CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Initial work to add unattended option to soup

Browse Source
This commit is contained in:
William Wernert
2021-08-27 11:33:51 -04:00
parent ef650c6ee6
commit c5d120293d
1 changed files with 58 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

91
salt/common/tools/sbin/soup
View File

@@ -105,17 +105,20 @@ add_common() {
airgap_mounted() { airgap_mounted() {
# Let's see if the ISO is already mounted. # Let's see if the ISO is already mounted.
if [ -f /tmp/soagupdate/SecurityOnion/VERSION ]; then if [[ -f /tmp/soagupdate/SecurityOnion/VERSION ]]; then
echo "The ISO is already mounted" echo "The ISO is already mounted"
else else
echo "" if [[ -z $ISOLOC ]]; then
cat << EOF echo "This is airgap. Ask for a location."
echo ""
cat << EOF
In order for soup to proceed, the path to the downloaded Security Onion ISO file, or the path to the CD-ROM or equivalent device containing the ISO media must be provided. In order for soup to proceed, the path to the downloaded Security Onion ISO file, or the path to the CD-ROM or equivalent device containing the ISO media must be provided.
For example, if you have copied the new Security Onion ISO file to your home directory, then the path might look like /home/myuser/securityonion-2.x.y.iso. For example, if you have copied the new Security Onion ISO file to your home directory, then the path might look like /home/myuser/securityonion-2.x.y.iso.
Or, if you have burned the new ISO onto an optical disk then the path might look like /dev/cdrom. Or, if you have burned the new ISO onto an optical disk then the path might look like /dev/cdrom.
EOF EOF
read -rp 'Enter the path to the new Security Onion ISO content: ' ISOLOC read -rp 'Enter the path to the new Security Onion ISO content: ' ISOLOC
fi
if [[ -f $ISOLOC ]]; then if [[ -f $ISOLOC ]]; then
# Mounting the ISO image # Mounting the ISO image
mkdir -p /tmp/soagupdate mkdir -p /tmp/soagupdate
@@ -124,23 +127,27 @@ EOF
if [ ! -f /tmp/soagupdate/SecurityOnion/VERSION ]; then if [ ! -f /tmp/soagupdate/SecurityOnion/VERSION ]; then
echo "Something went wrong trying to mount the ISO." echo "Something went wrong trying to mount the ISO."
echo "Ensure you verify the ISO that you downloaded." echo "Ensure you verify the ISO that you downloaded."
exit 0 exit 1
else else
echo "ISO has been mounted!" echo "ISO has been mounted!"
fi fi
elif [[ -f $ISOLOC/SecurityOnion/VERSION ]]; then elif [[ -f $ISOLOC/SecurityOnion/VERSION ]]; then
ln -s $ISOLOC /tmp/soagupdate ln -s $ISOLOC /tmp/soagupdate
echo "Found the update content" echo "Found the update content"
else elif [[ -b $ISOLOC ]]; then
mkdir -p /tmp/soagupdate mkdir -p /tmp/soagupdate
mount $ISOLOC /tmp/soagupdate mount $ISOLOC /tmp/soagupdate
if [ ! -f /tmp/soagupdate/SecurityOnion/VERSION ]; then if [ ! -f /tmp/soagupdate/SecurityOnion/VERSION ]; then
echo "Something went wrong trying to mount the device." echo "Something went wrong trying to mount the device."
echo "Ensure you verify the ISO that you downloaded." echo "Ensure you verify the ISO that you downloaded."
exit 0 exit 1
else else
echo "Device has been mounted!" echo "Device has been mounted!"
fi fi
else
echo "Could not find Security Onion ISO content at ${ISOLOC}"
echo "Ensure the path you entered is correct, and that you verify the ISO that you downloaded."
exit 1
fi fi
fi fi
} }
@@ -774,39 +781,22 @@ verify_latest_update_script() {
} }
main() { main() {
set -e
set +e
trap 'check_err $?' EXIT trap 'check_err $?' EXIT
echo "### Preparing soup at $(date) ###" echo "Checking to see if this is an airgap install."
while getopts ":b" opt; do echo ""
case "$opt" in check_airgap
b ) # process option b if [[ $is_airgap -eq 0 && $UNATTENDED == true && -z $ISOLOC ]]; then
shift echo "Missing file argument for unattended airgap upgrade."
BATCHSIZE=$1 fi
if ! [[ "$BATCHSIZE" =~ ^[0-9]+$ ]]; then
echo "Batch size must be a number greater than 0."
exit 1
fi
;;
\? )
echo "Usage: cmd [-b]"
;;
esac
done
echo "Checking to see if this is a manager." echo "Checking to see if this is a manager."
echo "" echo ""
require_manager require_manager
set_minionid set_minionid
echo "Checking to see if this is an airgap install."
echo ""
check_airgap
echo "Found that Security Onion $INSTALLEDVERSION is currently installed." echo "Found that Security Onion $INSTALLEDVERSION is currently installed."
echo "" echo ""
if [[ $is_airgap -eq 0 ]]; then if [[ $is_airgap -eq 0 ]]; then
# Let's mount the ISO since this is airgap # Let's mount the ISO since this is airgap
echo "This is airgap. Ask for a location."
airgap_mounted airgap_mounted
else else
echo "Cloning Security Onion github repo into $UPDATE_DIR." echo "Cloning Security Onion github repo into $UPDATE_DIR."
@@ -1029,7 +1019,40 @@ EOF
echo "### soup has been served at $(date) ###" echo "### soup has been served at $(date) ###"
} }
cat << EOF while getopts ":b:f:y" opt; do
case ${opt} in
b )
BATCHSIZE="$OPTARG"
if ! [[ "$BATCHSIZE" =~ ^[0-9]+$ ]]; then
echo "Batch size must be a number greater than 0."
exit 1
fi
;;
y )
if [[ ! -f /opt/so/state/yeselastic.txt ]]; then
echo "Cannot run soup in unattended mode. You must run soup manually to accept the Elastic License."
exit 1
else
UNATTENDED=true
fi
;;
f )
ISOLOC="$OPTARG"
;;
\? )
echo "Usage: soup [-b] [-y] [-f <iso location>]"
exit 1
;;
: )
echo "Invalid option: $OPTARG requires an argument"
exit 1
;;
esac
done
shift $((OPTIND - 1))
if [[ -z $UNATTENDED ]]; then
cat << EOF
SOUP - Security Onion UPdater SOUP - Security Onion UPdater
@@ -1041,7 +1064,9 @@ Press Enter to continue or Ctrl-C to cancel.
EOF EOF
read -r input read -r input
fi
echo "### Preparing soup at $(date) ###"
main "$@" | tee -a $SOUP_LOG main "$@" | tee -a $SOUP_LOG