securityonion

mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 18:22:47 +01:00

Author	SHA1	Message	Date
Jason Ertel	eefcc929c2	Update copyright pattern to match other repos	2022-01-24 10:09:23 -05:00
Jason Ertel	7c22f46a55	Update copyright year for 2022	2022-01-24 09:35:29 -05:00
Jason Ertel	b0d36f2ed2	Ensure update timestamp is updated when changing passwords; this ensures the sync will automatically follow	2021-12-21 13:38:35 -05:00
Jason Ertel	83d86aebb1	Perform full email match	2021-12-09 15:04:00 -05:00
Josh Brower	6f391dbe50	Migrate FleetDM user mgt to fleetctl	2021-11-17 13:13:25 -05:00
Jason Ertel	2f8bb5a2a6	Fix Docker-created corruption of SOC user roles file	2021-10-19 16:04:10 -04:00
Jason Ertel	9797a15218	Fix issue with 'so-user delete' resetting all user roles - note that this function is not technically supported or published since it's not intended for production use	2021-10-14 17:23:18 -04:00
Jason Ertel	d21dee162d	Add Note field to user traits; Enforce max length restrictions on email, firstname, lastname, and note fields	2021-10-08 12:39:17 -04:00
Jason Ertel	62c3afc81d	Migrate users from locked to inactive during soup	2021-10-06 15:45:35 -04:00
Jason Ertel	7d8c8144b0	Drop obsolete status trait	2021-10-06 12:52:41 -04:00
Jason Ertel	a2c4fce1ef	Switch to use state attribute in identities for enabling/disabling users	2021-10-06 11:53:10 -04:00
Jason Ertel	dae41d279a	Prevent emails addresses from having uppercase characters	2021-09-22 08:25:55 -04:00
Jason Ertel	a9049eccd4	Ensure identity ID parm is quoted now that it doesn't have embedded quotes in the value	2021-09-20 13:30:05 -04:00
Jason Ertel	730503b69c	Ensure highstate migrates user roles	2021-09-18 23:17:49 -04:00
Jason Ertel	3508f3d8c1	Ensure ES user/role files are generated even if the primary admin user isn't yet created, since the system users are necessary for other installation functions	2021-09-18 19:20:43 -04:00
Jason Ertel	5704906b11	Create empty files for Docker to mount while installation continues	2021-09-18 15:49:05 -04:00
Jason Ertel	357c1db445	Recover from situation where roles file is corrupted	2021-09-18 11:08:35 -04:00
Jason Ertel	5377a1a85e	Recover from situation where roles file is corrupted	2021-09-18 11:06:54 -04:00
Jason Ertel	7f2d7eb038	Continue migration of user emails to IDs	2021-09-18 07:20:34 -04:00
Jason Ertel	30e781d076	Use user ID instead of email as role master	2021-09-17 17:54:38 -04:00
Jason Ertel	ff989b1c73	Include wording in so-user relating to optional role parameter	2021-09-14 14:03:00 -04:00
Jason Ertel	649f339934	Correct typo	2021-09-02 20:30:48 -04:00
Jason Ertel	f659079542	Consolidate password validation messaging	2021-09-02 19:12:32 -04:00
Jason Ertel	ce70380f0f	resolve so-user errors from recent auth changes	2021-09-02 17:59:33 -04:00
Jason Ertel	c4d402d8b4	Ensure role file exists before ES state is run	2021-09-02 15:45:47 -04:00
Jason Ertel	10126bb7ef	Auth enhancements	2021-09-02 09:44:57 -04:00
Jason Ertel	258cebda6e	Correct identity update payload to not have unsupported fields	2021-08-12 15:01:45 -04:00
Jason Ertel	dcc9af946a	Avoid logging when sync is unnecessary due to cronjob log output spam	2021-06-22 08:07:52 -04:00
Jason Ertel	f36ef86ccc	Improve algorithm for determining if a user sync is necessary; Apply salt state in foreground to avoid collisions with setup salt states.	2021-06-21 12:38:02 -04:00
Jason Ertel	5e042bf4b8	Improve algorithm for determining if a user sync is necessary; Apply salt state in foreground to avoid collisions with setup salt states.	2021-06-21 12:16:47 -04:00
Jason Ertel	777bece2eb	Fix intermittent 'like' failures; Ensure bash is on first line of load templates script	2021-06-20 22:14:13 -04:00
Jason Ertel	0cb4562254	Lock so-user to avoid two processes from overwriting eachother	2021-06-17 15:19:39 -04:00
Jason Ertel	989f9dce42	Ensure sqlite.db exists before querying it; Execute so-elastic-auth after common state has been applied and redirect output to setup log	2021-06-15 16:57:13 -04:00
Jason Ertel	89a02383b8	Correct cronjob path issue for sysctl; suppress diff outputs from users/roles files; suppress salt state output during user sync	2021-06-09 16:31:32 -04:00
Jason Ertel	a0c65e2333	Ensure elastic minions also update their auth files	2021-06-09 09:38:50 -04:00
Jason Ertel	dd73ad544c	Rename PATH var to avoid collision with OS PATH var; wrapped password var in quotes to support spaces in Fleet/TheHive passwords	2021-06-09 09:06:29 -04:00
Jason Ertel	d2381b0209	Ensure empty/aborted users/roles files do not get copied onto final filenames	2021-06-08 11:03:56 -04:00
Jason Ertel	ba29b5e036	Do not apply salt state if already applying a state	2021-06-04 21:56:41 -04:00
Jason Ertel	e22421ec99	Refactor users/roles management via salt due to Salt's clobbering of the inode which breaks Docker mounts	2021-06-04 20:01:30 -04:00
Jason Ertel	416b38fc71	Use cronjob to ensure user synchronization	2021-06-04 11:24:58 -04:00
Jason Ertel	316035910f	Remove inotify beacon due to it not functioning as documented; Add back so-user changes to sync upon so-user changes	2021-06-03 15:15:35 -04:00
Jason Ertel	7aede4d058	Persist chown/chmod settings on users/roles files	2021-06-02 09:01:16 -04:00
Jason Ertel	2a2247e1da	Additional so-user sync adjustments	2021-06-01 14:45:01 -04:00
Jason Ertel	ed8c85df2b	Only sync web users if teh sqlite db exists	2021-06-01 10:26:33 -04:00
Jason Ertel	b8a10f2e86	Support multiple elastic system users	2021-05-28 15:59:51 -04:00
Jason Ertel	b43e6c5d6b	Salt will handle auto-sync	2021-05-26 13:51:24 -04:00
Jason Ertel	c531ef0773	Move user sync'd files to saltstack for grid propagation	2021-05-26 13:44:30 -04:00
Jason Ertel	a6a4c03029	Improve error scenarios for user sync; Ensure user sync runs before Elastic container starts	2021-05-26 12:08:10 -04:00
Jason Ertel	ec2f8fe6c8	Synchronize SOC passwords with Elastic	2021-05-25 17:16:05 -04:00
Jason Ertel	8c6489a49a	Initial pass at synchronizing users file	2021-05-24 15:48:05 -04:00

1 2

67 Commits