From d4840d203c3d0e6f2470e6ce43d4d90a3d4fbb16 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Wed, 20 May 2020 11:23:55 -0400 Subject: [PATCH] fix version lock for wazuh --- salt/patch/os/init.sls | 3 --- salt/top.sls | 5 +++++ salt/wazuh/init.sls | 8 ++++++++ salt/yum/packages.sls | 4 ++++ setup/so-setup | 6 +++++- 5 files changed, 22 insertions(+), 4 deletions(-) diff --git a/salt/patch/os/init.sls b/salt/patch/os/init.sls index ade35294a..1464a3397 100644 --- a/salt/patch/os/init.sls +++ b/salt/patch/os/init.sls @@ -1,7 +1,4 @@ include: -{% if grains.os == "CentOS" %} - - yum.packages -{% endif %} - patch.needs_restarting patch_os: diff --git a/salt/top.sls b/salt/top.sls index 207fd509a..95acae1fd 100644 --- a/salt/top.sls +++ b/salt/top.sls @@ -11,6 +11,11 @@ base: + + 'os:CentOS': + - match: grain + - yum.packages + '*': - salt - docker diff --git a/salt/wazuh/init.sls b/salt/wazuh/init.sls index c464dd3a9..54db40787 100644 --- a/salt/wazuh/init.sls +++ b/salt/wazuh/init.sls @@ -43,6 +43,14 @@ ossec: # - user: 945 # - group: 945 +wazuhpkgs: + pkg.installed: + - skip_suggestions: False + - pkgs: + - wazuh-agent: 3.10.2-1 + - hold: True + - update_holds: True + # Add Wazuh agent conf wazuhagentconf: file.managed: diff --git a/salt/yum/packages.sls b/salt/yum/packages.sls index 4c773d0e9..50f763b0f 100644 --- a/salt/yum/packages.sls +++ b/salt/yum/packages.sls @@ -1,3 +1,7 @@ install_yum_utils: pkg.installed: - name: yum-utils + +install_yum_versionlock: + pkg.installed: + - name: yum-plugin-versionlock diff --git a/setup/so-setup b/setup/so-setup index efbccb93e..d949173cf 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -354,7 +354,6 @@ fi set_progress_str 22 'Generating CA and checking in' salt_checkin >> $setup_log 2>&1 - if [[ $is_master || $is_helix ]]; then set_progress_str 25 'Configuring firewall' set_initial_firewall_policy >> $setup_log 2>&1 @@ -379,6 +378,11 @@ fi set_progress_str 62 "$(print_salt_state_apply 'firewall')" salt-call state.apply -l info firewall >> $setup_log 2>&1 + if [ $OS = 'centos' ]; then + set_progress_str 63 'Installing Yum utilities' + salt-call state.apply -l info yum.packages >> $setup_log 2>&1 + fi + set_progress_str 63 "$(print_salt_state_apply 'common')" salt-call state.apply -l info common >> $setup_log 2>&1