CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7665 from Security-Onion-Solutions/workstation_state

Browse Source 
Workstation state
This commit is contained in:
Josh Patterson
2022-03-29 10:27:07 -04:00
committed by GitHub
parent 7f7eaf173b e3f3af52e1
commit f5095b273d
11 changed files with 110 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
pillar/top.sls
View File

@@ -131,3 +131,6 @@ base:
{% endif %} {% endif %}
- global - global
- minions.{{ grains.id }} - minions.{{ grains.id }}
'*_workstation':
- minions.{{ grains.id }}

2
salt/allowed_states.map.jinja
View File

@@ -217,6 +217,8 @@
'schedule', 'schedule',
'docker_clean' 'docker_clean'
], ],
'so-workstation': [
],
}, grain='role') %} }, grain='role') %}
{% if FILEBEAT and grains.role in ['so-helixsensor', 'so-eval', 'so-manager', 'so-standalone', 'so-node', 'so-managersearch', 'so-heavynode', 'so-import', 'so-receiver'] %} {% if FILEBEAT and grains.role in ['so-helixsensor', 'so-eval', 'so-manager', 'so-standalone', 'so-node', 'so-managersearch', 'so-heavynode', 'so-import', 'so-receiver'] %}

1
salt/common/tools/sbin/so-common
View File

@@ -367,6 +367,7 @@ run_check_net_err() {
exit $exit_code exit $exit_code
fi fi
} }
set_cron_service_name() { set_cron_service_name() {
if [[ "$OS" == "centos" ]]; then if [[ "$OS" == "centos" ]]; then
cron_service_name="crond" cron_service_name="crond"

2
salt/repo/client/init.sls
View File

@@ -43,7 +43,7 @@ repair_yumdb:
crsynckeys: crsynckeys:
file.recurse: file.recurse:
- name: /etc/pki/rpm_gpg - name: /etc/pki/rpm-gpg
- source: salt://repo/client/files/centos/keys/ - source: salt://repo/client/files/centos/keys/
{% if not ISAIRGAP %} {% if not ISAIRGAP %}

2
salt/salt/minion.sls
View File

@@ -66,7 +66,7 @@ set_log_levels:
salt_minion_service_unit_file: salt_minion_service_unit_file:
file.managed: file.managed:
- name: /etc/systemd/system/multi-user.target.wants/salt-minion.service - name: /usr/lib/systemd/system/salt-minion.service
- source: salt://salt/service/salt-minion.service.jinja - source: salt://salt/service/salt-minion.service.jinja
- template: jinja - template: jinja
- defaults: - defaults:

13
salt/top.sls
View File

@@ -35,12 +35,15 @@ base:
'* and G@saltversion:{{saltversion}}': '* and G@saltversion:{{saltversion}}':
- match: compound - match: compound
- salt.minion - salt.minion
- common
- patch.os.schedule - patch.os.schedule
- motd - motd
- salt.minion-check - salt.minion-check
- salt.lasthighstate - salt.lasthighstate
'not *_workstation and G@saltversion:{{saltversion}}':
- match: compound
- common
'*_helixsensor and G@saltversion:{{saltversion}}': '*_helixsensor and G@saltversion:{{saltversion}}':
- match: compound - match: compound
- salt.master - salt.master
@@ -507,3 +510,11 @@ base:
- docker_clean - docker_clean
- filebeat - filebeat
- idh - idh
'J@workstation:gui:enabled:^[Tt][Rr][Uu][Ee]$ and ( G@saltversion:{{saltversion}} and G@os:CentOS )':
- match: compound
- workstation
'J@workstation:gui:enabled:^[Ff][Aa][Ll][Ss][Ee]$ and ( G@saltversion:{{saltversion}} and G@os:CentOS )':
- match: compound
- workstation.remove_gui

3
salt/workstation/init.sls Normal file
View File

@@ -0,0 +1,3 @@
include:
- workstation.xwindows
- workstation.trusted-ca

47
salt/workstation/packages.sls Normal file
View File

@@ -0,0 +1,47 @@
xwindows_group:
pkg.group_installed:
- name: X Window System
graphical_extras:
pkg.installed:
- pkgs:
- gnome-classic-session
- gnome-terminal
- gnome-terminal-nautilus
- control-center
- liberation-mono-fonts
- file-roller
workstation_packages:
pkg.installed:
- pkgs:
- wget
- curl
- unzip
- gedit
- mono-core
- mono-basic
- mono-winforms
- expect
- securityonion-networkminer
- wireshark-gnome
- dsniff
- hping3
- netsed
- ngrep
- python36-scapy
- ssldump
- tcpdump
- tcpflow
- whois
- securityonion-foremost
- chromium
- securityonion-tcpstat
- securityonion-tcptrace
- libevent
- sslsplit
- securityonion-bittwist
- perl-IO-Compress
- perl-Net-DNS
- securityonion-chaosreader
- securityonion-analyst-extras

5
salt/workstation/remove_gui.sls Normal file
View File

@@ -0,0 +1,5 @@
remove_graphical_target:
file.symlink:
- name: /etc/systemd/system/default.target
- target: /lib/systemd/system/multi-user.target
- force: True

24
salt/workstation/trusted-ca.sls Normal file
View File

@@ -0,0 +1,24 @@
{% set global_ca_text = [] %}
{% set global_ca_server = [] %}
{% set manager = salt['grains.get']('master') %}
{% set x509dict = salt['mine.get'](manager | lower~'*', 'x509.get_pem_entries') %}
{% for host in x509dict %}
{% if host.split('_')|last in ['manager', 'managersearch', 'standalone', 'import'] %}
{% do global_ca_text.append(x509dict[host].get('/etc/pki/ca.crt')|replace('\n', '')) %}
{% do global_ca_server.append(host) %}
{% endif %}
{% endfor %}
{% set trusttheca_text = global_ca_text[0] %}
{% set ca_server = global_ca_server[0] %}
trusted_ca:
x509.pem_managed:
- name: /etc/pki/ca-trust/source/anchors/ca.crt
- text: {{ trusttheca_text }}
update_ca_certs:
cmd.run:
- name: update-ca-trust
- onchanges:
- x509: trusted_ca

11
salt/workstation/xwindows.sls Normal file
View File

@@ -0,0 +1,11 @@
include:
- workstation.packages
graphical_target:
file.symlink:
- name: /etc/systemd/system/default.target
- target: /lib/systemd/system/graphical.target
- force: True
- require:
- pkg: X Window System
- pkg: graphical_extras