diff --git a/.github/actions/ghcr-pull-and-push/build_and_push_image_to_ghcr.sh b/.github/actions/ghcr-pull-and-push/build_and_push_image_to_ghcr.sh new file mode 100644 index 0000000000..83b32e8fce --- /dev/null +++ b/.github/actions/ghcr-pull-and-push/build_and_push_image_to_ghcr.sh @@ -0,0 +1,22 @@ +GITHUB_PUSH_SECRET=$1 +GITHUB_USER=$2 +DOCKER_IMAGE_NAME=$3 +BUILD_CONTEXT=$4 +DOCKERFILE_PATH="$BUILD_CONTEXT/Dockerfile" +if [ -n "$5" ]; then + DOCKER_IMAGE_TAG=$5 +else + DOCKER_IMAGE_TAG="latest" +fi +GITHUB_REPOSITORY="wazuh/wazuh-packages" +GITHUB_OWNER="wazuh" +IMAGE_ID=ghcr.io/${GITHUB_OWNER}/${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG} +IMAGE_ID=$(echo ${IMAGE_ID} | tr '[A-Z]' '[a-z]') + +# Login to GHCR +echo ${GITHUB_PUSH_SECRET} | docker login https://ghcr.io -u $GITHUB_USER --password-stdin + +# Build image +echo build -t ${IMAGE_ID} -f ${DOCKERFILE_PATH} ${BUILD_CONTEXT} +docker build -t ${IMAGE_ID} -f ${DOCKERFILE_PATH} ${BUILD_CONTEXT} +docker push ${IMAGE_ID} \ No newline at end of file diff --git a/.github/actions/ghcr-pull-and-push/pull_image_from_ghcr.sh b/.github/actions/ghcr-pull-and-push/pull_image_from_ghcr.sh new file mode 100644 index 0000000000..03f4e60910 --- /dev/null +++ b/.github/actions/ghcr-pull-and-push/pull_image_from_ghcr.sh @@ -0,0 +1,19 @@ +GITHUB_PUSH_SECRET=$1 +GITHUB_USER=$2 +DOCKER_IMAGE_NAME=$3 +if [ -n "$4" ]; then + DOCKER_IMAGE_TAG="$4" +else + DOCKER_IMAGE_TAG="latest" +fi +GITHUB_REPOSITORY="wazuh/wazuh-packages" +GITHUB_OWNER="wazuh" +IMAGE_ID=ghcr.io/${GITHUB_OWNER}/${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG} +IMAGE_ID=$(echo ${IMAGE_ID} | tr '[A-Z]' '[a-z]') + +# Login to GHCR +echo ${GITHUB_PUSH_SECRET} | docker login https://ghcr.io -u $GITHUB_USER --password-stdin + +# Pull and rename image +docker pull ${IMAGE_ID} +docker image tag ghcr.io/${GITHUB_OWNER}/${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG} ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG} diff --git a/.github/actions/offline-installation/common.sh b/.github/actions/offline-installation/common.sh new file mode 100644 index 0000000000..7042ae644d --- /dev/null +++ b/.github/actions/offline-installation/common.sh @@ -0,0 +1,311 @@ +#!/bin/bash + +function check_package() { + + if [ "${sys_type}" == "deb" ]; then + if ! apt list --installed 2>/dev/null | grep -q "${1}"; then + echo "INFO: The package "${1}" is not installed." + return 1 + fi + elif [ "${sys_type}" == "rpm" ]; then + if ! yum list installed 2>/dev/null | grep -q "${1}"; then + echo "INFO: The package "${1}" is not installed." + return 1 + fi + fi + return 0 + +} + +function check_system() { + + if [ -n "$(command -v yum)" ]; then + sys_type="rpm" + echo "INFO: RPM system detected." + elif [ -n "$(command -v apt-get)" ]; then + sys_type="deb" + echo "INFO: DEB system detected." + else + echo "ERROR: could not detect the system." + exit 1 + fi + +} + +function check_file() { + + if [ ! -f "${1}" ]; then + echo "ERROR: The ${1} file could not be downloaded." + exit 1 + fi + +} + +function check_shards() { + + retries=0 + until [ "$(curl -s -k -u admin:admin "https://localhost:9200/_template/wazuh?pretty&filter_path=wazuh.settings.index.number_of_shards" | grep "number_of_shards")" ] || [ "${retries}" -eq 5 ]; do + sleep 5 + retries=$((retries+1)) + done + + if [ ${retries} -eq 5 ]; then + echo "ERROR: Could not get the number of shards." + exit 1 + fi + curl -s -k -u admin:admin "https://localhost:9200/_template/wazuh?pretty&filter_path=wazuh.settings.index.number_of_shards" + echo "INFO: Number of shards detected." + +} + +function dashboard_installation() { + + install_package "wazuh-dashboard" + check_package "wazuh-dashboard" + + echo "INFO: Generating certificates of the Wazuh dashboard..." + NODE_NAME=dashboard + mkdir /etc/wazuh-dashboard/certs + mv -n wazuh-certificates/$NODE_NAME.pem /etc/wazuh-dashboard/certs/dashboard.pem + mv -n wazuh-certificates/$NODE_NAME-key.pem /etc/wazuh-dashboard/certs/dashboard-key.pem + cp wazuh-certificates/root-ca.pem /etc/wazuh-dashboard/certs/ + chmod 500 /etc/wazuh-dashboard/certs + chmod 400 /etc/wazuh-dashboard/certs/* + chown -R wazuh-dashboard:wazuh-dashboard /etc/wazuh-dashboard/certs + + if [ "${sys_type}" == "deb" ]; then + enable_start_service "wazuh-dashboard" + elif [ "${sys_type}" == "rpm" ]; then + /usr/share/wazuh-dashboard/bin/opensearch-dashboards "-c /etc/wazuh-dashboard/opensearch_dashboards.yml" --allow-root > /dev/null 2>&1 & + fi + + sleep 10 + # In this context, 302 HTTP code refers to SSL certificates warning: success. + if [ "$(curl -k -s -I -w "%{http_code}" https://localhost -o /dev/null --fail)" -ne "302" ]; then + echo "ERROR: The Wazuh dashboard installation has failed." + exit 1 + fi + echo "INFO: The Wazuh dashboard is ready." + +} + +function download_resources() { + + check_file "${ABSOLUTE_PATH}"/wazuh-install.sh + bash "${ABSOLUTE_PATH}"/wazuh-install.sh -dw "${sys_type}" + echo "INFO: Downloading the resources..." + + curl -sO https://packages.wazuh.com/4.3/config.yml + check_file "config.yml" + + sed -i -e '0,// s//127.0.0.1/' config.yml + sed -i -e '0,// s//127.0.0.1/' config.yml + sed -i -e '0,// s//127.0.0.1/' config.yml + + curl -sO https://packages.wazuh.com/4.3/wazuh-certs-tool.sh + check_file "wazuh-certs-tool.sh" + chmod 744 wazuh-certs-tool.sh + ./wazuh-certs-tool.sh --all + + tar xf wazuh-offline.tar.gz + echo "INFO: Download finished." + + if [ ! -d ./wazuh-offline ]; then + echo "ERROR: Could not download the resources." + exit 1 + fi + +} + +function enable_start_service() { + + systemctl daemon-reload + systemctl enable "${1}" + systemctl start "${1}" + + retries=0 + until [ "$(systemctl status "${1}" | grep "active")" ] || [ "${retries}" -eq 3 ]; do + sleep 2 + retries=$((retries+1)) + systemctl start "${1}" + done + + if [ ${retries} -eq 3 ]; then + echo "ERROR: The "${1}" service could not be started." + exit 1 + fi + +} + +function filebeat_installation() { + + install_package "filebeat" + check_package "filebeat" + + cp ./wazuh-offline/wazuh-files/filebeat.yml /etc/filebeat/ &&\ + cp ./wazuh-offline/wazuh-files/wazuh-template.json /etc/filebeat/ &&\ + chmod go+r /etc/filebeat/wazuh-template.json + + sed -i 's|\("index.number_of_shards": \)".*"|\1 "1"|' /etc/filebeat/wazuh-template.json + filebeat keystore create + echo admin | filebeat keystore add username --stdin --force + echo admin | filebeat keystore add password --stdin --force + tar -xzf ./wazuh-offline/wazuh-files/wazuh-filebeat-0.2.tar.gz -C /usr/share/filebeat/module + + echo "INFO: Generating certificates of Filebeat..." + NODE_NAME=wazuh-1 + mkdir /etc/filebeat/certs + mv -n wazuh-certificates/$NODE_NAME.pem /etc/filebeat/certs/filebeat.pem + mv -n wazuh-certificates/$NODE_NAME-key.pem /etc/filebeat/certs/filebeat-key.pem + cp wazuh-certificates/root-ca.pem /etc/filebeat/certs/ + chmod 500 /etc/filebeat/certs + chmod 400 /etc/filebeat/certs/* + chown -R root:root /etc/filebeat/certs + + if [ "${sys_type}" == "deb" ]; then + enable_start_service "filebeat" + elif [ "${sys_type}" == "rpm" ]; then + /usr/share/filebeat/bin/filebeat --environment systemd -c /etc/filebeat/filebeat.yml --path.home /usr/share/filebeat --path.config /etc/filebeat --path.data /var/lib/filebeat --path.logs /var/log/filebeat & + fi + + sleep 10 + check_shards + eval "filebeat test output" + if [ "${PIPESTATUS[0]}" != 0 ]; then + echo "ERROR: The Filebeat installation has failed." + exit 1 + fi + +} + +function indexer_initialize() { + + retries=0 + until [ "$(cat /var/log/wazuh-indexer/wazuh-cluster.log | grep "Node started")" ] || [ "${retries}" -eq 5 ]; do + sleep 5 + retries=$((retries+1)) + done + + if [ ${retries} -eq 5 ]; then + echo "ERROR: The indexer node is not started." + exit 1 + fi + /usr/share/wazuh-indexer/bin/indexer-security-init.sh + +} + +function indexer_installation() { + + if [ "${sys_type}" == "rpm" ]; then + rpm --import ./wazuh-offline/wazuh-files/GPG-KEY-WAZUH + fi + + install_package "wazuh-indexer" + check_package "wazuh-indexer" + + echo "INFO: Generating certificates of the Wazuh indexer..." + NODE_NAME=node-1 + mkdir /etc/wazuh-indexer/certs + mv -n wazuh-certificates/$NODE_NAME.pem /etc/wazuh-indexer/certs/indexer.pem + mv -n wazuh-certificates/$NODE_NAME-key.pem /etc/wazuh-indexer/certs/indexer-key.pem + mv wazuh-certificates/admin-key.pem /etc/wazuh-indexer/certs/ + mv wazuh-certificates/admin.pem /etc/wazuh-indexer/certs/ + cp wazuh-certificates/root-ca.pem /etc/wazuh-indexer/certs/ + chmod 500 /etc/wazuh-indexer/certs + chmod 400 /etc/wazuh-indexer/certs/* + chown -R wazuh-indexer:wazuh-indexer /etc/wazuh-indexer/certs + + sed -i 's|\(network.host: \)"0.0.0.0"|\1"127.0.0.1"|' /etc/wazuh-indexer/opensearch.yml + + if [ "${sys_type}" == "rpm" ]; then + runuser "wazuh-indexer" --shell="/bin/bash" --command="OPENSEARCH_PATH_CONF=/etc/wazuh-indexer /usr/share/wazuh-indexer/bin/opensearch" > /dev/null 2>&1 & + sleep 5 + elif [ "${sys_type}" == "deb" ]; then + enable_start_service "wazuh-indexer" + fi + + indexer_initialize + sleep 10 + eval "curl -s -XGET https://localhost:9200 -u admin:admin -k --fail" + if [ "${PIPESTATUS[0]}" != 0 ]; then + echo "ERROR: The Wazuh indexer installation has failed." + exit 1 + fi + +} + +function install_dependencies() { + + if [ "${sys_type}" == "rpm" ]; then + dependencies=( util-linux initscripts openssl ) + not_installed=() + for dep in "${dependencies[@]}"; do + if [ "${dep}" == "openssl" ]; then + if ! yum list installed 2>/dev/null | grep -q "${dep}\.";then + not_installed+=("${dep}") + fi + elif ! yum list installed 2>/dev/null | grep -q "${dep}";then + not_installed+=("${dep}") + fi + done + + if [ "${#not_installed[@]}" -gt 0 ]; then + echo "--- Dependencies ---" + for dep in "${not_installed[@]}"; do + echo "Installing $dep." + eval "yum install ${dep} -y" + if [ "${PIPESTATUS[0]}" != 0 ]; then + echo "ERROR: Cannot install dependency: ${dep}." + exit 1 + fi + done + fi + + elif [ "${sys_type}" == "deb" ]; then + eval "apt-get update -q > /dev/null" + dependencies=( openssl ) + not_installed=() + + for dep in "${dependencies[@]}"; do + if ! apt list --installed 2>/dev/null | grep -q "${dep}"; then + not_installed+=("${dep}") + fi + done + + if [ "${#not_installed[@]}" -gt 0 ]; then + echo "--- Dependencies ----" + for dep in "${not_installed[@]}"; do + echo "Installing $dep." + apt-get install -y "${dep}" + if [ "${install_result}" != 0 ]; then + echo "ERROR: Cannot install dependency: ${dep}." + exit 1 + fi + done + fi + fi + +} + +function install_package() { + + if [ "${sys_type}" == "deb" ]; then + dpkg -i ./wazuh-offline/wazuh-packages/"${1}"*.deb + elif [ "${sys_type}" == "rpm" ]; then + rpm -ivh ./wazuh-offline/wazuh-packages/"${1}"*.rpm + fi + +} + +function manager_installation() { + + install_package "wazuh-manager" + check_package "wazuh-manager" + + if [ "${sys_type}" == "deb" ]; then + enable_start_service "wazuh-manager" + elif [ "${sys_type}" == "rpm" ]; then + /var/ossec/bin/wazuh-control start + fi + +} diff --git a/.github/actions/offline-installation/offline-installation.sh b/.github/actions/offline-installation/offline-installation.sh new file mode 100644 index 0000000000..787b20bf66 --- /dev/null +++ b/.github/actions/offline-installation/offline-installation.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +# Gets the absolute path of the script, used to load the common.sh file +ABSOLUTE_PATH="$( cd $(dirname ${0}) ; pwd -P )" +. ${ABSOLUTE_PATH}/common.sh + +check_system +install_dependencies +download_resources + +indexer_installation +echo "INFO: Wazuh indexer installation completed." + +manager_installation +echo "INFO: Wazuh manager installation completed." + +filebeat_installation +echo "INFO: Filebeat installation completed." + +dashboard_installation +echo "INFO: Wazuh dashboard installation completed." diff --git a/.github/actions/test-install-components/install_component.sh b/.github/actions/test-install-components/install_component.sh new file mode 100644 index 0000000000..9f507d1f53 --- /dev/null +++ b/.github/actions/test-install-components/install_component.sh @@ -0,0 +1,30 @@ +#!/bin/bash +echo "Installing Wazuh $2." + +if [ -f /etc/os-release ]; then + source /etc/os-release + if [ "$ID" = "centos" ] && [ "$VERSION_ID" = "8" ]; then + find /etc/yum.repos.d/ -type f -exec sed -i 's/mirrorlist/#mirrorlist/g' {} \; + find /etc/yum.repos.d/ -type f -exec sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' {} \; + fi +fi + +if [ -f /etc/redhat-release ]; then + VERSION=$(cat /etc/redhat-release) + if [ "$VERSION" = "CentOS release 6.9 (Final)" ]; then + curl https://www.getpagespeed.com/files/centos6-eol.repo --output /etc/yum.repos.d/CentOS-Base.repo + fi +fi + +if [ -n "$(command -v yum)" ]; then + sys_type="yum" +elif [ -n "$(command -v apt-get)" ]; then + sys_type="apt-get" + apt-get update + apt-get install -y systemd +else + common_logger -e "Couldn't find type of system" + exit 1 +fi + +$sys_type install -y "/packages/$1" \ No newline at end of file diff --git a/.github/actions/upgrade-indexer/common.sh b/.github/actions/upgrade-indexer/common.sh new file mode 100644 index 0000000000..78f27904f3 --- /dev/null +++ b/.github/actions/upgrade-indexer/common.sh @@ -0,0 +1,112 @@ +#!/bin/bash +FILES_OLD="/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig" +FILES_NEW="/etc/wazuh-indexer/opensearch-security" +declare -A files_old +declare -A files_new +PACKAGE_NAME="${1}" +MAJOR_MINOR_RELEASE=$((${2})) + +# Check the system to differ between DEB and RPM +function check_system() { + + if [ -n "$(command -v yum)" ]; then + sys_type="rpm" + elif [ -n "$(command -v apt-get)" ]; then + sys_type="deb" + else + echo "Error: could not detect the system." + exit 1 + fi + +} + +# Checks the version of Wazuh with 4.3 version, where path is different. +function check_version() { + + if [ -z "${MAJOR_MINOR_RELEASE}" ]; then + echo "Error: second argument expected." + exit 1 + fi + + # 43 represents the threshold where the path of the securityconfig + # files changes (major and minor) + if [ "${MAJOR_MINOR_RELEASE}" -gt "43" ]; then + FILES_OLD="${FILES_NEW}" + echo "New path detected (/etc)." + else + echo "Old path detected (/usr/share)." + fi + +} + +# Compare the arrays, the loop ends if a different checksum is detected +function compare_arrays() { + + for file in "${!files_old[@]}"; do + echo "Comparing $file file checksum..." + echo "Old: ${files_old[$file]}" + echo "New: ${files_new[$file]}" + if [[ "${files_old[$file]}" == "${files_new[$file]}" ]]; then + echo "${file} - Same checksum." + else + echo "${file} - Different checksum." + exit 1 + fi + done + +} + +# Steps before installing the RPM release package. +function add_production_repository() { + + rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH + echo -e '[wazuh]\ngpgcheck=1\ngpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH\nenabled=1\nname=EL-$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1' | tee /etc/yum.repos.d/wazuh.repo + +} + +# Reads the files passed by param and store their checksum in the array +function read_files() { + + if [ ! -d "${1}" ]; then + echo "Error: the directory does not exist. ${1}." + exit 1 + fi + + for file in ${1}/*; do + if [ -f "${file}" ]; then + echo "Processing ${file} file..." + + # Change only the old files + if [ "${2}" == "old" ]; then + echo "# Adding a new line to force changed checksum" >> ${f} + echo "Changed file." + fi + checksum=`md5sum ${file} | cut -d " " -f1` + basename=`basename ${file}` + if [ "${2}" == "old" ]; then + files_old["${basename}"]="${checksum}" + elif [ "${2}" == "new" ]; then + files_new["${basename}"]="${checksum}" + fi + fi + done + +} + +# Prints associative array of the files passed by params +function print_files() { + + aux=$(declare -p "$1") + eval "declare -A arr="${aux#*=} + + if [ "${#arr[@]}" -eq 0 ]; then + echo "Error: the array didn't scan correctly." + exit 1 + fi + + for KEY in "${!arr[@]}"; do + echo "Key: ${KEY}" + echo "Value: ${arr[${KEY}]}" + done + +} diff --git a/.github/actions/upgrade-indexer/upgrade-indexer.sh b/.github/actions/upgrade-indexer/upgrade-indexer.sh new file mode 100644 index 0000000000..6a50bad4c4 --- /dev/null +++ b/.github/actions/upgrade-indexer/upgrade-indexer.sh @@ -0,0 +1,42 @@ +#!