From 0fc03baf584859e18f041935d03442d7b017dcd4 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Tue, 20 Jun 2023 13:41:10 -0400 Subject: [PATCH 01/14] Desktop Packages --- salt/{workstation => desktop}/init.sls | 0 salt/desktop/packages.sls | 336 +++++++++++++++++++ salt/{workstation => desktop}/remove_gui.sls | 0 salt/{workstation => desktop}/trusted-ca.sls | 0 salt/{workstation => desktop}/xwindows.sls | 7 +- salt/workstation/packages.sls | 62 ---- setup/so-functions | 4 +- 7 files changed, 341 insertions(+), 68 deletions(-) rename salt/{workstation => desktop}/init.sls (100%) create mode 100644 salt/desktop/packages.sls rename salt/{workstation => desktop}/remove_gui.sls (100%) rename salt/{workstation => desktop}/trusted-ca.sls (100%) rename salt/{workstation => desktop}/xwindows.sls (83%) delete mode 100644 salt/workstation/packages.sls diff --git a/salt/workstation/init.sls b/salt/desktop/init.sls similarity index 100% rename from salt/workstation/init.sls rename to salt/desktop/init.sls diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls new file mode 100644 index 000000000..f02a005c6 --- /dev/null +++ b/salt/desktop/packages.sls @@ -0,0 +1,336 @@ +{% from 'vars/globals.map.jinja' import GLOBALS %} + +{# we only want this state to run it is CentOS #} +{% if GLOBALS.os == 'Rocky' %} + + +workstation_packages: + pkg.installed: + - pkgs: + - audit + - basesystem + - bash + - coreutils + - cronie + - crypto-policies + - crypto-policies-scripts + - curl + - dnf + - e2fsprogs + - filesystem + - firewalld + - glibc + - git + - grubby + - hostname + - iproute + - iproute-tc + - iputils + - irqbalance + - kbd + - kexec-tools + - less + - logrotate + - man-db + - ncurses + - openssh-clients + - openssh-server + - p11-kit + - parted + - passwd + - policycoreutils + - procps-ng + - rootfiles + - rpm + - rpm-plugin-audit + - rsyslog + - selinux-policy-targeted + - setup + - shadow-utils + - sssd-common + - sssd-kcm + - sudo + - systemd + - util-linux + - vim-minimal + - xfsprogs + - yum + - NetworkManager + - NetworkManager-team + - NetworkManager-tui + - authselect + - dnf-plugins-core + - dracut-config-rescue + - initscripts-rename-device + - iwl100-firmware + - iwl1000-firmware + - iwl105-firmware + - iwl135-firmware + - iwl2000-firmware + - iwl2030-firmware + - iwl3160-firmware + - iwl5000-firmware + - iwl5150-firmware + - iwl6000g2a-firmware + - iwl6050-firmware + - iwl7260-firmware + - kernel-tools + - libsysfs + - linux-firmware + - lshw + - lsscsi + - microcode_ctl + - prefixdevname + - python3-libselinux + - sg3_utils + - sg3_utils-libs + - ppp + - abattis-cantarell-fonts + - dejavu-sans-fonts + - dejavu-sans-mono-fonts + - dejavu-serif-fonts + - google-noto-emoji-color-fonts + - google-noto-sans-cjk-ttc-fonts + - google-noto-sans-gurmukhi-fonts + - google-noto-sans-sinhala-vf-fonts + - google-noto-serif-cjk-ttc-fonts + - jomolhari-fonts + - julietaula-montserrat-fonts + - khmer-os-system-fonts + - liberation-mono-fonts + - liberation-sans-fonts + - liberation-serif-fonts + - lohit-assamese-fonts + - lohit-bengali-fonts + - lohit-devanagari-fonts + - lohit-gujarati-fonts + - lohit-kannada-fonts + - lohit-odia-fonts + - lohit-tamil-fonts + - lohit-telugu-fonts + - paktype-naskh-basic-fonts + - pt-sans-fonts + - sil-abyssinica-fonts + - sil-nuosu-fonts + - sil-padauk-fonts + - smc-meera-fonts + - stix-fonts + - thai-scalable-waree-fonts + - hyperv-daemons + - open-vm-tools-desktop + - qemu-guest-agent + - spice-vdagent + - bolt + - iwl100-firmware + - iwl1000-firmware + - iwl105-firmware + - iwl135-firmware + - iwl2000-firmware + - iwl2030-firmware + - iwl3160-firmware + - iwl5000-firmware + - iwl5150-firmware + - iwl6000g2a-firmware + - iwl6000g2b-firmware + - iwl6050-firmware + - iwl7260-firmware + - libertas-sd8787-firmware + - netronome-firmware + - usb_modeswitch + - ibus-anthy + - ibus-hangul + - ibus-libpinyin + - ibus-libzhuyin + - ibus-m17n + - ibus-typing-booster + - PackageKit-gstreamer-plugin + - alsa-ucm + - alsa-utils + - gstreamer1-plugins-bad-free + - gstreamer1-plugins-good + - gstreamer1-plugins-ugly-free + - pipewire + - pipewire-alsa + - pipewire-gstreamer + - pipewire-jack-audio-connection-kit + - pipewire-pulseaudio + - pipewire-utils + - acl + - at + - attr + - bc + - cpio + - crontabs + - cyrus-sasl-plain + - dbus + - ed + - file + - irqbalance + - kpatch + - kpatch-dnf + - logrotate + - lsof + - mcelog + - microcode_ctl + - net-tools + - pciutils + - psacct + - quota + - rocky-release + - rsyslog-gnutls + - rsyslog-gssapi + - rsyslog-relp + - sudo + - symlinks + - systemd-udev + - tar + - tree + - tuned + - util-linux-user + - bash-completion + - blktrace + - bluez + - bpftool + - bzip2 + - chrony + - cockpit + - cryptsetup + - dos2unix + - dosfstools + - ethtool + - fprintd-pam + - gnupg2 + - iprutils + - kmod-kvdo + - ledmon + - libstoragemgmt + - lvm2 + - mailcap + - man-pages + - mdadm + - mlocate + - mtr + - nano + - nmap-ncat + - nvme-cli + - pinfo + - plymouth + - realmd + - rsync + - smartmontools + - sos + - sssd + - strace + - tcpdump + - teamd + - time + - unzip + - usbutils + - vdo + - vim-enhanced + - virt-what + - wget + - which + - words + - xfsdump + - zip + - NetworkManager-adsl + - NetworkManager-bluetooth + - NetworkManager-l2tp-gnome + - NetworkManager-libreswan-gnome + - NetworkManager-openconnect-gnome + - NetworkManager-openvpn-gnome + - NetworkManager-ppp + - NetworkManager-pptp-gnome + - NetworkManager-wifi + - NetworkManager-wwan + - aajohan-comfortaa-fonts + - anaconda + - anaconda-install-env-deps + - anaconda-live + - chkconfig + - cinnamon + - cinnamon-control-center + - cinnamon-screensaver + - dracut-live + - efi-filesystem + - efibootmgr + - efivar-libs + - eom + - f36-backgrounds-extras-gnome + - f36-backgrounds-gnome + - f37-backgrounds-extras-gnome + - f37-backgrounds-gnome + - firewall-config + - glibc-all-langpacks + - gnome-calculator + - gnome-disk-utility + - gnome-screenshot + - gnome-system-monitor + - gnome-terminal + - grub2-common + - grub2-efi-*64 + - grub2-efi-*64-cdboot + - grub2-pc-modules + - grub2-tools + - grub2-tools-efi + - grub2-tools-extra + - grub2-tools-minimal + - grubby + - gstreamer1-plugins-ugly-free + - gvfs-gphoto2 + - gvfs-mtp + - gvfs-smb + - imsettings-systemd + - initial-setup-gui + - initscripts + - kernel + - kernel-modules + - kernel-modules-extra + - lightdm + - memtest86+ + - metacity + - nemo-fileroller + - nemo-image-converter + - nemo-preview + - nm-connection-editor + - parole + - pipewire-alsa + - pipewire-pulseaudio + - powerline + - redshift-gtk + - rocky-backgrounds + - salt-minion + - sane-backends-drivers-scanners + - setroubleshoot + - shim-*64 + - slick-greeter + - slick-greeter-cinnamon + - syslinux + - tmux + - tmux-powerline + - transmission + - vim-enhanced + - vim-powerline + - wireplumber + - xdg-user-dirs-gtk + - xed + - xreader + +desktop_remove: + pkg.absent: + pkgs: + - hplip + - isdn4k-utils + - mpage + - shim-unsigned-*64 + - xane-gimp + - xsane + +{% else %} + +workstation_packages_os_fail: + test.fail_without_changes: + - comment: 'SO Analyst Workstation can only be installed on Rocky' + +{% endif %} diff --git a/salt/workstation/remove_gui.sls b/salt/desktop/remove_gui.sls similarity index 100% rename from salt/workstation/remove_gui.sls rename to salt/desktop/remove_gui.sls diff --git a/salt/workstation/trusted-ca.sls b/salt/desktop/trusted-ca.sls similarity index 100% rename from salt/workstation/trusted-ca.sls rename to