From 6f9a263af316bce698feaa227910a489988c63ca Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Fri, 20 Aug 2021 10:40:15 -0400
Subject: [PATCH 1/4] remove the curator cronjobs if it is disabled

---
 salt/curator/init.sls | 89 ++++++++++++++++++++++++++++---------------
 1 file changed, 59 insertions(+), 30 deletions(-)

diff --git a/salt/curator/init.sls b/salt/curator/init.sls
index 9f0dc44f4..1acea5d25 100644
--- a/salt/curator/init.sls
+++ b/salt/curator/init.sls
@@ -4,6 +4,7 @@
 {% set VERSION = salt['pillar.get']('global:soversion', 'HH1.2.2') %}
 {% set IMAGEREPO = salt['pillar.get']('global:imagerepo') %}
 {% set MANAGER = salt['grains.get']('master') %}
+{% set REMOVECURATORCRON = False %}
 {% if grains['role'] in ['so-eval', 'so-node', 'so-managersearch', 'so-heavynode', 'so-standalone', 'so-manager'] %}
   {% from 'elasticsearch/auth.map.jinja' import ELASTICAUTH with context %}
   {% from "curator/map.jinja" import CURATOROPTIONS with context %}
@@ -88,36 +89,6 @@ curdel:
     - group: 939
     - mode: 755
 
-so-curatorcloseddeletecron:
- cron.present:
-   - name: /usr/sbin/so-curator-closed-delete > /opt/so/log/curator/cron-closed-delete.log 2>&1
-   - user: root
-   - minute: '*'
-   - hour: '*'
-   - daymonth: '*'
-   - month: '*'
-   - dayweek: '*'
-
-so-curatorclosecron:
- cron.present:
-   - name: /usr/sbin/so-curator-close > /opt/so/log/curator/cron-close.log 2>&1
-   - user: root
-   - minute: '*'
-   - hour: '*'
-   - daymonth: '*'
-   - month: '*'
-   - dayweek: '*'
-
-so-curatordeletecron:
- cron.present:
-   - name: /usr/sbin/so-curator-delete > /opt/so/log/curator/cron-delete.log 2>&1
-   - user: root
-   - minute: '*'
-   - hour: '*'
-   - daymonth: '*'
-   - month: '*'
-   - dayweek: '*'
-
 so-curator:
   docker_container.{{ CURATOROPTIONS.status }}:
   {% if CURATOROPTIONS.status == 'running' %}
@@ -152,11 +123,15 @@ so-curator_so-status.disabled:
   file.comment:
     - name: /opt/so/conf/so-status/so-status.conf
     - regex: ^so-curator$
+
+      # need to remove cronjobs here since curator is disabled
+      {% set REMOVECURATORCRON = True %}    
     {% else %}
 delete_so-curator_so-status.disabled:
   file.uncomment:
     - name: /opt/so/conf/so-status/so-status.conf
     - regex: ^so-curator$
+
     {% endif %}
 
   {% else %}
@@ -165,6 +140,60 @@ delete_so-curator_so-status:
     - name: /opt/so/conf/so-status/so-status.conf
     - match: ^so-curator$
     - mode: delete
+
+    # need to remove cronjobs here since curator is disabled
+    {% set REMOVECURATORCRON = True %}
+
+  {% endif %}
+
+  {% if REMOVECURATORCRON %}
+so-curatorcloseddeletecron:
+ cron.absent:
+   - name: /usr/sbin/so-curator-closed-delete > /opt/so/log/curator/cron-closed-delete.log 2>&1
+   - user: root
+
+so-curatorclosecron:
+ cron.absent:
+   - name: /usr/sbin/so-curator-close > /opt/so/log/curator/cron-close.log 2>&1
+   - user: root
+
+so-curatordeletecron:
+ cron.absent:
+   - name: /usr/sbin/so-curator-delete > /opt/so/log/curator/cron-delete.log 2>&1
+   - user: root
+
+  {% else %}
+
+so-curatorcloseddeletecron:
+ cron.present:
+   - name: /usr/sbin/so-curator-closed-delete > /opt/so/log/curator/cron-closed-delete.log 2>&1
+   - user: root
+   - minute: '*'
+   - hour: '*'
+   - daymonth: '*'
+   - month: '*'
+   - dayweek: '*'
+
+so-curatorclosecron:
+ cron.present:
+   - name: /usr/sbin/so-curator-close > /opt/so/log/curator/cron-close.log 2>&1
+   - user: root
+   - minute: '*'
+   - hour: '*'
+   - daymonth: '*'
+   - month: '*'
+   - dayweek: '*'
+
+so-curatordeletecron:
+ cron.present:
+   - name: /usr/sbin/so-curator-delete > /opt/so/log/curator/cron-delete.log 2>&1
+   - user: root
+   - minute: '*'
+   - hour: '*'
+   - daymonth: '*'
+   - month: '*'
+   - dayweek: '*'
+
   {% endif %}
 
