From 777bece2eb9648c47c2a57a28bc3b7c2bdce8789 Mon Sep 17 00:00:00 2001
From: Jason Ertel <jason.ertel@securityonionsolutions.com>
Date: Sun, 20 Jun 2021 22:14:13 -0400
Subject: [PATCH 1/2] Fix intermittent 'like' failures; Ensure bash is on first
 line of load templates script

---
 salt/common/tools/sbin/so-elasticsearch-templates-load | 6 +++---
 salt/common/tools/sbin/so-user                         | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/salt/common/tools/sbin/so-elasticsearch-templates-load b/salt/common/tools/sbin/so-elasticsearch-templates-load
index 30ab66b48..fbb9e4e3a 100755
--- a/salt/common/tools/sbin/so-elasticsearch-templates-load
+++ b/salt/common/tools/sbin/so-elasticsearch-templates-load
@@ -1,6 +1,3 @@
-{%- set mainint = salt['pillar.get']('host:mainint') %}
-{%- set MYIP = salt['grains.get']('ip_interfaces:' ~ mainint)[0] %}
-
 #!/bin/bash
 # Copyright 2014,2015,2016,2017,2018,2019 Security Onion Solutions, LLC
 #
@@ -17,6 +14,9 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+{%- set mainint = salt['pillar.get']('host:mainint') %}
+{%- set MYIP = salt['grains.get']('ip_interfaces:' ~ mainint)[0] %}
+
 default_conf_dir=/opt/so/conf
 ELASTICSEARCH_HOST="{{ MYIP }}"
 ELASTICSEARCH_PORT=9200
diff --git a/salt/common/tools/sbin/so-user b/salt/common/tools/sbin/so-user
index 0f44a3227..fe0118438 100755
--- a/salt/common/tools/sbin/so-user
+++ b/salt/common/tools/sbin/so-user
@@ -201,7 +201,7 @@ function syncElastic() {
     # Generate the new users file
     echo "select '{\"user\":\"' || ici.identifier || '\", \"data\":' || ic.config || '}'" \
       "from identity_credential_identifiers ici, identity_credentials ic " \
-      "where ici.identity_credential_id=ic.id and ic.config like '%hashed_password%' " \
+      "where ici.identity_credential_id=ic.id and instr(ic.config, 'hashed_password') " \
       "order by ici.identifier;" | \
       sqlite3 "$databasePath" | \
       jq -r '.user + ":" + .data.hashed_password' \
@@ -212,7 +212,7 @@ function syncElastic() {
     
     echo "select 'superuser:' || ici.identifier " \
       "from identity_credential_identifiers ici, identity_credentials ic " \
-      "where ici.identity_credential_id=ic.id and ic.config like '%hashed_password%' " \
+      "where ici.identity_credential_id=ic.id and instr(ic.config, 'hashed_password') " \
       "order by ici.identifier;" | \
       sqlite3 "$databasePath" \
       >> "$rolesTmpFile"

From 5298cb8cfb2fb3c87e4ac30e4e4f77adee1e032f Mon Sep 17 00:00:00 2001
From: Jason Ertel <jason.ertel@securityonionsolutions.com>
Date: Mon, 21 Jun 2021 07:06:49 -0400
Subject: [PATCH 2/2] Update copyrights

---
 salt/common/tools/sbin/so-elasticsearch-templates-load | 2 +-
 salt/common/tools/sbin/so-filebeat-module-setup        | 2 +-
 salt/elasticsearch/files/scripts/so-catrust            | 2 +-
 salt/elasticsearch/files/so-elasticsearch-pipelines    | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/salt/common/tools/sbin/so-elasticsearch-templates-load b/salt/common/tools/sbin/so-elasticsearch-templates-load
index fbb9e4e3a..c416a3ce2 100755
--- a/salt/common/tools/sbin/so-elasticsearch-templates-load
+++ b/salt/common/tools/sbin/so-elasticsearch-templates-load
@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright 2014,2015,2016,2017,2018,2019 Security Onion Solutions, LLC
+# Copyright 2014,2015,2016,2017,2018,2019,2020,2021 Security Onion Solutions, LLC
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
diff --git a/salt/common/tools/sbin/so-filebeat-module-setup b/salt/common/tools/sbin/so-filebeat-module-setup
index 4f9811ca7..ef35a9b17 100755
--- a/salt/common/tools/sbin/so-filebeat-module-setup
+++ b/salt/common/tools/sbin/so-filebeat-module-setup
@@ -2,7 +2,7 @@
 {%- set MYIP = salt['grains.get']('ip_interfaces:' ~ mainint)[0] %}
 
 #!/bin/bash
-# Copyright 2014,2015,2016,2017,2018,2019 Security Onion Solutions, LLC
+# Copyright 2014,2015,2016,2017,2018,2019,2020,2021 Security Onion Solutions, LLC
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
diff --git a/salt/elasticsearch/files/scripts/so-catrust b/salt/elasticsearch/files/scripts/so-catrust
index d49a29ce4..c157d9691 100644
--- a/salt/elasticsearch/files/scripts/so-catrust
+++ b/salt/elasticsearch/files/scripts/so-catrust
@@ -1,6 +1,6 @@
 #!/bin/bash
 #
-# Copyright 2014,2015,2016,2017,2018,2019 Security Onion Solutions, LLC
+# Copyright 2014,2015,2016,2017,2018,2019,2020,2021 Security Onion Solutions, LLC
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
diff --git a/salt/elasticsearch/files/so-elasticsearch-pipelines b/salt/elasticsearch/files/so-elasticsearch-pipelines
index 5d103963e..c1ff88397 100755
--- a/salt/elasticsearch/files/so-elasticsearch-pipelines
+++ b/salt/elasticsearch/files/so-elasticsearch-pipelines
@@ -1,6 +1,6 @@
 #!/bin/bash
 #
-# Copyright 2014,2015,2016,2017,2018,2019 Security Onion Solutions, LLC
+# Copyright 2014,2015,2016,2017,2018,2019,2020,2021 Security Onion Solutions, LLC
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by