Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ignoring /run and /var/run from the list of packaged directories #286

Merged
merged 4 commits into from
Jul 2, 2024
Merged

Ignoring /run and /var/run from the list of packaged directories #286

merged 4 commits into from
Jul 2, 2024

Conversation

f-galland
Copy link
Member

Description

This PR excludes /var/run and /run permissions from being modified upon package installation.

Issues Resolved

Resolves #284

Check List

  • New functionality includes testing.
    • All tests pass
  • New functionality has been documented.
    • New functionality has javadoc added
  • Failing checks are inspected and point to the corresponding known issue(s) (See: Troubleshooting Failing Builds)
  • Commits are signed per the DCO using --signoff
  • Commit changes are listed out in CHANGELOG.md file (See: Changelog)
  • Public documentation issue/PR created

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@f-galland
Copy link
Member Author

Permissions on /run are not affected after installation of the package:

[root@alma ~]# ls -lsah / | grep run
   0 drwxr-xr-x  15 root   root    440 Jun 28 17:42 run
[root@alma ~]# yum install /wazuh-indexer-4.9.0.x86_64.rpm 
Last metadata expiration check: 1:37:08 ago on Fri Jun 28 16:05:32 2024.
Dependencies resolved.
======================================================================================================================================================================================
 Package                                        Architecture                            Version                                   Repository                                     Size
======================================================================================================================================================================================
Installing:
 wazuh-indexer                                  x86_64                                  4.9.0-0                                   @commandline                                  813 M

Transaction Summary
======================================================================================================================================================================================
Install  1 Package

Total size: 813 M
Installed size: 1.0 G
Is this ok [y/N]: y
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                                              1/1 
  Running scriptlet: wazuh-indexer-4.9.0-0.x86_64                                                                                                                                 1/1 
  Installing       : wazuh-indexer-4.9.0-0.x86_64                                                                                                                                 1/1 
  Running scriptlet: wazuh-indexer-4.9.0-0.x86_64                                                                                                                                 1/1 
### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable wazuh-indexer.service
### You can start wazuh-indexer service by executing
 sudo systemctl start wazuh-indexer.service

  Verifying        : wazuh-indexer-4.9.0-0.x86_64                                                                                                                                 1/1 

Installed:
  wazuh-indexer-4.9.0-0.x86_64                                                                                                                                                        

Complete!
[root@alma ~]# ls -lsah / | grep run
   0 drwxr-xr-x  16 root   root    460 Jun 28 17:42 run

@AlexRuiz7 AlexRuiz7 mentioned this pull request Jul 1, 2024
Closed
8 tasks
@AlexRuiz7 AlexRuiz7 marked this pull request as ready for review July 1, 2024 11:13
@AlexRuiz7 AlexRuiz7 requested a review from a team as a code owner July 1, 2024 11:13
AlexRuiz7
AlexRuiz7 previously approved these changes Jul 1, 2024
View reviewed changes
Copy link
Member

@AlexRuiz7 AlexRuiz7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Packages build workflow pass https://github.com/wazuh/wazuh-indexer/actions/runs/9716629264

@f-galland
Copy link
Member Author

While testing the change to using /var/run instead of /run in Alma Linux 8, I get the following output on package installation:

[/usr/lib/tmpfiles.d/wazuh-indexer.conf:1] Line references path below legacy directory /var/run/, updating /var/run/wazuh-indexer → /run/wazuh-indexer; please update the tmpfiles.d/ drop-in file accordingly.

  Verifying        : wazuh-indexer-4.9.0-0.x86_64                                                                                                                                 1/1 

Installed:
  wazuh-indexer-4.9.0-0.x86_64                                                                                                                                                        

Complete!

