check_network_manager_conf() {
# $2 => confirm password
# $3 => variable to set
check_pass_match() {
if [ "$1" = "$2" ]; then
eval "$3"="\"yes\""
local pass=$1
local confirm_pass=$2
local var=$3
if [ "$pass" = "$confirm_pass" ]; then
eval "$var"="\"yes\""
else
whiptail_passwords_dont_match
fi
@@ -288,7 +292,7 @@ clear_master() {
collect_webuser_inputs() {
# Get a password for the web admin user
VALIDUSER=no
local VALIDUSER=no
while [ $VALIDUSER != yes ]; do
whiptail_create_web_user
if so-user valemail "$WEBUSER"; then
@@ -466,10 +470,10 @@ detect_os() {
elif grep -q "CentOS Linux release 8" /etc/redhat-release; then
OSVER=8
echo "We currently do not support CentOS $OSVER but we are working on it!"
exit
exit 1
else
echo "We do not support the version of CentOS you are trying to use."
exit
exit 1
fi
# Install bind-utils so the host command exists
@@ -484,7 +488,7 @@ detect_os() {
OSVER=xenial
else
echo "We do not support your current version of Ubuntu."
exit
exit 1
fi
# Install network manager so we can do interface stuff
{
@@ -495,7 +499,7 @@ detect_os() {
else
echo "We were unable to determine if you are using a supported OS."
exit
exit 1
fi
echo "Found OS: $OS $OSVER" >> "$SETUPLOG" 2>&1
@@ -663,27 +667,27 @@ filter_unused_nics() {
fireeye_pillar() {
local FIREEYEPILLARPATH=/opt/so/saltstack/pillar/fireeye
mkdir -p "$FIREEYEPILLARPATH"
local fireeye_pillar_path=/opt/so/saltstack/pillar/fireeye
mkdir -p "$fireeye_pillar_path"
printf '%s\n'\
"fireeye:"\
" helix:"\
" api_key: $HELIXAPIKEY"
"" > "$FIREEYEPILLARPATH"/init.sls
"" > "$fireeye_pillar_path"/init.sls
}
fleet_pillar() {
local PILLARFILE="$TMP"/pillar/minions/"$MINION_ID".sls
local pillar_file="$TMP"/pillar/minions/"$MINION_ID".sls
# Create the fleet pillar
printf '%s\n'\
"fleet:"\
" mainip: $MAINIP"\
" master: $MSRV"\
"" > "$PILLARFILE"
"" > "$pillar_file"
}
generate_passwords(){
@@ -724,6 +728,8 @@ get_main_ip() {
# Get the main IP address the box is using
# FIXME: find a way to get the ip of MNIC instead
# Add some logic because Bubntu 18.04 like to be different
if [ $OSVER = 'bionic' ]; then
MAINIP=$(ip route get 1 | awk '{print $7;exit}')
@@ -731,6 +737,7 @@ get_main_ip() {
MAINIP=$(ip route get 1 | awk '{print $NF;exit}')
fi
# FIXME: should MAININT be MNIC?
MAININT=$(ip route get 1 | awk '{print $5;exit}')
}
@@ -789,21 +796,27 @@ install_master() {
ls_heapsize() {
# Determine LS Heap Size
if [ "$TOTAL_MEM" -ge 32000 ] || [ "$INSTALLTYPE" = 'MASTERSEARCH' ] || [ "$INSTALLTYPE" = 'HEAVYNODE' ] || [ "$INSTALLTYPE" = 'HELIXSENSOR' ]; then
LS_HEAP_SIZE="1000m"
elif [ "$INSTALLTYPE" = 'EVAL' ]; then
LS_HEAP_SIZE="700m"
else
# If minimal RAM, then set minimal heap
LS_HEAP_SIZE="500m"
if [ "$TOTAL_MEM" -ge 32000 ]; then
LS_HEAP_SIZE='1000m'
return
fi
case "$INSTALLTYPE" in
'MASTERSEARCH' | 'HEAVYNODE' | 'HELIXSENSOR')
LS_HEAP_SIZE='1000m'
;;
'EVAL')
LS_HEAP_SIZE='700m'
;;
*)
LS_HEAP_SIZE='500m'
;;
esac
}
master_pillar() {
PILLARFILE=$TMP/pillar/minions/$MINION_ID.sls