/bin/bash + +# Gets the absolute path of the script, used to load the common.sh file +ABSOLUTE_PATH="$( cd $(dirname ${0}) ; pwd -P )" +. ${ABSOLUTE_PATH}/common.sh + +check_system +check_version + +echo "Installing old version of Wazuh indexer..." +if [ ${sys_type} == "deb" ]; then + apt-get -y install wazuh-indexer +elif [ ${sys_type} == "rpm" ]; then + add_production_repository + yum -y install wazuh-indexer +else + echo "Error: No system detected." + exit 1 +fi + +read_files "${FILES_OLD}" "old" +echo "Old files..." +print_files "files_old" + +echo "Installing new version of Wazuh indexer..." +if [ ${sys_type} == "deb" ]; then + apt-get install $PACKAGE_NAME +elif [ ${sys_type} == "rpm" ]; then + yum -y localinstall $PACKAGE_NAME +fi + +read_files "${FILES_NEW}" "new" +echo "New files..." +print_files "files_new" + +compare_arrays +if [ "$?" -eq 0 ]; then + echo "Same checksums - Test passed correctly." + exit 0 +fi +echo "Error: different checksums detected." +exit 1 diff --git a/.github/workflows/add-issues-to-projects.yml b/.github/workflows/add-issues-to-projects.yml new file mode 100644 index 0000000000..9a0ecd16e4 --- /dev/null +++ b/.github/workflows/add-issues-to-projects.yml @@ -0,0 +1,25 @@ +name: Add opened issues to projects + +on: + issues: + types: + - opened + - transferred + +jobs: + add-to-project: + name: Add issue to project + runs-on: ubuntu-latest + steps: + - uses: actions/add-to-project@v0.4.0 + with: + # You can target a repository in a different organization + # to the issue + project-url: https://github.com/orgs/wazuh/projects/3 + github-token: ${{ secrets.ADD_TO_PROJECT_PAT }} + - uses: actions/add-to-project@v0.4.0 + with: + # You can target a repository in a different organization + # to the issue + project-url: https://github.com/orgs/wazuh/projects/15 + github-token: ${{ secrets.ADD_TO_PROJECT_PAT }} diff --git a/.github/workflows/build-deb-packages.yml b/.github/workflows/build-deb-packages.yml new file mode 100644 index 0000000000..febe83870d --- /dev/null +++ b/.github/workflows/build-deb-packages.yml @@ -0,0 +1,77 @@ +name: Build Wazuh Packages - DEB - amd64 and i386 +on: + pull_request: + paths: + - 'debs/SPECS/**' + - 'debs/generate_debian_package.sh' + workflow_dispatch: + workflow_call: + +jobs: + Wazuh-agent-deb-package-build: + runs-on: ubuntu-latest + strategy: + matrix: + TYPE: [agent, manager] + ARCHITECTURE : [amd64, i386] + exclude: + - TYPE: manager + ARCHITECTURE: i386 + fail-fast: false + + steps: + - name: Cancel previous runs + uses: fkirc/skip-duplicate-actions@master + with: + cancel_others: 'true' + github_token: ${{ secrets.GITHUB_TOKEN }} + skip_after_successful_duplicate: 'false' + + - uses: actions/checkout@v3 + + - name: Get changed files + uses: dorny/paths-filter@v2 + id: changes + with: + filters: | + deb_images: + - 'debs/Debian/**' + - 'debs/build.sh' + deb_images_i386: + - 'debs/Debian/i386/**' + - 'debs/build.sh' + deb_images_amd64: + - 'debs/Debian/amd64/**' + - 'debs/build.sh' + deb_packages: + - 'debs/SPECS/**' + - 'debs/generate_debian_package.sh' + + - name: Set tag and container name + if: steps.changes.outputs.deb_packages == 'true' || (steps.changes.outputs.deb_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.deb_images_amd64 == 'true' && matrix.ARCHITECTURE == 'amd64') + run: | + MAJOR=$(sed 's/\([0-9]*\.[0-9]*\)\.[0-9]*/\1/' $GITHUB_WORKSPACE/VERSION) + if [ "${{ steps.changes.outputs.deb_images }}" == "true" ]; then echo "TAG=${{ github.head_ref }}" >> $GITHUB_ENV; else echo "TAG=$MAJOR" >> $GITHUB_ENV ; fi + if [ $MAJOR == "4.6" ]; then echo "VERSION=master" >> $GITHUB_ENV $ ; else echo "VERSION=$MAJOR" >> $GITHUB_ENV; fi + echo "CONTAINER_NAME=deb_builder_${{ matrix.ARCHITECTURE }}" >> $GITHUB_ENV + + - name: Download docker image for package building + if: steps.changes.outputs.deb_packages == 'true' || (steps.changes.outputs.deb_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.deb_images_amd64 == 'true' && matrix.ARCHITECTURE == 'amd64') + run: | + bash $GITHUB_WORKSPACE/.github/actions/ghcr-pull-and-push/pull_image_from_ghcr.sh ${{ secrets.GITHUB_TOKEN }} ${{ github.actor}} $CONTAINER_NAME ${{ env.TAG }} + + - name: Build the ${{ matrix.ARCHITECTURE }} deb Wazuh ${{ matrix.TYPE }} package + if: steps.changes.outputs.deb_packages == 'true' || (steps.changes.outputs.deb_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.deb_images_amd64 == 'true' && matrix.ARCHITECTURE == 'amd64') + working-directory: ./debs + run: | + REVISION="${{ github.head_ref }}" + bash generate_debian_package.sh -b ${{ env.VERSION }} -t ${{ matrix.TYPE }} -a ${{ matrix.ARCHITECTURE }} --dev -j 2 --dont-build-docker --tag ${{ env.TAG }} -r $REVISION + echo "PACKAGE_NAME=$(ls ./output | grep .deb | head -n 1)" >> $GITHUB_ENV + + - name: Upload Wazuh ${{ matrix.TYPE }} ${{ matrix.ARCHITECTURE }} package as artifact + if: steps.changes.outputs.deb_packages == 'true' || (steps.changes.outputs.deb_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.deb_images_amd64 == 'true' && matrix.ARCHITECTURE == 'amd64') + uses: actions/upload-artifact@v2 + with: + name: ${{ env.PACKAGE_NAME }} + path: ${{github.workspace}}/debs/output/${{ env.PACKAGE_NAME }} + if-no-files-found: error \ No newline at end of file diff --git a/.github/workflows/build-rpm-packages.yml b/.github/workflows/build-rpm-packages.yml new file mode 100644 index 0000000000..ceca955345 --- /dev/null +++ b/.github/workflows/build-rpm-packages.yml @@ -0,0 +1,78 @@ +name: Build Wazuh Packages - RPM - x86_64 and i386 +on: + pull_request: + paths: + - 'rpms/SPECS/*' + - 'rpms/generate_rpm_package.sh' + workflow_dispatch: + workflow_call: + + +jobs: + Wazuh-agent-rpm-package-build: + runs-on: ubuntu-latest + strategy: + matrix: + TYPE: [agent, manager] + ARCHITECTURE : [x86_64, i386] + exclude: + - TYPE: manager + ARCHITECTURE: i386 + fail-fast: false + + steps: + - name: Cancel previous runs + uses: fkirc/skip-duplicate-actions@master + with: + cancel_others: 'true' + github_token: ${{ secrets.GITHUB_TOKEN }} + skip_after_successful_duplicate: 'false' + + - uses: actions/checkout@v3 + + - name: Get changed files + uses: dorny/paths-filter@v2 + id: changes + with: + filters: | + rpm_images: + - 'rpms/CentOS/**' + - 'rpms/build.sh' + rpm_images_i386: + - 'rpms/CentOS/6/i386/**' + - 'rpms/build.sh' + rpm_images_x86_64: + - 'rpms/CentOS/6/x86_64/**' + - 'rpms/build.sh' + rpm_packages: + - 'rpms/SPECS/**' + - 'rpms/generate_rpm_package.sh' + + - name: Set tag and container name + if : steps.changes.outputs.rpm_packages == 'true' || (steps.changes.outputs.rpm_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.rpm_images_x86_64 == 'true' && matrix.ARCHITECTURE == 'x86_64') + run: | + MAJOR=$(sed 's/\([0-9]*\.[0-9]*\)\.[0-9]*/\1/' $GITHUB_WORKSPACE/VERSION) + if [ "${{ steps.changes.outputs.rpm_images }}" == "true" ]; then echo "TAG=${{ github.head_ref }}" >> $GITHUB_ENV; else echo "TAG=$MAJOR" >> $GITHUB_ENV ; fi + if [ $MAJOR == "4.6" ]; then echo "VERSION=master" >> $GITHUB_ENV $ ; else echo "VERSION=$MAJOR" >> $GITHUB_ENV; fi + if [ "${{ matrix.ARCHITECTURE }}" == "x86_64" ]; then echo "CONTAINER_NAME=rpm_builder_x86" >> $GITHUB_ENV ; else echo "CONTAINER_NAME=rpm_builder_${{ matrix.ARCHITECTURE }}" >> $GITHUB_ENV ; fi + + - name: Download docker image for package building + if : steps.changes.outputs.rpm_packages == 'true' || (steps.changes.outputs.rpm_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.rpm_images_x86_64 == 'true' && matrix.ARCHITECTURE == 'x86_64') + run: | + bash $GITHUB_WORKSPACE/.github/actions/ghcr-pull-and-push/pull_image_from_ghcr.sh ${{ secrets.GITHUB_TOKEN }} ${{ github.actor}} $CONTAINER_NAME ${{ env.TAG }} + + - name: Build the ${{ matrix.ARCHITECTURE }} rpm Wazuh ${{ matrix.TYPE }} package + if : steps.changes.outputs.rpm_packages == 'true' || (steps.changes.outputs.rpm_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.rpm_images_x86_64 == 'true' && matrix.ARCHITECTURE == 'x86_64') + working-directory: ./rpms + run: | + REVISION=$( echo ${{ github.head_ref }} | sed 's/-/./g' ) + bash generate_rpm_package.sh -b ${{ env.VERSION }} -t ${{ matrix.TYPE }} -a ${{ matrix.ARCHITECTURE }} --dev -j 2 --dont-build-docker --tag ${{ env.TAG }} -r $REVISION + echo "PACKAGE_NAME=$(ls ./output | grep .rpm | head -n 1)" >> $GITHUB_ENV + + - name: Upload Wazuh ${{ matrix.TYPE }} ${{ matrix.ARCHITECTURE }} package as artifact + if : steps.changes.outputs.rpm_packages == 'true' || (steps.changes.outputs.rpm_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.rpm_images_x86_64 == 'true' && matrix.ARCHITECTURE == 'x86_64') + uses: actions/upload-artifact@v2 + with: + name: ${{ env.PACKAGE_NAME }} + path: ${{github.workspace}}/rpms/output/${{ env.PACKAGE_NAME }} + if-no-files-found: error \ No newline at end of file diff --git a/.github/workflows/clean-worflow-runs.yml b/.github/workflows/clean-worflow-runs.yml new file mode 100644 index 0000000000..cd7ee9eb08 --- /dev/null +++ b/.github/workflows/clean-worflow-runs.yml @@ -0,0 +1,19 @@ +name: Clean workflow runs +on: + schedule: + - cron: '0 0 * * 5' + workflow_dispatch: + +jobs: + Clean-runs: + runs-on: ubuntu-latest + steps: + - name: Delete workflow runs + uses: dmvict/clean-workflow-runs@v1.0.0 + with: + token: ${{ secrets.GITHUB_TOKEN }} + run_conclusions: | + cancelled + skipped + timed_out + save_period: 5 \ No newline at end of file diff --git a/.github/workflows/offline-installation.yml b/.github/workflows/offline-installation.yml new file mode 100644 index 0000000000..07b75cb45f --- /dev/null +++ b/.github/workflows/offline-installation.yml @@ -0,0 +1,64 @@ +name: Offline installation test +on: + pull_request: + paths: + - 'unattended_installer/install_functions/wazuh-offline-download.sh' + +jobs: + Build-wazuh-install-script: + runs-on: ubuntu-latest + steps: + - name: Cancel previous runs + uses: fkirc/skip-duplicate-actions@master + with: + cancel_others: 'true' + github_token: ${{ secrets.GITHUB_TOKEN }} + skip_after_successful_duplicate: 'false' + + - uses: actions/checkout@v2 + + - name: Build wazuh-install script and use pre-release packages + working-directory: ./unattended_installer + run: | + bash builder.sh -i -d + sed -i 's|wazuh_major="4\.5"|wazuh_major="4\.4"|g' wazuh-install.sh + sed -i 's|wazuh_version="4\.5\(.*\)"|wazuh_version="4\.4\1"|g' wazuh-install.sh + + - uses: actions/upload-artifact@v3 + with: + name: script + path: | + unattended_installer/wazuh-install.sh + if-no-files-found: error + + Test-offline-installation-debian: + runs-on: ubuntu-latest + needs: Build-wazuh-install-script + steps: + - uses: actions/checkout@v2 + + - uses: actions/download-artifact@v3 + with: + name: script + + - name: Move unattended script + run: cp $GITHUB_WORKSPACE/wazuh-install.sh $GITHUB_WORKSPACE/.github/actions/offline-installation/wazuh-install.sh + + - name: Run script + run: sudo bash $GITHUB_WORKSPACE/.github/actions/offline-installation/offline-installation.sh + + Test-offline-installation-rpm: + runs-on: ubuntu-latest + needs: Build-wazuh-install-script + steps: + - uses: actions/checkout@v2 + + - uses: actions/download-artifact@v3 + with: + name: script + + - name: Move unattended script + run: cp $GITHUB_WORKSPACE/wazuh-install.sh $GITHUB_WORKSPACE/.github/actions/offline-installation/wazuh-install.sh + + - name: Launch docker and run script + run: sudo docker run -v $GITHUB_WORKSPACE/.github/actions/offline-installation/:/tests centos:centos7 bash /tests/offline-installation.sh diff --git a/.github/workflows/test-indexer-debian.yml b/.github/workflows/test-indexer-debian.yml new file mode 100644 index 0000000000..7506fde912 --- /dev/null +++ b/.github/workflows/test-indexer-debian.yml @@ -0,0 +1,36 @@ +name: Test the preserving of security config files upon upgrade - Wazuh indexer - Debian +on: + pull_request: + paths: + - 'stack/indexer/deb/debian/*' + workflow_dispatch: + +jobs: + Test-security-config-files-preservation-Debian: + runs-on: ubuntu-latest + steps: + - name: Preinstall the latest stable version of the Wazuh indexer package + run: | + curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import && chmod 644 /usr/share/keyrings/wazuh.gpg + echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" | sudo tee -a /etc/apt/sources.list.d/wazuh.list + sudo apt-get update + + - name: Get the latest stable Wazuh version (all components) + run: echo "LATEST_STABLE_VERSION=$(jq -r 'map(select(.prerelease == false and .draft == false)) | .[] | .tag_name' <<< $(curl --silent https://api.github.com/repos/wazuh/wazuh/releases) | sed "s|v||g" | sort -rV | head -n 1)" >> $GITHUB_ENV + + - name: Get the major and minor of the latest stable version + run: echo "MAJOR_MINOR=$(echo $LATEST_STABLE_VERSION | cut -d '.' -f1-2 | sed "s|\.||")" >> $GITHUB_ENV + + - uses: actions/checkout@v3 + - name: Build the Wazuh indexer package and set environment variable + working-directory: ./stack/indexer/deb + run: | + sudo ./build_package.sh + echo "PACKAGE_NAME=$(ls ./output | grep .deb | head -n 1)" >> $GITHUB_ENV + + - name: Move the built package + working-directory: ./stack/indexer/deb + run: sudo cp ./output/$PACKAGE_NAME $GITHUB_WORKSPACE/$PACKAGE_NAME + + - name: Run script + run: sudo bash $GITHUB_WORKSPACE/.github/actions/upgrade-indexer/upgrade-indexer.sh $GITHUB_WORKSPACE/$PACKAGE_NAME $MAJOR_MINOR diff --git a/.github/workflows/test-indexer-rpm.yml b/.github/workflows/test-indexer-rpm.yml new file mode 100644 index 0000000000..5cf1bb00af --- /dev/null +++ b/.github/workflows/test-indexer-rpm.yml @@ -0,0 +1,32 @@ +name: Test the preserving of security config files upon upgrade - Wazuh indexer - RPM +on: + pull_request: + paths: + - 'stack/indexer/rpm/wazuh-indexer.spec' + workflow_dispatch: + +jobs: + Test-security-config-files-preservation-RPM: + runs-on: ubuntu-latest + steps: + - name: Get the latest stable Wazuh version (all components) + run: echo "LATEST_STABLE_VERSION=$(jq -r 'map(select(.prerelease == false and .draft == false)) | .[] | .tag_name' <<< $(curl --silent https://api.github.com/repos/wazuh/wazuh/releases) | sed "s|v||g" | sort -rV | head -n 1)" >> $GITHUB_ENV + + - name: Get the major and minor of the latest stable version + run: echo "MAJOR_MINOR=$(echo $LATEST_STABLE_VERSION | cut -d '.' -f1-2 | sed "s|\.||")" >> $GITHUB_ENV + + - uses: actions/checkout@v3 + - name: Build the Wazuh indexer package and set environment variable + working-directory: ./stack/indexer/rpm + run: | + sudo ./build_package.sh + echo "PACKAGE_NAME=$(ls ./output | grep .rpm | head -n 1)" >> $GITHUB_ENV + + - name: Move the built package + working-directory: ./stack/indexer/rpm + run: | + mkdir $GITHUB_WORKSPACE/packages + sudo cp ./output/$PACKAGE_NAME $GITHUB_WORKSPACE/packages/$PACKAGE_NAME + + - name: Launch docker + run: sudo docker run -v $GITHUB_WORKSPACE/.github/actions/upgrade-indexer/:/tests -v $GITHUB_WORKSPACE/packages/:/packages centos:centos7 bash /tests/upgrade-indexer.sh /packages/$PACKAGE_NAME $MAJOR_MINOR diff --git a/.github/workflows/test-install-deb.yml b/.github/workflows/test-install-deb.yml new file mode 100644 index 0000000000..bd1fadc7fa --- /dev/null +++ b/.github/workflows/test-install-deb.yml @@ -0,0 +1,94 @@ +name: Test install Wazuh agent and manager - DEB +on: + pull_request: + paths: + - 'debs/SPECS/**' + - 'debs/generate_debian_package.sh' + workflow_dispatch: + workflow_call: + +jobs: + + Wait-for-package-building: + runs-on: ubuntu-latest + strategy: + fail-fast: false + steps: + - name: Cancel previous runs + uses: fkirc/skip-duplicate-actions@master + with: + cancel_others: 'true' + github_token: ${{ secrets.GITHUB_TOKEN }} + skip_after_successful_duplicate: 'false' + + - name: Wait for the package to be built + uses: ArcticLampyrid/action-wait-for-workflow@v1.0.3 + id: wait-for-build + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + workflow: build-deb-packages.yml + sha: ${{ github.event.pull_request.head.sha || github.sha }} + wait-interval: 60 + + Test-install-deb-systems: + needs: Wait-for-package-building + runs-on: ubuntu-latest + strategy: + matrix: + distro_name: ['ubuntu:xenial', 'ubuntu:bionic', 'ubuntu:focal', 'ubuntu:jammy', 'debian:stretch', 'debian:buster', 'debian:bullseye'] + type: [agent, manager] + arch: [amd64, i386] + exclude: + - type: manager + arch: i386 + - distro_name: 'ubuntu:jammy' + arch: i386 + fail-fast: false + steps: + - uses: actions/checkout@v3 + + - name: Get changed files + uses: dorny/paths-filter@v2 + id: changes + with: + filters: | + deb_images: + - 'debs/Debian/**' + - 'debs/build.sh' + deb_images_i386: + - 'debs/Debian/i386/**' + - 'debs/build.sh' + deb_images_amd64: + - 'debs/Debian/amd64/**' + - 'debs/build.sh' + deb_packages: + - 'debs/SPECS/**' + - 'debs/generate_debian_package.sh' + + - name: Setup directories and variables + if: steps.changes.outputs.deb_packages == 'true' || (steps.changes.outputs.deb_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.deb_images_amd64 == 'true' && matrix.ARCHITECTURE == 'amd64') + run: | + VERSION=$(cat $GITHUB_WORKSPACE/VERSION) + REVISION=$( echo ${{ github.head_ref }}) + echo "PACKAGE_NAME=wazuh-${{ matrix.type }}_${VERSION}-${REVISION}_${{ matrix.arch }}.deb" >> $GITHUB_ENV + + - name: Download the Wazuh ${{ matrix.type }} package for ${{ matrix.system.NAME }} + if: steps.changes.outputs.deb_packages == 'true' || (steps.changes.outputs.deb_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.deb_images_amd64 == 'true' && matrix.ARCHITECTURE == 'amd64') + id: download-artifact + continue-on-error: true + uses: dawidd6/action-download-artifact@v2 + with: + workflow: build-deb-packages.yml + workflow_conclusion: success + name: ${{env.PACKAGE_NAME}} + if_no_artifact_found: fail + + - name: Move the Wazuh ${{ matrix.type }} package for ${{ matrix.distro_name }} to the packages directory + if: steps.changes.outputs.deb_packages == 'true' || (steps.changes.outputs.deb_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.deb_images_amd64 == 'true' && matrix.ARCHITECTURE == 'amd64') + run: | + mkdir $GITHUB_WORKSPACE/packages + mv ${{env.PACKAGE_NAME}} $GITHUB_WORKSPACE/packages + + - name: Launch docker + if: steps.changes.outputs.deb_packages == 'true' || (steps.changes.outputs.deb_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.deb_images_amd64 == 'true' && matrix.ARCHITECTURE == 'amd64') + run: sudo docker run -v $GITHUB_WORKSPACE/.github/actions/test-install-components/:/tests -v $GITHUB_WORKSPACE/packages/:/packages ${{ matrix.arch }}/${{ matrix.distro_name }} bash /tests/install_component.sh $PACKAGE_NAME ${{ matrix.type }} \ No newline at end of file diff --git a/.github/workflows/test-install-rpm.yml b/.github/workflows/test-install-rpm.yml new file mode 100644 index 0000000000..a44498a53a --- /dev/null +++ b/.github/workflows/test-install-rpm.yml @@ -0,0 +1,103 @@ +name: Test install Wazuh agent and manager - RPM +on: + pull_request: + paths: + - 'rpms/SPECS/*' + - 'rpms/generate_rpm_package.sh' + workflow_dispatch: + workflow_call: + +jobs: + Wait-for-package-building: + runs-on: ubuntu-latest + strategy: + fail-fast: false + steps: + - name: Cancel previous runs + uses: fkirc/skip-duplicate-actions@master + with: + cancel_others: 'true' + github_token: ${{ secrets.GITHUB_TOKEN }} + skip_after_successful_duplicate: 'false' + + - name: Wait for the package to be built + uses: ArcticLampyrid/action-wait-for-workflow@v1.0.3 + id: wait-for-build + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + workflow: build-rpm-packages.yml + sha: ${{ github.event.pull_request.head.sha || github.sha }} + wait-interval: 60 + + Test-install-rpm-systems: + needs: Wait-for-package-building + runs-on: ubuntu-latest + strategy: + matrix: + system: [ + {NAME: 'oraclelinux:9', ARCH: "x86_64"}, + {NAME: 'almalinux:9', ARCH: "x86_64"}, + {NAME: 'rockylinux:9', ARCH: "x86_64"}, + {NAME: 'centos:7', ARCH: "x86_64"}, + {NAME: 'centos:8', ARCH: "x86_64"}, + {NAME: 'i386/centos:7', ARCH: "i386"}, + {NAME: 'redhat/ubi8:latest', ARCH: "x86_64"}, + {NAME: 'redhat/ubi9:latest', ARCH: "x86_64"}, + {NAME: 'amazonlinux:2', ARCH: "x86_64"}, + {NAME: 'fedora:34', ARCH: "x86_64"}, + {NAME: 'centos:6.9', ARCH: "x86_64", INIT: "initd"}] + type: [agent, manager] + exclude: + - system: {ARCH: "i386"} + type: manager + - system: {INIT: "initd"} + type: manager + fail-fast: false + steps: + - uses: actions/checkout@v3 + + - name: Get changed files + uses: dorny/paths-filter@v2 + id: changes + with: + filters: | + rpm_images: + - 'rpms/CentOS/**' + - 'rpms/build.sh' + rpm_images_i386: + - 'rpms/CentOS/6/i386/**' + - 'rpms/build.sh' + rpm_images_x86_64: + - 'rpms/CentOS/6/x86_64/**' + - 'rpms/build.sh' + rpm_packages: + - 'rpms/SPECS/**' + - 'rpms/generate_rpm_package.sh' + + - name: Setup directories and variables + if : steps.changes.outputs.rpm_packages == 'true' || (steps.changes.outputs.rpm_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.rpm_images_x86_64 == 'true' && matrix.ARCHITECTURE == 'x86_64') + run: | + VERSION=$(cat $GITHUB_WORKSPACE/VERSION) + REVISION=$( echo ${{ github.head_ref }} | sed 's/-/./g' ) + echo "PACKAGE_NAME=wazuh-${{ matrix.type }}-${VERSION}-${REVISION}.