@AlexRuiz7
Copy link
Member

AlexRuiz7 commented Jul 2, 2024
edited
Loading

Cannot reproduce on OpenSearch 2.13.0 + RHEL 7

[vagrant@rhel7 ~]$ sudo env OPENSEARCH_INITIAL_ADMIN_PASSWORD=SecretPassword.1234 yum install 'opensearch-2.13.0'
Failed to set locale, defaulting to C
Loaded plugins: product-id, search-disabled-repos
Resolving Dependencies
--> Running transaction check
---> Package opensearch.x86_64 0:2.13.0-1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================================================================================================================
 Package                                        Arch                                       Version                                         Repository                                          Size
====================================================================================================================================================================================================
Installing:
 opensearch                                     x86_64                                     2.13.0-1                                        opensearch-2.x                                     799 M

Transaction Summary
====================================================================================================================================================================================================
Install  1 Package

Total download size: 799 M
Installed size: 1.1 G
Is this ok [y/d/N]: y
Downloading packages:
warning: /var/cache/yum/x86_64/7Server/opensearch-2.x/packages/opensearch-2.13.0-linux-x64.rpm: Header V4 RSA/SHA512 Signature, key ID 9310d3fc: NOKEY=========== ]  18 MB/s | 793 MB  00:00:00 ETA 
Public key for opensearch-2.13.0-linux-x64.rpm is not installed
opensearch-2.13.0-linux-x64.rpm                                                                                                                                              | 799 MB  00:00:45     
Retrieving key from https://artifacts.opensearch.org/publickeys/opensearch.pgp
Importing GPG key 0x9310D3FC:
 Userid     : "OpenSearch project <[email protected]>"
 Fingerprint: c5b7 4989 65ef d1c2 924b a9d5 39d3 1987 9310 d3fc
 From       : https://artifacts.opensearch.org/publickeys/opensearch.pgp
Is this ok [y/N]: y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : opensearch-2.13.0-1.x86_64                                                                                                                                                       1/1 
### NOT starting on installation, please execute the following statements to configure opensearch service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable opensearch.service
### You can start opensearch service by executing
 sudo systemctl start opensearch.service
### Create opensearch demo certificates in /etc/opensearch/
 See demo certs creation log in /var/log/opensearch/install_demo_configuration.log
### Breaking change in packaging since 2.13.0
 In 2.13.0 and later releases of OpenSearch, we have changed the permissions associated with access to installed files
 If you are configuring tools that require read access to the OpenSearch configuration files, we recommend you add the user that runs these tools to the 'opensearch' group
 For more information, see https://github.com/opensearch-project/opensearch-build/pull/4043
  Verifying  : opensearch-2.13.0-1.x86_64                                                                                                                                                       1/1 

Installed:
  opensearch.x86_64 0:2.13.0-1                                                                                                                                                                      

Complete!

@AlexRuiz7
Copy link
Member

Can reproduce on OpenSearch 2.13.0 + ALMA 8

[vagrant@alma8 ~]$ sudo curl -SL https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/opensearch-2.x.repo -o /etc/yum.repos.d/opensearch-2.x.repo
NSEARCH_INITIAL_ADMIN_PASSWORD=SecretPassword.1234 yum install 'opensearch-2.13.0'  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   242  100   242    0     0   1581      0 --:--:-- --:--:-- --:--:--  1571
[vagrant@alma8 ~]$ sudo env OPENSEARCH_INITIAL_ADMIN_PASSWORD=SecretPassword.1234 yum install 'opensearch-2.13.0' -y
Failed to set locale, defaulting to C.UTF-8
AlmaLinux 8 - BaseOS                                                                                                                  2.2 MB/s | 4.0 MB     00:01    
AlmaLinux 8 - AppStream                                                                                                               6.7 MB/s |  11 MB     00:01    
AlmaLinux 8 - Extras                                                                                                                   31 kB/s |  21 kB     00:00    
Extra Packages for Enterprise Linux 8 - x86_64                                                                                        8.2 MB/s |  14 MB     00:01    
OpenSearch 2.x                                                                                                                        3.6 kB/s | 498  B     00:00    
OpenSearch 2.x                                                                                                                         58 kB/s | 4.2 kB     00:00    
Importing GPG key 0x9310D3FC:
 Userid     : "OpenSearch project <[email protected]>"
 Fingerprint: C5B7 4989 65EF D1C2 924B A9D5 39D3 1987 9310 D3FC
 From       : https://artifacts.opensearch.org/publickeys/opensearch.pgp
OpenSearch 2.x                                                                                                                        1.2 MB/s | 356 kB     00:00    
Dependencies resolved.
======================================================================================================================================================================
 Package                                 Architecture                        Version                                Repository                                   Size
======================================================================================================================================================================
Installing:
 opensearch                              x86_64                              2.13.0-1                               opensearch-2.x                              799 M