local pillar_file=$TMP/pillar/minions/$MINION_ID.sls
# Create the master pillar
printf '%s\n'\
@@ -812,14 +825,14 @@ master_pillar() {
" esheap: $ES_HEAP_SIZE"\
" esclustername: {{ grains.host }}"\
" freq: 0"\
" domainstats: 0" >> "$PILLARFILE"
" domainstats: 0" >> "$pillar_file"
if [ "$INSTALLTYPE" = 'EVAL' ] || [ "$INSTALLTYPE" = 'HELIXSENSOR' ] || [ "$INSTALLTYPE" = 'MASTERSEARCH' ]; then
printf '%s\n'\
" ls_pipeline_batch_size: 125"\
" ls_input_threads: 1"\
" ls_batch_count: 125"\
" mtu: $MTU" >> "$PILLARFILE"
" mtu: $MTU" >> "$pillar_file"
fi
printf '%s\n'\
" lsheap: $LS_HEAP_SIZE"\
@@ -838,7 +851,7 @@ master_pillar() {
" playbook: $PLAYBOOK"\
" strelka: $STRELKA"\
""\
"kratos:" >> "$PILLARFILE"
"kratos:" >> "$pillar_file"
case $REDIRECTINFO in
'IP')
@@ -855,7 +868,7 @@ master_pillar() {
printf '%s\n'\
" kratoskey: $KRATOSKEY"\
" redirect: $REDIRECTIT"\
"" >> "$PILLARFILE"
"" >> "$pillar_file"
}
@@ -927,7 +940,7 @@ network_setup() {
node_pillar() {
local PILLARFILE=$TMP/pillar/minions/$MINION_ID.sls
local pillar_file=$TMP/pillar/minions/$MINION_ID.sls
# Create the node pillar
printf '%s\n'\
@@ -946,13 +959,13 @@ node_pillar() {
" es_port: $NODE_ES_PORT"\
" log_size_limit: $LOG_SIZE_LIMIT"\
" cur_close_days: $CURCLOSEDAYS"\
"" >> "$PILLARFILE"
"" >> "$pillar_file"
}
patch_pillar() {
local PILLARFILE=$TMP/pillar/minions/$MINION_ID.sls
local pillar_file=$TMP/pillar/minions/$MINION_ID.sls
printf '%s\n'\
""\
@@ -961,7 +974,7 @@ patch_pillar() {
" schedule_name: $PATCHSCHEDULENAME"\
" enabled: True"\
" splay: 300"\
"" >> "$PILLARFILE"
"" >> "$pillar_file"
}
@@ -1135,111 +1148,100 @@ saltify() {
}
salt_checkin() {
# Master State to Fix Mine Usage
if [ $INSTALLTYPE = 'MASTER' ] || [ $INSTALLTYPE = 'EVAL' ] || [ $INSTALLTYPE = 'HELIXSENSOR' ] || [ $INSTALLTYPE = 'MASTERSEARCH' ]; then
echo "Building Certificate Authority"
salt-call state.apply ca >> "$SETUPLOG" 2>&1
echo " *** Restarting Salt to fix any SSL errors. ***"
service salt-master restart >> "$SETUPLOG" 2>&1
sleep 5
service salt-minion restart >> "$SETUPLOG" 2>&1
sleep 15
echo " Applyng a mine hack "
salt '*' mine.send x509.get_pem_entries glob_path=/etc/pki/ca.crt >> "$SETUPLOG" 2>&1
echo " Applying SSL state "
salt-call state.apply ssl >> "$SETUPLOG" 2>&1
echo "Still Working... Hang in there"
#salt-call state.highstate
else
# Run Checkin
case "$INSTALLTYPE" in
'MASTER' | 'EVAL' | 'HELIXSENSOR' | 'MASTERSEARCH') # Fix Mine usage
{
echo "Building Certificate Authority";
salt-call state.apply ca;
echo " *** Restarting Salt to fix any SSL errors. ***";
service salt-master restart;
sleep 5;
service salt-minion restart;
sleep 15;
echo " Applyng a mine hack";
salt '*' mine.send x509.get_pem_entries glob_path=/etc/pki/ca.crt;
echo " Applying SSL state";
salt-call state.apply ssl;
} >> "$SETUPLOG" 2>&1
;;
*)
salt-call state.apply ca >> "$SETUPLOG" 2>&1
salt-call state.apply ssl >> "$SETUPLOG" 2>&1
#salt-call state.highstate >> "$SETUPLOG" 2>&1
fi
;;