${{matrix.system.ARCH}}.rpm" >> $GITHUB_ENV + + - name: Download the Wazuh ${{ matrix.type }} package for ${{ matrix.system.NAME }} + if : steps.changes.outputs.rpm_packages == 'true' || (steps.changes.outputs.rpm_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.rpm_images_x86_64 == 'true' && matrix.ARCHITECTURE == 'x86_64') + id: download-artifact + continue-on-error: true + uses: dawidd6/action-download-artifact@v2 + with: + workflow: build-rpm-packages.yml + workflow_conclusion: success + name: ${{env.PACKAGE_NAME}} + if_no_artifact_found: fail + + - name: Move the Wazuh ${{ matrix.type }} package for ${{ matrix.system.NAME }} to the packages directory + if : steps.changes.outputs.rpm_packages == 'true' || (steps.changes.outputs.rpm_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.rpm_images_x86_64 == 'true' && matrix.ARCHITECTURE == 'x86_64') + run: | + mkdir $GITHUB_WORKSPACE/packages + mv ${{env.PACKAGE_NAME}} $GITHUB_WORKSPACE/packages + + - name: Launch docker + if : steps.changes.outputs.rpm_packages == 'true' || (steps.changes.outputs.rpm_images_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || (steps.changes.outputs.rpm_images_x86_64 == 'true' && matrix.ARCHITECTURE == 'x86_64') + run: sudo docker run -v $GITHUB_WORKSPACE/.github/actions/test-install-components/:/tests -v $GITHUB_WORKSPACE/packages/:/packages ${{ matrix.system.NAME }} bash /tests/install_component.sh $PACKAGE_NAME ${{ matrix.type }} \ No newline at end of file diff --git a/.github/workflows/upload-deb-images.yml b/.github/workflows/upload-deb-images.yml new file mode 100644 index 0000000000..a0da5b8eb7 --- /dev/null +++ b/.github/workflows/upload-deb-images.yml @@ -0,0 +1,65 @@ +name: Upload package creation Docker images - DEB - amd64 and i386 +on: + pull_request: + paths: + - 'debs/Debian/**' + - 'debs/build.sh' + types: + - opened + - synchronize + - closed + workflow_dispatch: + +jobs: + Upload-deb-package-building-images: + runs-on: ubuntu-latest + strategy: + matrix: + image: [ {CONTAINER_NAME: deb_builder_amd64, DOCKERFILE_PATH: debs/Debian/amd64}, {CONTAINER_NAME: deb_builder_i386, DOCKERFILE_PATH: debs/Debian/i386}] + fail-fast: false + steps: + - name: Cancel previous runs + uses: fkirc/skip-duplicate-actions@master + with: + cancel_others: 'true' + github_token: ${{ secrets.GITHUB_TOKEN }} + skip_after_successful_duplicate: 'false' + + - uses: actions/checkout@v3 + + - name: Get changed files + uses: dorny/paths-filter@v2 + id: changes + with: + filters: | + i386: + - 'debs/Debian/i386/**' + - 'debs/build.sh' + amd64: + - 'debs/Debian/amd64/**' + - 'debs/build.sh' + + - name: Copy build.sh to Dockerfile path + run: + cp $GITHUB_WORKSPACE/debs/build.sh $GITHUB_WORKSPACE/${{ matrix.image.DOCKERFILE_PATH }} + + - name: Set tag as version + run: + if [ "${{ github.event.pull_request.merged }}" == "false" ]; then echo "TAG=${{ github.head_ref }}" >> $GITHUB_ENV; else echo "TAG=$(sed 's/\([0-9]*\.[0-9]*\)\.[0-9]*/\1/' $GITHUB_WORKSPACE/VERSION)" >> $GITHUB_ENV; fi + + - name: Build and push image ${{ matrix.image.CONTAINER_NAME }} with tag ${{ env.TAG }} to Github Container Registry + if: ( steps.changes.outputs.i386 == 'true' && matrix.image.CONTAINER_NAME == 'deb_builder_i386' ) || ( steps.changes.outputs.amd64 == 'true' && matrix.image.CONTAINER_NAME == 'deb_builder_amd64' ) + run: + bash $GITHUB_WORKSPACE/.github/actions/ghcr-pull-and-push/build_and_push_image_to_ghcr.sh ${{ secrets.GITHUB_TOKEN }} ${{ github.actor}} ${{matrix.image.CONTAINER_NAME}} ${{ matrix.image.DOCKERFILE_PATH }} ${{ env.TAG }} + + Build-packages-deb: + needs: Upload-deb-package-building-images + if: github.event_name == 'pull_request' + uses: ./.github/workflows/build-deb-packages.yml + secrets: inherit + + Test-packages-deb: + needs: Build-packages-deb + if: github.event_name == 'pull_request' + uses: ./.github/workflows/test-install-and-enable-deb.yml + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/upload-rpm-images.yml b/.github/workflows/upload-rpm-images.yml new file mode 100644 index 0000000000..c2392127da --- /dev/null +++ b/.github/workflows/upload-rpm-images.yml @@ -0,0 +1,65 @@ +name: Upload package creation Docker images - RPM - x86 and i386 +on: + pull_request: + paths: + - 'rpms/CentOS/**' + - 'rpms/build.sh' + types: + - opened + - synchronize + - closed + workflow_dispatch: + +jobs: + Upload-rpm-package-building-images: + runs-on: ubuntu-latest + strategy: + matrix: + image: [ {CONTAINER_NAME: rpm_builder_x86, DOCKERFILE_PATH: rpms/CentOS/6/x86_64}, {CONTAINER_NAME: rpm_builder_i386, DOCKERFILE_PATH: rpms/CentOS/6/i386}] + fail-fast: false + steps: + - name: Cancel previous runs + uses: fkirc/skip-duplicate-actions@master + with: + cancel_others: 'true' + github_token: ${{ secrets.GITHUB_TOKEN }} + skip_after_successful_duplicate: 'false' + + - uses: actions/checkout@v3 + + - name: Get changed files + uses: dorny/paths-filter@v2 + id: changes + with: + filters: | + i386: + - 'rpms/CentOS/6/i386/**' + - 'rpms/build.sh' + x86_64: + - 'rpms/CentOS/6/x86_64/**' + - 'rpms/build.sh' + + - name: Copy build.sh to Dockerfile path + run: + cp $GITHUB_WORKSPACE/rpms/build.sh $GITHUB_WORKSPACE/${{ matrix.image.DOCKERFILE_PATH }} + + - name: Set tag as version + run: + if [ "${{ github.event.pull_request.merged }}" == "false" ]; then echo "TAG=${{ github.head_ref }}" >> $GITHUB_ENV; else echo "TAG=$(sed 's/\([0-9]*\.[0-9]*\)\.[0-9]*/\1/' $GITHUB_WORKSPACE/VERSION)" >> $GITHUB_ENV; fi + + - name: Build and push image ${{ matrix.image.CONTAINER_NAME }} with tag ${{ env.TAG }} to Github Container Registry + if: ( steps.changes.outputs.i386 == 'true' && matrix.image.CONTAINER_NAME == 'rpm_builder_i386' ) || ( steps.changes.outputs.x86_64 == 'true' && matrix.image.CONTAINER_NAME == 'rpm_builder_x86' ) + run: + bash $GITHUB_WORKSPACE/.github/actions/ghcr-pull-and-push/build_and_push_image_to_ghcr.sh ${{ secrets.GITHUB_TOKEN }} ${{ github.actor}} ${{matrix.image.CONTAINER_NAME}} ${{ matrix.image.DOCKERFILE_PATH }} ${{ env.TAG }} + + Build-packages-rpm: + needs: Upload-rpm-package-building-images + if: github.event_name == 'pull_request' + uses: ./.github/workflows/build-rpm-packages.yml + secrets: inherit + + Test-packages-rpm: + needs: Build-packages-rpm + if: github.event_name == 'pull_request' + uses: ./.github/workflows/test-install-and-enable-rpm.yml + secrets: inherit \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index 8a53a793b2..225322024d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,10 @@ # Change Log All notable changes to this project will be documented in this file. + +## [v4.5.0] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.5.0 + ## [v4.4.0] - https://github.com/wazuh/wazuh-packages/releases/tag/v4.4.0 diff --git a/README.md b/README.md index 5f6b21366f..f51bb3422e 100644 --- a/README.md +++ b/README.md @@ -32,14 +32,14 @@ The following table shows the references for the versions of each component. ### Dashboard -| Wazuh dashboard | Opensearch dashboards | +| Wazuh dashboard | OpenSearch Dashboards | |-----------------|-----------------------| | 4.3.x | 1.2.0 | | 4.4.x | 2.4.1 | ### Indexer -| Wazuh indexer | Opensearch | +| Wazuh indexer | OpenSearch | |-----------------|-----------------------| | 4.3.x | 1.2.4 | | 4.4.x | 2.4.1 | diff --git a/VERSION b/VERSION index fdc6698807..a84947d6ff 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -4.4.0 +4.5.0 diff --git a/aix/SPECS/wazuh-agent-aix.spec b/aix/SPECS/wazuh-agent-aix.spec index b7f20146ba..db705a698e 100644 --- a/aix/SPECS/wazuh-agent-aix.spec +++ b/aix/SPECS/wazuh-agent-aix.spec @@ -1,6 +1,6 @@ # Spec file for AIX systems Name: wazuh-agent -Version: 4.4.0 +Version: 4.5.0 Release: 1 License: GPL URL: https://www.wazuh.com/ @@ -290,6 +290,8 @@ rm -fr %{buildroot} %attr(750, root, wazuh) %{_localstatedir}/wodles/* %changelog +* Fri May 05 2023 support - 4.5.0 +- More info: https://documentation.wazuh.com/current/release-notes/ * Wed Jan 18 2023 support - 4.4.0 - More info: https://documentation.wazuh.com/current/release-notes/ * Thu Nov 10 2022 support - 4.3.10 diff --git a/debs/Debian/amd64/Dockerfile b/debs/Debian/amd64/Dockerfile index c3734b3576..cab85b23cd 100644 --- a/debs/Debian/amd64/Dockerfile +++ b/debs/Debian/amd64/Dockerfile @@ -5,14 +5,14 @@ ENV DEBIAN_FRONTEND noninteractive # Installing necessary packages RUN echo "deb http://archive.debian.org/debian/ wheezy contrib main non-free" > /etc/apt/sources.list && \ echo "deb-src http://archive.debian.org/debian/ wheezy contrib main non-free" >> /etc/apt/sources.list && \ - apt-get update && apt-get install -y apt-utils && \ + apt-get update && apt-get install -y --force-yes apt-utils && \ apt-get install -y --force-yes \ curl gcc make sudo wget expect gnupg perl-base=5.14.2-21+deb7u3 perl \ libc-bin=2.13-38+deb7u10 libc6=2.13-38+deb7u10 libc6-dev build-essential \ cdbs devscripts equivs automake autoconf libtool libaudit-dev selinux-basics \ libdb5.1=5.1.29-5 libdb5.1-dev libssl1.0.0=1.0.1e-2+deb7u20 procps gawk libsigsegv2 -RUN apt-get update && apt-get build-dep python3.2 -y +RUN apt-get update && apt-get build-dep python3.2 -y --force-yes RUN curl -OL http://packages.wazuh.com/utils/gcc/gcc-9.4.0.tar.gz && \ tar xzf gcc-9.4.0.tar.gz && cd gcc-9.4.0/ && \ diff --git a/debs/Debian/i386/Dockerfile b/debs/Debian/i386/Dockerfile index 99eef6c673..c43803f4bf 100644 --- a/debs/Debian/i386/Dockerfile +++ b/debs/Debian/i386/Dockerfile @@ -5,7 +5,7 @@ ENV DEBIAN_FRONTEND noninteractive # Installing necessary packages RUN echo "deb http://archive.debian.org/debian/ wheezy contrib main non-free" > /etc/apt/sources.list && \ echo "deb-src http://archive.debian.org/debian/ wheezy contrib main non-free" >> /etc/apt/sources.list && \ - apt-get update && apt-get install -y apt-utils && \ + apt-get update && apt-get install -y --force-yes apt-utils && \ apt-get install -y --force-yes \ curl gcc-multilib make wget sudo expect gnupg perl-base=5.14.2-21+deb7u3 \ perl libc-bin=2.13-38+deb7u10 libc6=2.13-38+deb7u10 libc6-dev \ @@ -14,7 +14,7 @@ RUN echo "deb http://archive.debian.org/debian/ wheezy contrib main non-free" > libssl1.0.0=1.0.1e-2+deb7u20 gawk libsigsegv2 procps # Add Debian's source repository -RUN apt-get update && apt-get build-dep python3.2 -y +RUN apt-get update && apt-get build-dep python3.2 -y --force-yes RUN sed -i "s;/\* To add :#define SO_REUSEPORT 15 \*/;#define SO_REUSEPORT 15;g" /usr/include/asm-generic/socket.h RUN curl -OL http://packages.wazuh.com/utils/gcc/gcc-9.4.0.tar.gz && \ diff --git a/debs/SPECS/wazuh-agent/debian/changelog b/debs/SPECS/wazuh-agent/debian/changelog index 7e15a89c8e..8b53b603ab 100644 --- a/debs/SPECS/wazuh-agent/debian/changelog +++ b/debs/SPECS/wazuh-agent/debian/changelog @@ -1,3 +1,9 @@ +wazuh-agent (4.5.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Fri, 05 May 2023 11:56:07 +0000 + wazuh-agent (4.4.0-RELEASE) stable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ diff --git a/debs/SPECS/wazuh-manager/debian/changelog b/debs/SPECS/wazuh-manager/debian/changelog index 4a4b88017c..56c1498fb8 100644 --- a/debs/SPECS/wazuh-manager/debian/changelog +++ b/debs/SPECS/wazuh-manager/debian/changelog @@ -1,3 +1,9 @@ +wazuh-manager (4.5.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Fri, 05 May 2023 11:56:07 +0000 + wazuh-manager (4.4.0-RELEASE) stable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ diff --git a/debs/SPECS/wazuh-manager/debian/postinst b/debs/SPECS/wazuh-manager/debian/postinst index 9d334e9cea..c5c84fc29e 100644 --- a/debs/SPECS/wazuh-manager/debian/postinst +++ b/debs/SPECS/wazuh-manager/debian/postinst @@ -89,8 +89,8 @@ case "$1" in rm -rf ${DIR}/backup/groups # Generation auto-signed certificate if not exists - if type openssl >/dev/null 2>&1 && [ ! -f "${DIR}/etc/sslmanager.key" ] && [ ! -f "${DIR}/etc/sslmanager.cert" ]; then - openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -subj "/C=US/ST=California/CN=Wazuh/" -keyout ${DIR}/etc/sslmanager.key -out ${DIR}/etc/sslmanager.cert 2>/dev/null + if [ ! -f "${DIR}/etc/sslmanager.key" ] && [ ! -f "${DIR}/etc/sslmanager.cert" ]; then + ${DIR}/bin/wazuh-authd -C 365 -B 2048 -S "/C=US/ST=California/CN=Wazuh/" -K ${DIR}/etc/sslmanager.key -X ${DIR}/etc/sslmanager.cert 2>/dev/null fi chmod 640 ${DIR}/etc/sslmanager.cert ${DIR}/etc/sslmanager.key > /dev/null 2>&1 || true @@ -240,17 +240,17 @@ case "$1" in # Remove old ossec user and group if exists and change ownwership of files if getent group ossec > /dev/null 2>&1; then - find ${DIR}/ -group ossec -user root -exec chown root:wazuh {} \; > /dev/null 2>&1 || true + find ${DIR}/ -group ossec -user root -print0 | xargs -0 chown root:wazuh > /dev/null 2>&1 || true if getent passwd ossec > /dev/null 2>&1; then - find ${DIR}/ -group ossec -user ossec -exec chown ${USER}:${GROUP} {} \; > /dev/null 2>&1 || true + find ${DIR}/ -group ossec -user ossec -print0 | xargs -0 chown ${USER}:${GROUP} > /dev/null 2>&1 || true deluser ossec > /dev/null 2>&1 fi if getent passwd ossecm > /dev/null 2>&1; then - find ${DIR}/ -group ossec -user ossecm -exec chown ${USER}:${GROUP} {} \; > /dev/null 2>&1 || true + find ${DIR}/ -group ossec -user ossecm -print0 | xargs -0 chown ${USER}:${GROUP} > /dev/null 2>&1 || true deluser ossecm > /dev/null 2>&1 fi if getent passwd ossecr > /dev/null 2>&1; then - find ${DIR}/ -group ossec -user ossecr -exec chown ${USER}:${GROUP} {} \; > /dev/null 2>&1 || true + find ${DIR}/ -group ossec -user ossecr -print0 | xargs -0 chown ${USER}:${GROUP} > /dev/null 2>&1 || true deluser ossecr > /dev/null 2>&1 fi if getent group ossec > /dev/null 2>&1; then diff --git a/debs/build.sh b/debs/build.sh index 4291313e50..7a9090d9a8 100755 --- a/debs/build.sh +++ b/debs/build.sh @@ -125,3 +125,4 @@ if [[ "${checksum}" == "yes" ]]; then cd ${pkg_path} && sha512sum ${deb_file} > /var/local/checksum/${deb_file}.sha512 fi mv ${pkg_path}/${deb_file} /var/local/wazuh + \ No newline at end of file diff --git a/debs/generate_debian_package.sh b/debs/generate_debian_package.sh index 6195db8ebb..e3ccf969dc 100755 --- a/debs/generate_debian_package.sh +++ b/debs/generate_debian_package.sh @@ -16,6 +16,7 @@ TARGET="" JOBS="2" DEBUG="no" BUILD_DOCKER="yes" +DOCKER_TAG="latest" INSTALLATION_PATH="/var/ossec" DEB_AMD64_BUILDER="deb_builder_amd64" DEB_I386_BUILDER="deb_builder_i386" @@ -66,7 +67,7 @@ build_deb() { # Build the Docker image if [[ ${BUILD_DOCKER} == "yes" ]]; then - docker build -t ${CONTAINER_NAME} ${DOCKERFILE_PATH} || return 1 + docker build -t ${CONTAINER_NAME}:${DOCKER_TAG} ${DOCKERFILE_PATH} || return 1 fi # Build the Debian package with a Docker container @@ -74,7 +75,7 @@ build_deb() { -v ${CHECKSUMDIR}:/var/local/checksum:Z \ -v ${LOCAL_SPECS}:/specs:Z \ ${CUSTOM_CODE_VOL} \ - ${CONTAINER_NAME} ${TARGET} ${BRANCH} ${ARCHITECTURE} \ + ${CONTAINER_NAME}:${DOCKER_TAG} ${TARGET} ${BRANCH} ${ARCHITECTURE} \ ${REVISION} ${JOBS} ${INSTALLATION_PATH} ${DEBUG} \ ${CHECKSUM} ${PACKAGES_BRANCH} ${USE_LOCAL_SPECS} \ ${USE_LOCAL_SOURCE_CODE} ${FUTURE}|| return 1 @@ -152,6 +153,7 @@ help() { echo " -d, --debug [Optional] Build the binaries with debug symbols. By default: no." echo " -c, --checksum [Optional] Generate checksum on the desired path (by default, if no