Transaction Summary
======================================================================================================================================================================
Install  1 Package

Total download size: 799 M
Installed size: 1.1 G
Downloading Packages:
opensearch-2.13.0-linux-x64.rpm                                                                                                        48 MB/s | 799 MB     00:16    
----------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                  48 MB/s | 799 MB     00:16     
OpenSearch 2.x                                                                                                                         14 kB/s | 4.2 kB     00:00    
Importing GPG key 0x9310D3FC:
 Userid     : "OpenSearch project <[email protected]>"
 Fingerprint: C5B7 4989 65EF D1C2 924B A9D5 39D3 1987 9310 D3FC
 From       : https://artifacts.opensearch.org/publickeys/opensearch.pgp
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                              1/1 
  Running scriptlet: opensearch-2.13.0-1.x86_64                                                                                                                   1/1 
  Installing       : opensearch-2.13.0-1.x86_64                                                                                                                   1/1 
  Running scriptlet: opensearch-2.13.0-1.x86_64                                                                                                                   1/1 
[opensearch.conf:1] Line references path below legacy directory /var/run/, updating /var/run/opensearch → /run/opensearch; please update the tmpfiles.d/ drop-in file accordingly.
### NOT starting on installation, please execute the following statements to configure opensearch service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable opensearch.service
### You can start opensearch service by executing
 sudo systemctl start opensearch.service
### Create opensearch demo certificates in /etc/opensearch/
 See demo certs creation log in /var/log/opensearch/install_demo_configuration.log
### Breaking change in packaging since 2.13.0
 In 2.13.0 and later releases of OpenSearch, we have changed the permissions associated with access to installed files
 If you are configuring tools that require read access to the OpenSearch configuration files, we recommend you add the user that runs these tools to the 'opensearch' group
 For more information, see https://github.com/opensearch-project/opensearch-build/pull/4043

[/usr/lib/tmpfiles.d/opensearch.conf:1] Line references path below legacy directory /var/run/, updating /var/run/opensearch → /run/opensearch; please update the tmpfiles.d/ drop-in file accordingly.

  Verifying        : opensearch-2.13.0-1.x86_64                                                                                                                   1/1 

Installed:
  opensearch-2.13.0-1.x86_64                                                                                                                                          

Complete!
[vagrant@alma8 ~]$

@AlexRuiz7
Copy link
Member

Can reproduce on OpenSearch 2.13.0 + RHEL 9

Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                              1/1 
  Running scriptlet: opensearch-2.13.0-1.x86_64                                                                                                                   1/1 
  Installing       : opensearch-2.13.0-1.x86_64                                                                                                                   1/1 
  Running scriptlet: opensearch-2.13.0-1.x86_64                                                                                                                   1/1 
/usr/lib/tmpfiles.d/opensearch.conf:1: Line references path below legacy directory /var/run/, updating /var/run/opensearch → /run/opensearch; please update the tmpfiles.d/ drop-in file accordingly.
### NOT starting on installation, please execute the following statements to configure opensearch service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable opensearch.service
### You can start opensearch service by executing
 sudo systemctl start opensearch.service
### Create opensearch demo certificates in /etc/opensearch/
 See demo certs creation log in /var/log/opensearch/install_demo_configuration.log
### Breaking change in packaging since 2.13.0
 In 2.13.0 and later releases of OpenSearch, we have changed the permissions associated with access to installed files
 If you are configuring tools that require read access to the OpenSearch configuration files, we recommend you add the user that runs these tools to the 'opensearch' group
 For more information, see https://github.com/opensearch-project/opensearch-build/pull/4043

/usr/lib/tmpfiles.d/opensearch.conf:1: Line references path below legacy directory /var/run/, updating /var/run/opensearch → /run/opensearch; please update the tmpfiles.d/ drop-in file accordingly.

Couldn't write '64' to 'kernel/random/read_wakeup_threshold', ignoring: No such file or directory

  Verifying        : opensearch-2.13.0-1.x86_64                                                                                                                   1/1 
Installed products updated.