 # Begin Curator Cron Jobs

From 936c998ecbcb22b778b7f836d0d19e14f18ac207 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Fri, 20 Aug 2021 12:49:55 -0400
Subject: [PATCH 2/4] CURATOR ISO info

---
 VERIFY_ISO.md                             |  22 +++++++++++-----------
 sigs/securityonion-2.3.70-CURATOR.iso.sig | Bin 0 -> 543 bytes
 2 files changed, 11 insertions(+), 11 deletions(-)
 create mode 100644 sigs/securityonion-2.3.70-CURATOR.iso.sig

diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md
index 16dbd024f..0f78a7a39 100644
--- a/VERIFY_ISO.md
+++ b/VERIFY_ISO.md
@@ -1,18 +1,18 @@
-### 2.3.70 ISO image built on 2021/08/17
+### 2.3.70-CURATOR ISO image built on 2021/08/20
 
 
 
 ### Download and Verify
 
-2.3.70 ISO image:  
-https://download.securityonion.net/file/securityonion/securityonion-2.3.70.iso
+2.3.70-CURATOR ISO image:  
+https://download.securityonion.net/file/securityonion/securityonion-2.3.70-CURATOR.iso
 
-MD5: F048FABC7FD2D0E1A8B02381F115D1E0  
-SHA1: DF6D20FEF13CDC1B19309D2A1178D6E5D25FDA6F  
-SHA256: B193FFD7EE69958A8E257117149DCFB2125C5772FBFA6003AD80FD1CC129E571 
+MD5: FECB0156F1E3BC9BD1E074FF8C6B2B6D  
+SHA1: 38C1AF89C2CFFD7777E4E7A7C8DA1FEC5BB163D5  
+SHA256: 38835C6096E859E3FDD1253678312AEC15BD95A08F681B86D84990A4094B48DC 
 
 Signature for ISO image:  
-https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.70.iso.sig
+https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.70-CURATOR.iso.sig
 
 Signing key:  
 https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS  
@@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma
 
 Download the signature file for the ISO:  
 ```
-wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.70.iso.sig
+wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.70-CURATOR.iso.sig
 ```
 
 Download the ISO image:  
 ```
-wget https://download.securityonion.net/file/securityonion/securityonion-2.3.70.iso
+wget https://download.securityonion.net/file/securityonion/securityonion-2.3.70-CURATOR.iso
 ```
 
 Verify the downloaded ISO image using the signature file:  
 ```
-gpg --verify securityonion-2.3.70.iso.sig securityonion-2.3.70.iso
+gpg --verify securityonion-2.3.70-CURATOR.iso.sig securityonion-2.3.70-CURATOR.iso
 ```
 