path is specified it will be generated on the same directory than the package)." echo " --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one." + echo " --tag [Optional] Tag to use with the docker image." echo " --sources [Optional] Absolute path containing wazuh source code. This option will use local source code instead of downloading it from GitHub." echo " --packages-branch [Optional] Select Git branch or tag from wazuh-packages repository. e.g master." echo " --dev [Optional] Use the SPECS files stored in the host instead of downloading them from GitHub." @@ -237,6 +239,14 @@ main() { BUILD_DOCKER="no" shift 1 ;; + "--tag") + if [ -n "$2" ]; then + DOCKER_TAG="$2" + shift 2 + else + help 1 + fi + ;; "-s"|"--store") if [ -n "$2" ]; then OUTDIR="$2" diff --git a/documentation-templates/wazuh/config.yml b/documentation-templates/wazuh/config.yml index 73b1f5d559..13cfe54586 100644 --- a/documentation-templates/wazuh/config.yml +++ b/documentation-templates/wazuh/config.yml @@ -2,27 +2,27 @@ nodes: # Wazuh indexer nodes indexer: - name: node-1 - ip: + ip: "" #- name: node-2 - # ip: + # ip: "" #- name: node-3 - # ip: + # ip: "" # Wazuh server nodes # If there is more than one Wazuh server # node, each one must have a node_type server: - name: wazuh-1 - ip: + ip: "" # node_type: master #- name: wazuh-2 - # ip: + # ip: "" # node_type: worker #- name: wazuh-3 - # ip: + # ip: "" # node_type: worker # Wazuh dashboard nodes dashboard: - name: dashboard - ip: \ No newline at end of file + ip: "" \ No newline at end of file diff --git a/macos/generate_wazuh_packages.sh b/macos/generate_wazuh_packages.sh index af9ef12b49..be8b3c655f 100755 --- a/macos/generate_wazuh_packages.sh +++ b/macos/generate_wazuh_packages.sh @@ -37,8 +37,8 @@ trap ctrl_c INT function clean_and_exit() { exit_code=$1 - rm -f ${AGENT_PKG_FILE} ${CURRENT_PATH}/package_files/*.sh rm -rf "${SOURCES_DIRECTORY}" + rm "${CURRENT_PATH}"/specs/wazuh-agent.pkgproj-e ${CURRENT_PATH}/uninstall.sh exit ${exit_code} } @@ -386,7 +386,7 @@ function main() { CHECKSUMDIR="${DESTINATION}" fi - if [[ "$BUILD" != "no" ]]; then + if [[ "${BUILD}" != "no" ]]; then check_root build_package "${CURRENT_PATH}/uninstall.sh" diff --git a/macos/specs/wazuh-agent.pkgproj b/macos/specs/wazuh-agent.pkgproj index 2193e709c7..72da7fbd31 100644 --- a/macos/specs/wazuh-agent.pkgproj +++ b/macos/specs/wazuh-agent.pkgproj @@ -812,7 +812,7 @@ USE_HFS+_COMPRESSION VERSION - 4.4.0-1 + 4.5.0-1 TYPE 0 @@ -1239,7 +1239,7 @@ NAME - wazuh-agent-4.4.0-1 + wazuh-agent-4.5.0-1 PAYLOAD_ONLY TREAT_MISSING_PRESENTATION_DOCUMENTS_AS_WARNING diff --git a/macos/uninstall.sh b/macos/uninstall.sh index 169ed9fce6..9e65547359 100755 --- a/macos/uninstall.sh +++ b/macos/uninstall.sh @@ -1,29 +1,29 @@ -#/bin/sh +#!/bin/sh ## Stop and remove application -sudo /Library/Ossec/bin/ossec-control stop -sudo /bin/rm -r /Library/Ossec* +/Library/Ossec/bin/ossec-control stop +/bin/rm -r /Library/Ossec* ## stop and unload dispatcher -#sudo /bin/launchctl unload /Library/LaunchDaemons/com.wazuh.agent.plist +/bin/launchctl unload /Library/LaunchDaemons/com.wazuh.agent.plist # remove launchdaemons -sudo /bin/rm -f /Library/LaunchDaemons/com.wazuh.agent.plist +/bin/rm -f /Library/LaunchDaemons/com.wazuh.agent.plist ## remove StartupItems -sudo /bin/rm -rf /Library/StartupItems/WAZUH +/bin/rm -rf /Library/StartupItems/WAZUH ## Remove User and Groups -sudo /usr/bin/dscl . -delete "/Users/wazuh" -sudo /usr/bin/dscl . -delete "/Groups/wazuh" +/usr/bin/dscl . -delete "/Users/wazuh" +/usr/bin/dscl . -delete "/Groups/wazuh" -sudo /usr/sbin/pkgutil --forget com.wazuh.pkg.wazuh-agent -sudo /usr/sbin/pkgutil --forget com.wazuh.pkg.wazuh-agent-etc +/usr/sbin/pkgutil --forget com.wazuh.pkg.wazuh-agent +/usr/sbin/pkgutil --forget com.wazuh.pkg.wazuh-agent-etc # In case it was installed via Puppet pkgdmg provider if [ -e /var/db/.puppet_pkgdmg_installed_wazuh-agent ]; then - sudo rm -f /var/db/.puppet_pkgdmg_installed_wazuh-agent + rm -f /var/db/.puppet_pkgdmg_installed_wazuh-agent fi echo diff --git a/rpms/CentOS/6/i386/CentOS-Base.repo b/rpms/CentOS/6/i386/CentOS-Base.repo index 1f492ab2b8..aac76933ec 100644 --- a/rpms/CentOS/6/i386/CentOS-Base.repo +++ b/rpms/CentOS/6/i386/CentOS-Base.repo @@ -8,7 +8,7 @@ # If the mirrorlist= does not work for you, as a fall back you can try the # remarked out baseurl= line instead. # -# + [base] name=CentOS-$releasever - Base diff --git a/rpms/SPECS/wazuh-agent.spec b/rpms/SPECS/wazuh-agent.spec index 0d4a6bfb02..721dff9993 100644 --- a/rpms/SPECS/wazuh-agent.spec +++ b/rpms/SPECS/wazuh-agent.spec @@ -1,6 +1,6 @@ Summary: Wazuh helps you to gain security visibility into your infrastructure by monitoring hosts at an operating system and application level. It provides the following capabilities: log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring Name: wazuh-agent -Version: 4.4.0 +Version: 4.5.0 Release: %{_release} License: GPL Group: System Environment/Daemons @@ -240,31 +240,10 @@ if [ $1 = 1 ]; then %{_localstatedir}/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh %{_localstatedir} > /dev/null || : fi -if [ -f /etc/os-release ]; then - source /etc/os-release - if [ "${NAME}" = "Red Hat Enterprise Linux" ] && [ "$((${VERSION_ID:0:1}))" -ge 9 ]; then - rm -f %{_initrddir}/wazuh-agent - fi +if [[ -d /run/systemd/system ]]; then + rm -f %{_initrddir}/wazuh-agent fi - # We create this fix for the operating system that deprecated the SySV. For now, this fix is for suse/openSUSE - sles="" - if [ -f /etc/SuSE-release ]; then - sles="suse" - elif [ -f /etc/os-release ]; then - if `grep -q "\"sles" /etc/os-release` ; then - sles="suse" - elif `grep -q -i "\"opensuse" /etc/os-release` ; then - sles="opensuse" - fi - fi - - if [ -n "$sles" ] && [ $(ps --no-headers -o comm 1) == "systemd" ]; then - if [ -f /etc/init.d/wazuh-agent ]; then - rm -f /etc/init.d/wazuh-agent - fi - fi - # Delete the installation files used to configure the agent rm -rf %{_localstatedir}/packages_files @@ -622,6 +601,8 @@ rm -fr %{buildroot} %changelog +* Fri May 05 2023 support - 4.5.0 +- More info: https://documentation.wazuh.com/current/release-notes/ * Wed Jan 18 2023 support - 4.4.0 - More info: https://documentation.wazuh.com/current/release-notes/ * Thu Nov 10 2022 support - 4.3.10 diff --git a/rpms/SPECS/wazuh-manager.spec b/rpms/SPECS/wazuh-manager.spec index 2f6d7a6cbf..a9d87f7639 100644 --- a/rpms/SPECS/wazuh-manager.spec +++ b/rpms/SPECS/wazuh-manager.spec @@ -1,6 +1,6 @@ Summary: Wazuh helps you to gain security visibility into your infrastructure by monitoring hosts at an operating system and application level. It provides the following capabilities: log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring Name: wazuh-manager -Version: 4.4.0 +Version: 4.5.0 Release: %{_release} License: GPL Group: System Environment/Daemons @@ -79,9 +79,9 @@ mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/.ssh # Copy the installed files into RPM_BUILD_ROOT directory cp -pr %{_localstatedir}/* ${RPM_BUILD_ROOT}%{_localstatedir}/ -mkdir -p ${RPM_BUILD_ROOT}/usr/lib/systemd/system/ sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/ossec-hids-rh.init install -m 0755 src/init/templates/ossec-hids-rh.init ${RPM_BUILD_ROOT}%{_initrddir}/wazuh-manager +mkdir -p ${RPM_BUILD_ROOT}/usr/lib/systemd/system/ sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/wazuh-manager.service install -m 0644 src/init/templates/wazuh-manager.service ${RPM_BUILD_ROOT}/usr/lib/systemd/system/ @@ -312,34 +312,13 @@ if [ $1 = 1 ]; then %{_localstatedir}/packages_files/manager_installation_scripts/add_localfiles.sh %{_localstatedir} >> %{_localstatedir}/etc/ossec.conf fi - # We create this fix for the operating system that decraped the SySV. For now, this fix is for suse/openSUSE - sles="" - if [ -f /etc/SuSE-release ]; then - sles="suse" - elif [ -f /etc/os-release ]; then - if `grep -q "\"sles" /etc/os-release` ; then - sles="suse" - elif `grep -q -i "\"opensuse" /etc/os-release` ; then - sles="opensuse" - fi - fi - - if [ -n "$sles" ] && [ $(ps --no-headers -o comm 1) == "systemd" ]; then - if [ -f /etc/init.d/wazuh-manager ]; then - rm -f /etc/init.d/wazuh-manager - fi - fi - -if [ -f /etc/os-release ]; then - source /etc/os-release - if [ "${NAME}" = "Red Hat Enterprise Linux" ] && [ "$((${VERSION_ID:0:1}))" -ge 9 ]; then - rm -f %{_initrddir}/wazuh-manager - fi +if [[ -d /run/systemd/system ]]; then + rm -f %{_initrddir}/wazuh-manager fi # Generation auto-signed certificate if not exists -if type openssl >/dev/null 2>&1 && [ ! -f "%{_localstatedir}/etc/sslmanager.key" ] && [ ! -f "%{_localstatedir}/etc/sslmanager.cert" ]; then - openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -subj "/C=US/ST=California/CN=Wazuh/" -keyout %{_localstatedir}/etc/sslmanager.key -out %{_localstatedir}/etc/sslmanager.cert 2>/dev/null +if [ ! -f "%{_localstatedir}/etc/sslmanager.key" ] && [ ! -f "%{_localstatedir}/etc/sslmanager.cert" ]; then + %{_localstatedir}/bin/wazuh-authd -C 365 -B 2048 -S "/C=US/ST=California/CN=Wazuh/" -K %{_localstatedir}/etc/sslmanager.key -X %{_localstatedir}/etc/sslmanager.cert 2>/dev/null chmod 640 %{_localstatedir}/etc/sslmanager.key chmod 640 %{_localstatedir}/etc/sslmanager.cert fi @@ -451,17 +430,17 @@ rm -f %{_localstatedir}/etc/shared/default/*.rpmnew # Remove old ossec user and group if exists and change ownwership of files if getent group ossec > /dev/null 2>&1; then - find %{_localstatedir}/ -group ossec -user root -exec chown root:wazuh {} \; > /dev/null 2>&1 || true + find %{_localstatedir}/ -group ossec -user root -print0 | xargs -0 chown root:wazuh > /dev/null 2>&1 || true if getent passwd ossec > /dev/null 2>&1; then - find %{_localstatedir}/ -group ossec -user ossec -exec chown wazuh:wazuh {} \; > /dev/null 2>&1 || true + find %{_localstatedir}/ -group ossec -user ossec -print0 | xargs -0 chown wazuh:wazuh > /dev/null 2>&1 || true userdel ossec > /dev/null 2>&1 fi if getent passwd ossecm > /dev/null 2>&1; then - find %{_localstatedir}/ -group ossec -user ossecm -exec chown wazuh:wazuh {} \; > /dev/null 2>&1 || true + find %{_localstatedir}/ -group ossec -user ossecm -print0 | xargs -0 chown wazuh:wazuh > /dev/null 2>&1 || true userdel ossecm > /dev/null 2>&1 fi if getent passwd ossecr > /dev/null 2>&1; then - find %{_localstatedir}/ -group ossec -user ossecr -exec chown wazuh:wazuh {} \; > /dev/null 2>&1 || true + find %{_localstatedir}/ -group ossec -user ossecr -print0 | xargs -0 chown wazuh:wazuh > /dev/null 2>&1 || true userdel ossecr > /dev/null 2>&1 fi if getent group ossec > /dev/null 2>&1; then @@ -630,6 +609,7 @@ rm -fr %{buildroot} %attr(750, root, wazuh) %{_localstatedir}/bin/wazuh-clusterd %attr(750, root, root) %{_localstatedir}/bin/wazuh-db %attr(750, root, root) %{_localstatedir}/bin/wazuh-modulesd +%attr(750, root, root) %{_localstatedir}/bin/rbac_control %dir %attr(770, wazuh, wazuh) %{_localstatedir}/etc %attr(660, root, wazuh) %config(noreplace) %{_localstatedir}/etc/ossec.conf %attr(640, root, wazuh) %config(noreplace) %{_localstatedir}/etc/client.keys @@ -842,6 +822,8 @@ rm -fr %{buildroot} %changelog +* Fri May 05 2023 support - 4.5.0 +- More info: https://documentation.wazuh.com/current/release-notes/ * Wed Jan 18 2023 support - 4.4.0 - More info: https://documentation.wazuh.com/current/release-notes/ * Thu Nov 10 2022 support - 4.3.10 diff --git a/rpms/build.sh b/rpms/build.sh index b6006f30af..036d941e0f 100755 --- a/rpms/build.sh +++ b/rpms/build.sh @@ -129,3 +129,4 @@ if [[ "${src}" == "yes" ]]; then fi find ${extract_path} -maxdepth 3 -type f -name "${file_name}*" -exec mv {} /var/local/wazuh \; + \ No newline at end of file diff --git a/rpms/generate_rpm_package.sh b/rpms/generate_rpm_package.sh index 89d57977dd..9371dec599 100755 --- a/rpms/generate_rpm_package.sh +++ b/rpms/generate_rpm_package.sh @@ -19,6 +19,7 @@ TARGET="" JOBS="2" DEBUG="no" BUILD_DOCKER="yes" +DOCKER_TAG="latest" USER_PATH="no" SRC="no" RPM_AARCH64_BUILDER="rpm_builder_aarch64" @@ -86,7 +87,7 @@ build_rpm() { # Build the Docker image if [[ ${BUILD_DOCKER} == "yes" ]]; then - docker build -t ${CONTAINER_NAME} ${DOCKERFILE_PATH} || return 1 + docker build -t ${CONTAINER_NAME}:${DOCKER_TAG} ${DOCKERFILE_PATH} || return 1 fi # Build the RPM package with a Docker container @@ -94,7 +95,7 @@ build_rpm() { -v ${CHECKSUMDIR}:/var/local/checksum:Z \ -v ${LOCAL_SPECS}:/specs:Z \ ${CUSTOM_CODE_VOL} \ - ${CONTAINER_NAME} ${TARGET} ${BRANCH} ${ARCHITECTURE} \ + ${CONTAINER_NAME}:${DOCKER_TAG} ${TARGET} ${BRANCH} ${ARCHITECTURE} \ ${JOBS} ${REVISION} ${INSTALLATION_PATH} ${DEBUG} \ ${CHECKSUM} ${PACKAGES_BRANCH} ${USE_LOCAL_SPECS} ${SRC} \ ${LEGACY} ${USE_LOCAL_SOURCE_CODE} ${FUTURE}|| return 1 @@ -181,6 +182,7 @@ help() { echo " -d, --debug [Optional] Build the binaries with debug symbols and create debuginfo packages. By default: no." echo " -c, --checksum [Optional] Generate checksum on the desired path (by default, if no path is specified it will be generated on the same directory than the package)." echo " --dont-build-docker [Optional] Locally built docker image will be used instead of generating a new one." + echo " --tag [Optional] Tag to use with the docker image." echo " --sources [Optional] Absolute path containing wazuh source code. This option will use local source code instead of downloading it from GitHub." echo " --packages-branch [Optional] Select Git branch or tag from wazuh-packages repository. e.g ${PACKAGES_BRANCH}" echo " --dev [Optional] Use the SPECS files stored in the host instead of downloading them from GitHub." @@ -261,6 +263,14 @@ main() { BUILD_DOCKER="no" shift 1 ;; + "--tag") + if [ -n "$2" ]; then + DOCKER_TAG="$2" + shift 2 + else + help 1 + fi + ;; "-c"|"--checksum") if [ -n "$2" ]; then CHECKSUMDIR="$2" diff --git a/stack/dashboard/base/builder.sh b/stack/dashboard/base/builder.sh index 589291a4bf..408ad3ceb6 100755 --- a/stack/dashboard/base/builder.sh +++ b/stack/dashboard/base/builder.sh @@ -65,6 +65,9 @@ cd /opt curl -sL https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/"${opensearch_version}"/opensearch-dashboards-"${opensearch_version}"-linux-${architecture}.tar.gz | tar xz +pip3 install pathfix.py +/usr/bin/pathfix.py -pni "/usr/bin/python3 -s" opensearch-dashboards-"${opensearch_version}" > /dev/null 2>&1 + # Remove unnecessary files and set up configuration mv opensearch-dashboards-* "${base_dir}" cd "${base_dir}" @@ -143,6 +146,7 @@ sed -i 's|DEFAULT_MARK="opensearch_mark_default_mode.svg"|DEFAULT_MARK="home.svg sed -i 's|DEFAULT_DARK_MARK="opensearch_mark_dark_mode.svg"|DEFAULT_DARK_MARK="home_dark_mode.svg"|g' ./plugins/securityDashboards/target/public/securityDashboards.plugin.js gzip -c ./plugins/securityDashboards/target/public/securityDashboards.plugin.js > ./plugins/securityDashboards/target/public/securityDashboards.plugin.js.gz brotli -c ./plugins/securityDashboards/target/public/securityDashboards.plugin.js > ./plugins/securityDashboards/target/public/securityDashboards.plugin.js.br + # Generate compressed files gzip -c ./plugins/securityDashboards/target/public/securityDashboards.chunk.5.js > ./plugins/securityDashboards/target/public/securityDashboards.chunk.5.js.gz brotli -c ./plugins/securityDashboards/target/public/securityDashboards.chunk.5.js > ./plugins/securityDashboards/target/public/securityDashboards.chunk.5.js.br diff --git a/stack/dashboard/base/docker/Dockerfile b/stack/dashboard/base/docker/Dockerfile index f1c74650d2..184d894e16 100644 --- a/stack/dashboard/base/docker/Dockerfile +++ b/stack/dashboard/base/docker/Dockerfile @@ -16,6 +16,8 @@ RUN yum install -y \ autoconf \ automake \ libtool \ + python3-devel \ + python3-pip \ jq \ unzip diff --git a/stack/dashboard/base/files/etc/opensearch_dashboards.yml b/stack/dashboard/base/files/etc/opensearch_dashboards.yml index ccdac621c6..5d7c2d0bdd 100644 --- a/stack/dashboard/base/files/etc/opensearch_dashboards.yml +++ b/stack/dashboard/base/files/etc/opensearch_dashboards.yml @@ -4,7 +4,7 @@ opensearch.hosts: https://localhost:9200 opensearch.ssl.verificationMode: certificate #opensearch.username: #opensearch.password: -opensearch.requestHeadersAllowlist: ["securitytenant","Authorization"] +opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] opensearch_security.multitenancy.enabled: false opensearch_security.readonly_mode.roles: ["kibana_read_only"] server.ssl.enabled: true diff --git a/stack/dashboard/deb/debian/changelog b/stack/dashboard/deb/debian/changelog index 4bbab9becd..cbe3bc2e45 100644 --- a/stack/dashboard/deb/debian/changelog +++ b/stack/dashboard/deb/debian/changelog @@ -1,71 +1,83 @@ -wazuh-dashboard (4.4.0-RELEASE) stable; urgency=low +wazuh-dashboard (VERSION-RELEASE) unstable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Fri, 05 May 2023 12:31:50 +0000 + +wazuh-dashboard (4.4.0-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Wed, 18 Jan 2023 12:31:50 +0000 -wazuh-dashboard (4.3.10-RELEASE) stable; urgency=low +wazuh-dashboard (4.3.10-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Thu, 10 Nov 2022 15:00:00 +0000 -wazuh-dashboard (4.3.9-RELEASE) stable; urgency=low +wazuh-dashboard (4.3.9-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Mon, 03 Oct 2022 15:00:00 +0000 -wazuh-dashboard (4.3.8-RELEASE) stable; urgency=low +wazuh-dashboard (4.3.8-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Mon, 19 Sep 2022 15:00:00 +0000 -wazuh-dashboard (4.3.7-RELEASE) stable; urgency=low +wazuh-dashboard (4.3.7-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Mon, 08 Aug 2022 15:00:00 +0000 -wazuh-dashboard (4.3.6-RELEASE) stable; urgency=low +wazuh-dashboard (4.3.6-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Thu, 07 Jul 2022 15:00:00 +0000 -wazuh-dashboard (4.3.5-RELEASE) stable; urgency=low +wazuh-dashboard (4.3.5-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Wed, 29 Jun 2022 15:00:00 +0000 -wazuh-dashboard (4.3.4-RELEASE) stable; urgency=low +wazuh-dashboard (4.3.4-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Tue, 07 Jun 2022 15:41:39 +0000 -wazuh-dashboard (4.3.3-RELEASE) stable; urgency=low +wazuh-dashboard (4.3.3-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Tue, 31 May 2022 15:41:39 +0000 -wazuh-dashboard (4.3.2-RELEASE) stable; urgency=low +wazuh-dashboard (4.3.2-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Mon, 30 May 2022 15:41:39 +0000 -wazuh-dashboard (4.3.1-RELEASE) stable; urgency=low +wazuh-dashboard (4.3.1-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Wed, 18 May 2022 12:14:41 +0000 -wazuh-dashboard (4.3.0-RELEASE) stable; urgency=low +wazuh-dashboard (4.3.0-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Thu, 05 May 2022 12:15:57 +0000 + +wazuh-dashboard (4.2.5-1) UNRELEASED; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 15 Nov 2021 16:47:07 +0000 diff --git a/stack/dashboard/rpm/builder.sh b/stack/dashboard/rpm/builder.sh index ee16f0a797..c4b9e2a652 100755 --- a/stack/dashboard/rpm/builder.sh +++ b/stack/dashboard/rpm/builder.sh @@ -59,7 +59,6 @@ mkdir -p ${rpm_build_dir}/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} pkg_name=${target}-${version} mkdir ${build_dir}/${pkg_name} - # Including spec file if [ "${reference}" ];then curl -sL https://github.com/wazuh/wazuh-packages/tarball/${reference} | tar zx @@ -69,7 +68,6 @@ else cp /root/stack/dashboard/rpm/${target}.spec ${rpm_build_dir}/SPECS/${pkg_name}.spec fi - # Generating source tar.gz cd ${build_dir} && tar czf "${rpm_build_dir}/SOURCES/${pkg_name}.tar.gz" "${pkg_name}" diff --git a/stack/dashboard/rpm/docker/x86_64/Dockerfile b/stack/dashboard/rpm/docker/x86_64/Dockerfile index 169d380032..b4ece5ba32 100644 --- a/stack/dashboard/rpm/docker/x86_64/Dockerfile +++ b/stack/dashboard/rpm/docker/x86_64/Dockerfile @@ -1,4 +1,4 @@ -FROM centos:7 +FROM rockylinux:8.5 # Install all the necessary tools to build the packages RUN yum clean all && yum update -y @@ -6,11 +6,10 @@ RUN yum install -y openssh-clients sudo gnupg \ yum-utils epel-release redhat-rpm-config rpm-devel \ zlib zlib-devel rpm-build autoconf automake \ glibc-devel libtool perl - # Add the scripts to build the RPM package ADD builder.sh /usr/local/bin/builder RUN chmod +x /usr/local/bin/builder # Set the entrypoint -ENTRYPOINT ["/usr/local/bin/builder"] \ No newline at end of file +ENTRYPOINT ["/usr/local/bin/builder"] diff --git a/stack/dashboard/rpm/wazuh-dashboard.spec b/stack/dashboard/rpm/wazuh-dashboard.spec index 7bd5126632..cd570df4d2 100644 --- a/stack/dashboard/rpm/wazuh-dashboard.spec +++ b/stack/dashboard/rpm/wazuh-dashboard.spec @@ -31,6 +31,8 @@ ExclusiveOS: linux %global PID_DIR /run/%{name} %global INSTALL_DIR /usr/share/%{name} %global DASHBOARD_FILE wazuh-dashboard-base-%{version}-%{release}-linux-x64.tar.xz +%define _source_payload w9.gzdio +%define _binary_payload w9.gzdio # ----------------------------------------------------------------------------- @@ -397,6 +399,8 @@ rm -fr %{buildroot} %attr(640, root, root) "/etc/systemd/system/wazuh-dashboard.service" %changelog +* Fri May 05 2023 support - %{version} +- More info: https://documentation.wazuh.com/current/release-notes/ * Wed Jan 18 2023 support - 4.4.0 - More info: https://documentation.wazuh.com/current/release-notes/ * Thu Nov 10 2022 support - 4.3.10 diff --git a/stack/indexer/deb/debian/changelog b/stack/indexer/deb/debian/changelog index d8f43a0fbc..002106a0c5 100644 --- a/stack/indexer/deb/debian/changelog +++ b/stack/indexer/deb/debian/changelog @@ -1,71 +1,83 @@ -wazuh-indexer (4.4.0-RELEASE) stable; urgency=low +wazuh-indexer (VERSION-RELEASE) unstable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Fri, 05 May 2023 12:31:50 +0000 + +wazuh-indexer (4.4.0-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Wed, 18 Jan 2023 12:31:50 +0000 -wazuh-indexer (4.3.10-RELEASE) stable; urgency=low +wazuh-indexer (4.3.10-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Thu, 10 Nov 2022 15:00:00 +0000 -wazuh-indexer (4.3.9-RELEASE) stable; urgency=low +wazuh-indexer (4.3.9-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Mon, 03 Oct 2022 15:00:00 +0000 -wazuh-indexer (4.3.8-RELEASE) stable; urgency=low +wazuh-indexer (4.3.8-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Mon, 19 Sep 2022 15:00:00 +0000 -wazuh-indexer (4.3.7-RELEASE) stable; urgency=low +wazuh-indexer (4.3.7-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Mon, 08 Aug 2022 15:00:00 +0000 -wazuh-indexer (4.3.6-RELEASE) stable; urgency=low +wazuh-indexer (4.3.6-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Thu, 07 Jul 2022 15:00:00 +0000 -wazuh-indexer (4.3.5-RELEASE) stable; urgency=low +wazuh-indexer (4.3.5-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Wed, 29 Jun 2022 15:00:00 +0000 -wazuh-indexer (4.3.4-RELEASE) stable; urgency=low +wazuh-indexer (4.3.4-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Tue, 07 Jun 2022 15:41:39 +0000 -wazuh-indexer (4.3.3-RELEASE) stable; urgency=low +wazuh-indexer (4.3.3-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Tue, 31 May 2022 15:41:39 +0000 -wazuh-indexer (4.3.2-RELEASE) stable; urgency=low +wazuh-indexer (4.3.2-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Mon, 30 May 2022 15:41:39 +0000 -wazuh-indexer (4.3.1-RELEASE) stable; urgency=low +wazuh-indexer (4.3.1-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Wed, 18 May 2022 12:14:41 +0000 -wazuh-indexer (4.3.0-RELEASE) stable; urgency=low +wazuh-indexer (4.3.0-RELEASE) unstable; urgency=low * More info: https://documentation.wazuh.com/current/release-notes/ -- Wazuh, Inc Thu, 05 May 2022 12:15:57 +0000 + + wazuh-indexer (4.2.5-1) UNRELEASED; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 15 Nov 2021 16:47:07 +0000 diff --git a/stack/indexer/deb/debian/postinst b/stack/indexer/deb/debian/postinst index ee04f993cb..0ce951f7bf 100644 --- a/stack/indexer/deb/debian/postinst +++ b/stack/indexer/deb/debian/postinst @@ -14,12 +14,13 @@ export USER=${NAME} export GROUP=${NAME} export CONFIG_DIR=/etc/${NAME} export INSTALLATION_DIR=/usr/share/${NAME} +export BACKUP_DIR="${CONFIG_DIR}/upgrade_backup" export LOG_DIR=/var/log/${NAME} export PID_DIR=/run/${NAME} export LIB_DIR=/var/lib/${NAME} export SYS_DIR=/usr/lib -set -e +set -e # # This script is executed in the post-installation phase @@ -44,7 +45,7 @@ case "$1" in # The codeblock below is using the fact that postinst script is called with the most-recently configured version. # In other words, a fresh installed will be called like "postinst configure" with no previous version ($2 is null) if [ -z "$2" ]; then - # If $2 is null, this is an install + # If $2 is null, this is an install # Setting owner and group chown -R ${USER}:${GROUP} ${CONFIG_DIR} @@ -81,6 +82,13 @@ case "$1" in echo "${USER} soft nofile 65535" >> /etc/security/limits.conf else # Otherwise it is an upgrade + + # If the backup of securityconfig files is done (4.3.x), restore them + if [ -d "${BACKUP_DIR}/securityconfig" ]; then + cp "${BACKUP_DIR}"/securityconfig/* "${CONFIG_DIR}/opensearch-security" + rm -rf "${BACKUP_DIR}" + fi + if [ -f "${INSTALLATION_DIR}/${NAME}.restart" ]; then echo -n "Restarting wazuh-indexer service..." rm -f "${INSTALLATION_DIR}/${NAME}.restart" diff --git a/stack/indexer/deb/debian/postrm b/stack/indexer/deb/debian/postrm index 5ed47adbfe..f3a64a2983 100644 --- a/stack/indexer/deb/debian/postrm +++ b/stack/indexer/deb/debian/postrm @@ -7,7 +7,7 @@ # License (version 2) as published by the FSF - Free Software # Foundation. -set -e +set -e export NAME=wazuh-indexer export CONFIG_DIR="/etc/${NAME}" @@ -46,7 +46,7 @@ case "$1" in REMOVE_USER_AND_GROUP=true ;; - failed-upgrade|abort-install|abort-upgrade|disappear|upgrade|disappear) + failed-upgrade|abort-install|abort-upgrade|upgrade|disappear) ;; *) diff --git a/stack/indexer/deb/debian/preinst b/stack/indexer/deb/debian/preinst index f404c33686..310e6367ac 100644 --- a/stack/indexer/deb/debian/preinst +++ b/stack/indexer/deb/debian/preinst @@ -7,10 +7,11 @@ # License (version 2) as published by the FSF - Free Software # Foundation. -set -e +set -e export NAME=wazuh-indexer export CONFIG_DIR="/etc/${NAME}" +export BACKUP_DIR="${CONFIG_DIR}/upgrade_backup" export INSTALLATION_DIR="/usr/share/${NAME}" # @@ -60,6 +61,12 @@ case "$1" in ;; upgrade) + # Move the securityconfig files if they exist (4.3.x versions) + if [ -d "${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig" ]; then + mkdir "${BACKUP_DIR}" + cp -r "${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/" "${BACKUP_DIR}" + fi + # Stop the services to upgrade if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet "${NAME}" > /dev/null 2>&1; then systemctl stop "${NAME}".service > /dev/null 2>&1 diff --git a/stack/indexer/deb/docker/amd64/Dockerfile b/stack/indexer/deb/docker/amd64/Dockerfile index e9a5559425..bfbed39da9 100644 --- a/stack/indexer/deb/docker/amd64/Dockerfile +++ b/stack/indexer/deb/docker/amd64/Dockerfile @@ -2,7 +2,8 @@ FROM debian:8 ENV DEBIAN_FRONTEND noninteractive -RUN apt-get update && apt-get install -y apt-utils && \ +# Installing necessary packages +RUN apt-get update && apt-get install -y --force-yes apt-utils && \ apt-get install -y --force-yes \ curl sudo wget expect gnupg build-essential \ devscripts equivs selinux-basics procps gawk diff --git a/stack/indexer/rpm/build_package.sh b/stack/indexer/rpm/build_package.sh index 2ef8076c31..3d254e1bed 100755 --- a/stack/indexer/rpm/build_package.sh +++ b/stack/indexer/rpm/build_package.sh @@ -8,8 +8,6 @@ # License (version 2) as published by the FSF - Free Software # Foundation. -set -ex - current_path="$( cd $(dirname $0) ; pwd -P )" architecture="x86_64" outdir="${current_path}/output" @@ -158,6 +156,8 @@ main() { esac done + set -ex + build || clean 1 clean 0 diff --git a/stack/indexer/rpm/wazuh-indexer.spec b/stack/indexer/rpm/wazuh-indexer.spec index 9bfd35c114..2f72d2b214 100755 --- a/stack/indexer/rpm/wazuh-indexer.spec +++ b/stack/indexer/rpm/wazuh-indexer.spec @@ -163,11 +163,21 @@ if [ $1 = 1 ];then # Install fi -if [ -f /etc/os-release ]; then - source /etc/os-release - if [ "${NAME}" = "Red Hat Enterprise Linux" ] && [ "$((${VERSION_ID:0:1}))" -ge 9 ]; then + +if [[ -d /run/systemd/system ]] ; then rm -f /etc/init.d/%{name} - fi +fi + +# If is an upgrade, move the securityconfig files if they exist (4.3.x versions) +if [ ${1} = 2 ]; then + if [ -d "%{INSTALL_DIR}"/plugins/opensearch-security/securityconfig ]; then + + if [ ! -d "%{CONFIG_DIR}"/opensearch-security ]; then + mkdir "%{CONFIG_DIR}"/opensearch-security + fi + + cp -r "%{INSTALL_DIR}"/plugins/opensearch-security/securityconfig/* "%{CONFIG_DIR}"/opensearch-security + fi fi # ----------------------------------------------------------------------------- @@ -453,17 +463,17 @@ rm -fr %{buildroot} %attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-performance-analyzer/rca_idle_cluster_manager.conf %attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-performance-analyzer/supervisord.conf %dir %attr(750, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security -%attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/action_groups.yml -%attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/audit.yml -%attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/config.yml -%attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/internal_users.yml -%attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/nodes_dn.yml -%attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/opensearch.yml.example -%attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/roles.yml -%attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/roles_mapping.yml -%attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/tenants.yml -%attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/whitelist.yml -%attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/allowlist.yml +%config(noreplace) %attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/action_groups.yml +%config(noreplace) %attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/audit.yml +%config(noreplace) %attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/config.yml +%config(noreplace) %attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/internal_users.yml +%config(noreplace) %attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/nodes_dn.yml +%config(noreplace) %attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/opensearch.yml.example +%config(noreplace) %attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/roles.yml +%config(noreplace) %attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/roles_mapping.yml +%config(noreplace) %attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/tenants.yml +%config(noreplace) %attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/whitelist.yml +%config(noreplace) %attr(640, %{USER}, %{GROUP}) %{CONFIG_DIR}/opensearch-security/allowlist.yml %attr(440, %{USER}, %{GROUP}) %{INSTALL_DIR}/VERSION %dir %attr(750, %{USER}, %{GROUP}) %{CONFIG_DIR}/jvm.options.d %config(noreplace) %attr(660, %{USER}, %{GROUP}) %{CONFIG_DIR}/log4j2.properties @@ -1364,6 +1374,8 @@ rm -fr %{buildroot} %attr(640, %{USER}, %{GROUP}) %{INSTALL_DIR}/jdk/lib/security/blocked.certs %changelog +* Fri May 05 2023 support - %{version} +- More info: https://documentation.wazuh.com/current/release-notes/ * Wed Jan 18 2023 support - 4.4.0 - More info: https://documentation.wazuh.com/current/release-notes/ * Thu Nov 10 2022 support - 4.3.10 diff --git a/tests/unattended/install/test_unattended.py b/tests/unattended/install/test_unattended.py index afa2671c31..b803760b96 100644 --- a/tests/unattended/install/test_unattended.py +++ b/tests/unattended/install/test_unattended.py @@ -232,7 +232,7 @@ def test_check_cluster_log_errors(): with open('/var/ossec/logs/cluster.log', 'r') as f: for line in f.readlines(): if 'ERROR' in line: - if 'Could not connect to master' not in line and 'Worker node is not connected to master' not in line and 'Connection reset by peer' not in line: + if 'Could not connect to master' not in line and 'Worker node is not connected to master' not in line and 'Connection reset by peer' not in line and "Error sending sendsync response to local client: Error 3020 - Timeout sending" not in line: found_error = True break assert found_error == False, line diff --git a/tests/unattended/unit/suites/test-common.sh b/tests/unattended/unit/suites/test-common.sh index eef4ea8053..a25a62a53d 100644 --- a/tests/unattended/unit/suites/test-common.sh +++ b/tests/unattended/unit/suites/test-common.sh @@ -61,7 +61,7 @@ test-04-common_checkInstalled-all-installed-yum() { @mocktrue yum list installed - @mock grep wazuh-manager === @echo wazuh-manager.x86_64 4.4.0-1 @wazuh + @mock grep wazuh-manager === @echo wazuh-manager.x86_64 4.5.0-1 @wazuh @mkdir /var/ossec @mock grep wazuh-indexer === @echo wazuh-indexer.x86_64 1.13.2-1 @wazuh @@ -105,7 +105,7 @@ test-04-common_checkInstalled-all-installed-yum() { } test-05-common_checkInstalled-all-installed-yum-assert() { - @echo "wazuh-manager.x86_64 4.4.0-1 @wazuh" + @echo "wazuh-manager.x86_64 4.5.0-1 @wazuh" @echo 1 @echo "wazuh-indexer.x86_64 1.13.2-1 @wazuh" diff --git a/tests/unattended/unit/suites/test-dashboard.sh b/tests/unattended/unit/suites/test-dashboard.sh index 236087f373..37e99c0646 100644 --- a/tests/unattended/unit/suites/test-dashboard.sh +++ b/tests/unattended/unit/suites/test-dashboard.sh @@ -6,7 +6,7 @@ source "${base_dir}"/bach.sh @setup-test { @ignore common_logger k_certs_path="/etc/wazuh-dashboard/certs/" - wazuh_version="4.4.0" + wazuh_version="4.5.0" elasticsearch_oss_version="7.10.2" wazuh_kibana_plugin_revision="1" repobaseurl="https://packages.wazuh.com/4.x" diff --git a/unattended_installer/builder.sh b/unattended_installer/builder.sh index a52204932e..19cc88c58d 100755 --- a/unattended_installer/builder.sh +++ b/unattended_installer/builder.sh @@ -9,13 +9,13 @@ # License (version 2) as published by the FSF - Free Software # Foundation. -readonly base_path="$(dirname "$(readlink -f "$0")")" -readonly resources_installer="${base_path}/install_functions" -readonly resources_config="${base_path}/config" -readonly resources_certs="${base_path}/cert_tool" -readonly resources_passwords="${base_path}/passwords_tool" -readonly resources_common="${base_path}/common_functions" -readonly resources_download="${base_path}/downloader" +readonly base_path_builder="$(dirname "$(readlink -f "$0")")" +readonly resources_installer="${base_path_builder}/install_functions" +readonly resources_config="${base_path_builder}/config" +readonly resources_certs="${base_path_builder}/cert_tool" +readonly resources_passwords="${base_path_builder}/passwords_tool" +readonly resources_common="${base_path_builder}/common_functions" +readonly resources_download="${base_path_builder}/downloader" readonly source_branch="4.4" function getHelp() { @@ -47,7 +47,10 @@ function getHelp() { } function buildInstaller() { - output_script_path="${base_path}/wazuh-install.sh" + + checkFilebeatURL + + output_script_path="${base_path_builder}/wazuh-install.sh" ## Create installer script echo -n > "${output_script_path}" @@ -70,7 +73,8 @@ function buildInstaller() { echo 'readonly repogpg="https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH"' >> "${output_script_path}" echo 'readonly repobaseurl="https://packages-dev.wazuh.com/'${devrepo}'"' >> "${output_script_path}" echo 'readonly reporelease="unstable"' >> "${output_script_path}" - echo 'readonly filebeat_wazuh_module="${repobaseurl}/filebeat/wazuh-filebeat-0.2.tar.gz"' >> "${output_script_path}" + echo 'readonly filebeat_wazuh_module_version="0.2"' >> "${output_script_path}" + echo 'readonly filebeat_wazuh_module="${repobaseurl}/filebeat/wazuh-filebeat-${filebeat_wazuh_module_version}.tar.gz"' >> "${output_script_path}" echo 'readonly bucket="packages-dev.wazuh.com"' >> "${output_script_path}" echo 'readonly repository="'"${devrepo}"'"' >> "${output_script_path}" else @@ -84,7 +88,7 @@ function buildInstaller() { echo >> "${output_script_path}" grep -Ev '^#|^\s*$' ${resources_installer}/installVariables.sh >> "${output_script_path}" echo >> "${output_script_path}" - + ## Configuration files as variables configuration_files=($(find "${resources_config}" -type f)) config_file_name=($(eval "echo "${configuration_files[@]}" | sed 's|${resources_config}||g;s|/|_|g;s|.yml||g'")) @@ -131,7 +135,7 @@ function buildInstaller() { } function buildPasswordsTool() { - output_script_path="${base_path}/wazuh-passwords-tool.sh" + output_script_path="${base_path_builder}/wazuh-passwords-tool.sh" ## Create installer script echo -n > "${output_script_path}" @@ -171,7 +175,7 @@ function buildPasswordsTool() { } function buildCertsTool() { - output_script_path="${base_path}/wazuh-certs-tool.sh" + output_script_path="${base_path_builder}/wazuh-certs-tool.sh" ## Create installer script echo -n > "${output_script_path}" @@ -252,6 +256,9 @@ function builder_main() { if [ -n "${installer}" ]; then buildInstaller chmod 500 ${output_script_path} + if [ -n "${change_filebeat_url}" ]; then + sed -i -E "s|(https.