CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

add manual sync

Browse Source
This commit is contained in:
Jason Ertel
2022-09-27 07:05:04 -04:00
parent 0ad1a1a262
commit 8e175b2d3f
2 changed files with 29 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
salt/common/tools/sbin/so-user
View File

@@ -27,20 +27,27 @@ function usage() {
--firstName <firstName> (defaults to blank)" --firstName <firstName> (defaults to blank)"
--lastName <lastName> (defaults to blank)" --lastName <lastName> (defaults to blank)"
--note <note> (defaults to blank)" --note <note> (defaults to blank)"
--skip-sync (defers the Elastic sync until the next scheduled time)
addrole: Grants a role to an existing user" addrole: Grants a role to an existing user"
Required parameters: " Required parameters: "
--email <email>" --email <email>"
--role <role>" --role <role>"
Optional parameters: "
--skip-sync (defers the Elastic sync until the next scheduled time)
delrole: Removes a role from an existing user" delrole: Removes a role from an existing user"
Required parameters: " Required parameters: "
--email <email>" --email <email>"
--role <role>" --role <role>"
Optional parameters: "
--skip-sync (defers the Elastic sync until the next scheduled time)
password: Updates a user's password and disables MFA" password: Updates a user's password and disables MFA"
Required parameters: " Required parameters: "
--email <email>" --email <email>"
Optional parameters: "
--skip-sync (defers the Elastic sync until the next scheduled time)
profile: Updates a user's profile information" profile: Updates a user's profile information"
Required parameters: " Required parameters: "
@@ -54,10 +61,14 @@ function usage() {
enable: Enables a user" enable: Enables a user"
Required parameters: " Required parameters: "
--email <email>" --email <email>"
Optional parameters: "
--skip-sync (defers the Elastic sync until the next scheduled time)
disable: Disables a user" disable: Disables a user"
Required parameters: " Required parameters: "
--email <email>" --email <email>"
Optional parameters: "
--skip-sync (defers the Elastic sync until the next scheduled time)
validate: Validates that the given email address and password are acceptable" validate: Validates that the given email address and password are acceptable"
Required parameters: " Required parameters: "
@@ -105,6 +116,9 @@ while [[ $# -gt 0 ]]; do
note=$1 note=$1
shift shift
;; ;;
--skip-sync)
SKIP_SYNC=1
;;
*) *)
echo "Encountered unexpected parameter: $param" echo "Encountered unexpected parameter: $param"
usage usage
@@ -290,6 +304,8 @@ function syncElasticSystemRole() {
} }
function syncElastic() { function syncElastic() {
[[ -n $SKIP_SYNC ]] && return
echo "Syncing users and roles between SOC and Elastic..." echo "Syncing users and roles between SOC and Elastic..."
usersTmpFile="${elasticUsersFile}.tmp" usersTmpFile="${elasticUsersFile}.tmp"

20
salt/soc/files/bin/salt-relay.sh
View File

@@ -55,7 +55,6 @@ function manage_minion() {
function manage_user() { function manage_user() {
request=$1 request=$1
op=$(echo "$request" | jq -r .operation) op=$(echo "$request" | jq -r .operation)
email=$(echo "$request" | jq -r .email)
case "$op" in case "$op" in
add) add)
@@ -66,27 +65,27 @@ function manage_user() {
lastName=$(echo "$request" | jq -r .lastName) lastName=$(echo "$request" | jq -r .lastName)
note=$(echo "$request" | jq -r .note) note=$(echo "$request" | jq -r .note)
log "Performing user '$op' for user '$email' with firstname '$firstName', lastname '$lastName', note '$note' and role '$role'" log "Performing user '$op' for user '$email' with firstname '$firstName', lastname '$lastName', note '$note' and role '$role'"
response=$(echo "$password" | so-user "$op" --email "$email" --firstName "$firstName" --lastName "$lastName" --note "$note" --role "$role") response=$(echo "$password" | so-user "$op" --email "$email" --firstName "$firstName" --lastName "$lastName" --note "$note" --role "$role" --skip-sync)
exit_code=$? exit_code=$?
;; ;;
add|enable|disable|delete) add|enable|disable|delete)
email=$(echo "$request" | jq -r .email) email=$(echo "$request" | jq -r .email)
log "Performing user '$op' for user '$email'" log "Performing user '$op' for user '$email'"
response=$(so-user "$op" --email "$email") response=$(so-user "$op" --email "$email" --skip-sync)
exit_code=$? exit_code=$?
;; ;;
addrole|delrole) addrole|delrole)
email=$(echo "$request" | jq -r .email) email=$(echo "$request" | jq -r .email)
role=$(echo "$request" | jq -r .role) role=$(echo "$request" | jq -r .role)
log "Performing '$op' for user '$email' with role '$role'" log "Performing '$op' for user '$email' with role '$role'"
response=$(so-user "$op" --email "$email" --role "$role") response=$(so-user "$op" --email "$email" --role "$role" --skip-sync)
exit_code=$? exit_code=$?
;; ;;
password) password)
email=$(echo "$request" | jq -r .email) email=$(echo "$request" | jq -r .email)
password=$(echo "$request" | jq -r .password) password=$(echo "$request" | jq -r .password)
log "Performing '$op' operation for user '$email'" log "Performing '$op' operation for user '$email'"
response=$(echo "$password" | so-user "$op" --email "$email") response=$(echo "$password" | so-user "$op" --email "$email" --skip-sync)
exit_code=$? exit_code=$?
;; ;;
profile) profile)
@@ -98,6 +97,11 @@ function manage_user() {
response=$(so-user "$op" --email "$email" --firstName "$firstName" --lastName "$lastName" --note "$note") response=$(so-user "$op" --email "$email" --firstName "$firstName" --lastName "$lastName" --note "$note")
exit_code=$? exit_code=$?
;; ;;
sync)
log "Performing '$op'"
response=$(so-user "$op")
exit_code=$?
;;
*) *)
response="Unsupported user operation: $op" response="Unsupported user operation: $op"
exit_code=1 exit_code=1
@@ -119,12 +123,14 @@ function manage_salt() {
case "$op" in case "$op" in
state) state)
log "Performing '$op' for '$state'"
state=$(echo "$request" | jq -r .state) state=$(echo "$request" | jq -r .state)
response=$(salt-call state.apply "$state" queue=True) response=$(salt '*' state.apply "$state" queue=True)
exit_code=$? exit_code=$?
;; ;;
highstate) highstate)
response=$(salt-call state.highstate queue=True) log "Performing '$op'"
response=$(salt '*' state.highstate queue=True)
exit_code=$? exit_code=$?
;; ;;
*) *)