 The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
 ```
-gpg: Signature made Tue 17 Aug 2021 10:52:17 PM EDT using RSA key ID FE507013
+gpg: Signature made Fri 20 Aug 2021 11:26:28 AM EDT using RSA key ID FE507013
 gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
 gpg: WARNING: This key is not certified with a trusted signature!
 gpg:          There is no indication that the signature belongs to the owner.
diff --git a/sigs/securityonion-2.3.70-CURATOR.iso.sig b/sigs/securityonion-2.3.70-CURATOR.iso.sig
new file mode 100644
index 0000000000000000000000000000000000000000..1e13fa860f3e5e08201a5fa006fce12df379dc55
GIT binary patch
literal 543
zcmV+)0^t3L0vrSY0RjL91p;9o$)o@Z2@re`V7LBIa1#^P5B@eCH@S!5mo*3@4p;WB
z1d0&VgKYoxcOQPqT0K@Lud+(=N(QU~ciT$V(eu|!7JYOC_;|Lh+!9+v#}d()5hi6)
zX)9QSE+~u@N<kvHj(4ww6NHqE&(wuA&MpzI&6{?FAQPn`Ym6l;LQ6tsexX#?o-Jx@
z_2X?EJ(({3hh1zMc!saAW|k=B6o5|&Bu7CCGdjfuv>6{;7xMn}Ljlpou=@V0tquh}
zT7gllVaG_(2-aEJEHT2{4d;)OE(CF6t4Ot3=8C}plx=yAI+P}8k+;uw6M>Mu4Kq(m
zP?~0=CzQ}jA~b@A8^gkQzoG&ZZkd~{Ct>5j2(%Xya}!oq9>q##(2Vv*#g$r13C~zm
zJmyV3yy?qT$pBwCryZ;AdrBW>#J8ML>oQEaeGVgYv7`o(QRh(Ptm46%JAr@B*`^{B
z5(L`97{4a>F3{l>G52Adj0x{zE#%>+s$dPMc_4*|R_lyVA{eP&rNdVSR?u>&!Q;Ht
zI=2x%fuIjbaQC5ow!Lq;xEAoG!9d!f>5Izt1)?!i`?$jh8;A%K%t2m0Z@yL{Kss|y
zE=?R&>x}7AK4E<E=rc_T0ioi5^Y)srx~RIwhVTz#jy8s2ab4$8BR-UpN$zX0P*MSs
hXn@ZH2x5Q*=!MXE$S@Ult!>!|Hc<~2V5?_<&&%iN_Wl3>

literal 0
HcmV?d00001


From 51b517581a9be262992d68a8650f2da85cc12858 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Fri, 20 Aug 2021 15:38:56 -0400
Subject: [PATCH 3/4] 2.3.70 sigs

---
 VERIFY_ISO.md                             |   8 ++++----
 sigs/securityonion-2.3.70-CURATOR.iso.sig | Bin 543 -> 543 bytes
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md
index 0f78a7a39..7b75e8583 100644
--- a/VERIFY_ISO.md
+++ b/VERIFY_ISO.md
@@ -7,9 +7,9 @@
 2.3.70-CURATOR ISO image:  
 https://download.securityonion.net/file/securityonion/securityonion-2.3.70-CURATOR.iso
 
-MD5: FECB0156F1E3BC9BD1E074FF8C6B2B6D  
-SHA1: 38C1AF89C2CFFD7777E4E7A7C8DA1FEC5BB163D5  
-SHA256: 38835C6096E859E3FDD1253678312AEC15BD95A08F681B86D84990A4094B48DC 
+MD5: E0F7882E37B1B6BC4F9A6C8FD6F213F6  
+SHA1: 82E1204BAD9489B275A083A642F175E352F9A332  
+SHA256: 147CA7F5082273EDCC32EF6322D86A04CCB2E96B3A7F0B01EFA8A029BD84C3D7 
 
 Signature for ISO image:  
 https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.70-CURATOR.iso.sig
@@ -41,7 +41,7 @@ gpg --verify securityonion-2.3.70-CURATOR.iso.sig securityonion-2.3.70-CURATOR.i
 
 The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
 ```
-gpg: Signature made Fri 20 Aug 2021 11:26:28 AM EDT using RSA key ID FE507013
+gpg: Signature made Fri 20 Aug 2021 01:23:59 PM EDT using RSA key ID FE507013
 gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
 gpg: WARNING: This key is not certified with a trusted signature!
 gpg:          There is no indication that the signature belongs to the owner.
diff --git a/sigs/securityonion-2.3.70-CURATOR.iso.sig b/sigs/securityonion-2.3.70-CURATOR.iso.sig
index 1e13fa860f3e5e08201a5fa006fce12df379dc55..a9dfc3d1d7f0f0d0cdb701e34a1bed95a9942479 100644
GIT binary patch
literal 543
zcmV+)0^t3L0vrSY0RjL91p;9o<u3pV2@re`V7LBIa1*<r5C3mo;gL^%{C<*JFgoLW
zI97j(X0TWGxH8nEurfk9%?VxYdvG5hw9Sj+JqOY98o!XpBqu+sM*<*o9P@$+q-;4s
z<$o?)UYeZ!2=UDj1~tM5s(quj@SFo=+g;|ucx|eUVa9S7m}u5s`^yMp)RW!$eUfFz
z1z~y5NoZP}U2R@;*qTrIAH_+7Gk!eKj?#AB)$>|+^87z{GoYD2B2{aO?q5hc{#Nr*
zxgk!wiJq;?2rQC>ZWv_>rE8Y5;D%ShhA(q+@@%KZBk`Jj=i2Uz4jkgQGM9SU_R;Qh
zX|I^fwgdW3$v?xvX|zlK!{ZRh!0iJh!#fjc@y<?FvH{$fnbnQjn+gduo>oNN7mqdE
zvp6=~$M&s`H7N;Y3mUp>s0Nf->)%Z5X-6bbBxj>frxQ1ORjwr<<GvgJEyFX;P29`C
zWS!Rsg2Y*9490NG_luRJRGB>g*<LS|{bxvgYkLGnY^r0(MJ6yo817Ocb!(2SL-d4g
z7L<>aqZ0$~ViB#!zf~3!g6ovVG67Ym00=UL(3;W%+mm7<5aj)s5*Lvz;(>vFS9f#J
zfeUUN8$#?<?~je^SA*|J;w)S}L9`h`BIsp|a0eu-Su)LtzJRfMcB(|d6v3|XRb5%e
h1r7DLM^fA>3^eGjuCDz_bi^qV$X*1g5P{1U_nSH%1qJ{B