Installed:
  opensearch-2.13.0-1.x86_64                                                                                                                                          

Complete!
[vagrant@rhel9 ~]$

@AlexRuiz7
Copy link
Member

There is an issue on OpenSearch about this:

@AlexRuiz7 AlexRuiz7 mentioned this pull request Jul 2, 2024
Closed
@AlexRuiz7
Copy link
Member

Tests on RPM were successful, using RHEL9.

  1. Installed [email protected] (no warnings)
  2. Installed [email protected] (upgrade - no warnings9
  3. Installed [email protected] (install successful)
[vagrant@rhel9 ~]$ sudo yum localinstall wazuh-indexer-4.8.0-1.x86_64.rpm -y
Last metadata expiration check: 0:02:51 ago on Tue 02 Jul 2024 11:49:22 AM UTC.
Dependencies resolved.
=================================================================================================
 Package                   Architecture       Version             Repository                Size
=================================================================================================
Installing:
 wazuh-indexer             x86_64             4.8.0-1             @commandline             743 M

Transaction Summary
=================================================================================================
Install  1 Package

Total size: 743 M
Installed size: 1.0 G
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                         1/1 
  Running scriptlet: wazuh-indexer-4.8.0-1.x86_64                                            1/1 
  Installing       : wazuh-indexer-4.8.0-1.x86_64                                            1/1 
  Running scriptlet: wazuh-indexer-4.8.0-1.x86_64                                            1/1 
Created opensearch keystore in /etc/wazuh-indexer/opensearch.keystore

Couldn't write '64' to 'kernel/random/read_wakeup_threshold', ignoring: No such file or directory

  Verifying        : wazuh-indexer-4.8.0-1.x86_64                                            1/1 
Installed products updated.

Installed:
  wazuh-indexer-4.8.0-1.x86_64                                                                   

Complete!
[vagrant@rhel9 ~]$ sudo yum localinstall wazuh-indexer_4.9.0-0_x86_64_49a7b40.rpm -y
Last metadata expiration check: 0:03:44 ago on Tue 02 Jul 2024 11:49:22 AM UTC.
Dependencies resolved.
=================================================================================================
 Package                   Architecture       Version             Repository                Size
=================================================================================================
Upgrading:
 wazuh-indexer             x86_64             4.9.0-0             @commandline             813 M

Transaction Summary
=================================================================================================
Upgrade  1 Package

Total size: 813 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                         1/1 
  Running scriptlet: wazuh-indexer-4.9.0-0.x86_64                                            1/2 
  Upgrading        : wazuh-indexer-4.9.0-0.x86_64                                            1/2 
  Running scriptlet: wazuh-indexer-4.9.0-0.x86_64                                            1/2 
### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable wazuh-indexer.service
### You can start wazuh-indexer service by executing
 sudo systemctl start wazuh-indexer.service

  Running scriptlet: wazuh-indexer-4.8.0-1.x86_64                                            2/2 
  Cleanup          : wazuh-indexer-4.8.0-1.x86_64                                            2/2 
  Running scriptlet: wazuh-indexer-4.8.0-1.x86_64                                            2/2 
Couldn't write '64' to 'kernel/random/read_wakeup_threshold', ignoring: No such file or directory

  Verifying        : wazuh-indexer-4.9.0-0.x86_64                                            1/2 
  Verifying        : wazuh-indexer-4.8.0-1.x86_64                                            2/2 
Installed products updated.

Upgraded:
  wazuh-indexer-4.9.0-0.x86_64                                                                   

Complete!
[vagrant@rhel9 ~]$ sudo yum localinstall wazuh-dashboard-4.8.0-1.x86_64.rpm -y
Last metadata expiration check: 0:04:40 ago on Tue 02 Jul 2024 11:49:22 AM UTC.
Dependencies resolved.
=================================================================================================
 Package                    Architecture      Version              Repository               Size
=================================================================================================
Installing:
 wazuh-dashboard            x86_64            4.8.0-1              @commandline            275 M

Transaction Summary
=================================================================================================
Install  1 Package

Total size: 275 M
Installed size: 911 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                         1/1 
  Running scriptlet: wazuh-dashboard-4.8.0-1.x86_64                                          1/1 
  Installing       : wazuh-dashboard-4.8.0-1.x86_64                                          1/1 
  Running scriptlet: wazuh-dashboard-4.8.0-1.x86_64                                          1/1 
  Verifying        : wazuh-dashboard-4.8.0-1.x86_64                                          1/1 
Installed products updated.