+)master(.+wazuh-template.json)|\1\\$\\{wazuh_major\\}\2|" "${resources_installer}/installVariables.sh" + fi fi if [ -n "${passwordsTool}" ]; then @@ -265,4 +272,27 @@ function builder_main() { fi } +function checkFilebeatURL() { + + # Import variables + eval "$(grep -E "filebeat_wazuh_template=" "${resources_installer}/installVariables.sh")" + new_filebeat_url="https://raw.githubusercontent.com/wazuh/wazuh/master/extensions/elasticsearch/7.x/wazuh-template.json" + + # Get the response of the URL and check it + response=$(curl -I --write-out '%{http_code}' --silent --output /dev/null $filebeat_wazuh_template) + if [ "${response}" != "200" ]; then + response=$(curl -I --write-out '%{http_code}' --silent --output /dev/null $new_filebeat_url) + + # Display error if both URLs do not get the resource + if [ "${response}" != "200" ]; then + echo -e "Error: Could not get the Filebeat Wazuh template. " + # If matches, replace the variable of installVariables to the new one + else + echo -e "Changing Filebeat URL..." + sed -i -E "s|filebeat_wazuh_template=.*|filebeat_wazuh_template=\"${new_filebeat_url}\"|g" "${resources_installer}/installVariables.sh" + change_filebeat_url=1 + fi + fi +} + builder_main "$@" diff --git a/unattended_installer/cert_tool/certMain.sh b/unattended_installer/cert_tool/certMain.sh index 62186cb039..f10d5a5ac0 100644 --- a/unattended_installer/cert_tool/certMain.sh +++ b/unattended_installer/cert_tool/certMain.sh @@ -20,7 +20,7 @@ function getHelp() { echo -e " Creates the admin certificates, add root-ca.pem and root-ca.key." echo -e "" echo -e " -A, --all " - echo -e " Creates certificates specified in config.yml and admin certificates. Add a root-ca.pem and root-ca.key or leave it empty so a new one will be created." + echo -e " Creates Wazuh server, Wazuh indexer, Wazuh dashboard, and admin certificates. Add a root-ca.pem and root-ca.key or leave it empty so a new one will be created." echo -e "" echo -e " -ca, --root-ca-certificates" echo -e " Creates the root-ca certificates." @@ -186,21 +186,26 @@ function main() { fi if [[ -n "${all}" ]]; then - cert_checkRootCA - cert_generateAdmincertificate - common_logger "Admin certificates created." - if cert_generateIndexercertificates; then - common_logger "Wazuh indexer certificates created." - fi - if cert_generateFilebeatcertificates; then - common_logger "Wazuh server certificates created." - fi - if cert_generateDashboardcertificates; then - common_logger "Wazuh dashboard certificates created." + if [[ ${#indexer_node_names[@]} -gt 0 ]] && [[ ${#server_node_names[@]} -gt 0 ]] && [[ ${#dashboard_node_names[@]} -gt 0 ]]; then + cert_checkRootCA + cert_generateAdmincertificate + common_logger "Admin certificates created." + if cert_generateIndexercertificates; then + common_logger "Wazuh indexer certificates created." + fi + if cert_generateFilebeatcertificates; then + common_logger "Wazuh server certificates created." + fi + if cert_generateDashboardcertificates; then + common_logger "Wazuh dashboard certificates created." + fi + cert_cleanFiles + cert_setpermisions + eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}" + else + common_logger -e "You must specify at least one indexer, one server and one dashboard node." + exit 1 fi - cert_cleanFiles - cert_setpermisions - eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}" fi if [[ -n "${ca}" ]]; then diff --git a/unattended_installer/common_functions/common.sh b/unattended_installer/common_functions/common.sh index 26b5556afd..57a7ccadd8 100644 --- a/unattended_installer/common_functions/common.sh +++ b/unattended_installer/common_functions/common.sh @@ -68,9 +68,9 @@ function common_checkInstalled() { dashboard_installed="" if [ "${sys_type}" == "yum" ]; then - wazuh_installed=$(yum list installed 2>/dev/null | grep wazuh-manager) + wazuh_installed=$(yum list installed 2>/dev/null | grep wazuh-manager | sed 's/ */ /g'| cut -d' ' -f2 | sed "s/-.*//g") elif [ "${sys_type}" == "apt-get" ]; then - wazuh_installed=$(apt list --installed 2>/dev/null | grep wazuh-manager) + wazuh_installed=$(apt list --installed 2>/dev/null | grep wazuh-manager | cut -d' ' -f2 | sed "s/-.*//") fi if [ -d "/var/ossec" ]; then @@ -78,9 +78,9 @@ function common_checkInstalled() { fi if [ "${sys_type}" == "yum" ]; then - indexer_installed=$(yum list installed 2>/dev/null | grep wazuh-indexer) + indexer_installed=$(yum list installed 2>/dev/null | grep wazuh-indexer | sed 's/ */ /g'| cut -d' ' -f2 | sed "s/-.*//g") elif [ "${sys_type}" == "apt-get" ]; then - indexer_installed=$(apt list --installed 2>/dev/null | grep wazuh-indexer) + indexer_installed=$(apt list --installed 2>/dev/null | grep wazuh-indexer | cut -d' ' -f2 | sed "s/-.*//") fi if [ -d "/var/lib/wazuh-indexer/" ] || [ -d "/usr/share/wazuh-indexer" ] || [ -d "/etc/wazuh-indexer" ] || [ -f "${base_path}/search-guard-tlstool*" ]; then @@ -88,9 +88,9 @@ function common_checkInstalled() { fi if [ "${sys_type}" == "yum" ]; then - filebeat_installed=$(yum list installed 2>/dev/null | grep filebeat) + filebeat_installed=$(yum list installed 2>/dev/null | grep filebeat | sed 's/ */ /g'| cut -d' ' -f2 | sed "s/-.*//g") elif [ "${sys_type}" == "apt-get" ]; then - filebeat_installed=$(apt list --installed 2>/dev/null | grep filebeat) + filebeat_installed=$(apt list --installed 2>/dev/null | grep filebeat | cut -d' ' -f2 | sed "s/-.*//") fi if [ -d "/var/lib/filebeat/" ] || [ -d "/usr/share/filebeat" ] || [ -d "/etc/filebeat" ]; then @@ -98,9 +98,9 @@ function common_checkInstalled() { fi if [ "${sys_type}" == "yum" ]; then - dashboard_installed=$(yum list installed 2>/dev/null | grep wazuh-dashboard) + dashboard_installed=$(yum list installed 2>/dev/null | grep wazuh-dashboard | sed 's/ */ /g'| cut -d' ' -f2 | sed "s/-.*//g") elif [ "${sys_type}" == "apt-get" ]; then - dashboard_installed=$(apt list --installed 2>/dev/null | grep wazuh-dashboard) + dashboard_installed=$(apt list --installed 2>/dev/null | grep wazuh-dashboard | cut -d' ' -f2 | sed "s/-.*//") fi if [ -d "/var/lib/wazuh-dashboard/" ] || [ -d "/usr/share/wazuh-dashboard" ] || [ -d "/etc/wazuh-dashboard" ] || [ -d "/run/wazuh-dashboard/" ]; then @@ -118,7 +118,7 @@ function common_checkSystem() { sys_type="apt-get" sep="=" else - common_logger -e "Couldn'd find type of system" + common_logger -e "Couldn't find type of system" exit 1 fi @@ -134,21 +134,42 @@ function common_checkWazuhConfigYaml() { } +# Retries even if the --retry-connrefused is not available +function common_curl() { + + if [ -n "${curl_has_connrefused}" ]; then + eval "curl $@ --retry-connrefused" + e_code="${PIPESTATUS[0]}" + else + retries=0 + eval "curl $@" + e_code="${PIPESTATUS[0]}" + while [ "${e_code}" -eq 7 ] && [ "${retries}" -ne 12 ]; do + retries=$((retries+1)) + sleep 5 + eval "curl $@" + e_code="${PIPESTATUS[0]}" + done + fi + return "${e_code}" + +} + function common_remove_gpg_key() { - + if [ "${sys_type}" == "yum" ]; then if { rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n' | grep "Wazuh"; } >/dev/null ; then key=$(rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n' | grep "Wazuh Signing Key" | awk '{print $1}' ) rpm -e "${key}" else - common_logger "Wazuh GPG key was not found in the system." + common_logger "Wazuh GPG key not found in the system" return 1 fi elif [ "${sys_type}" == "apt-get" ]; then if [ -f "/usr/share/keyrings/wazuh.gpg" ]; then rm -rf "/usr/share/keyrings/wazuh.gpg" else - common_logger "Wazuh GPG key was not found in the system" + common_logger "Wazuh GPG key not found in the system" return 1 fi fi diff --git a/unattended_installer/config/certificate/config.yml b/unattended_installer/config/certificate/config.yml index 40493ba508..c61a756330 100644 --- a/unattended_installer/config/certificate/config.yml +++ b/unattended_installer/config/certificate/config.yml @@ -2,25 +2,25 @@ nodes: # Wazuh indexer nodes indexer: - name: indexer-1 - ip: + ip: "" - name: indexer-2 - ip: + ip: "" - name: indexer-3 - ip: + ip: "" server: - name: server-1 - ip: + ip: "" node_type: master - name: server-2 - ip: + ip: "" node_type: worker - name: server-3 - ip: + ip: "" node_type: worker dashboard: - name: dashboard-1 - ip: + ip: "" - name: dashboard-2 - ip: + ip: "" - name: dashboard-3 - ip: + ip: "" diff --git a/unattended_installer/config/dashboard/dashboard.yml b/unattended_installer/config/dashboard/dashboard.yml index 30994d2ef5..0df1afc25e 100644 --- a/unattended_installer/config/dashboard/dashboard.yml +++ b/unattended_installer/config/dashboard/dashboard.yml @@ -4,7 +4,7 @@ server.port: 443 opensearch.ssl.verificationMode: certificate # opensearch.username: kibanaserver # opensearch.password: kibanaserver -opensearch.requestHeadersAllowlist: ["securitytenant","Authorization"] +opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] opensearch_security.multitenancy.enabled: false opensearch_security.readonly_mode.roles: ["kibana_read_only"] server.ssl.enabled: true diff --git a/unattended_installer/config/dashboard/dashboard_all_in_one.yml b/unattended_installer/config/dashboard/dashboard_all_in_one.yml index 8165c78cb1..b84717408b 100644 --- a/unattended_installer/config/dashboard/dashboard_all_in_one.yml +++ b/unattended_installer/config/dashboard/dashboard_all_in_one.yml @@ -4,7 +4,7 @@ opensearch.hosts: https://localhost:9200 opensearch.ssl.verificationMode: certificate # opensearch.username: kibanaserver # opensearch.password: kibanaserver -opensearch.requestHeadersAllowlist: ["securitytenant","Authorization"] +opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] opensearch_security.multitenancy.enabled: false opensearch_security.readonly_mode.roles: ["kibana_read_only"] server.ssl.enabled: true diff --git a/unattended_installer/config/dashboard/dashboard_unattended.yml b/unattended_installer/config/dashboard/dashboard_unattended.yml index 68ea04dcf8..8700bcb7da 100644 --- a/unattended_installer/config/dashboard/dashboard_unattended.yml +++ b/unattended_installer/config/dashboard/dashboard_unattended.yml @@ -4,7 +4,7 @@ server.port: 443 opensearch.ssl.verificationMode: certificate # opensearch.username: kibanaserver # opensearch.password: kibanaserver -opensearch.requestHeadersAllowlist: ["securitytenant","Authorization"] +opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] opensearch_security.multitenancy.enabled: false opensearch_security.readonly_mode.roles: ["kibana_read_only"] server.ssl.enabled: true diff --git a/unattended_installer/config/dashboard/dashboard_unattended_distributed.yml b/unattended_installer/config/dashboard/dashboard_unattended_distributed.yml index c0cc8d2cbf..afaafa893a 100644 --- a/unattended_installer/config/dashboard/dashboard_unattended_distributed.yml +++ b/unattended_installer/config/dashboard/dashboard_unattended_distributed.yml @@ -2,7 +2,7 @@ server.port: 443 opensearch.ssl.verificationMode: certificate # opensearch.username: kibanaserver # opensearch.password: kibanaserver -opensearch.requestHeadersAllowlist: ["securitytenant","Authorization"] +opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] opensearch_security.multitenancy.enabled: false opensearch_security.readonly_mode.roles: ["kibana_read_only"] server.ssl.enabled: true diff --git a/unattended_installer/install_functions/checks.sh b/unattended_installer/install_functions/checks.sh index 288ef6b47c..dc46b386a4 100644 --- a/unattended_installer/install_functions/checks.sh +++ b/unattended_installer/install_functions/checks.sh @@ -52,19 +52,19 @@ function checks_arguments() { fi if [ -z "${wazuh_installed}" ] && [ -z "${wazuh_remaining_files}" ]; then - common_logger "Wazuh manager was not found in the system so it was not uninstalled." + common_logger "Wazuh manager not found in the system so it was not uninstalled." fi if [ -z "${filebeat_installed}" ] && [ -z "${filebeat_remaining_files}" ]; then - common_logger "Filebeat was not found in the system so it was not uninstalled." + common_logger "Filebeat not found in the system so it was not uninstalled." fi if [ -z "${indexer_installed}" ] && [ -z "${indexer_remaining_files}" ]; then - common_logger "Wazuh indexer was not found in the system so it was not uninstalled." + common_logger "Wazuh indexer not found in the system so it was not uninstalled." fi if [ -z "${dashboard_installed}" ] && [ -z "${dashboard_remaining_files}" ]; then - common_logger "Wazuh dashboard was not found in the system so it was not uninstalled." + common_logger "Wazuh dashboard not found in the system so it was not uninstalled." fi fi @@ -154,8 +154,8 @@ function checks_arguments() { # -------------- Global ----------------------------------------- - if [ -z "${AIO}" ] && [ -z "${indexer}" ] && [ -z "${dashboard}" ] && [ -z "${wazuh}" ] && [ -z "${start_indexer_cluster}" ] && [ -z "${configurations}" ] && [ -z "${uninstall}" ] && [ -z "${download}" ]; then - common_logger -e "At least one of these arguments is necessary -a|--all-in-one, -g|--generate-config-files, -wi|--wazuh-indexer, -wd|--wazuh-dashboard, -s|--start-cluster, -ws|--wazuh-server, -u|--uninstall, -dw|--download-wazuh." + if [ -z "${AIO}" ] && [ -z "${indexer}" ] && [ -z "${dashboard}" ] && [ -z "${wazuh}" ] && [ -z "${start_indexer_cluster}" ] && [ -z "${configurations}" ] && [ -z "${uninstall}" ] && [ -z "${download}" ] && [ -z "${upgrade}" ]; then + common_logger -e "At least one of these arguments is necessary -a|--all-in-one, -g|--generate-config-files, , -up|--upgrade, -wi|--wazuh-indexer, -wd|--wazuh-dashboard, -s|--start-cluster, -ws|--wazuh-server, -u|--uninstall, -dw|--download-wazuh." exit 1 fi @@ -166,6 +166,17 @@ function checks_arguments() { } +# Checks if the --retry-connrefused is available in curl +function check_curlVersion() { + + # --retry-connrefused was added in 7.52.0 + curl_version=$(curl -V | head -n 1 | awk '{ print $2 }') + if [ $(check_versions ${curl_version} 7.52.0) == "0" ]; then + curl_has_connrefused=0 + fi + +} + function check_dist() { dist_detect if [ "${DIST_NAME}" != "centos" ] && [ "${DIST_NAME}" != "rhel" ] && [ "${DIST_NAME}" != "amzn" ] && [ "${DIST_NAME}" != "ubuntu" ]; then @@ -298,27 +309,16 @@ function checks_previousCertificate() { fi } -function checks_specifications() { - - cores=$(grep -c processor /proc/cpuinfo) - ram_gb=$(free -m | awk '/^Mem:/{print $2}') - -} - function checks_ports() { used_port=0 ports=("$@") - if command -v ss > /dev/null; then - port_command="ss -lntup | grep -q " + if command -v lsof > /dev/null; then + port_command="lsof -sTCP:LISTEN -i:" else - if command -v lsof > /dev/null; then - port_command="lsof -i:" - else - common_logger -w "Cannot find ss or lsof. Port checking will be skipped." - return 1 - fi + common_logger -w "Cannot find lsof. Port checking will be skipped." + return 1 fi for i in "${!ports[@]}"; do @@ -335,3 +335,96 @@ function checks_ports() { fi } + +function checks_specifications() { + + cores=$(grep -c processor /proc/cpuinfo) + ram_gb=$(free -m | awk '/^Mem:/{print $2}') + +} + +function checks_upgrade() { + + installCommon_readPasswordFileUsers + + ## Check if Wazuh indexer is working properly + + if [ -n ${indexer_installed} ] + installCommon_getPass "admin" + + if common_curl -s -u admin:"${u_pass}" -k -XGET "https://127.0.0.1:9200/_cluster/health?pretty" | grep -q "red"; then + common_logger -e "Cluster health is in red state. Please, check it before upgrading." + exit 1 + fi + + if common_curl -s -u admin:"${u_pass}" -k -XGET "https://127.0.0.1:9200/_cluster/health?pretty" | grep -q "yellow" && []; then + if [ -z "${force}" ]; then + common_logger -e "Cluster health is in yellow state. If you want to continue with