salt/desktop/trusted-ca.sls diff --git a/salt/workstation/xwindows.sls b/salt/desktop/xwindows.sls similarity index 83% rename from salt/workstation/xwindows.sls rename to salt/desktop/xwindows.sls index d8fb53976..15e0a0a45 100644 --- a/salt/workstation/xwindows.sls +++ b/salt/desktop/xwindows.sls @@ -4,7 +4,7 @@ {% if GLOBALS.os == 'Rocky' %} include: - - workstation.packages + - desktop.packages graphical_target: file.symlink: @@ -12,13 +12,12 @@ graphical_target: - target: /lib/systemd/system/graphical.target - force: True - require: - - pkg: X Window System - - pkg: graphical_extras + - pkg: cinnamon {% else %} workstation_xwindows_os_fail: test.fail_without_changes: - - comment: 'SO Analyst Workstation can only be installed on CentOS' + - comment: 'SO Analyst Workstation can only be installed on Rocky' {% endif %} diff --git a/salt/workstation/packages.sls b/salt/workstation/packages.sls deleted file mode 100644 index 6b9b9c689..000000000 --- a/salt/workstation/packages.sls +++ /dev/null @@ -1,62 +0,0 @@ -{% from 'vars/globals.map.jinja' import GLOBALS %} - -{# we only want this state to run it is CentOS #} -{% if GLOBALS.os == 'Rocky' %} - -xwindows_group: - pkg.group_installed: - - name: X Window System - -graphical_extras: - pkg.installed: - - pkgs: - - gnome-classic-session - - gnome-terminal - - gnome-terminal-nautilus - - control-center - - liberation-mono-fonts - - file-roller - -workstation_packages: - pkg.installed: - - pkgs: - - wget - - curl - - unzip - - gedit - - mono-core - - mono-basic - - mono-winforms - - expect - - wireshark-gnome - - dsniff - - hping3 - - netsed - - ngrep - - python36-scapy - - ssldump - - tcpdump - - tcpflow - - whois - - chromium - - libevent - - sslsplit - - perl-IO-Compress - - perl-Net-DNS - - securityonion-networkminer - - securityonion-chaosreader - - securityonion-analyst-extras - - securityonion-bittwist - - securityonion-tcpstat - - securityonion-tcptrace - - securityonion-foremost - - securityonion-strelka-oneshot - - securityonion-strelka-fileshot - -{% else %} - -workstation_packages_os_fail: - test.fail_without_changes: - - comment: 'SO Analyst Workstation can only be installed on CentOS' - -{% endif %} diff --git a/setup/so-functions b/setup/so-functions index 2a69f0d36..bb49f46a0 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1996,8 +1996,8 @@ repo_sync_local() { info "Backing up old repos" mkdir -p /nsm/repo mkdir -p /opt/so/conf/reposync/cache - echo "https://repo.securityonion.net/file/so-repo/prod/2.4/rocky/9" > /opt/so/conf/reposync/mirror.txt - echo "https://so-repo-east.s3.us-east-005.backblazeb2.com/prod/2.4/rocky/9" >> /opt/so/conf/reposync/mirror.txt + echo "https://repo.securityonion.net/file/so-repo/prod/2.4/rocky/test" > /opt/so/conf/reposync/mirror.txt + echo "https://so-repo-east.s3.us-east-005.backblazeb2.com/prod/2.4/rocky/test" >> /opt/so/conf/reposync/mirror.txt echo "[main]" > /opt/so/conf/reposync/repodownload.conf echo "gpgcheck=1" >> /opt/so/conf/reposync/repodownload.conf echo "installonly_limit=3" >> /opt/so/conf/reposync/repodownload.conf From 6600484f8e26c8ba0538c6fadf275c9efd5330a6 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 21 Jun 2023 09:15:31 -0400 Subject: [PATCH 02/14] Update Docker --- salt/docker/init.sls | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/salt/docker/init.sls b/salt/docker/init.sls index 36530c9c3..5fa97c452 100644 --- a/salt/docker/init.sls +++ b/salt/docker/init.sls @@ -26,10 +26,10 @@ dockerheldpackages: dockerheldpackages: pkg.installed: - pkgs: - - containerd.io: 1.6.20-3.1.el9 - - docker-ce: 23.0.5-1.el9 - - docker-ce-cli: 23.0.5-1.el9 - - docker-ce-rootless-extras: 23.0.5-1.el9 + - containerd.io: 1.6.21-3.1.el9 + - docker-ce: 24.0.2-1.el9 + - docker-ce-cli: 