CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7772 from Security-Onion-Solutions/awlocal

Browse Source
This commit is contained in:
Mike Reeves
2022-04-12 15:45:56 -04:00
committed by GitHub
parent dbddff7be7 2977604d96
commit ecc29b586d
5 changed files with 52 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
salt/common/tools/sbin/so-saltstack-update
View File

@@ -32,11 +32,17 @@ copy_new_files() {
# Copy new files over to the salt dir # Copy new files over to the salt dir
cd /tmp/sogh/securityonion cd /tmp/sogh/securityonion
git checkout $BRANCH git checkout $BRANCH
VERSION=$(cat VERSION)
# We need to overwrite if there is a repo file
if [ -d /opt/so/repo ]; then
tar -czf /opt/so/repo/"$VERSION".tar.gz -C "$(pwd)/.." .
fi
rsync -a salt $default_salt_dir/ rsync -a salt $default_salt_dir/
rsync -a pillar $default_salt_dir/ rsync -a pillar $default_salt_dir/
chown -R socore:socore $default_salt_dir/salt chown -R socore:socore $default_salt_dir/salt
chown -R socore:socore $default_salt_dir/pillar chown -R socore:socore $default_salt_dir/pillar
chmod 755 $default_salt_dir/pillar/firewall/addfirewall.sh chmod 755 $default_salt_dir/pillar/firewall/addfirewall.sh
rm -rf /tmp/sogh rm -rf /tmp/sogh
} }

19
salt/common/tools/sbin/soup
View File

@@ -422,6 +422,7 @@ preupgrade_changes() {
[[ "$INSTALLEDVERSION" == 2.3.80 ]] && up_to_2.3.90 [[ "$INSTALLEDVERSION" == 2.3.80 ]] && up_to_2.3.90
[[ "$INSTALLEDVERSION" == 2.3.90 || "$INSTALLEDVERSION" == 2.3.91 ]] && up_to_2.3.100 [[ "$INSTALLEDVERSION" == 2.3.90 || "$INSTALLEDVERSION" == 2.3.91 ]] && up_to_2.3.100
[[ "$INSTALLEDVERSION" == 2.3.100 ]] && up_to_2.3.110 [[ "$INSTALLEDVERSION" == 2.3.100 ]] && up_to_2.3.110
[[ "$INSTALLEDVERISON" == 2.3.110 ]] && up_to_2.3.120
true true
} }
@@ -435,6 +436,8 @@ postupgrade_changes() {
[[ "$POSTVERSION" == 2.3.60 || "$POSTVERSION" == 2.3.61 || "$POSTVERSION" == 2.3.70 || "$POSTVERSION" == 2.3.80 ]] && post_to_2.3.90 [[ "$POSTVERSION" == 2.3.60 || "$POSTVERSION" == 2.3.61 || "$POSTVERSION" == 2.3.70 || "$POSTVERSION" == 2.3.80 ]] && post_to_2.3.90
[[ "$POSTVERSION" == 2.3.90 || "$POSTVERSION" == 2.3.91 ]] && post_to_2.3.100 [[ "$POSTVERSION" == 2.3.90 || "$POSTVERSION" == 2.3.91 ]] && post_to_2.3.100
[[ "$POSTVERSION" == 2.3.100 ]] && post_to_2.3.110 [[ "$POSTVERSION" == 2.3.100 ]] && post_to_2.3.110
[[ "$POSTVERSION" == 2.3.110 ]] && post_to_2.3.120
true true
} }
@@ -498,6 +501,13 @@ post_to_2.3.110() {
POSTVERSION=2.3.110 POSTVERSION=2.3.110
} }
post_to_2.3.120() {
echo "Post Processing for 2.3.120"
POSTVERSION=2.3.120
}
stop_salt_master() { stop_salt_master() {
# kill all salt jobs across the grid because the hang indefinitely if they are queued and salt-master restarts # kill all salt jobs across the grid because the hang indefinitely if they are queued and salt-master restarts
set +e set +e
@@ -749,11 +759,16 @@ up_to_2.3.100() {
} }
up_to_2.3.110() { up_to_2.3.110() {
echo "Updating to Security Onion 2.3.110"
echo "Updating shard settings for Elasticsearch index templates"
sed -i 's|shards|index_template:\n template:\n settings:\n index:\n number_of_shards|g' /opt/so/saltstack/local/pillar/global.sls sed -i 's|shards|index_template:\n template:\n settings:\n index:\n number_of_shards|g' /opt/so/saltstack/local/pillar/global.sls
} }
up_to_2.3.120() {
# Stop thehive services since these will be broken in .120
so-thehive-stop
so-thehive-es-stop
so-cortex-stop
}
verify_upgradespace() { verify_upgradespace() {
CURRENTSPACE=$(df -BG / | grep -v Avail | awk '{print $4}' | sed 's/.$//') CURRENTSPACE=$(df -BG / | grep -v Avail | awk '{print $4}' | sed 's/.$//')
if [ "$CURRENTSPACE" -lt "10" ]; then if [ "$CURRENTSPACE" -lt "10" ]; then

