Merge pull request #4371 from Security-Onion-Solutions/pipeline_userpass

Pipeline userpass

files/salt/master/master

@@ -67,3 +67,7 @@ peer:
 reactor:
   - 'so/fleet':
     - salt://reactor/fleet.sls
+  - salt/beacon/*/watch_sqlite_db//opt/so/conf/kratos/db/sqlite.db
+    - salt://reactor/kratos.sls
+
+

salt/common/init.sls

@@ -174,6 +174,7 @@ elastic_curl_config:
     - source: salt://elasticsearch/curl.config
     - mode: 600
     - show_changes: False
+    - makedirs: True
 
 # Sync some Utilities
 utilsyncscripts:

salt/manager/files/beacons.conf

@@ -0,0 +1,7 @@
+beacons:
+  watch_sqlite_db:
+    - files:
+        /opt/so/conf/kratos/db/sqlite.db:
+          mask:
+            - modify
+    - beacon_module: inotify

salt/manager/init.sls

@@ -22,6 +22,7 @@
 
 include:
   - elasticsearch.auth
+  - salt.minion
 
 socore_own_saltstack:
   file.directory:
@@ -121,6 +122,13 @@ syncesusers:
       - /opt/so/saltstack/local/salt/elasticsearch/files/users
       - /opt/so/saltstack/local/salt/elasticsearch/files/users_roles
 
+beacons_config:
+  file.managed:
+    - name: /etc/salt/minion.d/beacons.conf
+    - source: salt://manager/files/beacons.conf
+    - onchanges_in:
+        - service: salt_minion_service
+
 {% else %}
 
 {{sls}}_state_not_allowed:

salt/reactor/kratos.sls

@@ -0,0 +1,5 @@
+so_user_sync:
+  local.cmd.run:
+    - tgt: {{ data['data']['id'] }}
+    - arg:
+      - /usr/sbin/so-user sync

salt/salt/helper-packages.sls

@@ -1,3 +1,10 @@
+{% from 'salt/map.jinja' import PYINOTIFYPACKAGE with context%}
+{% from 'salt/map.jinja' import PYTHONINSTALLER with context%}
+
 patch_package:
   pkg.installed:
     - name: patch
+
+pyinotify:
+  {{PYTHONINSTALLER}}.installed:
+    - name: {{ PYINOTIFYPACKAGE }}

salt/salt/map.jinja

@@ -11,6 +11,7 @@
   {% set PYTHON3INFLUX= 'influxdb == ' ~ PYTHONINFLUXVERSION  %}
   {% set PYTHON3INFLUXDEPS= ['certifi', 'chardet', 'python-dateutil', 'pytz', 'requests'] %}
   {% set PYTHONINSTALLER = 'pip' %}
+  {% set PYINOTIFYPACKAGE = 'pyinotify' %}
 {% else %}
   {% set SPLITCHAR = '-' %}
   {% set SALTNOTHELD = salt['cmd.run']('yum versionlock list | grep -q salt ; echo $?', python_shell=True) %}
@@ -21,6 +22,7 @@
   {% set PYTHON3INFLUX= 'securityonion-python3-influxdb' %}
   {% set PYTHON3INFLUXDEPS= ['python36-certifi', 'python36-chardet', 'python36-dateutil', 'python36-pytz', 'python36-requests'] %}
   {% set PYTHONINSTALLER = 'pkg' %}
+  {% set PYINOTIFYPACKAGE = 'securityonion-python3-pyinotify' %}
 {% endif %}
 
 {% set INSTALLEDSALTVERSION = salt['pkg.version']('salt-minion').split(SPLITCHAR)[0] %}

salt/top.sls

@@ -260,7 +260,7 @@ base:
     - filebeat
     {%- endif %}
     {%- if CURATOR %}
-    - curator0
+    - curator
     {%- endif %}
     {%- if ELASTALERT %}
     - elastalert