24.0.2-1.el9 + - docker-ce-rootless-extras: 24.0.2-1.el9 - hold: True - update_holds: True {% endif %} From 3a41b090c10b6e9f4a8f8ea6d88048c34c7cea21 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 21 Jun 2023 11:42:51 -0400 Subject: [PATCH 03/14] Update paths --- setup/so-functions | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index bb49f46a0..2a69f0d36 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1996,8 +1996,8 @@ repo_sync_local() { info "Backing up old repos" mkdir -p /nsm/repo mkdir -p /opt/so/conf/reposync/cache - echo "https://repo.securityonion.net/file/so-repo/prod/2.4/rocky/test" > /opt/so/conf/reposync/mirror.txt - echo "https://so-repo-east.s3.us-east-005.backblazeb2.com/prod/2.4/rocky/test" >> /opt/so/conf/reposync/mirror.txt + echo "https://repo.securityonion.net/file/so-repo/prod/2.4/rocky/9" > /opt/so/conf/reposync/mirror.txt + echo "https://so-repo-east.s3.us-east-005.backblazeb2.com/prod/2.4/rocky/9" >> /opt/so/conf/reposync/mirror.txt echo "[main]" > /opt/so/conf/reposync/repodownload.conf echo "gpgcheck=1" >> /opt/so/conf/reposync/repodownload.conf echo "installonly_limit=3" >> /opt/so/conf/reposync/repodownload.conf From 90fdb9c465ee20625ca9b51ad3171dc5a6fbbebb Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 21 Jun 2023 11:47:22 -0400 Subject: [PATCH 04/14] Update paths --- salt/desktop/packages.sls | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index f02a005c6..ffca59043 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -318,14 +318,13 @@ workstation_packages: - xreader desktop_remove: - pkg.absent: - pkgs: - - hplip - - isdn4k-utils - - mpage - - shim-unsigned-*64 - - xane-gimp - - xsane + pkg.removed: + - hplip + - isdn4k-utils + - mpage + - shim-unsigned-*64 + - xane-gimp + - xsane {% else %} From 699ea1ac3eef9e78b813217f26e8c75b7b114c34 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 21 Jun 2023 11:48:37 -0400 Subject: [PATCH 05/14] Fix desktop package list --- salt/desktop/packages.sls | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index ffca59043..20f8dfef5 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -319,12 +319,13 @@ workstation_packages: desktop_remove: pkg.removed: - - hplip - - isdn4k-utils - - mpage - - shim-unsigned-*64 - - xane-gimp - - xsane + pkgs: + - hplip + - isdn4k-utils + - mpage + - shim-unsigned-*64 + - xane-gimp + - xsane {% else %} From 6676afc7de71ff1b1afffe8b5ef0364ae353bfe2 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 21 Jun 2023 12:19:48 -0400 Subject: [PATCH 06/14] Fix desktop package list --- salt/desktop/packages.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index 20f8dfef5..34461c260 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -4,7 +4,7 @@ {% if GLOBALS.os == 'Rocky' %} -workstation_packages: +desktop_packages: pkg.installed: - pkgs: - audit From 1751e35121c0cc4a221f7c2449164bfe24aa1657 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 21 Jun 2023 12:20:57 -0400 Subject: [PATCH 07/14] Fix desktop package list --- salt/desktop/packages.sls | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index 34461c260..67e8b62b0 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -319,13 +319,12 @@ desktop_packages: desktop_remove: pkg.removed: - pkgs: - - hplip - - isdn4k-utils - - mpage - - shim-unsigned-*64 - - xane-gimp - - xsane + - hplip + - isdn4k-utils + - mpage + - shim-unsigned-*64 + - xane-gimp + - xsane {% else %} From 8c9f8638083fbfe192384ed248f63a9bcfa82477 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 21 Jun 2023 12:22:03 -0400 Subject: [PATCH 08/14] Fix desktop package list --- salt/desktop/packages.sls | 9 --------- 1 file changed, 9 deletions(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index 67e8b62b0..6d0efdf0d 