literal 543
zcmV+)0^t3L0vrSY0RjL91p;9o$)o@Z2@re`V7LBIa1#^P5B@eCH@S!5mo*3@4p;WB
z1d0&VgKYoxcOQPqT0K@Lud+(=N(QU~ciT$V(eu|!7JYOC_;|Lh+!9+v#}d()5hi6)
zX)9QSE+~u@N<kvHj(4ww6NHqE&(wuA&MpzI&6{?FAQPn`Ym6l;LQ6tsexX#?o-Jx@
z_2X?EJ(({3hh1zMc!saAW|k=B6o5|&Bu7CCGdjfuv>6{;7xMn}Ljlpou=@V0tquh}
zT7gllVaG_(2-aEJEHT2{4d;)OE(CF6t4Ot3=8C}plx=yAI+P}8k+;uw6M>Mu4Kq(m
zP?~0=CzQ}jA~b@A8^gkQzoG&ZZkd~{Ct>5j2(%Xya}!oq9>q##(2Vv*#g$r13C~zm
zJmyV3yy?qT$pBwCryZ;AdrBW>#J8ML>oQEaeGVgYv7`o(QRh(Ptm46%JAr@B*`^{B
z5(L`97{4a>F3{l>G52Adj0x{zE#%>+s$dPMc_4*|R_lyVA{eP&rNdVSR?u>&!Q;Ht
zI=2x%fuIjbaQC5ow!Lq;xEAoG!9d!f>5Izt1)?!i`?$jh8;A%K%t2m0Z@yL{Kss|y
zE=?R&>x}7AK4E<E=rc_T0ioi5^Y)srx~RIwhVTz#jy8s2ab4$8BR-UpN$zX0P*MSs
hXn@ZH2x5Q*=!MXE$S@Ult!>!|Hc<~2V5?_<&&%iN_Wl3>


From b78da5c2377c4e1d282f74a01d47bbd43b35d5c0 Mon Sep 17 00:00:00 2001
From: Jason Ertel <jason.ertel@securityonionsolutions.com>
Date: Mon, 23 Aug 2021 09:36:20 -0400
Subject: [PATCH 4/4] Merge hotfix to dev; reset to .80

---
 HOTFIX  | 2 --
 VERSION | 2 +-
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/HOTFIX b/HOTFIX
index 393a7e913..e69de29bb 100644
--- a/HOTFIX
+++ b/HOTFIX
@@ -1,2 +0,0 @@
-
-CURATOR
diff --git a/VERSION b/VERSION
index e183d6a6c..d5c0d128d 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.3.70
+2.3.80