Fix sysv backwards compatibility #341
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
After building the package, the service commands are working: Test results:[root@alma9 ~]# yum install ./wazuh-indexer-4.9.0.x86_64.rpm
Last metadata expiration check: 0:36:13 ago on Thu Aug 1 18:52:24 2024.
Dependencies resolved.
======================================================================================================================================================================================
Package Architecture Version Repository Size
======================================================================================================================================================================================
Installing:
wazuh-indexer x86_64 4.9.0-0 @commandline 813 M
Transaction Summary
======================================================================================================================================================================================
Install 1 Package
Total size: 813 M
Installed size: 1.0 G
Is this ok [y/N]: y
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: wazuh-indexer-4.9.0-0.x86_64 1/1
Installing : wazuh-indexer-4.9.0-0.x86_64 1/1
Running scriptlet: wazuh-indexer-4.9.0-0.x86_64 1/1
### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable wazuh-indexer.service
### You can start wazuh-indexer service by executing
sudo systemctl start wazuh-indexer.service
Verifying : wazuh-indexer-4.9.0-0.x86_64 1/1
Installed:
wazuh-indexer-4.9.0-0.x86_64
Complete!
[root@alma9 ~]# NODE_NAME=node-1
[root@alma9 ~]# mkdir /etc/wazuh-indexer/certs
tar -xf ./wazuh-certificates.tar -C /etc/wazuh-indexer/certs/ ./$NODE_NAME.pem ./$NODE_NAME-key.pem ./admin.pem ./admin-key.pem ./root-ca.pem
mv -n /etc/wazuh-indexer/certs/$NODE_NAME.pem /etc/wazuh-indexer/certs/indexer.pem
mv -n /etc/wazuh-indexer/certs/$NODE_NAME-key.pem /etc/wazuh-indexer/certs/indexer-key.pem
chmod 500 /etc/wazuh-indexer/certs
chmod 400 /etc/wazuh-indexer/certs/*
chown -R wazuh-indexer:wazuh-indexer /etc/wazuh-indexer/certs
[root@alma9 ~]# systemctl daemon-reload
systemctl enable wazuh-indexer
systemctl start wazuh-indexer
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-indexer.service → /usr/lib/systemd/system/wazuh-indexer.service.
[root@alma9 ~]# /usr/share/wazuh-indexer/bin/indexer-security-init.sh
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.13.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index does not exists, attempt to create it ... done (0-all replicas)
Populate config from /etc/wazuh-indexer/opensearch-security/
Will update '/config' with /etc/wazuh-indexer/opensearch-security/config.yml
SUCC: Configuration for 'config' created or updated
Will update '/roles' with /etc/wazuh-indexer/opensearch-security/roles.yml
SUCC: Configuration for 'roles' created or updated
Will update '/rolesmapping' with /etc/wazuh-indexer/opensearch-security/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' created or updated
Will update '/internalusers' with /etc/wazuh-indexer/opensearch-security/internal_users.yml
SUCC: Configuration for 'internalusers' created or updated
Will update '/actiongroups' with /etc/wazuh-indexer/opensearch-security/action_groups.yml
SUCC: Configuration for 'actiongroups' created or updated
Will update '/tenants' with /etc/wazuh-indexer/opensearch-security/tenants.yml
SUCC: Configuration for 'tenants' created or updated
Will update '/nodesdn' with /etc/wazuh-indexer/opensearch-security/nodes_dn.yml
SUCC: Configuration for 'nodesdn' created or updated
