CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
8,978 Commits 40 Branches 125 Tags
ff25d6f80b2037e2d45b0da796445b2c7e947679
Commit Graph

63 Commits

Author SHA1 Message Date
Josh Brower 6f391dbe50 Migrate FleetDM user mgt to fleetctl 2021-11-17 13:13:25 -05:00
Jason Ertel 2f8bb5a2a6 Fix Docker-created corruption of SOC user roles file 2021-10-19 16:04:10 -04:00
Jason Ertel 9797a15218 Fix issue with 'so-user delete' resetting all user roles - note that this function is not technically supported or published since it's not intended for production use 2021-10-14 17:23:18 -04:00
Jason Ertel d21dee162d Add Note field to user traits; Enforce max length restrictions on email, firstname, lastname, and note fields 2021-10-08 12:39:17 -04:00
Jason Ertel 62c3afc81d Migrate users from locked to inactive during soup 2021-10-06 15:45:35 -04:00
Jason Ertel 7d8c8144b0 Drop obsolete status trait 2021-10-06 12:52:41 -04:00
Jason Ertel a2c4fce1ef Switch to use state attribute in identities for enabling/disabling users 2021-10-06 11:53:10 -04:00
Jason Ertel dae41d279a Prevent emails addresses from having uppercase characters 2021-09-22 08:25:55 -04:00
Jason Ertel a9049eccd4 Ensure identity ID parm is quoted now that it doesn't have embedded quotes in the value 2021-09-20 13:30:05 -04:00
Jason Ertel 730503b69c Ensure highstate migrates user roles 2021-09-18 23:17:49 -04:00
Jason Ertel 3508f3d8c1 Ensure ES user/role files are generated even if the primary admin user isn't yet created, since the system users are necessary for other installation functions 2021-09-18 19:20:43 -04:00
Jason Ertel 5704906b11 Create empty files for Docker to mount while installation continues 2021-09-18 15:49:05 -04:00
Jason Ertel 357c1db445 Recover from situation where roles file is corrupted 2021-09-18 11:08:35 -04:00
Jason Ertel 5377a1a85e Recover from situation where roles file is corrupted 2021-09-18 11:06:54 -04:00
Jason Ertel 7f2d7eb038 Continue migration of user emails to IDs 2021-09-18 07:20:34 -04:00
Jason Ertel 30e781d076 Use user ID instead of email as role master 2021-09-17 17:54:38 -04:00
Jason Ertel ff989b1c73 Include wording in so-user relating to optional role parameter 2021-09-14 14:03:00 -04:00
Jason Ertel 649f339934 Correct typo 2021-09-02 20:30:48 -04:00
Jason Ertel f659079542 Consolidate password validation messaging 2021-09-02 19:12:32 -04:00
Jason Ertel ce70380f0f resolve so-user errors from recent auth changes 2021-09-02 17:59:33 -04:00
Jason Ertel c4d402d8b4 Ensure role file exists before ES state is run 2021-09-02 15:45:47 -04:00
Jason Ertel 10126bb7ef Auth enhancements 2021-09-02 09:44:57 -04:00
Jason Ertel 258cebda6e Correct identity update payload to not have unsupported fields 2021-08-12 15:01:45 -04:00
Jason Ertel dcc9af946a Avoid logging when sync is unnecessary due to cronjob log output spam 2021-06-22 08:07:52 -04:00
Jason Ertel f36ef86ccc Improve algorithm for determining if a user sync is necessary; Apply salt state in foreground to avoid collisions with setup salt states. 2021-06-21 12:38:02 -04:00
Jason Ertel 5e042bf4b8 Improve algorithm for determining if a user sync is necessary; Apply salt state in foreground to avoid collisions with setup salt states. 2021-06-21 12:16:47 -04:00
Jason Ertel 777bece2eb Fix intermittent 'like' failures; Ensure bash is on first line of load templates script 2021-06-20 22:14:13 -04:00
Jason Ertel 0cb4562254 Lock so-user to avoid two processes from overwriting eachother 2021-06-17 15:19:39 -04:00
Jason Ertel 989f9dce42 Ensure sqlite.db exists before querying it; Execute so-elastic-auth after common state has been applied and redirect output to setup log 2021-06-15 16:57:13 -04:00
Jason Ertel 89a02383b8 Correct cronjob path issue for sysctl; suppress diff outputs from users/roles files; suppress salt state output during user sync 2021-06-09 16:31:32 -04:00
Jason Ertel a0c65e2333 Ensure elastic minions also update their auth files 2021-06-09 09:38:50 -04:00
Jason Ertel dd73ad544c Rename PATH var to avoid collision with OS PATH var; wrapped password var in quotes to support spaces in Fleet/TheHive passwords 2021-06-09 09:06:29 -04:00
Jason Ertel d2381b0209 Ensure empty/aborted users/roles files do not get copied onto final filenames 2021-06-08 11:03:56 -04:00
Jason Ertel ba29b5e036 Do not apply salt state if already applying a state 2021-06-04 21:56:41 -04:00
Jason Ertel e22421ec99 Refactor users/roles management via salt due to Salt's clobbering of the inode which breaks Docker mounts 2021-06-04 20:01:30 -04:00
Jason Ertel 416b38fc71 Use cronjob to ensure user synchronization 2021-06-04 11:24:58 -04:00
Jason Ertel 316035910f Remove inotify beacon due to it not functioning as documented; Add back so-user changes to sync upon so-user changes 2021-06-03 15:15:35 -04:00
Jason Ertel 7aede4d058 Persist chown/chmod settings on users/roles files 2021-06-02 09:01:16 -04:00
Jason Ertel 2a2247e1da Additional so-user sync adjustments 2021-06-01 14:45:01 -04:00
Jason Ertel ed8c85df2b Only sync web users if teh sqlite db exists 2021-06-01 10:26:33 -04:00
Jason Ertel b8a10f2e86 Support multiple elastic system users 2021-05-28 15:59:51 -04:00
Jason Ertel b43e6c5d6b Salt will handle auto-sync 2021-05-26 13:51:24 -04:00
Jason Ertel c531ef0773 Move user sync'd files to saltstack for grid propagation 2021-05-26 13:44:30 -04:00
Jason Ertel a6a4c03029 Improve error scenarios for user sync; Ensure user sync runs before Elastic container starts 2021-05-26 12:08:10 -04:00
Jason Ertel ec2f8fe6c8 Synchronize SOC passwords with Elastic 2021-05-25 17:16:05 -04:00
Jason Ertel 8c6489a49a Initial pass at synchronizing users file 2021-05-24 15:48:05 -04:00
Jason Ertel 409eea677d Continue removal of argon hashing 2021-05-24 11:50:53 -04:00
Jason Ertel 6b54a29ac7 Remove 'new user' references from so-user 2021-02-03 15:23:58 -05:00
Mike Reeves 18f2c7b482 Raid Setup for Appliances 2021-01-29 16:03:18 -05:00
Jason Ertel 76c917d977 Continued bash cleanup 2020-11-15 09:57:12 -05:00