Installed:
  wazuh-dashboard-4.8.0-1.x86_64                                                                 

Complete!

@f-galland
Copy link
Member Author

Tests on DEB were successful, using Ubuntu 22.04.

Installed [email protected] (no warnings)
Installed [email protected] (upgrade - no warnings)
Installed [email protected] (install successful)

root@ubuntu:~# apt install /wazuh-indexer_4.9.0_amd64.deb 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'wazuh-indexer' instead of '/wazuh-indexer_4.9.0_amd64.deb'
The following NEW packages will be installed:
  wazuh-indexer
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/851 MB of archives.
After this operation, 1077 MB of additional disk space will be used.
Get:1 /wazuh-indexer_4.9.0_amd64.deb wazuh-indexer amd64 4.9.0-0 [851 MB]
Selecting previously unselected package wazuh-indexer.
(Reading database ... 37456 files and directories currently installed.)
Preparing to unpack /wazuh-indexer_4.9.0_amd64.deb ...
Running Wazuh Indexer Pre-Installation Script
Unpacking wazuh-indexer (4.9.0-0) ...
Setting up wazuh-indexer (4.9.0-0) ...
Running Wazuh Indexer Post-Installation Script
### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable wazuh-indexer.service
### You can start wazuh-indexer service by executing
 sudo systemctl start wazuh-indexer.service
root@ubuntu:~# ./wazuh-certs-tool.sh -A
02/07/2024 12:02:55 INFO: Generating the root certificate.
02/07/2024 12:02:55 INFO: Generating Admin certificates.
02/07/2024 12:02:55 INFO: Admin certificates created.
02/07/2024 12:02:55 INFO: Generating Wazuh indexer certificates.
02/07/2024 12:02:55 INFO: Wazuh indexer certificates created.
02/07/2024 12:02:55 INFO: Generating Filebeat certificates.
02/07/2024 12:02:56 INFO: Wazuh Filebeat certificates created.
02/07/2024 12:02:56 INFO: Generating Wazuh dashboard certificates.
02/07/2024 12:02:56 INFO: Wazuh dashboard certificates created.
root@ubuntu:~# tar -cvf ./wazuh-certificates.tar -C ./wazuh-certificates/ .