esac
}
# FIXME: should this be a function?
salt_firstcheckin() {
#First Checkin
salt-call state.highstate >> "$SETUPLOG" 2>&1
}
salt_master_directories() {
# Create salt paster directories
mkdir -p /opt/so/saltstack/salt
mkdir -p /opt/so/saltstack/pillar
# Copy over the salt code and templates
if [ $INSTALLMETHOD = 'iso' ]; then
if [ "$INSTALLMETHOD" = 'iso' ]; then
rsync -avh --exclude 'TRANS.TBL' /home/onion/SecurityOnion/pillar/* /opt/so/saltstack/pillar/
rsync -avh --exclude 'TRANS.TBL' /home/onion/SecurityOnion/salt/* /opt/so/saltstack/salt/
else
cp -R $SCRIPTDIR/../pillar/* /opt/so/saltstack/pillar/
cp -R $SCRIPTDIR/../salt/* /opt/so/saltstack/salt/
cp -R "$SCRIPTDIR"/../pillar/* /opt/so/saltstack/pillar/
cp -R "$SCRIPTDIR"/../salt/* /opt/so/saltstack/salt/
fi
# FIXME: why is this being done?
chmod +x /opt/so/saltstack/pillar/firewall/addfirewall.sh
chmod +x /opt/so/saltstack/pillar/data/addtotab.sh
}
sensor_pillar() {
PILLARFILE=$TMP/pillar/minions/$MINION_ID.sls
local pillar_file=$TMP/pillar/minions/$MINION_ID.sls
# Create the sensor pillar
touch $PILLARFILE
echo "sensor:" >> $PILLARFILE
echo " interface: bond0" >> $PILLARFILE
echo " mainip: $MAINIP" >> $PILLARFILE
echo " mainint: $MAININT" >> $PILLARFILE
if [ $NSMSETUP = 'ADVANCED' ]; then
echo " bro_pins:" >> $PILLARFILE
printf '%s\n'\
"sensor"\
" interface: bond0"\
" mainip: $MAINIP"\
" mainint: $MAININT" > "$pillar_file"
if [ "$NSMSETUP" = 'ADVANCED' ]; then
echo " bro_pins:" >> "$pillar_file"
for PIN in $BROPINS; do
PIN=$(echo $PIN | cut -d\" -f2)
echo " - $PIN" >> $PILLARFILE
PIN=$(echo "$PIN" | cut -d\" -f2)
echo " - $PIN" >> "$pillar_file"
done
echo " suripins:" >> $PILLARFILE
echo " suripins:" >> "$pillar_file"
for SPIN in $SURIPINS; do
SPIN=$(echo $SPIN | cut -d\" -f2)
echo " - $SPIN" >> $PILLARFILE
SPIN=$(echo "$SPIN" | cut -d\" -f2)
echo " - $SPIN" >> "$pillar_file"
done
elif [ $INSTALLTYPE = 'HELIXSENSOR' ]; then
echo " bro_lbprocs: $LBPROCS" >> $PILLARFILE
echo " suriprocs: $LBPROCS" >> $PILLARFILE
elif [ "$INSTALLTYPE" = 'HELIXSENSOR' ]; then
echo " bro_lbprocs: $LBPROCS" >> "$pillar_file"
echo " suriprocs: $LBPROCS" >> "$pillar_file"
else
echo " bro_lbprocs: $BASICBRO" >> $PILLARFILE
echo " suriprocs: $BASICSURI" >> $PILLARFILE
echo " bro_lbprocs: $BASICBRO" >> "$pillar_file"
echo " suriprocs: $BASICSURI" >> "$pillar_file"
fi
echo " brobpf:" >> $PILLARFILE
echo " pcapbpf:" >> $PILLARFILE
echo " nidsbpf:" >> $PILLARFILE
echo " master: $MSRV" >> $PILLARFILE
echo " mtu: $MTU" >> $PILLARFILE
echo " uniqueid: $(date '+%s')" >> $PILLARFILE
if [ $HNSENSOR != 'inherit' ]; then
echo " hnsensor: $HNSENSOR" >> $PILLARFILE
printf '%s\n'\
" brobpf:"\
" pcapbpf:"\
" nidsbpf:"\
" master: $MSRV"\
" mtu: $MTU"\
" uniqueid: $(date '+%s')" >> "$pillar_file"
if [ "$HNSENSOR" != 'inherit' ]; then
echo " hnsensor: $HNSENSOR" >> "$pillar_file"
fi
echo " access_key: $ACCESS_KEY" >> $PILLARFILE
echo " access_secret: $ACCESS_SECRET" >> $PILLARFILE
echo "" >> $PILLARFILE
}
set_environment_var() {
echo "Setting environment variable: $1"
export "$1"
echo "$1" >> /etc/environment
printf '%s\n'\
" access_key: $ACCESS_KEY"\
" access_secret: $ACCESS_SECRET"\
"" >> "$pillar_file"
}
set_hostname() {
@@ -1269,119 +1271,114 @@ set_hostname_iso() {
set_initial_firewall_policy() {
get_main_ip
if [ $INSTALLTYPE = 'MASTER' ]; then
printf " - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/minions.sls
printf " - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/masterfw.sls
/opt/so/saltstack/pillar/data/addtotab.sh mastertab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM
fi
if [ $INSTALLTYPE = 'EVAL' ] || [ $INSTALLTYPE = 'MASTERSEARCH' ]; then
printf " - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/minions.sls
printf " - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/masterfw.sls
printf " - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/forward_nodes.sls
printf " - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/search_nodes.sls
if [ $INSTALLTYPE = 'EVAL' ]; then
/opt/so/saltstack/pillar/data/addtotab.sh evaltab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM bond0
elif [ $INSTALLTYPE = 'MASTERSEARCH' ]; then
/opt/so/saltstack/pillar/data/addtotab.sh nodestab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM
fi
fi
if [ $INSTALLTYPE = 'HELIXSENSOR' ]; then
printf " - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/minions.sls
printf " - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/masterfw.sls
printf " - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/forward_nodes.sls
fi
if [ $INSTALLTYPE = 'SENSOR' ]; then
ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh minions $MAINIP
ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh forward_nodes $MAINIP
ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/data/addtotab.sh sensorstab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM bond0
fi
if [ $INSTALLTYPE = 'SEARCHNODE' ]; then
ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh minions $MAINIP
ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh search_nodes $MAINIP
ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/data/addtotab.sh nodestab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM
fi
if [ $INSTALLTYPE = 'HEAVYNODE' ]; then
ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh minions $MAINIP
ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh forward_nodes $MAINIP
ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh search_nodes $MAINIP
ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/data/addtotab.sh sensorstab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM bond0
ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/data/addtotab.sh nodestab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM
fi
if [ $INSTALLTYPE = 'FLEET' ]; then
ssh -i /root/.ssh/so.key soremote@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh minions $MAINIP
fi
if [ $INSTALLTYPE = 'PARSINGNODE' ]; then
echo "blah"
fi
if [ $INSTALLTYPE = 'HOTNODE' ]; then
echo "blah"
fi
if [ $INSTALLTYPE = 'WARMNODE' ]; then
echo "blah"
fi
case "$INSTALLTYPE" in
'MASTER')
printf " - %s\n" "$MAINIP" | tee /opt/so/saltstack/pillar/firewall/minions.sls /opt/so/saltstack/pillar/firewall/masterfw.sls
/opt/so/saltstack/pillar/data/addtotab.sh mastertab "$MINION_ID" "$MAINIP" "$CPUCORES" "$RANDOMUID" "$MAININT" "$FSROOT" "$FSNSM"
;;
'EVAL' | 'MASTERSEARCH')
printf " - %s\n" "$MAINIP" | tee /opt/so/saltstack/pillar/firewall/minions.sls\
/opt/so/saltstack/pillar/firewall/masterfw.sls\
/opt/so/saltstack/pillar/firewall/forward_nodes.sls\
/opt/so/saltstack/pillar/firewall/search_nodes.sls
case "$INSTALLTYPE" in
'EVAL')
/opt/so/saltstack/pillar/data/addtotab.sh evaltab "$MINION_ID" "$MAINIP" "$CPUCORES" "$RANDOMUID" "$MAININT" "$FSROOT" "$FSNSM" bond0
;;
'MASTERSEARCH')
/opt/so/saltstack/pillar/data/addtotab.sh nodestab "$MINION_ID" "$MAINIP" "$CPUCORES" "$RANDOMUID" "$MAININT" "$FSROOT" "$FSNSM"
;;
esac
;;
'HELIXSENSOR')
printf " - %s\n" "$MAINIP" | tee /opt/so/saltstack/pillar/firewall/minions.sls\
/opt/so/saltstack/pillar/firewall/masterfw.sls\
/opt/so/saltstack/pillar/firewall/forward_nodes.sls
;;
