shift zeek & suricata onto ubi base image

baseimages.txt

@@ -12,3 +12,4 @@ redis:7.2.11-alpine
 registry:3.0.0
 telegraf:1.36.1-alpine
 ubuntu:24.04
+redhat/ubi9:9.7

so-suricata/Dockerfile

@@ -18,36 +18,33 @@ FROM ghcr.io/security-onion-solutions/oraclelinux:9 as builder
 RUN dnf update -y && \
     dnf -y install epel-release && \
     dnf config-manager --enable ol9_codeready_builder
-RUN dnf -y install oraclelinux-developer-release-el9 
+RUN dnf -y install oraclelinux-developer-release-el9
 RUN dnf repolist
 RUN dnf -y install autoconf automake diffutils file-devel gcc gcc-c++ git \
                jansson-devel jq libcap-ng-devel libevent-devel \
                libmaxminddb-devel libmaxminddb libnet-devel libnetfilter_queue-devel \
                libnfnetlink-devel libpcap-devel libtool libyaml-devel \
-               lua-devel lz4-devel make nss-devel pcre-devel pcre2-devel pkgconfig \
+               lz4-devel make nss-devel pcre-devel pcre2-devel pkgconfig \
                python3-devel python3-sphinx python3-yaml sudo which cargo \
-               zlib-devel luajit-devel cargo && cargo install --force cbindgen
+               zlib-devel cargo && cargo install --force cbindgen
 ENV SURIVERSION=8.0.2
 RUN mkdir /suricata
 
 WORKDIR /suricata
 
 RUN curl -vO https://www.openinfosecfoundation.org/download/suricata-$SURIVERSION.tar.gz && tar zxvf suricata-$SURIVERSION.tar.gz && \
-    cd suricata-$SURIVERSION && ./configure --enable-rust --enable-luajit --prefix=/opt/suricata --sysconfdir=/etc --disable-gccmarch-native --localstatedir=/var --enable-geoip && make -j4
+    cd suricata-$SURIVERSION && ./configure --enable-rust --prefix=/opt/suricata --sysconfdir=/etc --disable-gccmarch-native --localstatedir=/var --enable-geoip && make -j4
 RUN mkdir suriinstall && cd suricata-$SURIVERSION && make install DESTDIR=/suricata/suriinstall && make install-conf DESTDIR=/suricata/suriinstall && rm -rf /suricata/suriinstall/var/run
 
-FROM ghcr.io/security-onion-solutions/oraclelinux:9
+FROM ghcr.io/security-onion-solutions/ubi9:9.7
 
-LABEL maintainer "Security Onion Solutions, LLC"
+LABEL maintainer="Security Onion Solutions, LLC"
 LABEL description="Suricata running in a docker with AF_Packet for use with Security Onion."
 
-# Common Oracle layer
-RUN dnf update -y && dnf -y install epel-release bash libpcap iproute && \
-    dnf clean all && rm -rf /var/cache/dnf/* 
-
 # Packages Specific to this Container
-RUN dnf -y install luajit libnet jansson libyaml cargo rustc nss nss-devel libmaxminddb && \ 
-    dnf -y erase epel-release && dnf clean all && rm -rf /var/cache/dnf/* 
+RUN dnf -y update && dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm && \
+    dnf -y install bash libpcap iproute libnet jansson libyaml nss libmaxminddb && \
+    dnf -y erase epel-release && dnf clean all && rm -rf /var/cache/dnf/*
 
 COPY --from=builder /suricata/suriinstall/ /
 

so-zeek/Dockerfile

@@ -86,22 +86,21 @@ RUN groupadd --gid 937 zeek  && \
     chown -R 937:937 /nsm/zeek && \
     chown -R 937:937 /usr/local/ssl
 
-FROM ghcr.io/security-onion-solutions/oraclelinux:9
+FROM ghcr.io/security-onion-solutions/ubi9:9.7
 
 LABEL maintainer="Security Onion Solutions, LLC"
 LABEL description="Zeek running in docker for use with Security Onion"
 
 # Common Oracle layer, Packages specific to container, User configuration
-RUN dnf update -y && dnf -y install epel-release bash libpcap iproute && \
+RUN dnf update -y && dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm bash libpcap iproute && \
     dnf clean all && rm -rf /var/cache/dnf/* && \
     dnf -y install findutils jemalloc numactl libnl3 libdnet gdb libunwind-devel && \
-    dnf config-manager --enable ol9_codeready_builder ol9_developer_EPEL && \
+    dnf config-manager --enable ubi-9-codeready-builder-rpms && \
     dnf -y install libnghttp2-devel brotli-devel zeromq-devel && \
-    dnf config-manager --disable ol9_codeready_builder ol9_developer_EPEL && \
+    dnf config-manager --disable ubi-9-codeready-builder-rpms && \
     dnf -y remove epel-release && \
     dnf clean all && \
     rm -rf /var/cache/dnf/ && rm -rf /var/cache/yum/ && \
-    rm -rf /usr/share/doc/oraclelinux-release/OL9-RELNOTES9-4.zip && \
     groupadd --gid 937 zeek  && \
     adduser --uid 937 --gid 937 --home-dir /opt/zeek --no-create-home zeek