diff --git a/bin/soup b/bin/soup index 3bbf1c5..7f0650d 100755 --- a/bin/soup +++ b/bin/soup @@ -147,10 +147,20 @@ fi echo "Checking for kernels that can be removed..." /usr/sbin/so-purge-old-kernels -y -# Before running apt-get, we need to check for missing /etc/apt/preferences.d/securityonion-docker and restore if necessary -if [ -f /etc/nsm/elasticdownload.conf ] && [ -f /opt/elastic/src/etc/apt/preferences.d/securityonion-docker ]; then - if ! [ -f /etc/apt/preferences.d/securityonion-docker ]; then - cp /opt/elastic/src/etc/apt/preferences.d/securityonion-docker /etc/apt/preferences.d/securityonion-docker +# Before running apt-get, we need to ensure that the docker repo config is in place +if [ -f /etc/nsm/elasticdownload.conf ] && [ -f /opt/elastic/src/etc/apt/preferences.d/securityonion-docker ] && [ -f /etc/apt/sources.list ]; then + # check for missing /etc/apt/preferences.d/securityonion-docker and restore if necessary + FILE="/etc/apt/preferences.d/securityonion-docker" + if ! [ -f $FILE ]; then + echo "Copying $FILE into place" + cp /opt/elastic/src/etc/apt/preferences.d/securityonion-docker $FILE + fi + + # check for commented out docker line in /etc/apt/sources.list + FILE="/etc/apt/sources.list" + if grep -q "^# deb \[arch=amd64\] https://download.docker.com/linux/ubuntu trusty stable$" $FILE 2>/dev/null; then + echo "Re-enabling Docker repo in $FILE" + sed -i 's|^# deb \[arch=amd64\] https://download.docker.com/linux/ubuntu trusty stable$|deb [arch=amd64] https://download.docker.com/linux/ubuntu trusty stable|g' $FILE fi fi diff --git a/debian/changelog b/debian/changelog index 156f6c1..391f903 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +securityonion-sostat (20120722-0ubuntu0securityonion86) trusty; urgency=medium + + * issues 1190 and 1191 + + -- Doug Burks Thu, 28 Dec 2017 18:12:55 -0500 + securityonion-sostat (20120722-0ubuntu0securityonion85) trusty; urgency=medium * sostat: clean up error/output when performing Docker interface correlation #1175 diff --git a/debian/patches/issues-1190-and-1191 b/debian/patches/issues-1190-and-1191 new file mode 100644 index 0000000..efbf05c --- /dev/null +++ b/debian/patches/issues-1190-and-1191 @@ -0,0 +1,78 @@ +Description: + TODO: Put a short summary on the line above and replace this paragraph + with a longer explanation of this change. Complete the meta-information + with other relevant fields (see below for details). To make it easier, the + information below has been extracted from the changelog. Adjust it or drop + it. + . + securityonion-sostat (20120722-0ubuntu0securityonion86) trusty; urgency=medium + . + * issues 1190 and 1191 +Author: Doug Burks + +--- +The information above should follow the Patch Tagging Guidelines, please +checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here +are templates for supplementary fields that you might want to add: + +Origin: , +Bug: +Bug-Debian: http://bugs.debian.org/ +Bug-Ubuntu: https://launchpad.net/bugs/ +Forwarded: +Reviewed-By: +Last-Update: + +--- securityonion-sostat-20120722.orig/bin/sostat ++++ securityonion-sostat-20120722/bin/sostat +@@ -66,7 +66,13 @@ do + done + + # Determine sensor interfaces for packet loss stats +-INTERFACES=`grep -v "#" /etc/nsm/sensortab | awk '{print $4}'` ++INTERFACES="" ++NUM_INTERFACES=0 ++SENSORTAB="/etc/nsm/sensortab" ++if [ -s $SENSORTAB ]; then ++ INTERFACES=$(grep -v "#" $SENSORTAB | awk '{print $4}') ++ NUM_INTERFACES=$(grep -v "#" $SENSORTAB | wc -l) ++fi + + # Text formatting + if [ -t 1 ];then +@@ -143,7 +149,7 @@ top -b -n1 |head -6 + # Use "ps" to get a process listing and sort it by cpu usage + ps -eo pcpu,pmem,args --sort -pcpu + +-if [ -d /nsm/sensor_data ]; then ++if [ -d /nsm/sensor_data ] && [ $NUM_INTERFACES -gt 0 ]; then + echo + FREQUENCY=`grep -A1 packets_received /var/ossec/etc/ossec.conf | tail -1 | cut -d\> -f2 | cut -d\< -f1` + header "Packets received during last monitoring interval ($FREQUENCY seconds)" +--- securityonion-sostat-20120722.orig/bin/soup ++++ securityonion-sostat-20120722/bin/soup +@@ -147,10 +147,20 @@ fi + echo "Checking for kernels that can be removed..." + /usr/sbin/so-purge-old-kernels -y + +-# Before running apt-get, we need to check for missing /etc/apt/preferences.d/securityonion-docker and restore if necessary +-if [ -f /etc/nsm/elasticdownload.conf ] && [ -f /opt/elastic/src/etc/apt/preferences.d/securityonion-docker ]; then +- if ! [ -f /etc/apt/preferences.d/securityonion-docker ]; then +- cp /opt/elastic/src/etc/apt/preferences.d/securityonion-docker /etc/apt/preferences.d/securityonion-docker ++# Before running apt-get, we need to ensure that the docker repo config is in place ++if [ -f /etc/nsm/elasticdownload.conf ] && [ -f /opt/elastic/src/etc/apt/preferences.d/securityonion-docker ] && [ -f /etc/apt/sources.list ]; then ++ # check for missing /etc/apt/preferences.d/securityonion-docker and restore if necessary ++ FILE="/etc/apt/preferences.d/securityonion-docker" ++ if ! [ -f $FILE ]; then ++ echo "Copying $FILE into place" ++ cp /opt/elastic/src/etc/apt/preferences.d/securityonion-docker $FILE ++ fi ++ ++ # check for commented out docker line in /etc/apt/sources.list ++ FILE="/etc/apt/sources.list" ++ if grep -q "^# deb \[arch=amd64\] https://download.docker.com/linux/ubuntu trusty stable$" $FILE 2>/dev/null; then ++ echo "Re-enabling Docker repo in $FILE" ++ sed -i 's|^# deb \[arch=amd64\] https://download.docker.com/linux/ubuntu trusty stable$|deb [arch=amd64] https://download.docker.com/linux/ubuntu trusty stable|g' $FILE + fi + fi + diff --git a/debian/patches/series b/debian/patches/series index d96bd42..6e34f05 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -82,3 +82,4 @@ sostat:-provide-statistics-on-logstash-queue-#1157 Issue-1181:-soup:-don't-check-for-docker-images-if-docker-is-not-installed additional-check-for-usrbindocker sostat:-clean-up-erroroutput-when-performing-Docker-interface-correlation-#1175 +issues-1190-and-1191