CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9150 from Security-Onion-Solutions/kilo

Browse Source 
Increase retry count and pause to allow more time for Ubuntu updates
This commit is contained in:
Jason Ertel
2022-11-16 07:53:04 -05:00
committed by GitHub
parent b0e08ed749 02b00d2c87
commit fd34eb3c26
2 changed files with 23 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
setup/so-functions
View File

@@ -1190,17 +1190,17 @@ installer_prereq_packages() {
logCmd "systemctl start NetworkManager" logCmd "systemctl start NetworkManager"
elif [ "$OS" == ubuntu ]; then elif [ "$OS" == ubuntu ]; then
# Print message to stdout so the user knows setup is doing something # Print message to stdout so the user knows setup is doing something
retry 50 10 "apt-get update" "" "Err:" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get update" "" "Err:" >> "$setup_log" 2>&1 || exit 1
# Install network manager so we can do interface stuff # Install network manager so we can do interface stuff
if ! command -v nmcli > /dev/null 2>&1; then if ! command -v nmcli > /dev/null 2>&1; then
retry 50 10 "apt-get -y install network-manager" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get -y install network-manager" >> "$setup_log" 2>&1 || exit 1
{ {
systemctl enable NetworkManager systemctl enable NetworkManager
systemctl start NetworkManager systemctl start NetworkManager
} >> "$setup_log" 2<&1 } >> "$setup_log" 2<&1
fi fi
if ! command -v curl > /dev/null 2>&1; then if ! command -v curl > /dev/null 2>&1; then
retry 50 10 "apt-get -y install curl" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get -y install curl" >> "$setup_log" 2>&1 || exit 1
fi fi
fi fi
} }
@@ -1247,23 +1247,23 @@ docker_install() {
else else
case "$install_type" in case "$install_type" in
'MANAGER' | 'EVAL' | 'STANDALONE' | 'MANAGERSEARCH' | 'IMPORT') 'MANAGER' | 'EVAL' | 'STANDALONE' | 'MANAGERSEARCH' | 'IMPORT')
retry 50 10 "apt-get update" "" "Err:" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get update" "" "Err:" >> "$setup_log" 2>&1 || exit 1
;; ;;
*) *)
retry 50 10 "apt-key add $temp_install_dir/gpg/docker.pub" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-key add $temp_install_dir/gpg/docker.pub" >> "$setup_log" 2>&1 || exit 1
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" >> "$setup_log" 2>&1 add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" >> "$setup_log" 2>&1
retry 50 10 "apt-get update" "" "Err:" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get update" "" "Err:" >> "$setup_log" 2>&1 || exit 1
;; ;;
esac esac
if [ $OSVER == "bionic" ]; then if [ $OSVER == "bionic" ]; then
service docker stop service docker stop
apt -y purge docker-ce docker-ce-cli docker-ce-rootless-extras apt -y purge docker-ce docker-ce-cli docker-ce-rootless-extras
retry 50 10 "apt-get -y install --allow-downgrades docker-ce=5:20.10.5~3-0~ubuntu-bionic docker-ce-cli=5:20.10.5~3-0~ubuntu-bionic docker-ce-rootless-extras=5:20.10.5~3-0~ubuntu-bionic python3-docker" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get -y install --allow-downgrades docker-ce=5:20.10.5~3-0~ubuntu-bionic docker-ce-cli=5:20.10.5~3-0~ubuntu-bionic docker-ce-rootless-extras=5:20.10.5~3-0~ubuntu-bionic python3-docker" >> "$setup_log" 2>&1 || exit 1
apt-mark hold docker-ce docker-ce-cli docker-ce-rootless-extras apt-mark hold docker-ce docker-ce-cli docker-ce-rootless-extras
elif [ $OSVER == "focal" ]; then elif [ $OSVER == "focal" ]; then
service docker stop service docker stop
apt -y purge docker-ce docker-ce-cli docker-ce-rootless-extras apt -y purge docker-ce docker-ce-cli docker-ce-rootless-extras
retry 50 10 "apt-get -y install --allow-downgrades docker-ce=5:20.10.8~3-0~ubuntu-focal docker-ce-cli=5:20.10.8~3-0~ubuntu-focal docker-ce-rootless-extras=5:20.10.8~3-0~ubuntu-focal python3-docker" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get -y install --allow-downgrades docker-ce=5:20.10.8~3-0~ubuntu-focal docker-ce-cli=5:20.10.8~3-0~ubuntu-focal docker-ce-rootless-extras=5:20.10.8~3-0~ubuntu-focal python3-docker" >> "$setup_log" 2>&1 || exit 1
apt-mark hold docker-ce docker-ce-cli docker-ce-rootless-extras apt-mark hold docker-ce docker-ce-cli docker-ce-rootless-extras
fi fi
fi fi
@@ -2296,7 +2296,7 @@ saltify() {
logCmd "systemctl enable salt-minion" logCmd "systemctl enable salt-minion"
logCmd "yum versionlock salt*" logCmd "yum versionlock salt*"
else else
DEBIAN_FRONTEND=noninteractive retry 50 10 "apt-get -y -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\" upgrade" >> "$setup_log" 2>&1 || exit 1 DEBIAN_FRONTEND=noninteractive retry 150 20 "apt-get -y -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\" upgrade" >> "$setup_log" 2>&1 || exit 1
