diff --git a/baseimages.txt b/baseimages.txt index d68fb7d0..c1ea61e0 100644 --- a/baseimages.txt +++ b/baseimages.txt @@ -12,3 +12,4 @@ redis:7.2.11-alpine registry:3.0.0 telegraf:1.36.1-alpine ubuntu:24.04 +redhat/ubi9:9.7 \ No newline at end of file diff --git a/so-suricata/Dockerfile b/so-suricata/Dockerfile index b37a4d1e..a88daa32 100644 --- a/so-suricata/Dockerfile +++ b/so-suricata/Dockerfile @@ -18,36 +18,33 @@ FROM ghcr.io/security-onion-solutions/oraclelinux:9 as builder RUN dnf update -y && \ dnf -y install epel-release && \ dnf config-manager --enable ol9_codeready_builder -RUN dnf -y install oraclelinux-developer-release-el9 +RUN dnf -y install oraclelinux-developer-release-el9 RUN dnf repolist RUN dnf -y install autoconf automake diffutils file-devel gcc gcc-c++ git \ jansson-devel jq libcap-ng-devel libevent-devel \ libmaxminddb-devel libmaxminddb libnet-devel libnetfilter_queue-devel \ libnfnetlink-devel libpcap-devel libtool libyaml-devel \ - lua-devel lz4-devel make nss-devel pcre-devel pcre2-devel pkgconfig \ + lz4-devel make nss-devel pcre-devel pcre2-devel pkgconfig \ python3-devel python3-sphinx python3-yaml sudo which cargo \ - zlib-devel luajit-devel cargo && cargo install --force cbindgen + zlib-devel cargo && cargo install --force cbindgen ENV SURIVERSION=8.0.2 RUN mkdir /suricata WORKDIR /suricata RUN curl -vO https://www.openinfosecfoundation.org/download/suricata-$SURIVERSION.tar.gz && tar zxvf suricata-$SURIVERSION.tar.gz && \ - cd suricata-$SURIVERSION && ./configure --enable-rust --enable-luajit --prefix=/opt/suricata --sysconfdir=/etc --disable-gccmarch-native --localstatedir=/var --enable-geoip && make -j4 + cd suricata-$SURIVERSION && ./configure --enable-rust --prefix=/opt/suricata --sysconfdir=/etc --disable-gccmarch-native --localstatedir=/var --enable-geoip && make -j4 RUN mkdir suriinstall && cd suricata-$SURIVERSION && make install DESTDIR=/suricata/suriinstall && make install-conf DESTDIR=/suricata/suriinstall && rm -rf /suricata/suriinstall/var/run -FROM ghcr.io/security-onion-solutions/oraclelinux:9 +FROM ghcr.io/security-onion-solutions/ubi9:9.7 -LABEL maintainer "Security Onion Solutions, LLC" +LABEL maintainer="Security Onion Solutions, LLC" LABEL description="Suricata running in a docker with AF_Packet for use with Security Onion." -# Common Oracle layer -RUN dnf update -y && dnf -y install epel-release bash libpcap iproute && \ - dnf clean all && rm -rf /var/cache/dnf/* - # Packages Specific to this Container -RUN dnf -y install luajit libnet jansson libyaml cargo rustc nss nss-devel libmaxminddb && \ - dnf -y erase epel-release && dnf clean all && rm -rf /var/cache/dnf/* +RUN dnf -y update && dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm && \ + dnf -y install bash libpcap iproute libnet jansson libyaml nss libmaxminddb && \ + dnf -y erase epel-release && dnf clean all && rm -rf /var/cache/dnf/* COPY --from=builder /suricata/suriinstall/ / diff --git a/so-zeek/Dockerfile b/so-zeek/Dockerfile index 91a29ca1..e3912f20 100644 --- a/so-zeek/Dockerfile +++ b/so-zeek/Dockerfile @@ -86,22 +86,21 @@ RUN groupadd --gid 937 zeek && \ chown -R 937:937 /nsm/zeek && \ chown -R 937:937 /usr/local/ssl -FROM ghcr.io/security-onion-solutions/oraclelinux:9 +FROM ghcr.io/security-onion-solutions/ubi9:9.7 LABEL maintainer="Security Onion Solutions, LLC" LABEL description="Zeek running in docker for use with Security Onion" # Common Oracle layer, Packages specific to container, User configuration -RUN dnf update -y && dnf -y install epel-release bash libpcap iproute && \ +RUN dnf update -y && dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm bash libpcap iproute && \ dnf clean all && rm -rf /var/cache/dnf/* && \ dnf -y install findutils jemalloc numactl libnl3 libdnet gdb libunwind-devel && \ - dnf config-manager --enable ol9_codeready_builder ol9_developer_EPEL && \ + dnf config-manager --enable ubi-9-codeready-builder-rpms && \ dnf -y install libnghttp2-devel brotli-devel zeromq-devel && \ - dnf config-manager --disable ol9_codeready_builder ol9_developer_EPEL && \ + dnf config-manager --disable ubi-9-codeready-builder-rpms && \ dnf -y remove epel-release && \ dnf clean all && \ rm -rf /var/cache/dnf/ && rm -rf /var/cache/yum/ && \ - rm -rf /usr/share/doc/oraclelinux-release/OL9-RELNOTES9-4.zip && \ groupadd --gid 937 zeek && \ adduser --uid 937 --gid 937 --home-dir /opt/zeek --no-create-home zeek