diff --git a/files/salt/master/master b/files/salt/master/master index 675556d14..e7c6030dd 100644 --- a/files/salt/master/master +++ b/files/salt/master/master @@ -67,5 +67,7 @@ peer: reactor: - 'so/fleet': - salt://reactor/fleet.sls - - salt/beacon/*/inotify//watch_sqlite.db: + - salt/beacon/*/watch_sqlite_db//opt/so/conf/kratos/db/sqlite.db - salt://reactor/kratos.sls + + diff --git a/salt/common/init.sls b/salt/common/init.sls index 09a0db934..9d20de62b 100644 --- a/salt/common/init.sls +++ b/salt/common/init.sls @@ -174,6 +174,7 @@ elastic_curl_config: - source: salt://elasticsearch/curl.config - mode: 600 - show_changes: False + - makedirs: True # Sync some Utilities utilsyncscripts: diff --git a/salt/manager/files/beacons.conf b/salt/manager/files/beacons.conf index b1cca51ba..c40fe83cb 100644 --- a/salt/manager/files/beacons.conf +++ b/salt/manager/files/beacons.conf @@ -1,5 +1,7 @@ beacons: - watch_sqlite.db: + watch_sqlite_db: - files: - /opt/so/conf/kratos/db/sqlite.db: {} + /opt/so/conf/kratos/db/sqlite.db: + mask: + - modify - beacon_module: inotify diff --git a/salt/manager/init.sls b/salt/manager/init.sls index 10466d019..9ae39e9a8 100644 --- a/salt/manager/init.sls +++ b/salt/manager/init.sls @@ -22,6 +22,7 @@ include: - elasticsearch.auth + - salt.minion socore_own_saltstack: file.directory: @@ -125,6 +126,8 @@ beacons_config: file.managed: - name: /etc/salt/minion.d/beacons.conf - source: salt://manager/files/beacons.conf + - onchanges_in: + - service: salt_minion_service {% else %} diff --git a/salt/reactor/kratos.sls b/salt/reactor/kratos.sls index a465f134c..fb90cc164 100644 --- a/salt/reactor/kratos.sls +++ b/salt/reactor/kratos.sls @@ -2,4 +2,4 @@ so_user_sync: local.cmd.run: - tgt: {{ data['data']['id'] }} - arg: - - so-user sync + - /usr/sbin/so-user sync diff --git a/salt/salt/helper-packages.sls b/salt/salt/helper-packages.sls index 93ad76a22..c26cdc7c0 100644 --- a/salt/salt/helper-packages.sls +++ b/salt/salt/helper-packages.sls @@ -1,3 +1,10 @@ +{% from 'salt/map.jinja' import PYINOTIFYPACKAGE with context%} +{% from 'salt/map.jinja' import PYTHONINSTALLER with context%} + patch_package: pkg.installed: - - name: patch \ No newline at end of file + - name: patch + +pyinotify: + {{PYTHONINSTALLER}}.installed: + - name: {{ PYINOTIFYPACKAGE }} diff --git a/salt/salt/map.jinja b/salt/salt/map.jinja index b0b9ffb2a..4b9577319 100644 --- a/salt/salt/map.jinja +++ b/salt/salt/map.jinja @@ -11,6 +11,7 @@ {% set PYTHON3INFLUX= 'influxdb == ' ~ PYTHONINFLUXVERSION %} {% set PYTHON3INFLUXDEPS= ['certifi', 'chardet', 'python-dateutil', 'pytz', 'requests'] %} {% set PYTHONINSTALLER = 'pip' %} + {% set PYINOTIFYPACKAGE = 'pyinotify' %} {% else %} {% set SPLITCHAR = '-' %} {% set SALTNOTHELD = salt['cmd.run']('yum versionlock list | grep -q salt ; echo $?', python_shell=True) %} @@ -21,6 +22,7 @@ {% set PYTHON3INFLUX= 'securityonion-python3-influxdb' %} {% set PYTHON3INFLUXDEPS= ['python36-certifi', 'python36-chardet', 'python36-dateutil', 'python36-pytz', 'python36-requests'] %} {% set PYTHONINSTALLER = 'pkg' %} + {% set PYINOTIFYPACKAGE = 'securityonion-python3-pyinotify' %} {% endif %} {% set INSTALLEDSALTVERSION = salt['pkg.version']('salt-minion').split(SPLITCHAR)[0] %} @@ -33,4 +35,4 @@ {% endif %} {% else %} {% set UPGRADECOMMAND = 'echo Already running Salt Minion version ' ~ SALTVERSION %} -{% endif %} \ No newline at end of file +{% endif %}