diff --git a/salt/manager/tools/sbin/soup b/salt/manager/tools/sbin/soup index 5e3deff15..c592dffe4 100755 --- a/salt/manager/tools/sbin/soup +++ b/salt/manager/tools/sbin/soup @@ -19,6 +19,8 @@ SOUP_LOG=/root/soup.log WHATWOULDYOUSAYYAHDOHERE=soup whiptail_title='Security Onion UPdater' NOTIFYCUSTOMELASTICCONFIG=false +TOPFILE=/opt/so/saltstack/default/salt/top.sls +BACKUPTOPFILE=/opt/so/saltstack/default/salt/top.sls.backup # used to display messages to the user at the end of soup declare -a FINAL_MESSAGE_QUEUE=() @@ -32,10 +34,7 @@ check_err() { if [[ $exit_code -ne 0 ]]; then set +e - systemctl_func "start" "$cron_service_name" - systemctl_func "start" "salt-master" - systemctl_func "start" "salt-minion" - enable_highstate + failed_soup_restore_items printf '%s' "Soup failed with error $exit_code: " case $exit_code in @@ -347,8 +346,6 @@ highstate() { masterlock() { echo "Locking Salt Master" - TOPFILE=/opt/so/saltstack/default/salt/top.sls - BACKUPTOPFILE=/opt/so/saltstack/default/salt/top.sls.backup mv -v $TOPFILE $BACKUPTOPFILE echo "base:" > $TOPFILE echo " $MINIONID:" >> $TOPFILE @@ -358,8 +355,12 @@ masterlock() { } masterunlock() { - echo "Unlocking Salt Master" - mv -v $BACKUPTOPFILE $TOPFILE + if [ -f $BACKUPTOPFILE ]; then + echo "Unlocking Salt Master" + mv -v $BACKUPTOPFILE $TOPFILE + else + echo "Salt Master does not need unlocked." + fi } phases_pillar_2_4_80() { @@ -1091,6 +1092,16 @@ apply_hotfix() { fi } +failed_soup_restore_items() { + local services=("$cron_service_name" "salt-master" "salt-minion") + for SERVICE_NAME in "${services[@]}"; do + if ! systemctl is-active --quiet "$SERVICE_NAME"; then + systemctl_func "start" "$SERVICE_NAME" + fi + done + enable_highstate + masterunlock +} #upgrade salt to 3004.1 #2_3_10_hotfix_1() { @@ -1130,6 +1141,8 @@ main() { echo "" require_manager + failed_soup_restore_items + check_pillar_items echo "Checking to see if this is an airgap install."