mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 17:22:49 +01:00
Make folder/file states explicit
Rather than using /nsm/zeek (max_depth: 1) create explicit states for /nsm/zeek/spool and /nsm/zeek/spool/state.db that set correct ownership
This commit is contained in:
William Wernert
@@ -90,11 +90,14 @@ zeekpolicysync:
|
|||||||
# Ensure the zeek spool tree (and state.db) ownership is correct
|
# Ensure the zeek spool tree (and state.db) ownership is correct
|
||||||
zeekspoolownership:
|
zeekspoolownership:
|
||||||
file.directory:
|
file.directory:
|
||||||
- name: /nsm/zeek
|
- name: /nsm/zeek/spool
|
||||||
- user: 937
|
- user: 937
|
||||||
- max_depth: 1
|
zeekstatedbownership:
|
||||||
- recurse:
|
file.managed:
|
||||||
- user
|
- name: /nsm/zeek/spool/state.db
|
||||||
|
- user: 937
|
||||||
|
- replace: False
|
||||||
|
- create: False
|
||||||
|
|
||||||
# Sync Intel
|
# Sync Intel
|
||||||
zeekintelloadsync:
|
zeekintelloadsync:
|
||||||
@@ -247,4 +250,4 @@ delete_so-zeek_so-status.disabled:
|
|||||||
test.fail_without_changes:
|
test.fail_without_changes:
|
||||||
- name: {{sls}}_state_not_allowed
|
- name: {{sls}}_state_not_allowed
|
||||||
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|||||||
Reference in New Issue
Block a user