From 8a3c2e72427078ecd2adc90908482baf7f695691 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 21 Jul 2023 17:06:38 -0400 Subject: [PATCH 01/12] Add gui --- salt/desktop/packages.sls | 36 +++++++++++++++++++++++++++++------- salt/desktop/remove_gui.sls | 4 ++-- salt/desktop/trusted-ca.sls | 28 +--------------------------- salt/desktop/xwindows.sls | 4 ++-- 4 files changed, 34 insertions(+), 38 deletions(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index f0fe000c8..a2b8a9a26 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -45,9 +45,6 @@ desktop_packages: - chkconfig - chromium - chrony - - cinnamon - - cinnamon-control-center - - cinnamon-screensaver - cockpit - coreutils - cpio @@ -76,18 +73,43 @@ desktop_packages: - efivar-libs - eom - ethtool - - f36-backgrounds-extras-gnome - - f36-backgrounds-gnome - - f37-backgrounds-extras-gnome - - f37-backgrounds-gnome - file - filesystem - firewall-config - firewalld - fprintd-pam + - gdm - git - glibc - glibc-all-langpacks + - gnome-autoar + - gnome-bluetooth + - gnome-bluetooth-libs + - gnome-calculator + - gnome-characters + - gnome-color-manager + - gnome-control-center + - gnome-desktop3 + - gnome-disk-utility + - gnome-font-viewer + - gnome-initial-setup + - gnome-keyring + - gnome-keyring-pam + - gnome-logs + - gnome-menus + - gnome-online-accounts + - gnome-remote-desktop + - gnome-screenshot + - gnome-session + - gnome-session-wayland-session + - gnome-session-xsession + - gnome-settings-daemon + - gnome-shell + - gnome-software + - gnome-system-monitor + - gnome-terminal + - gnome-terminal-nautilus + - gnome-tour - gnome-calculator - gnome-disk-utility - gnome-screenshot diff --git a/salt/desktop/remove_gui.sls b/salt/desktop/remove_gui.sls index e66700f11..53d927cbe 100644 --- a/salt/desktop/remove_gui.sls +++ b/salt/desktop/remove_gui.sls @@ -1,7 +1,7 @@ {% from 'vars/globals.map.jinja' import GLOBALS %} {# we only want this state to run it is CentOS #} -{% if GLOBALS.os == 'Rocky' %} +{% if GLOBALS.os == 'OEL' %} remove_graphical_target: file.symlink: @@ -12,6 +12,6 @@ remove_graphical_target: {% else %} desktop_trusted-ca_os_fail: test.fail_without_changes: - - comment: 'SO Desktop can only be installed on Rocky' + - comment: 'SO Desktop can only be installed on Oracle Linux' {% endif %} diff --git a/salt/desktop/trusted-ca.sls b/salt/desktop/trusted-ca.sls index 18f5b16e0..b9bde5ae5 100644 --- a/salt/desktop/trusted-ca.sls +++ b/salt/desktop/trusted-ca.sls @@ -1,33 +1,7 @@ {% from 'vars/globals.map.jinja' import GLOBALS %} {# we only want this state to run it is CentOS #} -{% if GLOBALS.os == 'Rocky' %} - - {% set global_ca_text = [] %} - {% set global_ca_server = [] %} - {% set manager = GLOBALS.manager %} - {% set x509dict = salt['mine.get'](manager | lower~'*', 'x509.get_pem_entries') %} - {% for host in x509dict %} - {% if host.split('_')|last in ['manager', 'managersearch', 'standalone', 'import', 'eval'] %} - {% do global_ca_text.append(x509dict[host].get('/etc/pki/ca.crt')|replace('\n', '')) %} - {% do global_ca_server.append(host) %} - {% endif %} - {% endfor %} - {% set trusttheca_text = global_ca_text[0] %} - {% set ca_server = global_ca_server[0] %} - -trusted_ca: - x509.pem_managed: - - name: /etc/pki/ca-trust/source/anchors/ca.crt - - text: {{ trusttheca_text }} - -update_ca_certs: - cmd.run: - - name: update-ca-trust - - onchanges: - - x509: trusted_ca - -{% elif GLOBALS.os == 'CentOS Stream' %} +{% if GLOBALS.os == 'OEL' %} {% set global_ca_text = [] %} {% set global_ca_server = [] %} diff --git a/salt/desktop/xwindows.sls b/salt/desktop/xwindows.sls index 71de07120..ea0c7df4f 100644 --- a/salt/desktop/xwindows.sls +++ b/salt/desktop/xwindows.sls @@ -1,7 +1,7 @@ {% from 'vars/globals.map.jinja' import GLOBALS %} {# we only want this state to run it is CentOS #} -{% if GLOBALS.os == 'Rocky' %} +{% if GLOBALS.os == 'OEL' %} include: - desktop.packages @@ -18,6 +18,6 @@ graphical_target: desktop_xwindows_os_fail: test.fail_without_changes: - - comment: 'SO Desktop can only be installed on Rocky' + - comment: 'SO Desktop can only be installed on Oracle Linux' {% endif %} From 48324911ced2b2a9b4162c9514a69813e0d604fc Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 21 Jul 2023 17:18:03 -0400 Subject: [PATCH 02/12] Add gui --- salt/desktop/packages.sls | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index a2b8a9a26..8a38792c1 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -1,7 +1,7 @@ {% from 'vars/globals.map.jinja' import GLOBALS %} {# we only want this state to run it is CentOS #} -{% if GLOBALS.os == 'Rocky' %} +{% if GLOBALS.os == 'OEL' %} desktop_packages: @@ -327,6 +327,6 @@ desktop_packages: desktop_packages_os_fail: test.fail_without_changes: - - comment: 'SO desktop can only be installed on Rocky' + - comment: 'SO desktop can only be installed on Oracle Linux' {% endif %} From d1d5f8a2b62e9bf2c8144908ccca3ce438fe53d0 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 21 Jul 2023 17:28:09 -0400 Subject: [PATCH 03/12] Add gui --- salt/desktop/packages.sls | 45 +++++++++++++++++---------------------- 1 file changed, 20 insertions(+), 25 deletions(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index 8a38792c1..e82e973a3 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -7,20 +7,6 @@ desktop_packages: pkg.installed: - pkgs: - - NetworkManager - - NetworkManager-adsl - - NetworkManager-bluetooth - - NetworkManager-l2tp-gnome - - NetworkManager-libreswan-gnome - - NetworkManager-openconnect-gnome - - NetworkManager-openvpn-gnome - - NetworkManager-ppp - - NetworkManager-pptp-gnome - - NetworkManager-team - - NetworkManager-tui - - NetworkManager-wifi - - NetworkManager-wwan - - PackageKit-gstreamer-plugin - aajohan-comfortaa-fonts - abattis-cantarell-fonts - acl @@ -68,8 +54,8 @@ desktop_packages: - dsniff - e2fsprogs - ed - - efi-filesystem - efibootmgr + - efi-filesystem - efivar-libs - eom - ethtool @@ -110,11 +96,6 @@ desktop_packages: - gnome-terminal - gnome-terminal-nautilus - gnome-tour - - gnome-calculator - - gnome-disk-utility - - gnome-screenshot - - gnome-system-monitor - - gnome-terminal - gnupg2 - google-noto-emoji-color-fonts - google-noto-sans-cjk-ttc-fonts @@ -151,8 +132,8 @@ desktop_packages: - iprutils - iputils - irqbalance - - iwl100-firmware - iwl1000-firmware + - iwl100-firmware - iwl105-firmware - iwl135-firmware - iwl2000-firmware @@ -214,16 +195,30 @@ desktop_packages: - nemo-fileroller - nemo-image-converter - nemo-preview - - net-tools - netronome-firmware + - net-tools + - NetworkManager + - NetworkManager-adsl + - NetworkManager-bluetooth + - NetworkManager-l2tp-gnome + - NetworkManager-libreswan-gnome + - NetworkManager-openconnect-gnome + - NetworkManager-openvpn-gnome + - NetworkManager-ppp + - NetworkManager-pptp-gnome + - NetworkManager-team + - NetworkManager-tui + - NetworkManager-wifi + - NetworkManager-wwan - ngrep - - nm-connection-editor - nmap-ncat + - nm-connection-editor - nvme-cli - - open-vm-tools-desktop - openssh-clients - openssh-server + - open-vm-tools-desktop - p11-kit + - PackageKit-gstreamer-plugin - paktype-naskh-basic-fonts - parole - parted @@ -310,8 +305,8 @@ desktop_packages: - vim-powerline - virt-what - wget - - whois - which + - whois - wireplumber - wireshark - words From ba69c67dc2184624299ac9471c3d0987de9987f1 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 21 Jul 2023 17:30:17 -0400 Subject: [PATCH 04/12] Add gui --- salt/desktop/packages.sls | 8 -------- 1 file changed, 8 deletions(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index e82e973a3..889d94a9a 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -14,7 +14,6 @@ desktop_packages: - alsa-utils - anaconda - anaconda-install-env-deps - - anaconda-live - at - attr - audit @@ -155,8 +154,6 @@ desktop_packages: - kexec-tools - khmer-os-system-fonts - kmod-kvdo - - kpatch - - kpatch-dnf - ledmon - less - liberation-mono-fonts @@ -192,9 +189,6 @@ desktop_packages: - mtr - nano - ncurses - - nemo-fileroller - - nemo-image-converter - - nemo-preview - netronome-firmware - net-tools - NetworkManager @@ -245,8 +239,6 @@ desktop_packages: - quota - realmd - redshift-gtk - - rocky-backgrounds - - rocky-release - rootfiles - rpm - rpm-plugin-audit From 5dc5b99b054b3cb9f90ba48c43ae2fa3e92da0ea Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 21 Jul 2023 18:00:01 -0400 Subject: [PATCH 05/12] Add gui --- salt/desktop/packages.sls | 824 ++++++++++++++++++++++++++++---------- 1 file changed, 620 insertions(+), 204 deletions(-) diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index 889d94a9a..c0cbe9349 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -7,73 +7,124 @@ desktop_packages: pkg.installed: - pkgs: - - aajohan-comfortaa-fonts - - abattis-cantarell-fonts - - acl - - alsa-ucm - - alsa-utils - - anaconda - - anaconda-install-env-deps - - at - - attr + - ModemManager + - ModemManager-glib + - NetworkManager + - NetworkManager-adsl + - NetworkManager-bluetooth + - NetworkManager-config-server + - NetworkManager-libnm + - NetworkManager-team + - NetworkManager-tui + - NetworkManager-wifi + - NetworkManager-wwan + - PackageKit + - PackageKit-command-not-found + - PackageKit-glib + - PackageKit-gstreamer-plugin + - PackageKit-gtk3-module - audit + - audit-libs - authselect + - authselect-libs + - avahi + - avahi-glib + - avahi-libs + - baobab - basesystem - - bash - - bash-completion - bc - - blktrace + - bcache-tools - bluez + - bluez-libs + - bluez-obexd - bolt - - bpftool - bzip2 + - bzip2-libs + - c-ares + - ca-certificates + - cairo + - cairo-gobject + - cairomm + - checkpolicy + - cheese + - cheese-libs - chkconfig - - chromium - - chrony - - cockpit - - coreutils - - cpio - - cronie - - crontabs - - crypto-policies - - crypto-policies-scripts - - cryptsetup - - curl - - cyrus-sasl-plain - - dbus + - chrome-gnome-shell + - clutter + - clutter-gst3 + - clutter-gtk + - cogl + - color-filesystem + - colord + - colord-gtk + - colord-libs + - conmon + - cups + - cups-client + - cups-filesystem + - cups-filters + - cups-filters-libs + - cups-ipptool + - cups-libs + - cups-pk-helper + - dconf - dejavu-sans-fonts - dejavu-sans-mono-fonts - dejavu-serif-fonts - - dnf - - dnf-plugins-core - - dos2unix - - dosfstools - - dracut-config-rescue - - dracut-live - - dsniff - - e2fsprogs - - ed - - efibootmgr - - efi-filesystem - - efivar-libs - - eom - - ethtool - - file - - filesystem - - firewall-config - - firewalld - - fprintd-pam + - desktop-file-utils + - evolution-data-server + - evolution-data-server-langpacks + - firefox + - flac-libs + - flashrom + - flatpak + - flatpak-libs + - flatpak-selinux + - flatpak-session-helper + - fontconfig + - fonts-filesystem + - foomatic + - foomatic-db + - foomatic-db-filesystem + - foomatic-db-ppds + - freetype + - fuse + - fuse-common + - fuse-libs + - fuse-overlayfs + - fuse3 + - fuse3-libs + - fwupd + - fwupd-plugin-flashrom + - gcr + - gcr-base + - gd + - gdbm-libs + - gdisk + - gdk-pixbuf2 + - gdk-pixbuf2-modules - gdm - - git - - glibc - - glibc-all-langpacks + - gedit + - geoclue2 + - geoclue2-libs + - geocode-glib + - gettext + - gettext-libs + - ghostscript + - ghostscript-tools-fonts + - ghostscript-tools-printing + - giflib + - glx-utils + - gmp - gnome-autoar - gnome-bluetooth - gnome-bluetooth-libs - gnome-calculator - gnome-characters + - gnome-classic-session - gnome-color-manager - gnome-control-center + - gnome-control-center-filesystem - gnome-desktop3 - gnome-disk-utility - gnome-font-viewer @@ -90,81 +141,139 @@ desktop_packages: - gnome-session-xsession - gnome-settings-daemon - gnome-shell + - gnome-shell-extension-apps-menu + - gnome-shell-extension-background-logo + - gnome-shell-extension-common + - gnome-shell-extension-desktop-icons + - gnome-shell-extension-launch-new-instance + - gnome-shell-extension-places-menu + - gnome-shell-extension-window-list - gnome-software - gnome-system-monitor - gnome-terminal - gnome-terminal-nautilus - gnome-tour - - gnupg2 + - gnome-user-docs + - gnome-video-effects + - gobject-introspection + - gom + - google-droid-sans-fonts + - google-noto-cjk-fonts-common - google-noto-emoji-color-fonts + - google-noto-fonts-common - google-noto-sans-cjk-ttc-fonts - google-noto-sans-gurmukhi-fonts - google-noto-sans-sinhala-vf-fonts - google-noto-serif-cjk-ttc-fonts - - grub2-common - - grub2-pc-modules - - grub2-tools - - grub2-tools-efi - - grub2-tools-extra - - grub2-tools-minimal - - grubby + - gpgme + - gpm-libs + - graphene + - graphite2 + - gsettings-desktop-schemas + - gsm + - gsound + - gspell + - gstreamer1 - gstreamer1-plugins-bad-free + - gstreamer1-plugins-base - gstreamer1-plugins-good + - gstreamer1-plugins-good-gtk - gstreamer1-plugins-ugly-free + - gtk-update-icon-cache + - gtk3 + - gtk4 + - gtkmm30 + - gtksourceview4 + - gutenprint + - gutenprint-cups + - gutenprint-doc + - gutenprint-libs + - gvfs + - gvfs-client + - gvfs-fuse + - gvfs-goa - gvfs-gphoto2 - gvfs-mtp - gvfs-smb - - hostname - - hyperv-daemons - - ibus-anthy - - ibus-hangul - - ibus-libpinyin - - ibus-libzhuyin - - ibus-m17n - - ibus-typing-booster - - imsettings-systemd - - initial-setup-gui - - initscripts + - gzip + - harfbuzz + - harfbuzz-icu + - hdparm + - hicolor-icon-theme + - highcontrast-icon-theme + - hplip-common + - hplip-libs + - hunspell + - hunspell-en + - hunspell-en-GB + - hunspell-en-US + - hunspell-filesystem + - hyphen + - ibus + - ibus-gtk3 + - ibus-libs + - ibus-setup + - iio-sensor-proxy + - ima-evm-utils + - inih - initscripts-rename-device - - iproute - - iproute-tc - - iprutils - - iputils - - irqbalance - - iwl1000-firmware - - iwl100-firmware - - iwl105-firmware - - iwl135-firmware - - iwl2000-firmware - - iwl2030-firmware - - iwl3160-firmware - - iwl5000-firmware - - iwl5150-firmware - - iwl6000g2a-firmware - - iwl6000g2b-firmware - - iwl6050-firmware - - iwl7260-firmware + - initscripts-service + - iso-codes + - jansson + - jbig2dec-libs + - jbigkit-libs - jomolhari-fonts + - jose + - jq + - json-c + - json-glib - julietaula-montserrat-fonts - kbd - - kernel - - kernel-modules - - kernel-modules-extra - - kernel-tools - - kexec-tools + - kbd-misc - khmer-os-system-fonts - - kmod-kvdo - - ledmon - - less + - langpacks-core-en + - langpacks-core-font-en + - langpacks-en + - lcms2 + - libICE + - libSM + - libX11 + - libX11-common + - libX11-xcb + - libXau + - libXcomposite + - libXcursor + - libXdamage + - libXdmcp + - libXext + - libXfixes + - libXfont2 + - libXft + - libXi + - libXinerama + - libXmu + - libXpm + - libXrandr + - libXrender + - libXres + - libXt + - libXtst + - libXv + - libXxf86dga + - libXxf86vm + - libappstream-glib + - liberation-fonts-common - liberation-mono-fonts - liberation-sans-fonts - liberation-serif-fonts - libertas-sd8787-firmware - - libstoragemgmt - - libsysfs - - lightdm - - linux-firmware - - logrotate + - libglvnd-gles + - libglvnd-glx + - libglvnd-opengl + - libgnomekbd + - libgomp + - libgphoto2 + - lockdev - lohit-assamese-fonts - lohit-bengali-fonts - lohit-devanagari-fonts @@ -173,143 +282,450 @@ desktop_packages: - lohit-odia-fonts - lohit-tamil-fonts - lohit-telugu-fonts - - lshw - - lsof - - lsscsi - - lvm2 - - mailcap - - man-db - - man-pages - - mcelog - - mdadm - - memtest86+ - - metacity + - mesa-dri-drivers + - mesa-filesystem + - mesa-libEGL + - mesa-libGL + - mesa-libgbm + - mesa-libglapi + - mesa-libxatracker + - mesa-vulkan-drivers - microcode_ctl - - mlocate + - mobile-broadband-provider-info + - mozilla-filesystem + - mpfr + - mpg123-libs + - mtdev - mtr - - nano - - ncurses - - netronome-firmware - - net-tools - - NetworkManager - - NetworkManager-adsl - - NetworkManager-bluetooth - - NetworkManager-l2tp-gnome - - NetworkManager-libreswan-gnome - - NetworkManager-openconnect-gnome - - NetworkManager-openvpn-gnome - - NetworkManager-ppp - - NetworkManager-pptp-gnome - - NetworkManager-team - - NetworkManager-tui - - NetworkManager-wifi - - NetworkManager-wwan - - ngrep - - nmap-ncat - - nm-connection-editor - - nvme-cli - - openssh-clients - - openssh-server - - open-vm-tools-desktop - - p11-kit - - PackageKit-gstreamer-plugin - - paktype-naskh-basic-fonts - - parole - - parted - - passwd - - pciutils + - nautilus + - nautilus-extensions + - oracle-backgrounds + - oracle-indexhtml + - oracle-logos + - pcaudiolib + - pinentry + - pinentry-gnome3 - pinfo - pipewire - pipewire-alsa - pipewire-gstreamer - pipewire-jack-audio-connection-kit + - pipewire-libs - pipewire-pulseaudio - pipewire-utils + - pixman - plymouth + - plymouth-core-libs + - plymouth-graphics-libs + - plymouth-plugin-label + - plymouth-plugin-two-step + - plymouth-scripts + - plymouth-system-theme + - plymouth-theme-spinner - policycoreutils - - powerline - - ppp - - prefixdevname - - procps-ng - - psacct + - policycoreutils-python-utils - pt-sans-fonts - - python3-libselinux - - python3-scapy - - qemu-guest-agent - - quota - - realmd - - redshift-gtk - - rootfiles - - rpm - - rpm-plugin-audit - - rsync - - rsyslog - - rsyslog-gnutls - - rsyslog-gssapi - - rsyslog-relp - - salt-minion + - pulseaudio-libs + - pulseaudio-libs-glib2 + - pulseaudio-utils + - sane-airscan + - sane-backends + - sane-backends-drivers-cameras - sane-backends-drivers-scanners - - selinux-policy-targeted - - setroubleshoot - - setup - - sg3_utils - - sg3_utils-libs - - shadow-utils + - sane-backends-libs - sil-abyssinica-fonts - sil-nuosu-fonts - sil-padauk-fonts - - slick-greeter - - slick-greeter-cinnamon - smartmontools - smc-meera-fonts - - sos + - snappy + - sound-theme-freedesktop + - soundtouch + - speech-dispatcher + - speech-dispatcher-espeak-ng + - speex - spice-vdagent - - ssldump - - sssd - - sssd-common - - sssd-kcm - - stix-fonts - - strace - - sudo + - switcheroo-control - symlinks - - syslinux - - systemd - - systemd-udev - - tar + - system-config-printer-libs + - system-config-printer-udev + - taglib - tcpdump - - tcpflow - - teamd + - thai-scalable-fonts-common - thai-scalable-waree-fonts - - time - - tmux - - tmux-powerline - - transmission + - totem + - totem-pl-parser + - totem-video-thumbnailer + - tpm2-tools + - tpm2-tss + - tracer-common + - tracker + - tracker-miners - tree - tuned + - twolame-libs + - tzdata + - udisks2 + - udisks2-iscsi + - udisks2-lvm2 - unzip + - upower + - urw-base35-bookman-fonts + - urw-base35-c059-fonts + - urw-base35-d050000l-fonts + - urw-base35-fonts + - urw-base35-fonts-common + - urw-base35-gothic-fonts + - urw-base35-nimbus-mono-ps-fonts + - urw-base35-nimbus-roman-fonts + - urw-base35-nimbus-sans-fonts + - urw-base35-p052-fonts + - urw-base35-standard-symbols-ps-fonts + - urw-base35-z003-fonts - usb_modeswitch + - usb_modeswitch-data - usbutils - - util-linux - - util-linux-user + - usermode + - userspace-rcu - vdo - - vim-enhanced - - vim-minimal - - vim-powerline - - virt-what - - wget - - which - - whois + - vulkan-loader + - wavpack + - webkit2gtk3 + - webkit2gtk3-jsc + - webrtc-audio-processing + - wireless-regdb - wireplumber - - wireshark + - wireplumber-libs + - woff2 - words + - wpa_supplicant + - wpebackend-fdo + - xdg-dbus-proxy + - xdg-desktop-portal + - xdg-desktop-portal-gnome + - xdg-desktop-portal-gtk + - xdg-user-dirs - xdg-user-dirs-gtk - - xed - - xfsdump - - xfsprogs - - xreader - - yum - - zip - + - xdg-utils + - xkeyboard-config + - xorg-x11-drv-evdev + - xorg-x11-drv-fbdev + - xorg-x11-drv-libinput + - xorg-x11-drv-vmware + - xorg-x11-drv-wacom + - xorg-x11-drv-wacom-serial-support + - xorg-x11-server-Xorg + - xorg-x11-server-Xwayland + - xorg-x11-server-common + - xorg-x11-server-utils + - xorg-x11-utils + - xorg-x11-xauth + - xorg-x11-xinit + - xorg-x11-xinit-session +# +# - aajohan-comfortaa-fonts +# - abattis-cantarell-fonts +# - acl +# - alsa-ucm +# - alsa-utils +# - anaconda +# - anaconda-install-env-deps +# - at +# - attr +# - audit +# - authselect +# - basesystem +# - bash +# - bash-completion +# - bc +# - blktrace +# - bluez +# - bolt +# - bpftool +# - bzip2 +# - chkconfig +# - chromium +# - chrony +# - cockpit +# - coreutils +# - cpio +# - cronie +# - crontabs +# - crypto-policies +# - crypto-policies-scripts +# - cryptsetup +# - curl +# - cyrus-sasl-plain +# - dbus +# - dejavu-sans-fonts +# - dejavu-sans-mono-fonts +# - dejavu-serif-fonts +# - dnf +# - dnf-plugins-core +# - dos2unix +# - dosfstools +# - dracut-config-rescue +# - dracut-live +# - dsniff +# - e2fsprogs +# - ed +# - efibootmgr +# - efi-filesystem +# - efivar-libs +# - eom +# - ethtool +# - file +# - filesystem +# - firewall-config +# - firewalld +# - fprintd-pam +# - gdm +# - git +# - glibc +# - glibc-all-langpacks +# - gnome-autoar +# - gnome-bluetooth +# - gnome-bluetooth-libs +# - gnome-calculator +# - gnome-characters +# - gnome-color-manager +# - gnome-control-center +# - gnome-desktop3 +# - gnome-disk-utility +# - gnome-font-viewer +# - gnome-initial-setup +# - gnome-keyring +# - gnome-keyring-pam +# - gnome-logs +# - gnome-menus +# - gnome-online-accounts +# - gnome-remote-desktop +# - gnome-screenshot +# - gnome-session +# - gnome-session-wayland-session +# - gnome-session-xsession +# - gnome-settings-daemon +# - gnome-shell +# - gnome-software +# - gnome-system-monitor +# - gnome-terminal +# - gnome-terminal-nautilus +# - gnome-tour +# - gnupg2 +# - google-noto-emoji-color-fonts +# - google-noto-sans-cjk-ttc-fonts +# - google-noto-sans-gurmukhi-fonts +# - google-noto-sans-sinhala-vf-fonts +# - google-noto-serif-cjk-ttc-fonts +# - grub2-common +# - grub2-pc-modules +# - grub2-tools +# - grub2-tools-efi +# - grub2-tools-extra +# - grub2-tools-minimal +# - grubby +# - gstreamer1-plugins-bad-free +# - gstreamer1-plugins-good +# - gstreamer1-plugins-ugly-free +# - gvfs-gphoto2 +# - gvfs-mtp +# - gvfs-smb +# - hostname +# - hyperv-daemons +# - ibus-anthy +# - ibus-hangul +# - ibus-libpinyin +# - ibus-libzhuyin +# - ibus-m17n +# - ibus-typing-booster +# - imsettings-systemd +# - initial-setup-gui +# - initscripts +# - initscripts-rename-device +# - iproute +# - iproute-tc +# - iprutils +# - iputils +# - irqbalance +# - iwl1000-firmware +# - iwl100-firmware +# - iwl105-firmware +# - iwl135-firmware +# - iwl2000-firmware +# - iwl2030-firmware +# - iwl3160-firmware +# - iwl5000-firmware +# - iwl5150-firmware +# - iwl6000g2a-firmware +# - iwl6000g2b-firmware +# - iwl6050-firmware +# - iwl7260-firmware +# - jomolhari-fonts +# - julietaula-montserrat-fonts +# - kbd +# - kernel +# - kernel-modules +# - kernel-modules-extra +# - kernel-tools +# - kexec-tools +# - khmer-os-system-fonts +# - kmod-kvdo +# - ledmon +# - less +# - liberation-mono-fonts +# - liberation-sans-fonts +# - liberation-serif-fonts +# - libertas-sd8787-firmware +# - libstoragemgmt +# - libsysfs +# - lightdm +# - linux-firmware +# - logrotate +# - lohit-assamese-fonts +# - lohit-bengali-fonts +# - lohit-devanagari-fonts +# - lohit-gujarati-fonts +# - lohit-kannada-fonts +# - lohit-odia-fonts +# - lohit-tamil-fonts +# - lohit-telugu-fonts +# - lshw +# - lsof +# - lsscsi +# - lvm2 +# - mailcap +# - man-db +# - man-pages +# - mcelog +# - mdadm +# - memtest86+ +# - metacity +# - microcode_ctl +# - mlocate +# - mtr +# - nano +# - ncurses +# - netronome-firmware +# - net-tools +# - NetworkManager +# - NetworkManager-adsl +# - NetworkManager-bluetooth +# - NetworkManager-l2tp-gnome +# - NetworkManager-libreswan-gnome +# - NetworkManager-openconnect-gnome +# - NetworkManager-openvpn-gnome +# - NetworkManager-ppp +# - NetworkManager-pptp-gnome +# - NetworkManager-team +# - NetworkManager-tui +# - NetworkManager-wifi +# - NetworkManager-wwan +# - ngrep +# - nmap-ncat +# - nm-connection-editor +# - nvme-cli +# - openssh-clients +# - openssh-server +# - open-vm-tools-desktop +# - p11-kit +# - PackageKit-gstreamer-plugin +# - paktype-naskh-basic-fonts +# - parole +# - parted +# - passwd +# - pciutils +# - pinfo +# - pipewire +# - pipewire-alsa +# - pipewire-gstreamer +# - pipewire-jack-audio-connection-kit +# - pipewire-pulseaudio +# - pipewire-utils +# - plymouth +# - policycoreutils +# - powerline +# - ppp +# - prefixdevname +# - procps-ng +# - psacct +# - pt-sans-fonts +# - python3-libselinux +# - python3-scapy +# - qemu-guest-agent +# - quota +# - realmd +# - redshift-gtk +# - rootfiles +# - rpm +# - rpm-plugin-audit +# - rsync +# - rsyslog +# - rsyslog-gnutls +# - rsyslog-gssapi +# - rsyslog-relp +# - salt-minion +# - sane-backends-drivers-scanners +# - selinux-policy-targeted +# - setroubleshoot +# - setup +# - sg3_utils +# - sg3_utils-libs +# - shadow-utils +# - sil-abyssinica-fonts +# - sil-nuosu-fonts +# - sil-padauk-fonts +# - slick-greeter +# - slick-greeter-cinnamon +# - smartmontools +# - smc-meera-fonts +# - sos +# - spice-vdagent +# - ssldump +# - sssd +# - sssd-common +# - sssd-kcm +# - stix-fonts +# - strace +# - sudo +# - symlinks +# - syslinux +# - systemd +# - systemd-udev +# - tar +# - tcpdump +# - tcpflow +# - teamd +# - thai-scalable-waree-fonts +# - time +# - tmux +# - tmux-powerline +# - transmission +# - tree +# - tuned +# - unzip +# - usb_modeswitch +# - usbutils +# - util-linux +# - util-linux-user +# - vdo +# - vim-enhanced +# - vim-minimal +# - vim-powerline +# - virt-what +# - wget +# - which +# - whois +# - wireplumber +# - wireshark +# - words +# - xdg-user-dirs-gtk +# - xed +# - xfsdump +# - xfsprogs +# - xreader +# - yum +# - zip +# {% else %} desktop_packages_os_fail: From de7b7ff98909ca1964a85d94d695bf8c6917642e Mon Sep 17 00:00:00 2001 From: Wes Date: Mon, 24 Jul 2023 18:35:02 +0000 Subject: [PATCH 06/12] Add endpoint --- salt/elasticfleet/defaults.yaml | 1 + salt/elasticsearch/defaults.yaml | 392 +++++++++++++++++++++++++++++++ 2 files changed, 393 insertions(+) diff --git a/salt/elasticfleet/defaults.yaml b/salt/elasticfleet/defaults.yaml index 93b5eba9a..46d496955 100644 --- a/salt/elasticfleet/defaults.yaml +++ b/salt/elasticfleet/defaults.yaml @@ -28,6 +28,7 @@ elasticfleet: - aws - azure - cloudflare + - endpoint - fim - github - google_workspace diff --git a/salt/elasticsearch/defaults.yaml b/salt/elasticsearch/defaults.yaml index 3f29483e0..06e51cb1d 100644 --- a/salt/elasticsearch/defaults.yaml +++ b/salt/elasticsearch/defaults.yaml @@ -1312,6 +1312,398 @@ elasticsearch: name: elastic_agent managed_by: security_onion managed: true + so-logs-endpoint.alerts: + index_sorting: False + index_template: + index_patterns: + - "logs-endpoint.alerts-*" + template: + settings: + index: + number_of_replicas: 0 + mapping: + total_fields: + limit: 5000 + sort: + field: "@timestamp" + order: desc + composed_of: + - "event-mappings" + - "logs-endpoint.alerts@custom" + - "logs-endpoint.alerts@package" + - "so-fleet_globals-1" + - "so-fleet_agent_id_verification-1" + priority: 501 + data_stream: + hidden: false + allow_custom_routing: false + policy: + phases: + hot: + min_age: 0ms + actions: + set_priority: + priority: 100 + rollover: + max_age: 30d + max_primary_shard_size: 50gb + cold: + min_age: 30d + actions: + set_priority: + priority: 0 + delete: + min_age: 365d + actions: + delete: {} + _meta: + package: + name: elastic_agent + managed_by: security_onion + managed: true + so-logs-endpoint.events.api: + index_sorting: False + index_template: + index_patterns: + - "logs-endpoint.events.api-*" + template: + settings: + index: + number_of_replicas: 0 + mapping: + total_fields: + limit: 5000 + sort: + field: "@timestamp" + order: desc + composed_of: + - "event-mappings" + - "logs-endpoint.events.api@custom" + - "logs-endpoint.events.api@package" + - "so-fleet_globals-1" + - "so-fleet_agent_id_verification-1" + priority: 501 + data_stream: + hidden: false + allow_custom_routing: false + policy: + phases: + hot: + min_age: 0ms + actions: + set_priority: + priority: 100 + rollover: + max_age: 30d + max_primary_shard_size: 50gb + cold: + min_age: 30d + actions: + set_priority: + priority: 0 + delete: + min_age: 365d + actions: + delete: {} + _meta: + package: + name: elastic_agent + managed_by: security_onion + managed: true + so-logs-endpoint.events.file: + index_sorting: False + index_template: + index_patterns: + - "logs-endpoint.events.file-*" + template: + settings: + index: + number_of_replicas: 0 + mapping: + total_fields: + limit: 5000 + sort: + field: "@timestamp" + order: desc + composed_of: + - "event-mappings" + - "logs-endpoint.events.file@custom" + - "logs-endpoint.events.file@package" + - "so-fleet_globals-1" + - "so-fleet_agent_id_verification-1" + priority: 501 + data_stream: + hidden: false + allow_custom_routing: false + policy: + phases: + hot: + min_age: 0ms + actions: + set_priority: + priority: 100 + rollover: + max_age: 30d + max_primary_shard_size: 50gb + cold: + min_age: 30d + actions: + set_priority: + priority: 0 + delete: + min_age: 365d + actions: + delete: {} + _meta: + package: + name: elastic_agent + managed_by: security_onion + managed: true + so-logs-endpoint.events.library: + index_sorting: False + index_template: + index_patterns: + - "logs-endpoint.events.library-*" + template: + settings: + index: + number_of_replicas: 0 + mapping: + total_fields: + limit: 5000 + sort: + field: "@timestamp" + order: desc + composed_of: + - "event-mappings" + - "logs-endpoint.events.library@custom" + - "logs-endpoint.events.library@package" + - "so-fleet_globals-1" + - "so-fleet_agent_id_verification-1" + priority: 501 + data_stream: + hidden: false + allow_custom_routing: false + policy: + phases: + hot: + min_age: 0ms + actions: + set_priority: + priority: 100 + rollover: + max_age: 30d + max_primary_shard_size: 50gb + cold: + min_age: 30d + actions: + set_priority: + priority: 0 + delete: + min_age: 365d + actions: + delete: {} + _meta: + package: + name: elastic_agent + managed_by: security_onion + managed: true + so-logs-endpoint.events.network: + index_sorting: False + index_template: + index_patterns: + - "logs-endpoint.events.network-*" + template: + settings: + index: + number_of_replicas: 0 + mapping: + total_fields: + limit: 5000 + sort: + field: "@timestamp" + order: desc + composed_of: + - "event-mappings" + - "logs-endpoint.events.network@custom" + - "logs-endpoint.events.network@package" + - "so-fleet_globals-1" + - "so-fleet_agent_id_verification-1" + priority: 501 + data_stream: + hidden: false + allow_custom_routing: false + policy: + phases: + hot: + min_age: 0ms + actions: + set_priority: + priority: 100 + rollover: + max_age: 30d + max_primary_shard_size: 50gb + cold: + min_age: 30d + actions: + set_priority: + priority: 0 + delete: + min_age: 365d + actions: + delete: {} + _meta: + package: + name: elastic_agent + managed_by: security_onion + managed: true + so-logs-endpoint.events.process: + index_sorting: False + index_template: + index_patterns: + - "logs-endpoint.events.process-*" + template: + settings: + index: + number_of_replicas: 0 + mapping: + total_fields: + limit: 5000 + sort: + field: "@timestamp" + order: desc + composed_of: + - "event-mappings" + - "logs-endpoint.events.process@custom" + - "logs-endpoint.events.process@package" + - "so-fleet_globals-1" + - "so-fleet_agent_id_verification-1" + priority: 501 + data_stream: + hidden: false + allow_custom_routing: false + policy: + phases: + hot: + min_age: 0ms + actions: + set_priority: + priority: 100 + rollover: + max_age: 30d + max_primary_shard_size: 50gb + cold: + min_age: 30d + actions: + set_priority: + priority: 0 + delete: + min_age: 365d + actions: + delete: {} + _meta: + package: + name: elastic_agent + managed_by: security_onion + managed: true + so-logs-endpoint.events.registry: + index_sorting: False + index_template: + index_patterns: + - "logs-endpoint.events.registry-*" + template: + settings: + index: + number_of_replicas: 0 + mapping: + total_fields: + limit: 5000 + sort: + field: "@timestamp" + order: desc + composed_of: + - "event-mappings" + - "logs-endpoint.events.registry@custom" + - "logs-endpoint.events.registry@package" + - "so-fleet_globals-1" + - "so-fleet_agent_id_verification-1" + priority: 501 + data_stream: + hidden: false + allow_custom_routing: false + policy: + phases: + hot: + min_age: 0ms + actions: + set_priority: + priority: 100 + rollover: + max_age: 30d + max_primary_shard_size: 50gb + cold: + min_age: 30d + actions: + set_priority: + priority: 0 + delete: + min_age: 365d + actions: + delete: {} + _meta: + package: + name: elastic_agent + managed_by: security_onion + managed: true + so-logs-endpoint.events.security: + index_sorting: False + index_template: + index_patterns: + - "logs-endpoint.events.security-*" + template: + settings: + index: + number_of_replicas: 0 + mapping: + total_fields: + limit: 5000 + sort: + field: "@timestamp" + order: desc + composed_of: + - "event-mappings" + - "logs-endpoint.events.security@custom" + - "logs-endpoint.events.security@package" + - "so-fleet_globals-1" + - "so-fleet_agent_id_verification-1" + priority: 501 + data_stream: + hidden: false + allow_custom_routing: false + policy: + phases: + hot: + min_age: 0ms + actions: + set_priority: + priority: 100 + rollover: + max_age: 30d + max_primary_shard_size: 50gb + cold: + min_age: 30d + actions: + set_priority: + priority: 0 + delete: + min_age: 365d + actions: + delete: {} + _meta: + package: + name: elastic_agent + managed_by: security_onion + managed: true so-logs-elastic_agent.filebeat: index_sorting: False index_template: From d84dbf9535c6bb8a1149ecb58d7bc512bfad0a97 Mon Sep 17 00:00:00 2001 From: Wes Date: Mon, 24 Jul 2023 18:53:52 +0000 Subject: [PATCH 07/12] Add fleet --- salt/elasticsearch/defaults.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/salt/elasticsearch/defaults.yaml b/salt/elasticsearch/defaults.yaml index 06e51cb1d..035079f54 100644 --- a/salt/elasticsearch/defaults.yaml +++ b/salt/elasticsearch/defaults.yaml @@ -81,6 +81,8 @@ elasticsearch: managed: true composed_of: - "so-data-streams-mappings" + - "so-fleet_globals-1" + - "so-fleet_agent_id_verification-1" - "so-logs-mappings" - "so-logs-settings" priority: 225 From 4efc951eafad4999dd9d33892a0edd6e3a63f289 Mon Sep 17 00:00:00 2001 From: Wes Date: Mon, 24 Jul 2023 20:57:39 +0000 Subject: [PATCH 08/12] Add tags --- .../elastic-agent/so-fleet_agent_id_verification-1.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/salt/elasticsearch/templates/component/elastic-agent/so-fleet_agent_id_verification-1.json b/salt/elasticsearch/templates/component/elastic-agent/so-fleet_agent_id_verification-1.json index 18c6f1d6d..55e3e921c 100644 --- a/salt/elasticsearch/templates/component/elastic-agent/so-fleet_agent_id_verification-1.json +++ b/salt/elasticsearch/templates/component/elastic-agent/so-fleet_agent_id_verification-1.json @@ -9,6 +9,10 @@ "properties": { "event": { "properties": { + "agent_id": { + "ignore_above": 1024, + "type": "keyword" + }, "agent_id_status": { "ignore_above": 1024, "type": "keyword" @@ -18,6 +22,10 @@ "type": "date" } } + }, + "tags": { + "ignore_above": 1024, + "type": "keyword" } } } From 5553be02ac570890219c6f09159136f22480db66 Mon Sep 17 00:00:00 2001 From: Wes Date: Mon, 24 Jul 2023 21:31:28 +0000 Subject: [PATCH 09/12] Change how tags are added --- salt/elasticsearch/files/ingest/.fleet_final_pipeline-1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/salt/elasticsearch/files/ingest/.fleet_final_pipeline-1 b/salt/elasticsearch/files/ingest/.fleet_final_pipeline-1 index d6f5b65aa..743e4181a 100644 --- a/salt/elasticsearch/files/ingest/.fleet_final_pipeline-1 +++ b/salt/elasticsearch/files/ingest/.fleet_final_pipeline-1 @@ -72,8 +72,8 @@ { "set": { "ignore_failure": true, "field": "event.module", "value": "elastic_agent" } }, { "split": { "if": "ctx.event?.dataset != null && ctx.event.dataset.contains('.')", "field": "event.dataset", "separator": "\\.", "target_field": "module_temp" } }, { "set": { "if": "ctx.module_temp != null", "override": true, "field": "event.module", "value": "{{module_temp.0}}" } }, - { "split": { "if": "ctx.event?.dataset != null && ctx.event.dataset.contains('.')", "field": "event.dataset", "separator": "\\.", "target_field": "dataset_tag_temp" } }, - { "append": { "if": "ctx.dataset_tag_temp != null", "field": "tags", "value": "{{dataset_tag_temp.1}}" } }, + { "gsub": { "if": "ctx.event?.dataset != null && ctx.event.dataset.contains('.')", "field": "event.dataset", "pattern": "^[^.]*.", "replacement": "", "target_field": "dataset_tag_temp" } }, + { "append": { "if": "ctx.dataset_tag_temp != null", "field": "tags", "value": "{{dataset_tag_temp}}" } }, { "remove": { "field": [ "message2", "type", "fields", "category", "module", "dataset", "event.dataset_temp", "dataset_tag_temp", "module_temp" ], "ignore_missing": true, "ignore_failure": true } } ], "on_failure": [ From 2b38bc778d06b06c43b9a3e43f0b6354c9449a86 Mon Sep 17 00:00:00 2001 From: Josh Brower Date: Tue, 25 Jul 2023 12:24:23 -0400 Subject: [PATCH 10/12] Upgrade Nav --- salt/nginx/files/nav_layer_playbook.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/nginx/files/nav_layer_playbook.json b/salt/nginx/files/nav_layer_playbook.json index 68247c65e..999f882ae 100644 --- a/salt/nginx/files/nav_layer_playbook.json +++ b/salt/nginx/files/nav_layer_playbook.json @@ -3,7 +3,7 @@ "versions": { "attack": "11", "navigator": "4.8.4", - "layer": "4.3" + "layer": "4.4" }, "domain": "enterprise-attack", "description": "", From f24a3a51ceeb3c6b47693b29492de0b865978066 Mon Sep 17 00:00:00 2001 From: Josh Brower Date: Tue, 25 Jul 2023 18:28:41 -0400 Subject: [PATCH 11/12] Heavy Node fixes --- salt/elasticagent/enabled.sls | 7 +++++-- salt/elasticagent/files/elastic-agent.yml.jinja | 2 +- salt/firewall/defaults.yaml | 8 ++++++++ 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/salt/elasticagent/enabled.sls b/salt/elasticagent/enabled.sls index ee4b1d2be..4c00920ac 100644 --- a/salt/elasticagent/enabled.sls +++ b/salt/elasticagent/enabled.sls @@ -33,19 +33,22 @@ so-elastic-agent: {% endif %} - binds: - /opt/so/conf/elastic-agent/elastic-agent.yml:/usr/share/elastic-agent/elastic-agent.yml:ro + - /etc/pki/tls/certs/intca.crt:/etc/pki/tls/certs/intca.crt:ro - /nsm:/nsm:ro {% if DOCKER.containers['so-elastic-agent'].custom_bind_mounts %} {% for BIND in DOCKER.containers['so-elastic-agent'].custom_bind_mounts %} - {{ BIND }} {% endfor %} {% endif %} - {% if DOCKER.containers['so-elastic-agent'].extra_env %} - environment: + - FLEET_CA=/etc/pki/tls/certs/intca.crt + {% if DOCKER.containers['so-elastic-agent'].extra_env %} {% for XTRAENV in DOCKER.containers['so-elastic-agent'].extra_env %} - {{ XTRAENV }} {% endfor %} {% endif %} - + - watch: + - file: create-elastic-agent-config delete_so-elastic-agent_so-status.disabled: file.uncomment: diff --git a/salt/elasticagent/files/elastic-agent.yml.jinja b/salt/elasticagent/files/elastic-agent.yml.jinja index 45bac49b4..2d32a3b17 100644 --- a/salt/elasticagent/files/elastic-agent.yml.jinja +++ b/salt/elasticagent/files/elastic-agent.yml.jinja @@ -11,7 +11,7 @@ outputs: - 'https://{{ GLOBALS.hostname }}:9200' username: '{{ ES_USER }}' password: '{{ ES_PASS }}' - ssl.verification_mode: none + ssl.verification_mode: full output_permissions: {} agent: download: diff --git a/salt/firewall/defaults.yaml b/salt/firewall/defaults.yaml index 0a4635004..57446a5c2 100644 --- a/salt/firewall/defaults.yaml +++ b/salt/firewall/defaults.yaml @@ -999,6 +999,14 @@ firewall: portgroups: - elasticsearch_node - elasticsearch_rest + managersearch: + portgroups: + - elasticsearch_node + - elasticsearch_rest + standalone: + portgroups: + - elasticsearch_node + - elasticsearch_rest dockernet: portgroups: - elasticsearch_node From 9437a47946a5b7ae44c0ee132d81cedfefd18881 Mon Sep 17 00:00:00 2001 From: Josh Brower Date: Wed, 26 Jul 2023 10:54:24 -0400 Subject: [PATCH 12/12] Fix formatting --- .../elastic-agent/so-fleet_agent_id_verification-1.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/salt/elasticsearch/templates/component/elastic-agent/so-fleet_agent_id_verification-1.json b/salt/elasticsearch/templates/component/elastic-agent/so-fleet_agent_id_verification-1.json index 55e3e921c..99b3aa871 100644 --- a/salt/elasticsearch/templates/component/elastic-agent/so-fleet_agent_id_verification-1.json +++ b/salt/elasticsearch/templates/component/elastic-agent/so-fleet_agent_id_verification-1.json @@ -26,6 +26,14 @@ "tags": { "ignore_above": 1024, "type": "keyword" + }, + "network.initiated": { + "ignore_above": 1024, + "type": "keyword" + }, + "destination.ipv6": { + "ignore_above": 1024, + "type": "keyword" } } }