15
setup/so-functions
View File

@@ -149,7 +149,14 @@ analyst_salt_local() {
logCmd "yum -y update --exclude=salt*" logCmd "yum -y update --exclude=salt*"
salt-call state.apply workstation --local --file-root=../salt/ -l info 2>&1 | tee -a outfile salt-call state.apply workstation --local --file-root=../salt/ -l info 2>&1 | tee -a outfile
echo "Whiptail to reboot here" read -r -d '' message <<- EOM
Finished Analyst workstation installation.
Press ENTER to reboot.
EOM
whiptail --title "$whiptail_title" --msgbox "$message" 12 75
reboot
exit 0 exit 0
} }
@@ -897,6 +904,8 @@ check_requirements() {
if [[ -n $nsm_mount ]]; then if [[ -n $nsm_mount ]]; then
if [[ "$standalone_or_dist" == 'import' ]]; then if [[ "$standalone_or_dist" == 'import' ]]; then
req_storage=50 req_storage=50
elif [[ "$node_type" == 'idh' ]]; then
req_storage=12
else else
req_storage=100 req_storage=100
fi fi
@@ -909,6 +918,8 @@ check_requirements() {
else else
if [[ "$standalone_or_dist" == 'import' ]]; then if [[ "$standalone_or_dist" == 'import' ]]; then
req_storage=50 req_storage=50
elif [[ "$node_type" == 'idh' ]]; then
req_storage=12
else else
req_storage=200 req_storage=200
fi fi
@@ -1508,7 +1519,7 @@ generate_passwords(){
} }
generate_repo_tarball() { generate_repo_tarball() {
mkdir /opt/so/repo mkdir -p /opt/so/repo
tar -czf /opt/so/repo/"$SOVERSION".tar.gz -C "$(pwd)/.." . tar -czf /opt/so/repo/"$SOVERSION".tar.gz -C "$(pwd)/.." .
} }

5
setup/so-setup
View File

@@ -1083,6 +1083,11 @@ echo "1" > /root/accept_changes
add_web_user >> $setup_log 2>&1 add_web_user >> $setup_log 2>&1
fi fi
if [[ $is_analyst ]]; then
# Remove access to the manager from the analyst workstation
rm -rf /root/.ssh/so.key*
fi
set_progress_str 90 'Enabling checkin at boot' set_progress_str 90 'Enabling checkin at boot'
checkin_at_boot >> $setup_log 2>&1 checkin_at_boot >> $setup_log 2>&1

6
setup/so-whiptail
View File

@@ -55,7 +55,7 @@ whiptail_analyst_nongrid_iso() {
read -r -d '' message <<- EOM read -r -d '' message <<- EOM
You have selected this Analyst workstation to be independant. You have selected this Analyst workstation to be independent.
Would you still like to have the graphical interface loaded at boot? Would you still like to have the graphical interface loaded at boot?
@@ -73,7 +73,7 @@ whiptail_analyst_nongrid_network() {
read -r -d '' message <<- EOM read -r -d '' message <<- EOM
You have selected this Analyst workstation to be independant. You have selected this Analyst workstation to be independent.
Would you still like to install and load the graphical interface? Would you still like to install and load the graphical interface?
@@ -630,6 +630,7 @@ whiptail_end_settings() {
__append_end_msg " Logstash Batch Size: $LSPIPELINEBATCH" __append_end_msg " Logstash Batch Size: $LSPIPELINEBATCH"
__append_end_msg " Logstash Input Threads: $LSINPUTTHREADS" __append_end_msg " Logstash Input Threads: $LSINPUTTHREADS"
else else
if [[ ! $is_analyst ]]; then
if [[ ! $is_receiver ]]; then if [[ ! $is_receiver ]]; then
__append_end_msg "Elasticsearch Heap Size: $NODE_ES_HEAP_SIZE" __append_end_msg "Elasticsearch Heap Size: $NODE_ES_HEAP_SIZE"
__append_end_msg "Elasticsearch Storage Space: ${log_size_limit}GB" __append_end_msg "Elasticsearch Storage Space: ${log_size_limit}GB"
@@ -639,6 +640,7 @@ whiptail_end_settings() {
__append_end_msg "Logstash Batch Size: $LSPIPELINEBATCH" __append_end_msg "Logstash Batch Size: $LSPIPELINEBATCH"
__append_end_msg "Logstash Input Threads: $LSINPUTTHREADS" __append_end_msg "Logstash Input Threads: $LSINPUTTHREADS"
fi fi
fi
# ADVANCED # ADVANCED