the upgrade, please, run the script with the option -f|--force." + exit 1 + else + common_logger -w "Cluster health is in yellow state." + fi + fi + + if common_curl -s -u admin:"${u_pass}" -k -XGET "https://127.0.0.1:9200/_cat/indices?pretty" | grep -q "red"; then + common_logger -e "Some indices in the Wazuh indexer cluster are in red state. Please, check it before upgrading." + exit 1 + fi + + if common_curl -s -u admin:"${u_pass}" -k -XGET "https://127.0.0.1:9200/_cat/indices?pretty" | grep -q "yellow" && []; then + if [ -z "${force}" ]; then + common_logger -e "Some indices in the Wazuh indexer cluster are in yellow state. If you want to continue with the upgrade, please, run the script with the option -f|--force." + exit 1 + else + common_logger -w "Some indices in the Wazuh indexer cluster are in yellow state." + fi + fi + fi + + ## Check if Wazuh server is working properly + + if [ -n ${wazuh_installed} ] + installCommon_getAPIPass "wazuh" + + if ! common_curl -s -k -X GET -H "Authorization: Bearer $TOKEN_API" -H "Content-Type: application/json" "https://localhost:55000/?pretty=true" --output /dev/null + common_logger -e "Wazuh API is not working properly. Please, check it before upgrading." + exit 1 + fi + + if /var/ossec/bin/cluster_control -l ; then + if ! common_curl -s -k -X GET -H "Authorization: Bearer $TOKEN_API" -H "Content-Type: application/json" "https://localhost:55000/cluster/healthcheck?pretty=true" | grep "All selected nodes healthcheck information was returned" ; then + common_logger -e "Some nodes in the Wazuh manager cluster are not working properly. Please, check it before upgrading." + exit 1 + fi + fi + fi + + ## Check if Filebeat is working properly + + if [ -n ${filebeat_installed} ]; then + if ! filebeat test output > /dev/null; then + common_logger -e "Filebeat is not working properly. Please, check it before upgrading." + exit 1 + fi + fi + + ## Check if Wazuh dashboard is working properly + + if [ -n ${dashboard_installed} ]; then + if ![ "$(common_curl -XGET https://localhost/status -uadmin:"${u_pass}" -k -w %"{http_code}" -s -o /dev/null)" -ne "200" ]; then + common_logger -e "Wazuh dashboard is not responding properly. Please, check it before upgrading." + exit 1 + fi + fi +} + +# Checks if the first version is greater equal than to second one +function check_versions() { + + if test "$(echo "$@" | tr " " "\n" | sort -rV | head -n 1)" == "$1"; then + echo 0 + else + echo 1 + fi + +} diff --git a/unattended_installer/install_functions/dashboard.sh b/unattended_installer/install_functions/dashboard.sh index bff659ff3a..706d8581dc 100644 --- a/unattended_installer/install_functions/dashboard.sh +++ b/unattended_installer/install_functions/dashboard.sh @@ -98,12 +98,7 @@ function dashboard_initialize() { print_ip="${nodes_dashboard_ip}" fi - until [ "$(curl -XGET https://"${nodes_dashboard_ip}"/status -uadmin:"${u_pass}" -k -w %"{http_code}" -s -o /dev/null)" -eq "200" ] || [ "${j}" -eq "12" ]; do - sleep 10 - j=$((j+1)) - done - - if [ ${j} -lt 12 ]; then + if [ "$(common_curl -XGET https://"${nodes_dashboard_ip}"/status -uadmin:"${u_pass}" -k -w %"{http_code}" -s -o /dev/null --max-time 300 --retry 12 --retry-delay 10 --fail)" -eq "200" ]; then if [ "${#server_node_names[@]}" -eq 1 ]; then wazuh_api_address=${server_node_ips[0]} else @@ -121,7 +116,7 @@ function dashboard_initialize() { common_logger -nl "--- Summary ---" common_logger -nl "You can access the web interface https://${print_ip}\n User: admin\n Password: ${u_pass}" - elif [ ${j} -eq 12 ]; then + else flag="-w" if [ -z "${force}" ]; then flag="-e" @@ -130,13 +125,12 @@ function dashboard_initialize() { common_logger "${flag}" "Cannot connect to Wazuh dashboard." for i in "${!indexer_node_ips[@]}"; do - curl=$(curl -XGET https://"${indexer_node_ips[i]}":9200/ -uadmin:"${u_pass}" -k -s) + curl=$(common_curl -XGET https://"${indexer_node_ips[i]}":9200/ -uadmin:"${u_pass}" -k -s --max-time 300 --retry 5 --retry-delay 5 --fail) exit_code=${PIPESTATUS[0]} if [[ "${exit_code}" -eq "7" ]]; then failed_connect=1 failed_nodes+=("${indexer_node_names[i]}") - fi - if [ "${curl}" == "OpenSearch Security not initialized." ]; then + elif [ "${exit_code}" -eq "22" ]; then sec_not_initialized=1 fi done @@ -164,11 +158,7 @@ function dashboard_initializeAIO() { common_logger "Initializing Wazuh dashboard web application." installCommon_getPass "admin" - until [ "$(curl -XGET https://localhost/status -uadmin:"${u_pass}" -k -w %"{http_code}" -s -o /dev/null)" -eq "200" ] || [ "${i}" -eq 12 ]; do - sleep 10 - i=$((i+1)) - done - if [ ${i} -eq 12 ]; then + if [ "$(common_curl -XGET https://localhost/status -uadmin:"${u_pass}" -k -w %"{http_code}" -s -o /dev/null --max-time 300 --retry 12 --retry-delay 10 --fail)" -ne "200" ]; then common_logger -e "Cannot connect to Wazuh dashboard." installCommon_rollBack exit 1 @@ -191,7 +181,9 @@ function dashboard_install() { common_checkInstalled if [ "$install_result" != 0 ] || [ -z "${dashboard_installed}" ]; then common_logger -e "Wazuh dashboard installation failed." - installCommon_rollBack + if [ -z ${upgrade} ]; then + installCommon_rollBack + fi exit 1 else common_logger "Wazuh dashboard installation finished." diff --git a/unattended_installer/install_functions/filebeat.sh b/unattended_installer/install_functions/filebeat.sh index 26447bd0e6..7c0e29448f 100644 --- a/unattended_installer/install_functions/filebeat.sh +++ b/unattended_installer/install_functions/filebeat.sh @@ -8,15 +8,15 @@ function filebeat_configure(){ - eval "curl -so /etc/filebeat/wazuh-template.json ${filebeat_wazuh_template} --max-time 300 ${debug}" + eval "common_curl -so /etc/filebeat/wazuh-template.json ${filebeat_wazuh_template} --max-time 300 --retry 5 --retry-delay 5 --fail ${debug}" if [ ! -f "/etc/filebeat/wazuh-template.json" ]; then common_logger -e "Error downloading wazuh-template.json file." installCommon_rollBack exit 1 fi - + eval "chmod go+r /etc/filebeat/wazuh-template.json ${debug}" - eval "curl -s ${filebeat_wazuh_module} --max-time 300 | tar -xvz -C /usr/share/filebeat/module ${debug}" + eval "common_curl -s ${filebeat_wazuh_module} --max-time 300 --retry 5 --retry-delay 5 --fail | tar -xvz -C /usr/share/filebeat/module ${debug}" if [ ! -d "/usr/share/filebeat/module" ]; then common_logger -e "Error downloading wazuh filebeat module." installCommon_rollBack diff --git a/unattended_installer/install_functions/indexer.sh b/unattended_installer/install_functions/indexer.sh index bab72864b9..eabee32645 100644 --- a/unattended_installer/install_functions/indexer.sh +++ b/unattended_installer/install_functions/indexer.sh @@ -29,7 +29,7 @@ function indexer_configure() { pos=0 { echo "node.name: ${indxname}" - echo "network.host: ${indexer_node_ips[0]}" + echo "network.host: ${indexer_node_ips[0]}" echo "cluster.initial_master_nodes: ${indxname}" echo "plugins.security.nodes_dn:" echo ' - CN='"${indxname}"',OU=Wazuh,O=Wazuh,L=California,C=US' @@ -108,15 +108,54 @@ function indexer_copyCertificates() { } +function indexer_disableShardAllocation() { + + common_logger "Disabling shard allocation." + + if [ -z "${u_pass}" ]; then + common_logger -e "Could not disable shard allocation. Admin password not found." + exit 1 + fi + + eval "curl -XPUT https://127.0.0.1:9200/_cluster/settings -H 'Content-Type: application/json' -d '{\"persistent\": {\"cluster.routing.allocation.enable\": \"primaries\"}}' -uadmin:${u_pass} -k --silent ${debug}" + + if [ "${PIPESTATUS[0]}" != 0 ]; then + common_logger -e "Shard allocation could not be disabled." + exit 1 + else + common_logger "Shard allocation disabled." + fi + + eval "curl -X POST https://127.0.0.1:9200/_flush/synced -uadmin:${u_pass} -k --silent ${debug}" + + if [ "${PIPESTATUS[0]}" != 0 ]; then + common_logger -e "Could not flush synced." + exit 1 + fi +} + + +function indexer_enableShardAllocation() { + + common_logger "Enabling shard allocation." + + eval "curl -XPUT https://127.0.0.1:9200/_cluster/settings -H 'Content-Type: application/json' -d '{\"persistent\": {\"cluster.routing.allocation.enable\": \"all\"}}' -uadmin:${u_pass} -k --silent ${debug}" + + if [ "${PIPESTATUS[0]}" != 0 ]; then + common_logger -e "Shard allocation could not be enabled." + exit 1 + else + common_logger "Shard allocation enabled." + fi +} + function indexer_initialize() { common_logger "Initializing Wazuh indexer cluster security settings." - i=0 - until curl -XGET https://"${indexer_node_ips[pos]}":9200/ -uadmin:admin -k --max-time 120 --silent --output /dev/null || [ "${i}" -eq 12 ]; do - sleep 10 - i=$((i+1)) - done - if [ ${i} -eq 12 ]; then + eval "common_curl -XGET https://"${indexer_node_ips[pos]}":9200/ -uadmin:admin -k --max-time 120 --silent --output /dev/null" + e_code="${PIPESTATUS[0]}" + + if [ "${e_code}" -ne "0" ]; then common_logger -e "Cannot initialize Wazuh indexer cluster." installCommon_rollBack exit 1 @@ -148,7 +187,9 @@ function indexer_install() { common_checkInstalled if [ "$install_result" != 0 ] || [ -z "${indexer_installed}" ]; then common_logger -e "Wazuh indexer installation failed." - installCommon_rollBack + if [ -z ${upgrade} ]; then + installCommon_rollBack + fi exit 1 else common_logger "Wazuh indexer installation finished." @@ -160,21 +201,16 @@ function indexer_install() { function indexer_startCluster() { - retries=0 for ip_to_test in "${indexer_node_ips[@]}"; do - eval "curl -XGET https://"${ip_to_test}":9200/ -k -s -o /dev/null" + eval "common_curl -XGET https://"${ip_to_test}":9200/ -k -s -o /dev/null" e_code="${PIPESTATUS[0]}" - until [ "${e_code}" -ne 7 ] || [ "${retries}" -eq 12 ]; do - sleep 10 - retries=$((retries+1)) - eval "curl -XGET https://"${ip_to_test}":9200/ -k -s -o /dev/null" - e_code="${PIPESTATUS[0]}" - done - if [ ${retries} -eq 12 ]; then + + if [ "${e_code}" -eq "7" ]; then common_logger -e "Connectivity check failed on node ${ip_to_test} port 9200. Possible causes: Wazuh indexer not installed on the node, the Wazuh indexer service is not running or you have connectivity issues with that node. Please check this before trying again." exit 1 fi done + eval "wazuh_indexer_ip=( $(cat /etc/wazuh-indexer/opensearch.yml | grep network.host | sed 's/network.host:\s//') )" eval "sudo -u wazuh-indexer JAVA_HOME=/usr/share/wazuh-indexer/jdk/ OPENSEARCH_CONF_DIR=/etc/wazuh-indexer /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /etc/wazuh-indexer/opensearch-security -icl -p 9200 -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem -h ${wazuh_indexer_ip} ${debug}" if [ "${PIPESTATUS[0]}" != 0 ]; then @@ -183,7 +219,7 @@ function indexer_startCluster() { else common_logger "Wazuh indexer cluster security configuration initialized." fi - eval "curl --silent ${filebeat_wazuh_template} | curl -X PUT 'https://${indexer_node_ips[pos]}:9200/_template/wazuh' -H 'Content-Type: application/json' -d @- -uadmin:admin -k --silent ${debug}" + eval "common_curl --silent ${filebeat_wazuh_template} --max-time 300 --retry 5 --retry-delay 5" | eval "common_curl -X PUT 'https://${indexer_node_ips[pos]}:9200/_template/wazuh' -H 'Content-Type: application/json' -d @- -uadmin:admin -k --silent --max-time 300 --retry 5 --retry-delay 5 ${debug}" if [ "${PIPESTATUS[0]}" != 0 ]; then common_logger -e "The wazuh-alerts template could not be inserted into the Wazuh indexer cluster." exit 1 diff --git a/unattended_installer/install_functions/installCommon.sh b/unattended_installer/install_functions/installCommon.sh index d6145fa1c9..653e281e98 100644 --- a/unattended_installer/install_functions/installCommon.sh +++ b/unattended_installer/install_functions/installCommon.sh @@ -42,10 +42,18 @@ function installCommon_addWazuhRepo() { if [ ! -f "/etc/yum.repos.d/wazuh.repo" ] && [ ! -f "/etc/zypp/repos.d/wazuh.repo" ] && [ ! -f "/etc/apt/sources.list.d/wazuh.list" ] ; then if [ "${sys_type}" == "yum" ]; then eval "rpm --import ${repogpg} ${debug}" + if [ "${PIPESTATUS[0]}" != 0 ]; then + common_logger -e "Cannot import Wazuh GPG key" + exit 1 + fi eval "echo -e '[wazuh]\ngpgcheck=1\ngpgkey=${repogpg}\nenabled=1\nname=EL-\${releasever} - Wazuh\nbaseurl='${repobaseurl}'/yum/\nprotect=1' | tee /etc/yum.repos.d/wazuh.repo ${debug}" eval "chmod 644 /etc/yum.repos.d/wazuh.repo ${debug}" elif [ "${sys_type}" == "apt-get" ]; then - eval "curl -s ${repogpg} --max-time 300 | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import - ${debug}" + eval "common_curl -s ${repogpg} --max-time 300 --retry 5 --retry-delay 5 --fail | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import - ${debug}" + if [ "${PIPESTATUS[0]}" != 0 ]; then + common_logger -e "Cannot import Wazuh GPG key" + exit 1 + fi eval "chmod 644 /usr/share/keyrings/wazuh.gpg ${debug}" eval "echo \"deb [signed-by=/usr/share/keyrings/wazuh.gpg] ${repobaseurl}/apt/ ${reporelease} main\" | tee /etc/apt/sources.list.d/wazuh.list ${debug}" eval "apt-get update -q ${debug}" @@ -97,8 +105,8 @@ function installCommon_changePasswordApi() { for i in "${!api_passwords[@]}"; do if [ -n "${wazuh}" ] || [ -n "${AIO}" ]; then passwords_getApiUserId "${api_users[i]}" - WAZUH_PASS_API='{"password":"'"${api_passwords[i]}"'"}' - eval 'curl -s -k -X PUT -H "Authorization: Bearer $TOKEN_API" -H "Content-Type: application/json" -d "$WAZUH_PASS_API" "https://localhost:55000/security/users/${user_id}" -o /dev/null' + WAZUH_PASS_API='{\"password\":\"'"${api_passwords[i]}"'\"}' + eval 'common_curl -s -k -X PUT -H \"Authorization: Bearer $TOKEN_API\" -H \"Content-Type: application/json\" -d "$WAZUH_PASS_API" "https://localhost:55000/security/users/${user_id}" -o /dev/null --max-time 300 --retry 5 --retry-delay 5 --fail' if [ "${api_users[i]}" == "${adminUser}" ]; then sleep 1 adminPassword="${api_passwords[i]}" @@ -112,14 +120,14 @@ function installCommon_changePasswordApi() { else if [ -n "${wazuh}" ] || [ -n "${AIO}" ]; then passwords_getApiUserId "${nuser}" - WAZUH_PASS_API='{"password":"'"${password}"'"}' - eval 'curl -s -k -X PUT -H "Authorization: Bearer $TOKEN_API" -H "Content-Type: application/json" -d "$WAZUH_PASS_API" "https://localhost:55000/security/users/${user_id}" -o /dev/null' + WAZUH_PASS_API='{\"password\":\"'"${password}"'\"}' + eval 'common_curl -s -k -X PUT -H \"Authorization: Bearer $TOKEN_API\" -H \"Content-Type: application/json\" -d "$WAZUH_PASS_API" "https://localhost:55000/security/users/${user_id}" -o /dev/null --max-time 300 --retry 5 --retry-delay 5 --fail' fi if [ "${nuser}" == "wazuh-wui" ] && { [ -n "${dashboard}" ] || [ -n "${AIO}" ]; }; then passwords_changeDashboardApiPassword "${password}" fi fi - + } function installCommon_createCertificates() { @@ -213,7 +221,7 @@ function installCommon_changePasswords() { passwords_getNetworkHost passwords_generateHash fi - + passwords_changePassword if [ -n "${start_indexer_cluster}" ] || [ -n "${AIO}" ]; then @@ -237,6 +245,15 @@ function installCommon_extractConfig() { } +function installCommon_getAPIPass() { + + for i in "${!api_users[@]}"; do + if [ "${api_users[i]}" == "${1}" ]; then + api_pass=${api_passwords[i]} + fi + done +} + function installCommon_getConfig() { if [ "$#" -ne 2 ]; then @@ -265,14 +282,14 @@ function installCommon_getPass() { function installCommon_installPrerequisites() { if [ "${sys_type}" == "yum" ]; then - dependencies=( curl libcap tar gnupg openssl ) + dependencies=( curl libcap tar gnupg openssl lsof ) not_installed=() for dep in "${dependencies[@]}"; do if [ "${dep}" == "openssl" ]; then - if ! yum list installed 2>/dev/null | grep -q "${dep}\.";then + if ! yum list installed 2>/dev/null | grep -q -E ^"${dep}\.";then not_installed+=("${dep}") fi - elif ! yum list installed 2>/dev/null | grep -q "${dep}";then + elif ! yum list installed 2>/dev/null | grep -q -E ^"${dep}";then not_installed+=("${dep}") fi done @@ -291,11 +308,11 @@ function installCommon_installPrerequisites() { elif [ "${sys_type}" == "apt-get" ]; then eval "apt-get update -q ${debug}" - dependencies=( apt-transport-https curl libcap2-bin tar software-properties-common gnupg openssl ) + dependencies=( apt-transport-https curl libcap2-bin tar software-properties-common gnupg openssl lsof ) not_installed=() for dep in "${dependencies[@]}"; do - if ! apt list --installed 2>/dev/null | grep -q "${dep}"; then + if ! apt list --installed 2>/dev/null | grep -q -E ^"${dep}"; then not_installed+=("${dep}") fi done @@ -489,13 +506,9 @@ function installCommon_rollBack() { fi if [[ ( -n "${indexer_remaining_files}" || -n "${indexer_installed}" ) && ( -n "${indexer}" || -n "${AIO}" || -n "${uninstall}" ) ]]; then - common_logger "Removing Wazuh indexer." - if [ "${sys_type}" == "yum" ]; then - eval "yum remove wazuh-indexer -y ${debug}" - elif [ "${sys_type}" == "apt-get" ]; then - eval "apt-get remove --purge wazuh-indexer -y ${debug}" - fi - common_logger "Wazuh indexer removed." + eval "rm -rf /var/lib/wazuh-indexer/ ${debug}" + eval "rm -rf /usr/share/wazuh-indexer/ ${debug}" + eval "rm -rf /etc/wazuh-indexer/ ${debug}" fi if [[ -n "${filebeat_installed}" && ( -n "${wazuh}" || -n "${AIO}" || -n "${uninstall}" ) ]]; then @@ -568,7 +581,7 @@ function installCommon_startService() { common_logger "Starting service ${1}." - if ps -e | grep -E -q "^\ *1\ .*systemd$"; then + if [[ -d /run/systemd/system ]]; then eval "systemctl daemon-reload ${debug}" eval "systemctl enable ${1}.service ${debug}" eval "systemctl start ${1}.service ${debug}" @@ -582,7 +595,7 @@ function installCommon_startService() { else common_logger "${1} service started." fi - elif ps -e | grep -E -q "^\ *1\ .