From 4a489afb893077be5575076359fe9a2be42b7df5 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Fri, 25 Aug 2023 08:55:00 -0400
Subject: [PATCH 1/5] remove old and install new watchdog package

---
 salt/common/packages.sls           | 2 --
 salt/strelka/filestream/config.sls | 8 ++++++++
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/salt/common/packages.sls b/salt/common/packages.sls
index 5f4a348e7..fe36a1fa1 100644
--- a/salt/common/packages.sls
+++ b/salt/common/packages.sls
@@ -21,7 +21,6 @@ commonpkgs:
       - python3-dateutil
       - python3-docker
       - python3-packaging
-      - python3-watchdog
       - python3-lxml
       - git
       - rsync
@@ -78,7 +77,6 @@ commonpkgs:
       - python3-packaging
       - python3-pyyaml
       - python3-rich
-      - python3-watchdog
       - rsync
       - sqlite
       - tcpdump
diff --git a/salt/strelka/filestream/config.sls b/salt/strelka/filestream/config.sls
index 993a59650..a254e9253 100644
--- a/salt/strelka/filestream/config.sls
+++ b/salt/strelka/filestream/config.sls
@@ -47,6 +47,14 @@ filestream_config:
         FILESTREAMCONFIG: {{ STRELKAMERGED.filestream.config }}
 
 # Filecheck Section
+remove_old_watchdog:
+  pkg.removed:
+    - name: python3-watchdog
+
+install_watchdog:
+  pkg.installed:
+    - name: securityonion-python39-watchdog
+
 filecheck_logdir:
   file.directory:
     - name: /opt/so/log/strelka

From ab1d97c985130bb3504ec3eee4ea330953cdb595 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Fri, 25 Aug 2023 09:39:16 -0400
Subject: [PATCH 2/5] restart filecheck if watchdog pkg changes

---
 salt/strelka/filestream/config.sls | 1 +
 1 file changed, 1 insertion(+)

diff --git a/salt/strelka/filestream/config.sls b/salt/strelka/filestream/config.sls
index a254e9253..a84ab5ba1 100644
--- a/salt/strelka/filestream/config.sls
+++ b/salt/strelka/filestream/config.sls
@@ -135,6 +135,7 @@ filecheck_restart:
     - onchanges:
       - file: filecheck_script
       - file: filecheck_conf
+      - pkg: install_watchdog
 
 filcheck_history_clean:
   cron.present:

From 0a88c812e867b51d19eb643d47dab1f9f7c24df3 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Fri, 25 Aug 2023 13:03:33 -0400
Subject: [PATCH 3/5] differnet watchdog package names for debian vs redhat
 fams

---
 salt/strelka/filestream/config.sls | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/salt/strelka/filestream/config.sls b/salt/strelka/filestream/config.sls
index a84ab5ba1..833a08505 100644
--- a/salt/strelka/filestream/config.sls
+++ b/salt/strelka/filestream/config.sls
@@ -47,6 +47,12 @@ filestream_config:
         FILESTREAMCONFIG: {{ STRELKAMERGED.filestream.config }}
 
 # Filecheck Section
+{% if GLOBALS.os_family == 'Debian' %}
+install_watchdog:
+  pkg.installed:
+    - name: python3-watchdog
+
+{% elif GLOBALS.os_family == 'RedHat' %}
 remove_old_watchdog:
   pkg.removed:
     - name: python3-watchdog
@@ -54,6 +60,7 @@ remove_old_watchdog:
 install_watchdog:
   pkg.installed:
     - name: securityonion-python39-watchdog
+{% endif %}
 
 filecheck_logdir:
   file.directory:

From c22f9687fb1f23f5232c1a21e4dfa59555def7ec Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Fri, 25 Aug 2023 13:40:34 -0400
Subject: [PATCH 4/5] sync local repo in soup

---
 salt/manager/tools/sbin/soup | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/salt/manager/tools/sbin/soup b/salt/manager/tools/sbin/soup
index 934cef2ee..21933c1a8 100755
--- a/salt/manager/tools/sbin/soup
+++ b/salt/manager/tools/sbin/soup
@@ -303,6 +303,7 @@ check_log_size_limit() {
 
 check_os_updates() {
   # Check to see if there are OS updates
+  echo "Checking for OS updates."
   NEEDUPDATES="We have detected missing operating system (OS) updates. Do you want to install these OS updates now? This could take a while depending on the size of your grid and how many packages are missing, but it is recommended to keep your system updated."
   OSUPDATES=$(dnf -q list updates | grep -v docker | grep -v containerd | grep -v salt | grep -v Available | wc -l)
   if [[ "$OSUPDATES" -gt 0 ]]; then
@@ -437,6 +438,11 @@ post_to_2.4.20() {
   POSTVERSION=2.4.20
 }
 
+repo_sync() {
+  echo "Sync the local repo."
+  su socore -c '/usr/sbin/so-repo-sync'
+}
+
 stop_salt_master() {
     # kill all salt jobs across the grid because the hang indefinitely if they are queued and salt-master restarts
     set +e
@@ -762,9 +768,7 @@ main() {
   fi
   echo "Verifying we have the latest soup script."
   verify_latest_update_script
-  echo "Checking for OS updates."
-  check_os_updates
-  
+
   echo "Let's see if we need to update Security Onion."
   upgrade_check
   upgrade_space
@@ -776,6 +780,10 @@ main() {
   if [[ $is_airgap -eq 0 ]]; then
     yum clean all
     check_os_updates
+  elif [[ $OS == 'oracle' || $OS == 'redhat'|| $OS == 'centos' ]]; then
+    # sync remote repo down to local if not airgap
+    repo_sync
+    check_os_updates
   fi
 
   if [ "$is_hotfix" == "true" ]; then

From 388c90f64113af0f750fec4aa091bda4064571b0 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Fri, 25 Aug 2023 14:56:42 -0400
Subject: [PATCH 5/5] add oel to set_os

---
 salt/common/tools/sbin/so-common | 4 ++++
 salt/manager/tools/sbin/soup     | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/salt/common/tools/sbin/so-common b/salt/common/tools/sbin/so-common
index a76aab1f1..03b19d756 100755
--- a/salt/common/tools/sbin/so-common
+++ b/salt/common/tools/sbin/so-common
@@ -446,6 +446,10 @@ set_os() {
 			OS=centos
 			OSVER=9
 			is_centos=true
+		elif grep -q "Oracle Linux Server release 9" /etc/system-release; then
+			OS=oel
+			OSVER=9
+			is_oracle=true
 		fi
 		cron_service_name="crond"
 	else
diff --git a/salt/manager/tools/sbin/soup b/salt/manager/tools/sbin/soup
index 21933c1a8..5cb59d6ac 100755
--- a/salt/manager/tools/sbin/soup
+++ b/salt/manager/tools/sbin/soup
@@ -780,7 +780,7 @@ main() {
   if [[ $is_airgap -eq 0 ]]; then
     yum clean all
     check_os_updates
-  elif [[ $OS == 'oracle' || $OS == 'redhat'|| $OS == 'centos' ]]; then
+  elif [[ $OS == 'oel' || $OS == 'rocky'|| $OS == 'centos' ]]; then
     # sync remote repo down to local if not airgap
     repo_sync
     check_os_updates