if [ $OSVER == "bionic" ]; then if [ $OSVER == "bionic" ]; then
# Switch to Python 3 as default for bionic # Switch to Python 3 as default for bionic
@@ -2316,7 +2316,7 @@ saltify() {
'netcat' 'netcat'
'jq' 'jq'
) )
retry 50 10 "apt-get -y install ${pkg_arr[*]}" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get -y install ${pkg_arr[*]}" >> "$setup_log" 2>&1 || exit 1
# Grab the version from the os-release file # Grab the version from the os-release file
local ubuntu_version local ubuntu_version
@@ -2324,7 +2324,7 @@ saltify() {
case "$install_type" in case "$install_type" in
'FLEET') 'FLEET')
retry 50 10 "apt-get -y install python3-mysqldb" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get -y install python3-mysqldb" >> "$setup_log" 2>&1 || exit 1
;; ;;
'MANAGER' | 'EVAL' | 'MANAGERSEARCH' | 'STANDALONE' | 'IMPORT' | 'HELIXSENSOR') 'MANAGER' | 'EVAL' | 'MANAGERSEARCH' | 'STANDALONE' | 'IMPORT' | 'HELIXSENSOR')
@@ -2347,12 +2347,12 @@ saltify() {
# Add repo # Add repo
echo "deb https://packages.wazuh.com/3.x/apt/ stable main" > /etc/apt/sources.list.d/wazuh.list 2>> "$setup_log" echo "deb https://packages.wazuh.com/3.x/apt/ stable main" > /etc/apt/sources.list.d/wazuh.list 2>> "$setup_log"
retry 50 10 "apt-get update" "" "Err:" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get update" "" "Err:" >> "$setup_log" 2>&1 || exit 1
set_progress_str 6 'Installing various dependencies' set_progress_str 6 'Installing various dependencies'
retry 50 10 "apt-get -y install sqlite3 libssl-dev" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get -y install sqlite3 libssl-dev" >> "$setup_log" 2>&1 || exit 1
set_progress_str 7 'Installing salt-master' set_progress_str 7 'Installing salt-master'
retry 50 10 "apt-get -y install salt-master=3004.2+ds-1" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get -y install salt-master=3004.2+ds-1" >> "$setup_log" 2>&1 || exit 1
retry 50 10 "apt-mark hold salt-master" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-mark hold salt-master" >> "$setup_log" 2>&1 || exit 1
;; ;;
*) *)
# Copy down the gpg keys and install them from the manager # Copy down the gpg keys and install them from the manager
@@ -2367,11 +2367,11 @@ saltify() {
;; ;;
esac esac
retry 50 10 "apt-get update" "" "Err:" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get update" "" "Err:" >> "$setup_log" 2>&1 || exit 1
set_progress_str 8 'Installing salt-minion & python modules' set_progress_str 8 'Installing salt-minion & python modules'
retry 50 10 "apt-get -y install salt-minion=3004.2+ds-1 salt-common=3004.2+ds-1" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get -y install salt-minion=3004.2+ds-1 salt-common=3004.2+ds-1" >> "$setup_log" 2>&1 || exit 1
retry 50 10 "apt-mark hold salt-minion salt-common" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-mark hold salt-minion salt-common" >> "$setup_log" 2>&1 || exit 1
retry 50 10 "apt-get -y install python3-pip python3-dateutil python3-m2crypto python3-mysqldb python3-packaging python3-influxdb python3-lxml" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get -y install python3-pip python3-dateutil python3-m2crypto python3-mysqldb python3-packaging python3-influxdb python3-lxml" >> "$setup_log" 2>&1 || exit 1
fi fi
} }
@@ -2870,8 +2870,8 @@ update_packages() {
logCmd "yum repolist" logCmd "yum repolist"
logCmd "yum -y update --exclude=salt*,wazuh*,docker*,containerd*" logCmd "yum -y update --exclude=salt*,wazuh*,docker*,containerd*"
else else
retry 50 10 "apt-get -y update" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get -y update" >> "$setup_log" 2>&1 || exit 1
retry 50 10 "apt-get -y upgrade" >> "$setup_log" 2>&1 || exit 1 retry 150 20 "apt-get -y upgrade" >> "$setup_log" 2>&1 || exit 1
fi fi
} }

4
setup/so-preflight
View File

@@ -65,7 +65,7 @@ check_default_repos() {
printf '%s' 'apt update.' | tee -a "$preflight_log" printf '%s' 'apt update.' | tee -a "$preflight_log"
fi fi
echo "" >> "$preflight_log" echo "" >> "$preflight_log"
retry 50 10 "apt-get -y update" >> $preflight_log 2>&1 retry 150 20 "apt-get -y update" >> $preflight_log 2>&1
ret_code=$? ret_code=$?
[[ $ret_code == 0 ]] && printf '%s\n' ' SUCCESS' || printf '%s\n' ' FAILURE' [[ $ret_code == 0 ]] && printf '%s\n' ' SUCCESS' || printf '%s\n' ' FAILURE'
@@ -174,7 +174,7 @@ preflight_prereqs() {
if [[ $OS == 'centos' ]]; then if [[ $OS == 'centos' ]]; then
: # no-op to match structure of other checks for $OS var : # no-op to match structure of other checks for $OS var
else else
retry 50 10 "apt-get -y install curl" >> "$preflight_log" 2>&1 || ret_code=1 retry 150 20 "apt-get -y install curl" >> "$preflight_log" 2>&1 || ret_code=1
fi fi
return $ret_code return $ret_code