From 2e4e59bbe8434feccb54b75907837c048b38dc83 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Tue, 18 Jan 2022 09:42:06 -0500
Subject: [PATCH 1/4] Elastic 7.16.3

---
 salt/kibana/bin/so-kibana-config-load         | 2 +-
 salt/kibana/files/config_saved_objects.ndjson | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/salt/kibana/bin/so-kibana-config-load b/salt/kibana/bin/so-kibana-config-load
index 628d42305..610d33741 100644
--- a/salt/kibana/bin/so-kibana-config-load
+++ b/salt/kibana/bin/so-kibana-config-load
@@ -35,7 +35,7 @@ update() {
   wait_for_web_response "http://localhost:5601/app/kibana" "Elastic" 300 "{{ ELASTICCURL }}"  
   IFS=$'\r\n' GLOBIGNORE='*' command eval  'LINES=($(cat $1))'
   for i in "${LINES[@]}"; do
-    {{ ELASTICCURL }} -X PUT "localhost:5601/api/saved_objects/config/7.16.2" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d " $i "
+    {{ ELASTICCURL }} -X PUT "localhost:5601/api/saved_objects/config/7.16.3" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d " $i "
   done
 
 }
diff --git a/salt/kibana/files/config_saved_objects.ndjson b/salt/kibana/files/config_saved_objects.ndjson
index 001cdd7df..1712da48b 100644
--- a/salt/kibana/files/config_saved_objects.ndjson
+++ b/salt/kibana/files/config_saved_objects.ndjson
@@ -1 +1 @@
-{"attributes": {"buildNum": 39457,"defaultIndex": "2289a0c0-6970-11ea-a0cd-ffa0f6a1bc29","defaultRoute": "/app/dashboards#/view/a8411b30-6d03-11ea-b301-3d6c35840645","discover:sampleSize": 100,"theme:darkMode": true,"timepicker:timeDefaults": "{\n  \"from\": \"now-24h\",\n  \"to\": \"now\"\n}"},"coreMigrationVersion": "7.16.2","id": "7.16.2","migrationVersion": {"config": "7.13.0"},"references": [],"type": "config","updated_at": "2021-10-10T10:10:10.105Z","version": "WzI5NzUsMl0="}
+{"attributes": {"buildNum": 39457,"defaultIndex": "2289a0c0-6970-11ea-a0cd-ffa0f6a1bc29","defaultRoute": "/app/dashboards#/view/a8411b30-6d03-11ea-b301-3d6c35840645","discover:sampleSize": 100,"theme:darkMode": true,"timepicker:timeDefaults": "{\n  \"from\": \"now-24h\",\n  \"to\": \"now\"\n}"},"coreMigrationVersion": "7.16.3","id": "7.16.3","migrationVersion": {"config": "7.13.0"},"references": [],"type": "config","updated_at": "2021-10-10T10:10:10.105Z","version": "WzI5NzUsMl0="}

From c4babf22d6255ce953d2696c69238068741e9d97 Mon Sep 17 00:00:00 2001
From: Josh Brower <Josh@Defensivedepth.com>
Date: Tue, 18 Jan 2022 10:38:55 -0500
Subject: [PATCH 2/4] FleetDM - Disable Vuln Proc Feature

---
 salt/fleet/files/packs/osquery-config.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/salt/fleet/files/packs/osquery-config.conf b/salt/fleet/files/packs/osquery-config.conf
index 23307b391..04659f3de 100644
--- a/salt/fleet/files/packs/osquery-config.conf
+++ b/salt/fleet/files/packs/osquery-config.conf
@@ -30,5 +30,7 @@ spec:
         logger_tls_endpoint: /api/v1/osquery/log
         logger_tls_period: 10
         pack_delimiter: _
+  host_settings:
+    enable_software_inventory: false
   server_settings:
     enable_analytics: false
\ No newline at end of file

From c0c42c35749853682095696e413347b43d36d601 Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Tue, 18 Jan 2022 13:17:56 -0500
Subject: [PATCH 3/4] Install curl in preflight script to avoid error on Ubuntu

Also add check for already installed curl later in setup
---
 setup/so-functions | 4 +++-
 setup/so-preflight | 9 +++++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/setup/so-functions b/setup/so-functions
index 6bc7bed70..d2c200ad1 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -1156,7 +1156,9 @@ installer_prereq_packages() {
 				systemctl start NetworkManager
 			} >> "$setup_log" 2<&1
 		fi
-		retry 50 10 "apt-get -y install curl"  >> "$setup_log" 2>&1 || exit 1
+		if ! command -v curl > /dev/null 2>&1; then
+			retry 50 10 "apt-get -y install curl"  >> "$setup_log" 2>&1 || exit 1
+		fi
 	fi
 }
 
diff --git a/setup/so-preflight b/setup/so-preflight
index 3050c94cb..7719bc966 100755
--- a/setup/so-preflight
+++ b/setup/so-preflight
@@ -168,6 +168,14 @@ __check_url_arr() {
 	return $ret_code
 }
 
+preflight_prereqs() {
+	if [[ $OS == 'centos' ]]; then
+		: # no-op to match structure of other checks for $OS var
+	else
+		retry 50 10 "apt-get -y install curl" >> "$preflight_log" 2>&1 || exit 1
+	fi
+}
+
 main() {
 	local intro_str="Beginning pre-flight checks."
 	local success_str="Pre-flight checks completed successfully!"
@@ -183,6 +191,7 @@ main() {
 		echo "$intro_str" | tee "$preflight_log"
 	fi
 	check_default_repos &&\
+	preflight_prereqs &&\
 	check_new_repos &&\
 	check_misc_urls
 

From c10ab712d5411d8566aba622cacc7a652e614837 Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Wed, 19 Jan 2022 11:05:34 -0500
Subject: [PATCH 4/4] Fix height of node whiptail menu

---
 setup/so-whiptail | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/setup/so-whiptail b/setup/so-whiptail
index e23abdbb1..71a0c6647 100755
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -798,7 +798,7 @@ whiptail_install_type_dist_existing() {
 	Note: Heavy nodes (HEAVYNODE) are NOT recommended for most users.
 	EOM
 	
-	install_type=$(whiptail --title "$whiptail_title" --radiolist "$node_msg" 18 58 5 \
+	install_type=$(whiptail --title "$whiptail_title" --radiolist "$node_msg" 19 58 5 \
 		"SENSOR" "Create a forward only sensor " ON \
 		"SEARCHNODE" "Add a search node with parsing " OFF \
 		"FLEET" "Dedicated Fleet Osquery Node " OFF \