CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

add a list of reserved usernames for centos

Browse Source
This commit is contained in:
m0duspwnens
2021-06-23 15:21:19 -04:00
parent 322c2804fc
commit f6bd74aadf
2 changed files with 41 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
salt/users/init.sls
View File

@@ -3,7 +3,9 @@
# If a user is changed from present to absent, their usergroup will be removed, but any additional usergroups that were created # If a user is changed from present to absent, their usergroup will be removed, but any additional usergroups that were created
# for that user will remain. # for that user will remain.
{% for username, userdeets in pillar.get('users', {}).items() %} {% from 'users/map.jinja' import reserved_usernames with context %}
{% for username, userdeets in pillar.get('users', {}).items() if username not in reserved_usernames %}
{% if 'status' in userdeets %} {% if 'status' in userdeets %}
{% if userdeets.status == 'absent' %} {% if userdeets.status == 'absent' %}

38
salt/users/map.jinja Normal file
View File

@@ -0,0 +1,38 @@
{% set reserved_usernames = [
'root',
'bin',
'daemon',
'adm',
'lp',
'sync',
'shutdown',
'halt',
'mail',
'operator',
'games',
'ftp',
'nobody',
'systemd-network',
'dbus',
'polkitd',
'tss',
'sshd',
'ossec',
'postfix',
'chrony',
'ntp',
'tcpdump',
'socore',
'soremote',
'elasticsearch',
'stenographer',
'suricata',
'zeek',
'curator',
'kratos',
'kibana',
'elastalert',
'ossecm',
'ossecr',
'logstash'
] %}