From cb55af4c1c609e002c49f1f872d49036388192de Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Fri, 18 Feb 2022 13:13:56 -0500
Subject: [PATCH] dont allow $ to be used for elasticsearch:auth or
 kibana:secrets -
 https://github.com/Security-Onion-Solutions/securityonion/issues/7233

---
 salt/elasticsearch/auth.sls | 2 +-
 salt/kibana/secrets.sls     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/salt/elasticsearch/auth.sls b/salt/elasticsearch/auth.sls
index d19b7e7c1..ad9f3df04 100644
--- a/salt/elasticsearch/auth.sls
+++ b/salt/elasticsearch/auth.sls
@@ -4,7 +4,7 @@
   {% set DIGITS = "1234567890" %}
   {% set LOWERCASE = "qwertyuiopasdfghjklzxcvbnm" %}
   {% set UPPERCASE = "QWERTYUIOPASDFGHJKLZXCVBNM" %}
-  {% set SYMBOLS = "~!@#$^&*()-_=+[]|;:,.<>?" %}
+  {% set SYMBOLS = "~!@#^&*()-_=+[]|;:,.<>?" %}
   {% set CHARS = DIGITS~LOWERCASE~UPPERCASE~SYMBOLS %}
   {% set so_elastic_user_pass = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:pass', salt['random.get_str'](72, chars=CHARS)) %}
   {% set so_kibana_user_pass = salt['pillar.get']('elasticsearch:auth:users:so_kibana_user:pass', salt['random.get_str'](72, chars=CHARS)) %}
diff --git a/salt/kibana/secrets.sls b/salt/kibana/secrets.sls
index 013394e90..16438f528 100644
--- a/salt/kibana/secrets.sls
+++ b/salt/kibana/secrets.sls
@@ -4,7 +4,7 @@
   {% set DIGITS = "1234567890" %}
   {% set LOWERCASE = "qwertyuiopasdfghjklzxcvbnm" %}
   {% set UPPERCASE = "QWERTYUIOPASDFGHJKLZXCVBNM" %}
-  {% set SYMBOLS = "~!@#$^&*()-_=+[]|;:,.<>?" %}
+  {% set SYMBOLS = "~!@#^&*()-_=+[]|;:,.<>?" %}
   {% set CHARS = DIGITS~LOWERCASE~UPPERCASE~SYMBOLS %}
   {% set kibana_encryptedSavedObjects_encryptionKey = salt['pillar.get']('kibana:secrets:encryptedSavedObjects:encryptionKey', salt['random.get_str'](72, chars=CHARS)) %}
   {% set kibana_security_encryptionKey = salt['pillar.get']('kibana:secrets:security:encryptionKey', salt['random.get_str'](72, chars=CHARS)) %}