diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md index f6cc31508..1a8c028f3 100644 --- a/VERIFY_ISO.md +++ b/VERIFY_ISO.md @@ -1,18 +1,18 @@ -### 2.3.70-WAZUH ISO image built on 2021/08/30 +### 2.3.80 ISO image built on 2021/09/27 ### Download and Verify -2.3.70-WAZUH ISO image: -https://download.securityonion.net/file/securityonion/securityonion-2.3.70-WAZUH.iso +2.3.80 ISO image: +https://download.securityonion.net/file/securityonion/securityonion-2.3.80.iso -MD5: CEDEF3C38089896C252F9E3C75F7CB15 -SHA1: FB420115C72DABDEB87C8B27F26E862C94628057 -SHA256: CC3E75A97163E9CD255DA0D9C3EB11922FA045651827F291025398943C1BC230 +MD5: 24F38563860416F4A8ABE18746913E14 +SHA1: F923C005F54EA2A17AB225ADA0DA46042707AAD9 +SHA256: 8E95D10AF664D9A406C168EC421D943CB23F0D0C1813C6C2DBA9B4E131984018 Signature for ISO image: -https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.70-WAZUH.iso.sig +https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.80.iso.sig Signing key: https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS @@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma Download the signature file for the ISO: ``` -wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.70-WAZUH.iso.sig +wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.80.iso.sig ``` Download the ISO image: ``` -wget https://download.securityonion.net/file/securityonion/securityonion-2.3.70-WAZUH.iso +wget https://download.securityonion.net/file/securityonion/securityonion-2.3.80.iso ``` Verify the downloaded ISO image using the signature file: ``` -gpg --verify securityonion-2.3.70-WAZUH.iso.sig securityonion-2.3.70-WAZUH.iso +gpg --verify securityonion-2.3.80.iso.sig securityonion-2.3.80.iso ``` The output should show "Good signature" and the Primary key fingerprint should match what's shown below: ``` -gpg: Signature made Mon 30 Aug 2021 06:13:14 PM EDT using RSA key ID FE507013 +gpg: Signature made Mon 27 Sep 2021 08:55:01 AM EDT using RSA key ID FE507013 gpg: Good signature from "Security Onion Solutions, LLC " gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. diff --git a/VERSION b/VERSION index d5c0d128d..6c91a811d 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.3.80 +2.3.90 diff --git a/salt/common/init.sls b/salt/common/init.sls index 0fa7794af..f993534b3 100644 --- a/salt/common/init.sls +++ b/salt/common/init.sls @@ -107,10 +107,17 @@ commonpkgs: heldpackages: pkg.installed: - pkgs: + {% if grains['oscodename'] == 'bionic' %} - containerd.io: 1.4.4-1 - docker-ce: 5:20.10.5~3-0~ubuntu-bionic - docker-ce-cli: 5:20.10.5~3-0~ubuntu-bionic - docker-ce-rootless-extras: 5:20.10.5~3-0~ubuntu-bionic + {% elif grains['oscodename'] == 'focal' %} + - containerd.io: 1.4.9-1 + - docker-ce: 5:20.10.8~3-0~ubuntu-focal + - docker-ce-cli: 5:20.10.5~3-0~ubuntu-focal + - docker-ce-rootless-extras: 5:20.10.5~3-0~ubuntu-focal + {% endif %} - hold: True - update_holds: True diff --git a/salt/common/tools/sbin/so-firewall b/salt/common/tools/sbin/so-firewall index 9772305fe..9c16ffb15 100755 --- a/salt/common/tools/sbin/so-firewall +++ b/salt/common/tools/sbin/so-firewall @@ -71,7 +71,7 @@ def checkApplyOption(options): def loadYaml(filename): file = open(filename, "r") - return yaml.load(file.read()) + return yaml.safe_load(file.read()) def writeYaml(filename, content): file = open(filename, "w") diff --git a/salt/elastalert/init.sls b/salt/elastalert/init.sls index f3f4af3f9..a5c3a3b67 100644 --- a/salt/elastalert/init.sls +++ b/salt/elastalert/init.sls @@ -111,13 +111,13 @@ so-elastalert: - image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-elastalert:{{ VERSION }} - hostname: elastalert - name: so-elastalert - - user: elastalert + - user: so-elastalert - detach: True - binds: - /opt/so/rules/elastalert:/opt/elastalert/rules/:ro - /opt/so/log/elastalert:/var/log/elastalert:rw - /opt/so/conf/elastalert/modules/:/opt/elastalert/modules/:ro - - /opt/so/conf/elastalert/elastalert_config.yaml:/opt/config/elastalert_config.yaml:ro + - /opt/so/conf/elastalert/elastalert_config.yaml:/opt/elastalert/config.yaml:ro - extra_hosts: - {{MANAGER_URL}}:{{MANAGER_IP}} - require: diff --git a/salt/mysql/init.sls b/salt/mysql/init.sls index be44b652c..46e62fcc0 100644 --- a/salt/mysql/init.sls +++ b/salt/mysql/init.sls @@ -22,7 +22,11 @@ mysqlpkgs: - skip_suggestions: False - pkgs: {% if grains['os'] != 'CentOS' %} - - python-mysqldb + {% if grains['oscodename'] == 'bionic' %} + - python3-mysqldb + {% elif grains['oscodename'] == 'focal' %} + - python3-mysqldb + {% endif %} {% else %} - MySQL-python {% endif %} diff --git a/salt/salt/init.sls b/salt/salt/init.sls index 18be055db..fe340772e 100644 --- a/salt/salt/init.sls +++ b/salt/salt/init.sls @@ -2,8 +2,13 @@ saltpymodules: pkg.installed: - pkgs: - - python-docker + {% if grains['oscodename'] == 'bionic' %} - python-m2crypto + - python-docker + {% elif grains['oscodename'] == 'focal' %} + - python3-m2crypto + - python3-docker + {% endif %} {% endif %} salt_bootstrap: diff --git a/salt/salt/scripts/bootstrap-salt.sh b/salt/salt/scripts/bootstrap-salt.sh index 70241a041..3e54afce0 100644 --- a/salt/salt/scripts/bootstrap-salt.sh +++ b/salt/salt/scripts/bootstrap-salt.sh @@ -3082,7 +3082,11 @@ install_ubuntu_git_deps() { __PACKAGES="${__PACKAGES} python3-setuptools" else # There is no m2crypto package for Py3 at this time - only install for Py2 + if [ $DISTRO_CODENAME == "focal" ]; then + __PACKAGES="${__PACKAGES} python3-m2crypto" + else __PACKAGES="${__PACKAGES} python-m2crypto" + fi fi __PACKAGES="${__PACKAGES} python${PY_PKG_VER}-crypto python${PY_PKG_VER}-jinja2" diff --git a/salt/ssl/init.sls b/salt/ssl/init.sls index f6cfaf4f4..5690691fc 100644 --- a/salt/ssl/init.sls +++ b/salt/ssl/init.sls @@ -42,7 +42,11 @@ m2cryptopkgs: pkg.installed: - skip_suggestions: False - pkgs: + {% if grains['oscodename'] == 'bionic' %} - python-m2crypto + {% elif grains['oscodename'] == 'focal' %} + - python3-m2crypto + {% endif %} {% endif %} removefbcertdir: diff --git a/setup/so-functions b/setup/so-functions index 06ec7238a..f2cdbc237 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1104,8 +1104,8 @@ detect_os() { OS=ubuntu if grep -q "UBUNTU_CODENAME=bionic" /etc/os-release; then OSVER=bionic - elif grep -q "UBUNTU_CODENAME=xenial" /etc/os-release; then - OSVER=xenial + elif grep -q "UBUNTU_CODENAME=focal" /etc/os-release; then + OSVER=focal else echo "We do not support your current version of Ubuntu." exit 1 @@ -2159,9 +2159,12 @@ saltify() { else DEBIAN_FRONTEND=noninteractive retry 50 10 "apt-get -y -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\" upgrade" >> "$setup_log" 2>&1 || exit 1 - if [ $OSVER != "xenial" ]; then + if [ $OSVER == "bionic" ]; then # Switch to Python 3 as default if this is not xenial update-alternatives --install /usr/bin/python python /usr/bin/python3.6 10 >> "$setup_log" 2>&1 + elif [ $OSVER == "focal" ]; then + # Switch to Python 3 as default if this is not xenial + update-alternatives --install /usr/bin/python python /usr/bin/python3.8 10 >> "$setup_log" 2>&1 fi local pkg_arr=( diff --git a/sigs/securityonion-2.3.80.iso.sig b/sigs/securityonion-2.3.80.iso.sig new file mode 100644 index 000000000..4fa76de2e Binary files /dev/null and b/sigs/securityonion-2.3.80.iso.sig differ