CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

FIX: Update telegraf init.sls to run telegraf as non-root #7468

Browse Source
This commit is contained in:
Doug Burks
2022-03-18 13:11:56 -04:00
committed by GitHub
parent 949365c636
commit c13994994b
1 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
salt/telegraf/init.sls
View File

@@ -13,6 +13,11 @@ tgraflogdir:
file.directory: file.directory:
- name: /opt/so/log/telegraf - name: /opt/so/log/telegraf
- makedirs: True - makedirs: True
- user: 939
- group: 939
- recurse:
- user
- group
tgrafetcdir: tgrafetcdir:
file.directory: file.directory:
@@ -29,7 +34,7 @@ tgrafsyncscripts:
- name: /opt/so/conf/telegraf/scripts - name: /opt/so/conf/telegraf/scripts
- user: root - user: root
- group: 939 - group: 939
- file_mode: 700 - file_mode: 770
- template: jinja - template: jinja
- source: salt://telegraf/scripts - source: salt://telegraf/scripts
{% if salt['pillar.get']('global:mdengine', 'ZEEK') == 'SURICATA' %} {% if salt['pillar.get']('global:mdengine', 'ZEEK') == 'SURICATA' %}
@@ -57,6 +62,8 @@ node_config:
so-telegraf: so-telegraf:
docker_container.running: docker_container.running:
- image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-telegraf:{{ VERSION }} - image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-telegraf:{{ VERSION }}
- user: 939
- group_add: 939,920
- environment: - environment:
- HOST_PROC=/host/proc - HOST_PROC=/host/proc
- HOST_ETC=/host/etc - HOST_ETC=/host/etc