rm -rf ./wazuh-certificates
./
./wazuh-1-key.pem
./dashboard-key.pem
./root-ca.key
./node-1-key.pem
./admin.pem
./node-1.pem
./wazuh-1.pem
./dashboard.pem
./root-ca.pem
./admin-key.pem
root@ubuntu:~# NODE_NAME=node-1
root@ubuntu:~# mkdir /etc/wazuh-indexer/certs                
tar -xf ./wazuh-certificates.tar -C /etc/wazuh-indexer/certs/ ./$NODE_NAME.pem ./$NODE_NAME-key.pem ./admin.pem ./admin-key.pem ./root-ca.pem
mv -n /etc/wazuh-indexer/certs/$NODE_NAME.pem /etc/wazuh-indexer/certs/indexer.pem
mv -n /etc/wazuh-indexer/certs/$NODE_NAME-key.pem /etc/wazuh-indexer/certs/indexer-key.pem
chmod 500 /etc/wazuh-indexer/certs
chmod 400 /etc/wazuh-indexer/certs/*
chown -R wazuh-indexer:wazuh-indexer /etc/wazuh-indexer/certs
root@ubuntu:~# systemctl daemon-reload
systemctl enable wazuh-indexer
systemctl start wazuh-indexer
Synchronizing state of wazuh-indexer.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable wazuh-indexer
root@ubuntu:~# /usr/share/wazuh-indexer/bin/indexer-security-init.sh
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755           **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.13.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index does not exists, attempt to create it ... done (0-all replicas)
Populate config from /etc/wazuh-indexer/opensearch-security/
Will update '/config' with /etc/wazuh-indexer/opensearch-security/config.yml 
   SUCC: Configuration for 'config' created or updated
Will update '/roles' with /etc/wazuh-indexer/opensearch-security/roles.yml 
   SUCC: Configuration for 'roles' created or updated
Will update '/rolesmapping' with /etc/wazuh-indexer/opensearch-security/roles_mapping.yml 
   SUCC: Configuration for 'rolesmapping' created or updated
Will update '/internalusers' with /etc/wazuh-indexer/opensearch-security/internal_users.yml 
   SUCC: Configuration for 'internalusers' created or updated
Will update '/actiongroups' with /etc/wazuh-indexer/opensearch-security/action_groups.yml 
   SUCC: Configuration for 'actiongroups' created or updated
Will update '/tenants' with /etc/wazuh-indexer/opensearch-security/tenants.yml 
   SUCC: Configuration for 'tenants' created or updated
Will update '/nodesdn' with /etc/wazuh-indexer/opensearch-security/nodes_dn.yml 
   SUCC: Configuration for 'nodesdn' created or updated
Will update '/whitelist' with /etc/wazuh-indexer/opensearch-security/whitelist.yml 
   SUCC: Configuration for 'whitelist' created or updated
Will update '/audit' with /etc/wazuh-indexer/opensearch-security/audit.yml 
   SUCC: Configuration for 'audit' created or updated
Will update '/allowlist' with /etc/wazuh-indexer/opensearch-security/allowlist.yml 
   SUCC: Configuration for 'allowlist' created or updated
SUCC: Expected 10 config types for node {"updated_config_types":["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"],"updated_config_size":10,"message":null} is 10 (["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"]) due to: null
Done with success
root@ubuntu:~# curl -k -u admin:admin https://<WAZUH_INDEXER_IP_ADRESS>:9200
bash: WAZUH_INDEXER_IP_ADRESS: No such file or directory
root@ubuntu:~# curl -k -u admin:admin https://127.0.0.1:9200
{
  "name" : "node-1",
  "cluster_name" : "wazuh-cluster",
  "cluster_uuid" : "VwYpS9BWQ2SzAjym-FwgKQ",
  "version" : {
    "number" : "7.10.2",
    "build_type" : "deb",
    "build_hash" : "eb6e4fc0c2fbd15a5ccfae8baf1f2b2e540d774d",
    "build_date" : "2024-05-21T13:59:56.537046189Z",
    "build_snapshot" : false,
    "lucene_version" : "9.10.0",
    "minimum_wire_compatibility_version" : "7.10.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "The OpenSearch Project: https://opensearch.org/"
}
root@ubuntu:~# apt install wazuh-dashboard
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  wazuh-dashboard
0 upgraded, 1 newly installed, 0 to remove and 12 not upgraded.
Need to get 186 MB of archives.
After this operation, 998 MB of additional disk space will be used.
Get:1 https://packages.wazuh.com/4.x/apt stable/main amd64 wazuh-dashboard amd64 4.8.0-1 [186 MB]
Fetched 186 MB in 14s (13.3 MB/s)                                                                                                                                                    
Selecting previously unselected package wazuh-dashboard.
(Reading database ... 38854 files and directories currently installed.)
Preparing to unpack .../wazuh-dashboard_4.8.0-1_amd64.deb ...
Creating wazuh-dashboard group... OK
Creating wazuh-dashboard user... OK
Unpacking wazuh-dashboard (4.8.0-1) ...
Setting up wazuh-dashboard (4.8.0-1) ...
root@ubuntu:~# NODE_NAME=dashboard
root@ubuntu:~# mkdir /etc/wazuh-dashboard/certs                    
tar -xf ./wazuh-certificates.tar -C /etc/wazuh-dashboard/certs/ ./$NODE_NAME.pem ./$NODE_NAME-key.pem ./root-ca.pem
mv -n /etc/wazuh-dashboard/certs/$NODE_NAME.pem /etc/wazuh-dashboard/certs/dashboard.pem
mv -n /etc/wazuh-dashboard/certs/$NODE_NAME-key.pem /etc/wazuh-dashboard/certs/dashboard-key.pem
chmod 500 /etc/wazuh-dashboard/certs
chmod 400 /etc/wazuh-dashboard/certs/*
chown -R wazuh-dashboard:wazuh-dashboard /etc/wazuh-dashboard/certs
root@ubuntu:~# systemctl daemon-reload
systemctl enable wazuh-dashboard
systemctl start wazuh-dashboard
root@ubuntu:~# systemctl status wazuh-dashboard
● wazuh-dashboard.service - wazuh-dashboard
     Loaded: loaded (/etc/systemd/system/wazuh-dashboard.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2024-07-02 12:06:24 UTC; 3min 58s ago
   Main PID: 3059 (node)
      Tasks: 11 (limit: 37682)
     Memory: 185.3M
        CPU: 5.113s
     CGroup: /system.slice/wazuh-dashboard.service
             └─3059 /usr/share/wazuh-dashboard/node/bin/node --no-warnings --max-http-header-size=65536 --unhandled-rejections=warn /usr/share/wazuh-dashboard/src/cli/dist