'SENSOR' | 'SEARCHNODE' | 'HEAVYNODE' | 'FLEET')
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh minions "$MAINIP"
case "$INSTALLERTYPE" in
'SENSOR')
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh forward_nodes "$MAINIP"
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo /opt/so/saltstack/pillar/data/addtotab.sh sensorstab "$MINION_ID" "$MAINIP" "$CPUCORES" "$RANDOMUID" "$MAININT" "$FSROOT" "$FSNSM" bond0
;;
'SEARCHNODE')
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh search_nodes "$MAINIP"
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo /opt/so/saltstack/pillar/data/addtotab.sh nodestab "$MINION_ID" "$MAINIP" "$CPUCORES" "$RANDOMUID" "$MAININT" "$FSROOT" "$FSNSM"
;;
'HEAVYNODE')
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh forward_nodes "$MAINIP"
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh search_nodes "$MAINIP"
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo /opt/so/saltstack/pillar/data/addtotab.sh sensorstab "$MINION_ID" "$MAINIP" "$CPUCORES" "$RANDOMUID" "$MAININT" "$FSROOT" "$FSNSM" bond0
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo /opt/so/saltstack/pillar/data/addtotab.sh nodestab "$MINION_ID" "$MAINIP" "$CPUCORES" "$RANDOMUID" "$MAININT" "$FSROOT" "$FSNSM"
;;
esac
;;
'PARSINGNODE')
# TODO: implement
;;
'HOTNODE')
# TODO: implement
;;
'WARMNODE')
# TODO: implement
;;
esac
}
# Set up the management interface on the ISO
set_management_interface() {
if [ $ADDRESSTYPE = 'DHCP' ]; then
/usr/bin/nmcli con up $MNIC
/usr/bin/nmcli con mod $MNIC connection.autoconnect yes
if [ "$ADDRESSTYPE" = 'DHCP' ]; then
nmcli con mod "$MNIC" connection.autoconnect yes
nmcli con up "$MNIC"
else
# Set Static IP
/usr/bin/nmcli con mod $MNIC ipv4.addresses $MIP/$MMASK ipv4.gateway $MGATEWAY \
ipv4.dns $MDNS ipv4.dns-search $MSEARCH ipv4.method manual
/usr/bin/nmcli con up $MNIC
/usr/bin/nmcli con mod $MNIC connection.autoconnect yes
nmcli con mod "$MNIC" ipv4.addresses "$MIP"/"$MMASK"\
ipv4.gateway "$MGATEWAY" \
ipv4.dns "$MDNS"\
ipv4.dns-search "$MSEARCH"\
connection.autoconnect yes\
ipv4.method manual
nmcli con up "$MNIC"
fi
}
set_node_type() {
# Determine the node type based on whiplash choice
if [ $INSTALLTYPE = 'SEARCHNODE' ] || [ $INSTALLTYPE = 'EVAL' ] || [ $INSTALLTYPE = 'MASTERSEARCH' ] || [ $INSTALLTYPE = 'HEAVYNODE' ] ; then
case "$INSTALLTYPE" in
'SEARCHNODE' | 'EVAL' | 'MASTERSEARCH' | 'HEAVYNODE')
NODETYPE='search'
fi
if [ $INSTALLTYPE = 'PARSINGNODE' ]; then
;;
'PARSINGNODE')
NODETYPE='parser'
fi
if [ $INSTALLTYPE = 'HOTNODE' ]; then
;;
'HOTNODE')
NODETYPE='hot'
fi
if [ $INSTALLTYPE = 'WARMNODE' ]; then
;;
'WARMNODE')
NODETYPE='warm'
fi
;;
esac
}
set_updates() {
if [ "$MASTERUPDATES" = 1 ]; then
echo "MASTERUPDATES is MASTER"
if [ $OS = 'centos' ]; then
if ! grep -q $MSRV /etc/yum.conf; then
if [ "$MASTERUPDATES" -eq 1 ]; then
if [ "$OS" = 'centos' ]; then
if ! grep -q "$MSRV" /etc/yum.conf; then
echo "proxy=http://$MSRV:3142" >> /etc/yum.conf
fi
else
# Set it up so the updates roll through the master
echo "Acquire::http::Proxy \"http://$MSRV:3142\";" > /etc/apt/apt.conf.d/00Proxy
echo "Acquire::https::Proxy \"http://$MSRV:3142\";" >> /etc/apt/apt.conf.d/00Proxy
printf '%s\n'\
"Acquire::http::Proxy \"http://$MSRV:3142\";"\
"Acquire::https::Proxy \"http://$MSRV:3142\";" > /etc/apt/apt.conf.d/00Proxy
fi
else
echo "MASTERUPDATES is OPEN"
fi
}
# FIXME: should this be a function?
set_version() {
# Drop a file with the current version
echo "$SOVERSION" > /etc/soversion
@@ -1398,5 +1395,4 @@ update_sudoers() {
else
echo "User soremote already granted sudo privileges"
fi
}