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -317,15 +317,6 @@ desktop_packages: - xed - xreader -desktop_remove: - pkg.removed: - - hplip - - isdn4k-utils - - mpage - - shim-unsigned-*64 - - xane-gimp - - xsane - {% else %} workstation_packages_os_fail: From f785fb2772238656ca4e3a3a4704399e15867916 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 21 Jun 2023 12:27:15 -0400 Subject: [PATCH 09/14] Fix desktop package list --- salt/desktop/packages.sls | 485 ++++++++++++++++++-------------------- 1 file changed, 232 insertions(+), 253 deletions(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index 6d0efdf0d..d02a19a0b 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -7,120 +7,128 @@ desktop_packages: pkg.installed: - pkgs: - - audit - - basesystem - - bash - - coreutils - - cronie - - crypto-policies - - crypto-policies-scripts - - curl - - dnf - - e2fsprogs - - filesystem - - firewalld - - glibc - - git - - grubby - - hostname - - iproute - - iproute-tc - - iputils - - irqbalance - - kbd - - kexec-tools - - less - - logrotate - - man-db - - ncurses - - openssh-clients - - openssh-server - - p11-kit - - parted - - passwd - - policycoreutils - - procps-ng - - rootfiles - - rpm - - rpm-plugin-audit - - rsyslog - - selinux-policy-targeted - - setup - - shadow-utils - - sssd-common - - sssd-kcm - - sudo - - systemd - - util-linux - - vim-minimal - - xfsprogs - - yum - NetworkManager + - NetworkManager-adsl + - NetworkManager-bluetooth + - NetworkManager-l2tp-gnome + - NetworkManager-libreswan-gnome + - NetworkManager-openconnect-gnome + - NetworkManager-openvpn-gnome + - NetworkManager-ppp + - NetworkManager-pptp-gnome - NetworkManager-team - NetworkManager-tui - - authselect - - dnf-plugins-core - - dracut-config-rescue - - initscripts-rename-device - - iwl100-firmware - - iwl1000-firmware - - iwl105-firmware - - iwl135-firmware - - iwl2000-firmware - - iwl2030-firmware - - iwl3160-firmware - - iwl5000-firmware - - iwl5150-firmware - - iwl6000g2a-firmware - - iwl6050-firmware - - iwl7260-firmware - - kernel-tools - - libsysfs - - linux-firmware - - lshw - - lsscsi - - microcode_ctl - - prefixdevname - - python3-libselinux - - sg3_utils - - sg3_utils-libs - - ppp + - NetworkManager-wifi + - NetworkManager-wwan + - PackageKit-gstreamer-plugin + - aajohan-comfortaa-fonts - abattis-cantarell-fonts + - acl + - alsa-ucm + - alsa-utils + - anaconda + - anaconda-install-env-deps + - anaconda-live + - at + - attr + - audit + - authselect + - basesystem + - bash + - bash-completion + - bc + - blktrace + - bluez + - bolt + - bpftool + - bzip2 + - chkconfig + - chrony + - cinnamon + - cinnamon-control-center + - cinnamon-screensaver + - cockpit + - coreutils + - cpio + - cronie + - crontabs + - crypto-policies + - crypto-policies-scripts + - cryptsetup + - curl + - cyrus-sasl-plain + - dbus - dejavu-sans-fonts - dejavu-sans-mono-fonts - dejavu-serif-fonts + - dnf + - dnf-plugins-core + - dos2unix + - dosfstools + - dracut-config-rescue + - dracut-live + - e2fsprogs + - ed + - efi-filesystem + - efibootmgr + - efivar-libs + - eom + - ethtool + - f36-backgrounds-extras-gnome + - f36-backgrounds-gnome + - f37-backgrounds-extras-gnome + - f37-backgrounds-gnome + - file + - filesystem + - firewall-config + - firewalld + - fprintd-pam + - git + - glibc + - glibc-all-langpacks + - gnome-calculator + - gnome-disk-utility + - gnome-screenshot + - gnome-system-monitor + - gnome-terminal + - gnupg2 - google-noto-emoji-color-fonts - google-noto-sans-cjk-ttc-fonts - google-noto-sans-gurmukhi-fonts - google-noto-sans-sinhala-vf-fonts - google-noto-serif-cjk-ttc-fonts - - jomolhari-fonts - - julietaula-montserrat-fonts - - khmer-os-system-fonts - - liberation-mono-fonts - - liberation-sans-fonts - - liberation-serif-fonts - - lohit-assamese-fonts - - lohit-bengali-fonts - - lohit-devanagari-fonts - - lohit-gujarati-fonts - - lohit-kannada-fonts - - lohit-odia-fonts - - lohit-tamil-fonts - - lohit-telugu-fonts - - paktype-naskh-basic-fonts - - pt-sans-fonts - - sil-abyssinica-fonts - - sil-nuosu-fonts - - sil-padauk-fonts - - smc-meera-fonts - - stix-fonts - - thai-scalable-waree-fonts + - grub2-common + - grub2-efi-*64 + - grub2-efi-*64-cdboot + - grub2-pc-modules + - grub2-tools + - grub2-tools-efi + - grub2-tools-extra + - grub2-tools-minimal + - grubby + - gstreamer1-plugins-bad-free + - gstreamer1-plugins-good + - gstreamer1-plugins-ugly-free + - gvfs-gphoto2 + - gvfs-mtp + - gvfs-smb + - hostname - hyperv-daemons - - open-vm-tools-desktop - - qemu-guest-agent - - spice-vdagent - - bolt + - ibus-anthy + - ibus-hangul + - ibus-libpinyin + - ibus-libzhuyin + - ibus-m17n + - ibus-typing-booster + - imsettings-systemd + - initial-setup-gui + - initscripts + - initscripts-rename-device + - iproute + - iproute-tc + - iprutils + - iputils + - irqbalance - iwl100-firmware - iwl1000-firmware - iwl105-firmware @@ -134,188 +142,159 @@ desktop_packages: - iwl6000g2b-firmware - iwl6050-firmware - iwl7260-firmware + - jomolhari-fonts + - julietaula-montserrat-fonts + - kbd + - kernel + - kernel-modules + - kernel-modules-extra + - kernel-tools + - kexec-tools + - khmer-os-system-fonts + - kmod-kvdo + - kpatch + - kpatch-dnf + - ledmon + - less + - liberation-mono-fonts + - liberation-sans-fonts + - liberation-serif-fonts - libertas-sd8787-firmware + - libstoragemgmt + - libsysfs + - lightdm + - linux-firmware + - logrotate + - lohit-assamese-fonts + - lohit-bengali-fonts + - lohit-devanagari-fonts + - lohit-gujarati-fonts + - lohit-kannada-fonts + - lohit-odia-fonts + - lohit-tamil-fonts + - lohit-telugu-fonts + - lshw + - lsof + - lsscsi + - lvm2 + - mailcap + - man-db + - man-pages + - mcelog + - mdadm + - memtest86+ + - metacity + - microcode_ctl + - mlocate + - mtr + - nano + - ncurses + - nemo-fileroller + - nemo-image-converter + - nemo-preview + - net-tools - netronome-firmware - - usb_modeswitch - - ibus-anthy - - ibus-hangul - - ibus-libpinyin - - ibus-libzhuyin - - ibus-m17n - - ibus-typing-booster - - PackageKit-gstreamer-plugin - - alsa-ucm - - alsa-utils - - gstreamer1-plugins-bad-free - - gstreamer1-plugins-good - - gstreamer1-plugins-ugly-free + - nm-connection-editor + - nmap-ncat + - nvme-cli + - open-vm-tools-desktop + - openssh-clients + - openssh-server + - p11-kit + - paktype-naskh-basic-fonts + - parole + - parted + - passwd + - pciutils + - pinfo - pipewire - pipewire-alsa - pipewire-gstreamer - pipewire-jack-audio-connection-kit - pipewire-pulseaudio - pipewire-utils - - acl - - at - - attr - - bc - - cpio - - crontabs - - cyrus-sasl-plain - - dbus - - ed - - file - - irqbalance - - kpatch - - kpatch-dnf - - logrotate - - lsof - - mcelog - - microcode_ctl - - net-tools - - pciutils + - plymouth + - policycoreutils + - powerline + - ppp + - prefixdevname + - procps-ng - psacct + - pt-sans-fonts + - python3-libselinux + - qemu-guest-agent - quota + - realmd + - redshift-gtk + - rocky-backgrounds - rocky-release + - rootfiles + - rpm + - rpm-plugin-audit + - rsync + - rsyslog - rsyslog-gnutls - rsyslog-gssapi - rsyslog-relp - - sudo - - symlinks - - systemd-udev - - tar - - tree - - tuned - - util-linux-user - - bash-completion - - blktrace - - bluez - - bpftool - - bzip2 - - chrony - - cockpit - - cryptsetup - - dos2unix - - dosfstools - - ethtool - - fprintd-pam - - gnupg2 - - iprutils - - kmod-kvdo - - ledmon - - libstoragemgmt - - lvm2 - - mailcap - - man-pages - - mdadm - - mlocate - - mtr - - nano - - nmap-ncat - - nvme-cli - - pinfo - - plymouth - - realmd - - rsync - - smartmontools - - sos - - sssd - - strace - - tcpdump - - teamd - - time - - unzip - - usbutils - - vdo - - vim-enhanced - - virt-what - - wget - - which - - words - - xfsdump - - zip - - NetworkManager-adsl - - NetworkManager-bluetooth - - NetworkManager-l2tp-gnome - - NetworkManager-libreswan-gnome - - NetworkManager-openconnect-gnome - - NetworkManager-openvpn-gnome - - NetworkManager-ppp - - NetworkManager-pptp-gnome - - NetworkManager-wifi - - NetworkManager-wwan - - aajohan-comfortaa-fonts - - anaconda - - anaconda-install-env-deps - - anaconda-live - - chkconfig - - cinnamon - - cinnamon-control-center - - cinnamon-screensaver - - dracut-live - - efi-filesystem - - efibootmgr - - efivar-libs - - eom - - f36-backgrounds-extras-gnome - - f36-backgrounds-gnome - - f37-backgrounds-extras-gnome - - f37-backgrounds-gnome - - firewall-config - - glibc-all-langpacks - - gnome-calculator - - gnome-disk-utility - - gnome-screenshot - - gnome-system-monitor - - gnome-terminal - - grub2-common - - grub2-efi-*64 - - grub2-efi-*64-cdboot - - grub2-pc-modules - - grub2-tools - - grub2-tools-efi - - grub2-tools-extra - - grub2-tools-minimal - - grubby - - gstreamer1-plugins-ugly-free - - gvfs-gphoto2 - - gvfs-mtp - - gvfs-smb - - imsettings-systemd - - initial-setup-gui - - initscripts - - kernel - - kernel-modules - - kernel-modules-extra - - lightdm - - memtest86+ - - metacity - - nemo-fileroller - - nemo-image-converter - - nemo-preview - - nm-connection-editor - - parole - - pipewire-alsa - - pipewire-pulseaudio - - powerline - - redshift-gtk - - rocky-backgrounds - salt-minion - sane-backends-drivers-scanners + - selinux-policy-targeted - setroubleshoot + - setup + - sg3_utils + - sg3_utils-libs + - shadow-utils - shim-*64 + - sil-abyssinica-fonts + - sil-nuosu-fonts + - sil-padauk-fonts - slick-greeter - slick-greeter-cinnamon + - smartmontools + - smc-meera-fonts + - sos + - spice-vdagent + - sssd + - sssd-common + - sssd-kcm + - stix-fonts + - strace + - sudo + - symlinks - syslinux + - systemd + - systemd-udev + - tar + - tcpdump + - teamd + - thai-scalable-waree-fonts + - time - tmux - tmux-powerline - transmission + - tree + - tuned + - unzip + - usb_modeswitch + - usbutils + - util-linux + - util-linux-user + - vdo - vim-enhanced + - vim-minimal - vim-powerline + - virt-what + - wget + - which - wireplumber + - words - xdg-user-dirs-gtk - xed + - xfsdump + - xfsprogs - xreader + - yum + - zip {% else %} From 4866eb23153106b16489b54294c1a195ba15b380 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 21 Jun 2023 12:52:42 -0400 Subject: [PATCH 10/14] Fix desktop package list --- salt/desktop/packages.sls | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index d02a19a0b..e3d21e928 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -98,8 +98,6 @@ desktop_packages: - google-noto-sans-sinhala-vf-fonts - google-noto-serif-cjk-ttc-fonts - grub2-common - - grub2-efi-*64 - - grub2-efi-*64-cdboot - grub2-pc-modules - grub2-tools - grub2-tools-efi @@ -244,7 +242,6 @@ desktop_packages: - sg3_utils - sg3_utils-libs - shadow-utils - - shim-*64 - sil-abyssinica-fonts - sil-nuosu-fonts - sil-padauk-fonts @@ -296,6 +293,14 @@ desktop_packages: - yum - zip +desktop_remove: + pkg.removed: + - hplip + - isdn4k-utils + - mpage + - shim-unsigned-*64 + - xane-gimp + - xsane {% else %} workstation_packages_os_fail: From 2aa01280e73421562bd6836d173038caa0b62c11 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 21 Jun 2023 13:34:47 -0400 Subject: [PATCH 11/14] Fix desktop package list --- salt/desktop/packages.sls | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index e3d21e928..2a849e0f5 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -295,12 +295,12 @@ desktop_packages: desktop_remove: pkg.removed: - - hplip - - isdn4k-utils - - mpage - - shim-unsigned-*64 - - xane-gimp - - xsane + pkgs: + - hplip + - isdn4k-utils + - mpage + - xane-gimp + - xsane {% else %} workstation_packages_os_fail: From 9240c3c6f0d5640efa69315b6e854caffeb85c15 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 21 Jun 2023 13:42:51 -0400 Subject: [PATCH 12/14] Fix desktop package list --- salt/desktop/packages.sls | 8 -------- 1 file changed, 8 deletions(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index 2a849e0f5..255dd684a 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -293,14 +293,6 @@ desktop_packages: - yum - zip -desktop_remove: - pkg.removed: - pkgs: - - hplip - - isdn4k-utils - - mpage - - xane-gimp - - xsane {% else %} workstation_packages_os_fail: From c13c37f40684922a26cb3ee55ccb9e2f4ffc5fe5 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 21 Jun 2023 13:49:01 -0400 Subject: [PATCH 13/14] Fix desktop state --- salt/desktop/init.sls | 4 ++-- salt/desktop/packages.sls | 2 +- salt/desktop/remove_gui.sls | 4 ++-- salt/desktop/trusted-ca.sls | 2 +- salt/desktop/xwindows.sls | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/salt/desktop/init.sls b/salt/desktop/init.sls index e270c0430..217a4777d 100644 --- a/salt/desktop/init.sls +++ b/salt/desktop/init.sls @@ -1,7 +1,7 @@ include: - - workstation.xwindows + - desktop.xwindows {# If the master is 'salt' then the minion hasn't been configured and isn't connected to the grid. #} {# We need this since the trusted-ca state uses mine data. #} {% if grains.master != 'salt' %} - - workstation.trusted-ca + - desktop.trusted-ca {% endif %} diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index 255dd684a..9c3e8ccd2 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -295,7 +295,7 @@ desktop_packages: {% else %} -workstation_packages_os_fail: +desktop_packages_os_fail: test.fail_without_changes: - comment: 'SO Analyst Workstation can only be installed on Rocky' diff --git a/salt/desktop/remove_gui.sls b/salt/desktop/remove_gui.sls index 363b8c433..e66700f11 100644 --- a/salt/desktop/remove_gui.sls +++ b/salt/desktop/remove_gui.sls @@ -10,8 +10,8 @@ remove_graphical_target: - force: True {% else %} -workstation_trusted-ca_os_fail: +desktop_trusted-ca_os_fail: test.fail_without_changes: - - comment: 'SO Analyst Workstation can only be installed on CentOS' + - comment: 'SO Desktop can only be installed on Rocky' {% endif %} diff --git a/salt/desktop/trusted-ca.sls b/salt/desktop/trusted-ca.sls index a8d48c046..0045f9cd2 100644 --- a/salt/desktop/trusted-ca.sls +++ b/salt/desktop/trusted-ca.sls @@ -29,7 +29,7 @@ update_ca_certs: {% else %} -workstation_trusted-ca_os_fail: +desktop_trusted-ca_os_fail: test.fail_without_changes: - comment: 'SO Analyst Workstation can only be installed on CentOS' diff --git a/salt/desktop/xwindows.sls b/salt/desktop/xwindows.sls index 15e0a0a45..a15996112 100644 --- a/salt/desktop/xwindows.sls +++ b/salt/desktop/xwindows.sls @@ -16,7 +16,7 @@ graphical_target: {% else %} -workstation_xwindows_os_fail: +desktop_xwindows_os_fail: test.fail_without_changes: - comment: 'SO Analyst Workstation can only be installed on Rocky' From 3952c1a9b710dbbf49f20eea9417f41dea60bb7d Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 21 Jun 2023 13:52:10 -0400 Subject: [PATCH 14/14] Fix desktop state --- salt/desktop/xwindows.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/desktop/xwindows.sls b/salt/desktop/xwindows.sls index a15996112..75230c532 100644 --- a/salt/desktop/xwindows.sls +++ b/salt/desktop/xwindows.sls @@ -12,7 +12,7 @@ graphical_target: - target: /lib/systemd/system/graphical.target - force: True - require: - - pkg: cinnamon + - desktop_packages {% else %}