Jul 02 12:06:27 ubuntu opensearch-dashboards[3059]: {"type":"log","@timestamp":"2024-07-02T12:06:27Z","tags":["info","savedobjects-service"],"pid":3059,"message":"Waiting until all >
Jul 02 12:06:27 ubuntu opensearch-dashboards[3059]: {"type":"log","@timestamp":"2024-07-02T12:06:27Z","tags":["info","savedobjects-service"],"pid":3059,"message":"Starting saved obj>
Jul 02 12:06:27 ubuntu opensearch-dashboards[3059]: {"type":"log","@timestamp":"2024-07-02T12:06:27Z","tags":["info","savedobjects-service"],"pid":3059,"message":"Creating index .ki>
Jul 02 12:06:27 ubuntu opensearch-dashboards[3059]: {"type":"log","@timestamp":"2024-07-02T12:06:27Z","tags":["info","savedobjects-service"],"pid":3059,"message":"Pointing alias .ki>
Jul 02 12:06:27 ubuntu opensearch-dashboards[3059]: {"type":"log","@timestamp":"2024-07-02T12:06:27Z","tags":["info","savedobjects-service"],"pid":3059,"message":"Finished in 120ms.>
Jul 02 12:06:27 ubuntu opensearch-dashboards[3059]: {"type":"log","@timestamp":"2024-07-02T12:06:27Z","tags":["info","plugins-system"],"pid":3059,"message":"Starting [48] plugins: [>
Jul 02 12:06:27 ubuntu opensearch-dashboards[3059]: {"type":"log","@timestamp":"2024-07-02T12:06:27Z","tags":["error","opensearch","data"],"pid":3059,"message":"[ResponseError]: Res>
Jul 02 12:06:27 ubuntu opensearch-dashboards[3059]: {"type":"log","@timestamp":"2024-07-02T12:06:27Z","tags":["error","opensearch","data"],"pid":3059,"message":"[ResponseError]: Res>
Jul 02 12:06:27 ubuntu opensearch-dashboards[3059]: {"type":"log","@timestamp":"2024-07-02T12:06:27Z","tags":["listening","info"],"pid":3059,"message":"Server running at https://0.0>
Jul 02 12:06:27 ubuntu opensearch-dashboards[3059]: {"type":"log","@timestamp":"2024-07-02T12:06:27Z","tags":["info","http","server","OpenSearchDashboards"],"pid":3059,"message":"ht>
root@ubuntu:~#

@AlexRuiz7 AlexRuiz7 merged commit 1d2c1b3 into 4.9.0 Jul 2, 2024
10 checks passed
@AlexRuiz7 AlexRuiz7 deleted the ci/284-wazuh-indexer-takes-ownership-on-run branch July 2, 2024 12:11
@f-galland f-galland mentioned this pull request Jul 26, 2024
Closed
AlexRuiz7 added a commit that referenced this pull request Aug 20, 2024
@f-galland @AlexRuiz7
Ignoring /run and /var/run from the list of packaged directories (#286)
8296584 
* Ignoring /run and /var/run from the list of packaged directories

* Changing pid file dir to /var/run/wazuh-indexer

* Changing pid file dir to /run/wazuh-indexer

* Changing pid file dir to /run/wazuh-indexer

---------

Co-authored-by: Álex Ruiz <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AlexRuiz7 AlexRuiz7 AlexRuiz7 approved these changes

Assignees

@f-galland f-galland

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[BUG] wazuh-indexer service takes ownership of /run
2 participants
@f-galland @AlexRuiz7