*init$"; then + elif ps -p 1 -o comm= | grep "init"; then eval "chkconfig ${1} on ${debug}" eval "service ${1} start ${debug}" eval "/etc/init.d/${1} start ${debug}" @@ -613,4 +626,4 @@ function installCommon_startService() { exit 1 fi -} +} \ No newline at end of file diff --git a/unattended_installer/install_functions/installMain.sh b/unattended_installer/install_functions/installMain.sh index c97dcfc366..a9a7892d89 100755 --- a/unattended_installer/install_functions/installMain.sh +++ b/unattended_installer/install_functions/installMain.sh @@ -49,6 +49,9 @@ function getHelp() { echo -e " -u, --uninstall" echo -e " Uninstalls all Wazuh components. This will erase all the existing configuration and data." echo -e "" + echo -e " -up, --upgrade" + echo -e " Upgrades installed Wazuh components." + echo -e "" echo -e " -v, --verbose" echo -e " Shows the complete installation output." echo -e "" @@ -129,6 +132,11 @@ function main() { uninstall=1 shift 1 ;; + "-up"|"--upgrade") + upgrade=1 + indexer_admin_pass="${2}" + shift 2 + ;; "-v"|"--verbose") debugEnabled=1 debug="2>&1 | tee -a ${logfile}" @@ -209,11 +217,22 @@ function main() { common_checkSystem common_checkInstalled checks_arguments +# -------------- Uninstall case ------------------------------------ + if [ -n "${uninstall}" ]; then installCommon_rollBack exit 0 fi +# -------------- Upgrade case ------------------------------------ + + if [ -n "${upgrade}" ]; then + checks_upgrade + installCommon_addWazuhRepo + upgrade_upgradeInstalled + exit 0 + fi + # -------------- Preliminary checks -------------------------------- if [ -z "${configurations}" ] && [ -z "${AIO}" ] && [ -z "${download}" ]; then @@ -246,6 +265,7 @@ function main() { # -------------- Prerequisites and Wazuh repo ---------------------- if [ -n "${AIO}" ] || [ -n "${indexer}" ] || [ -n "${dashboard}" ] || [ -n "${wazuh}" ]; then installCommon_installPrerequisites + check_curlVersion installCommon_addWazuhRepo fi diff --git a/unattended_installer/install_functions/installVariables.sh b/unattended_installer/install_functions/installVariables.sh index 948de99da5..07586ef064 100644 --- a/unattended_installer/install_functions/installVariables.sh +++ b/unattended_installer/install_functions/installVariables.sh @@ -7,8 +7,8 @@ # Foundation. ## Package vars -readonly wazuh_major="4.4" -readonly wazuh_version="4.4.0" +readonly wazuh_major="4.5" +readonly wazuh_version="4.5.0" readonly filebeat_version="7.10.2" readonly wazuh_install_vesion="0.1" diff --git a/unattended_installer/install_functions/manager.sh b/unattended_installer/install_functions/manager.sh index 61f687b41d..0f5b3a505b 100644 --- a/unattended_installer/install_functions/manager.sh +++ b/unattended_installer/install_functions/manager.sh @@ -54,7 +54,9 @@ function manager_install() { common_checkInstalled if [ "$install_result" != 0 ] || [ -z "${wazuh_installed}" ]; then common_logger -e "Wazuh installation failed." - installCommon_rollBack + if [ -z ${upgrade} ]; then + installCommon_rollBack + fi exit 1 else common_logger "Wazuh manager installation finished." diff --git a/unattended_installer/install_functions/upgrade.sh b/unattended_installer/install_functions/upgrade.sh new file mode 100644 index 0000000000..47b0c1e4ba --- /dev/null +++ b/unattended_installer/install_functions/upgrade.sh @@ -0,0 +1,108 @@ +# Wazuh installer - common.sh functions. +# Copyright (C) 2015, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. + + +function upgrade_getUpgradable { + + if [ -n "${wazuh_installed}" ]; then + if [ "${sys_type}" == "yum" ]; then + manager_upgradable=$(yum list wazuh-manager --showduplicates | tail -n +8 | grep -A 5000 ${wazuh_installed} | tail -n +2 | grep ${wazuh_version}) + elif [ "${sys_type}" == "apt-get" ]; then + manager_upgradable=$(apt-get install wazuh-manager=${wazuh_version}-* --dry-run |grep "The following packages will be upgraded:") + fi + fi + + if [ -n "${filebeat_installed}" ]; then + if [ "${sys_type}" == "yum" ]; then + filebeat_upgradable=$(yum list filebeat --showduplicates | tail -n +8 | grep -A 5000 ${filebeat_installed} | tail -n +2 | grep ${filebeat_version}) + elif [ "${sys_type}" == "apt-get" ]; then + filebeat_upgradable=$(apt-get install filebeat=${filebeat_version} --dry-run |grep "The following packages will be upgraded:") + fi + installed_module_version=$(cat /usr/share/filebeat/module/wazuh/alerts/manifest.yml | grep "module_version" | cut -d" " -f2) + installed_module_version_major=$(echo ${installed_module_version} | cut -d"." -f1) + installed_module_version_minor=$(echo ${installed_module_version} | cut -d"." -f2) + filebeat_wazuh_module_major=$(echo ${filebeat_wazuh_module_version} | cut -d"." -f1) + filebeat_wazuh_module_minor=$(echo ${filebeat_wazuh_module_version} | cut -d"." -f2) + if [ "${installed_module_version_major}" -lt "${filebeat_wazuh_module_major}" ] || ([ "${installed_module_version_major}" -eq "${filebeat_wazuh_module_major}" ] && [ "${installed_module_version_minor}" -lt "${filebeat_wazuh_module_minor}" ]); then + module_upgradable="${filebeat_wazuh_module_version}" + fi + fi + + if [ -n "${indexer_installed}" ]; then + if [ "${sys_type}" == "yum" ]; then + indexer_upgradable=$(yum list wazuh-indexer --showduplicates | tail -n +8 | grep -A 5000 ${indexer_installed} | tail -n +2 | grep ${wazuh_version}) + elif [ "${sys_type}" == "apt-get" ]; then + indexer_upgradable=$(apt-get install wazuh-indexer=${wazuh_version}-* --dry-run |grep "The following packages will be upgraded:") + fi + fi + + if [ -n "${dashboard_installed}" ]; then + if [ "${sys_type}" == "yum" ]; then + dashboard_upgradable=$(yum list wazuh-dashboard --showduplicates | tail -n +8 | grep -A 5000 ${wazuh_installed} | tail -n +2 | grep ${wazuh_version}) + elif [ "${sys_type}" == "apt-get" ]; then + dashboard_upgradable=$(apt-get install wazuh-dashboard=${wazuh_version}-* --dry-run |grep "The following packages will be upgraded:") + fi + fi + +} + + +function upgrade_upgradeInstalled(){ + + common_logger "--- Upgrading existing Wazuh installation ---" + + upgrade_getUpgradable + + if [ -n "${wazuh_installed}" ]; then + if [ -n "${manager_upgradable}" ]; then + common_logger "Upgrading Wazuh Manager to ${wazuh_version}" + eval "manager_install ${debug}" + installCommon_startService "wazuh-manager" + else + common_logger -w "Wazuh manager is already installed and the version is equal or greater than ${wazuh_version}." + fi + fi + + if [ -n "${filebeat_installed}" ]; then + if [ -n "${filebeat_upgradable}" ]; then + common_logger "Upgrading Filebeat to ${filebeat_version}" + eval "filebeat_install ${debug}" + installCommon_startService "filebeat" + else + common_logger -w "Filebeat is already installed and the version is equal or greater than ${filebeat_version}." + fi + + if [ -n ${module_upgradable} ];then + common_logger "Upgrading Filebeat module to ${filebeat_wazuh_module_version}" + eval "common_curl -s ${filebeat_wazuh_module} --max-time 300 | tar -xvz -C /usr/share/filebeat/module ${debug}" + fi + fi + + if [ -n "${indexer_installed}" ]; then + if [ -n "${indexer_upgradable}" ]; then + common_logger "Upgrading Wazuh Indexer to ${wazuh_version}" + indexer_disableShardAllocation + eval "indexer_install ${debug}" + indexer_enableShardAllocation + installCommon_startService "wazuh-indexer" + else + common_logger -w "Wazuh Indexer is already installed and the version is equal or greater than ${wazuh_version}." + fi + fi + + if [ -n "${dashboard_installed}" ]; then + if [ -n "${dashboard_upgradable}" ]; then + common_logger "Upgrading Wazuh Dashboard to ${wazuh_version}" + eval "dashboard_install ${debug}" + installCommon_startService "wazuh-dashboard" + else + common_logger -w "Wazuh Dashboard is already installed and the version is equal or greater than ${wazuh_version}." + fi + fi + +} diff --git a/unattended_installer/install_functions/wazuh-offline-download.sh b/unattended_installer/install_functions/wazuh-offline-download.sh index fa8ead27b8..05c9937180 100755 --- a/unattended_installer/install_functions/wazuh-offline-download.sh +++ b/unattended_installer/install_functions/wazuh-offline-download.sh @@ -52,7 +52,7 @@ function offline_download() { exit 1 fi - while curl -s -o /dev/null -w "%{http_code}" "${manager_base_url}/${manager_package}" | grep -q "200"; do + while common_curl -s -I -o /dev/null -w "%{http_code}" "${manager_base_url}/${manager_package}" --max-time 300 --retry 5 --retry-delay 5 --fail | grep -q "200"; do manager_revision=$((manager_revision+1)) if [ "${package_type}" == "rpm" ]; then manager_rpm_package="wazuh-manager-${wazuh_version}-${manager_revision}.x86_64.rpm" @@ -62,7 +62,7 @@ function offline_download() { manager_package="${manager_deb_package}" fi done - if [ "$manager_revision" -gt 1 ] && [ "$(curl -s -o /dev/null -w "%{http_code}" "${manager_base_url}/${manager_package}")" -ne "200" ]; then + if [ "$manager_revision" -gt 1 ] && [ "$(common_curl -s -I -o /dev/null -w "%{http_code}" "${manager_base_url}/${manager_package}" --max-time 300 --retry 5 --retry-delay 5 --fail)" -ne "200" ]; then manager_revision=$((manager_revision-1)) if [ "${package_type}" == "rpm" ]; then manager_rpm_package="wazuh-manager-${wazuh_version}-${manager_revision}.x86_64.rpm" @@ -71,7 +71,7 @@ function offline_download() { fi fi - while curl -s -o /dev/null -w "%{http_code}" "${indexer_base_url}/${indexer_package}" | grep -q "200"; do + while common_curl -s -I -o /dev/null -w "%{http_code}" "${indexer_base_url}/${indexer_package}" --max-time 300 --retry 5 --retry-delay 5 --fail | grep -q "200"; do indexer_revision=$((indexer_revision+1)) if [ "${package_type}" == "rpm" ]; then indexer_rpm_package="wazuh-indexer-${wazuh_version}-${indexer_revision}.x86_64.rpm" @@ -81,7 +81,7 @@ function offline_download() { indexer_package="${indexer_deb_package}" fi done - if [ "$indexer_revision" -gt 1 ] && [ "$(curl -s -o /dev/null -w "%{http_code}" "${indexer_base_url}/${indexer_package}")" -ne "200" ]; then + if [ "$indexer_revision" -gt 1 ] && [ "$(common_curl -s -I -o /dev/null -w "%{http_code}" "${indexer_base_url}/${indexer_package}" --max-time 300 --retry 5 --retry-delay 5 --fail)" -ne "200" ]; then indexer_revision=$((indexer_revision-1)) if [ "${package_type}" == "rpm" ]; then indexer_rpm_package="wazuh-indexer-${wazuh_version}-${indexer_revision}.x86_64.rpm" @@ -90,7 +90,7 @@ function offline_download() { fi fi - while curl -s -o /dev/null -w "%{http_code}" "${dashboard_base_url}/${dashboard_package}" | grep -q "200"; do + while common_curl -s -I -o /dev/null -w "%{http_code}" "${dashboard_base_url}/${dashboard_package}" --max-time 300 --retry 5 --retry-delay 5 --fail | grep -q "200"; do dashboard_revision=$((dashboard_revision+1)) if [ "${package_type}" == "rpm" ]; then dashboard_rpm_package="wazuh-dashboard-${wazuh_version}-${dashboard_revision}.x86_64.rpm" @@ -100,7 +100,7 @@ function offline_download() { dashboard_package="${dashboard_deb_package}" fi done - if [ "$dashboard_revision" -gt 1 ] && [ "$(curl -s -o /dev/null -w "%{http_code}" "${dashboard_base_url}/${dashboard_package}")" -ne "200" ]; then + if [ "$dashboard_revision" -gt 1 ] && [ "$(common_curl -s -I -o /dev/null -w "%{http_code}" "${dashboard_base_url}/${dashboard_package}" --max-time 300 --retry 5 --retry-delay 5 --fail)" -ne "200" ]; then dashboard_revision=$((dashboard_revision-1)) if [ "${package_type}" == "rpm" ]; then dashboard_rpm_package="wazuh-dashboard-${wazuh_version}-${dashboard_revision}.x86_64.rpm" @@ -115,7 +115,7 @@ function offline_download() { package_name="${package}_${package_type}_package" eval "package_base_url=${package}_${package_type}_base_url" - eval "curl -so ${dest_path}/${!package_name} ${!package_base_url}/${!package_name}" + eval "common_curl -so ${dest_path}/${!package_name} ${!package_base_url}/${!package_name} --max-time 300 --retry 5 --retry-delay 5 --fail" if [ "${PIPESTATUS[0]}" != 0 ]; then common_logger -e "The ${package} package could not be downloaded. Exiting." exit 1 @@ -145,7 +145,7 @@ function offline_download() { for file in "${files_to_download[@]}" do - eval "curl -sO ${file}" + eval "common_curl -sO ${file} --max-time 300 --retry 5 --retry-delay 5 --fail" if [ "${PIPESTATUS[0]}" != 0 ]; then common_logger -e "The resource ${file} could not be downloaded. Exiting." exit 1 diff --git a/unattended_installer/passwords_tool/passwordsFunctions.sh b/unattended_installer/passwords_tool/passwordsFunctions.sh index bd9e265303..2633d728e5 100644 --- a/unattended_installer/passwords_tool/passwordsFunctions.sh +++ b/unattended_installer/passwords_tool/passwordsFunctions.sh @@ -83,8 +83,8 @@ function passwords_changePasswordApi() { for i in "${!api_passwords[@]}"; do if [ -n "${wazuh_installed}" ]; then passwords_getApiUserId "${api_users[i]}" - WAZUH_PASS_API='{"password":"'"${api_passwords[i]}"'"}' - eval 'curl -s -k -X PUT -H "Authorization: Bearer $TOKEN_API" -H "Content-Type: application/json" -d "$WAZUH_PASS_API" "https://localhost:55000/security/users/${user_id}" -o /dev/null' + WAZUH_PASS_API='{\"password\":\"'"${api_passwords[i]}"'\"}' + eval 'common_curl -s -k -X PUT -H \"Authorization: Bearer $TOKEN_API\" -H \"Content-Type: application/json\" -d "$WAZUH_PASS_API" "https://localhost:55000/security/users/${user_id}" -o /dev/null --max-time 300 --retry 5 --retry-delay 5 --fail' if [ "${api_users[i]}" == "${adminUser}" ]; then sleep 1 adminPassword="${api_passwords[i]}" @@ -101,8 +101,8 @@ function passwords_changePasswordApi() { else if [ -n "${wazuh_installed}" ]; then passwords_getApiUserId "${nuser}" - WAZUH_PASS_API='{"password":"'"${password}"'"}' - eval 'curl -s -k -X PUT -H "Authorization: Bearer $TOKEN_API" -H "Content-Type: application/json" -d "$WAZUH_PASS_API" "https://localhost:55000/security/users/${user_id}" -o /dev/null' + WAZUH_PASS_API='{\"password\":\"'"${password}"'\"}' + eval 'common_curl -s -k -X PUT -H \"Authorization: Bearer $TOKEN_API\" -H \"Content-Type: application/json\" -d "$WAZUH_PASS_API" "https://localhost:55000/security/users/${user_id}" -o /dev/null --max-time 300 --retry 5 --retry-delay 5 --fail' if [ -z "${AIO}" ] && [ -z "${indexer}" ] && [ -z "${dashboard}" ] && [ -z "${wazuh}" ] && [ -z "${start_indexer_cluster}" ]; then common_logger -nl $"The password for Wazuh API user ${nuser} is ${password}" fi @@ -284,18 +284,18 @@ function passwords_generatePasswordFile() { for i in "${!users[@]}"; do { echo "# ${user_description[${i}]}" - echo " indexer_username: '${users[${i}]}'" - echo " indexer_password: '${passwords[${i}]}'" - echo "" + echo " indexer_username: '${users[${i}]}'" + echo " indexer_password: '${passwords[${i}]}'" + echo "" } >> "${gen_file}" done for i in "${!api_users[@]}"; do { - echo "# ${api_user_description[${i}]}" - echo " api_username: '${api_users[${i}]}'" + echo "# ${api_user_description[${i}]}" + echo " api_username: '${api_users[${i}]}'" echo " api_password: '${api_passwords[${i}]}'" - echo "" + echo "" } >> "${gen_file}" done @@ -303,7 +303,7 @@ function passwords_generatePasswordFile() { function passwords_getApiToken() { - TOKEN_API=$(curl -s -u "${adminUser}":"${adminPassword}" -k -X POST "https://localhost:55000/security/user/authenticate?raw=true") + TOKEN_API=$(common_curl -s -u "${adminUser}":"${adminPassword}" -k -X POST "https://localhost:55000/security/user/authenticate?raw=true" --max-time 300 --retry 5 --retry-delay 5) if [[ ${TOKEN_API} =~ "Invalid credentials" ]]; then common_logger -e "Invalid admin user credentials" if [[ $(type -t installCommon_rollBack) == "function" ]]; then @@ -316,13 +316,13 @@ function passwords_getApiToken() { function passwords_getApiUsers() { - mapfile -t api_users < <(curl -s -k -X GET -H "Authorization: Bearer $TOKEN_API" -H "Content-Type: application/json" "https://localhost:55000/security/users?pretty=true" | grep username | awk -F': ' '{print $2}' | sed -e "s/[\'\",]//g") + mapfile -t api_users < <(common_curl -s -k -X GET -H \"Authorization: Bearer $TOKEN_API\" -H \"Content-Type: application/json\" \"https://localhost:55000/security/users?pretty=true\" --max-time 300 --retry 5 --retry-delay 5 | grep username | awk -F': ' '{print $2}' | sed -e "s/[\'\",]//g") } function passwords_getApiIds() { - mapfile -t api_ids < <(curl -s -k -X GET -H "Authorization: Bearer $TOKEN_API" -H "Content-Type: application/json" "https://localhost:55000/security/users?pretty=true" | grep id | awk -F': ' '{print $2}' | sed -e "s/[\'\",]//g") + mapfile -t api_ids < <(common_curl -s -k -X GET -H \"Authorization: Bearer $TOKEN_API\" -H \"Content-Type: application/json\" \"https://localhost:55000/security/users?pretty=true\" --max-time 300 --retry 5 --retry-delay 5 | grep id | awk -F': ' '{print $2}' | sed -e "s/[\'\",]//g") } @@ -492,7 +492,7 @@ For Wazuh API users, the file must have this format: mapfile -t passwords < <(printf "%s\n" "${finalpasswords[@]}") mapfile -t api_users < <(printf "%s\n" "${finalapiusers[@]}") mapfile -t api_passwords < <(printf "%s\n" "${finalapipasswords[@]}") - + changeall=1 fi @@ -512,7 +512,7 @@ function passwords_restartService() { exit 1 fi - if ps -e | grep -E -q "^\ *1\ .*systemd$"; then + if [[ -d /run/systemd/system ]]; then eval "systemctl daemon-reload ${debug}" eval "systemctl restart ${1}.service ${debug}" if [ "${PIPESTATUS[0]}" != 0 ]; then @@ -527,7 +527,7 @@ function passwords_restartService() { else common_logger -d "${1} started." fi - elif ps -e | grep -E -q "^\ *1\ .*init$"; then + elif ps -p 1 -o comm= | grep "init"; then eval "/etc/init.d/${1} restart ${debug}" if [ "${PIPESTATUS[0]}" != 0 ]; then common_logger -e "${1} could not be started."