This repository was archived by the owner on Apr 16, 2021. It is now read-only.
This repository was archived by the owner on Apr 16, 2021. It is now read-only.
NSM: need to handle /etc/init/securityonion.conf properly #1167
Description
Problem
Traditionally, /etc/init/securityonion.conf is a part of the securityonion-nsmnow-admin-scripts package. Therefore, whenever a new version of the securityonion-nsmnow-admin-scripts package is installed, /etc/init/securityonion.conf is automatically overwritten with the file from the package.
For folks that are testing out Elastic Beta, so-elastic-configure has written a new /etc/init/securityonion.conf. If we deploy a new NSM package and overwrite their elastic securityonion.conf with the traditional version, it will break their system.
Possible Solutions
We have at least 2 options:
- Build a new
/etc/init/securityonion.confthat can handle both pre-elastic and post-elastic conditions.
OR
- Remove
/etc/init/securityonion.conffrominstalland conditionally install inpostinst. If pre-elastic, copy file into place. If post-elastic, do nothing.