CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Remove extra users file mounts; disable elastic anon access when auth enabled

Browse Source
This commit is contained in:
Jason Ertel
2021-05-29 07:52:08 -04:00
parent 47b56e78b3
commit a42a406f53
3 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/elasticsearch/files/elasticsearch.yml
View File

@@ -30,11 +30,13 @@ xpack.security.http.ssl.client_authentication: none
xpack.security.http.ssl.key: /usr/share/elasticsearch/config/elasticsearch.key xpack.security.http.ssl.key: /usr/share/elasticsearch/config/elasticsearch.key
xpack.security.http.ssl.certificate: /usr/share/elasticsearch/config/elasticsearch.crt xpack.security.http.ssl.certificate: /usr/share/elasticsearch/config/elasticsearch.crt
xpack.security.http.ssl.certificate_authorities: /usr/share/elasticsearch/config/ca.crt xpack.security.http.ssl.certificate_authorities: /usr/share/elasticsearch/config/ca.crt
{% if not salt['pillar.get']('elasticsearch:auth:enabled', False) %}
xpack.security.authc: xpack.security.authc:
anonymous: anonymous:
username: anonymous_user username: anonymous_user
roles: superuser roles: superuser
authz_exception: true authz_exception: true
{% endif %}
node.name: {{ grains.host }} node.name: {{ grains.host }}
script.max_compilations_rate: 1000/1m script.max_compilations_rate: 1000/1m
{%- if TRUECLUSTER is sameas true %} {%- if TRUECLUSTER is sameas true %}

2
salt/elasticsearch/init.sls
View File

@@ -234,8 +234,6 @@ so-elasticsearch:
- binds: - binds:
- /opt/so/conf/elasticsearch/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro - /opt/so/conf/elasticsearch/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
- /opt/so/conf/elasticsearch/log4j2.properties:/usr/share/elasticsearch/config/log4j2.properties:ro - /opt/so/conf/elasticsearch/log4j2.properties:/usr/share/elasticsearch/config/log4j2.properties:ro
- /opt/so/conf/elasticsearch/users:/usr/share/elasticsearch/config/users:ro
- /opt/so/conf/elasticsearch/users_roles:/usr/share/elasticsearch/config/users_roles:ro
- /nsm/elasticsearch:/usr/share/elasticsearch/data:rw - /nsm/elasticsearch:/usr/share/elasticsearch/data:rw
- /opt/so/log/elasticsearch:/var/log/elasticsearch:rw - /opt/so/log/elasticsearch:/var/log/elasticsearch:rw
- /opt/so/conf/ca/cacerts:/etc/pki/ca-trust/extracted/java/cacerts:ro - /opt/so/conf/ca/cacerts:/etc/pki/ca-trust/extracted/java/cacerts:ro

2
salt/kibana/etc/kibana.yml
View File

@@ -14,7 +14,9 @@ elasticsearch.requestTimeout: 90000
logging.dest: /var/log/kibana/kibana.log logging.dest: /var/log/kibana/kibana.log
telemetry.enabled: false telemetry.enabled: false
security.showInsecureClusterWarning: false security.showInsecureClusterWarning: false
{% if not salt['pillar.get']('elasticsearch:auth:enabled', False) %}
xpack.security.authc.providers: xpack.security.authc.providers:
anonymous.anonymous1: anonymous.anonymous1:
order: 0 order: 0
credentials: "elasticsearch_anonymous_user" credentials: "elasticsearch_anonymous_user"
{% endif %}