Will update '/whitelist' with /etc/wazuh-indexer/opensearch-security/whitelist.yml
SUCC: Configuration for 'whitelist' created or updated
Will update '/audit' with /etc/wazuh-indexer/opensearch-security/audit.yml
SUCC: Configuration for 'audit' created or updated
Will update '/allowlist' with /etc/wazuh-indexer/opensearch-security/allowlist.yml
SUCC: Configuration for 'allowlist' created or updated
SUCC: Expected 10 config types for node {"updated_config_types":["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"],"updated_config_size":10,"message":null} is 10 (["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"]) due to: null
Done with success
[root@alma9 ~]# curl -ku admin:admin https://localhost:9200
{
"name" : "node-1",
"cluster_name" : "wazuh-cluster",
"cluster_uuid" : "8vhtk_3NRKG98zz8nBWybg",
"version" : {
"number" : "7.10.2",
"build_type" : "rpm",
"build_hash" : "bf42358a96448dcf95cdde3cc82300267743a9e0",
"build_date" : "2024-08-01T19:11:30.394888472Z",
"build_snapshot" : false,
"lucene_version" : "9.10.0",
"minimum_wire_compatibility_version" : "7.10.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "The OpenSearch Project: https://opensearch.org/"
}
[root@alma9 ~]# service wazuh-indexer status
Redirecting to /bin/systemctl status wazuh-indexer.service
● wazuh-indexer.service - wazuh-indexer
Loaded: loaded (/usr/lib/systemd/system/wazuh-indexer.service; enabled; preset: disabled)
Drop-In: /run/systemd/system/service.d
└─zzz-lxc-service.conf
Active: active (running) since Thu 2024-08-01 19:29:27 UTC; 46s ago
Docs: https://documentation.wazuh.com
Main PID: 3913 (java)
Tasks: 125 (limit: 200975)
Memory: 1.5G
CPU: 37.476s
CGroup: /system.slice/wazuh-indexer.service
└─3913 /usr/share/wazuh-indexer/jdk/bin/java -Xshare:auto -Dopensearch.networkaddress.cache.ttl=60 -Dopensearch.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -XX:-OmitStackTraceInFastThrow -XX:+ShowCodeDetailsInExceptionMessages -Dio.netty.noUnsafe=true -Dio.netty.noKeySetOptimization=true -Dio.netty.recycler.maxCapacityPerThread=0 -Dio.netty.allocator.numDirectArenas=0 -Dlog4j.shutdownHookEnabled=false -Dlog4j2.disable.jmx=true -Djava.security.manager=allow -Djava.locale.providers=SPI,COMPAT -Xms1g -Xmx1g -XX:+UseG1GC -XX:G1ReservePercent=25 -XX:InitiatingHeapOccupancyPercent=30 -Djava.io.tmpdir=/var/log/wazuh-indexer/tmp -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/lib/wazuh-indexer -XX:ErrorFile=/var/log/wazuh-indexer/hs_err_pid%p.log "-Xlog:gc*,gc+age=trace,safepoint:file=/var/log/wazuh-indexer/gc.log:utctime,pid,tags:filecount=32,filesize=64m" -Djava.security.manager=allow -Djava.util.concurrent.ForkJoinPool.common.threadFactory=org.opensearch.secure_sm.SecuredForkJoinWorkerThreadFactory -Dclk.tck=100 -Djdk.attach.allowAttachSelf=true -Djava.security.policy=file:///etc/wazuh-indexer/opensearch-performance-analyzer/opensearch_security.policy --add-opens=jdk.attach/sun.tools.attach=ALL-UNNAMED -XX:MaxDirectMemorySize=536870912 -Dopensearch.path.home=/usr/share/wazuh-indexer -Dopensearch.path.conf=/etc/wazuh-indexer -Dopensearch.distribution.type=rpm -Dopensearch.bundled_jdk=true -cp "/usr/share/wazuh-indexer/lib/*" org.opensearch.bootstrap.OpenSearch -p /run/wazuh-indexer/wazuh-indexer.pid --quiet
Aug 01 19:29:20 alma9 systemd-entrypoint[3913]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/usr/share/wazuh-indexer/lib/opensearch-2.13.0.jar)
Aug 01 19:29:20 alma9 systemd-entrypoint[3913]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch
Aug 01 19:29:20 alma9 systemd-entrypoint[3913]: WARNING: System::setSecurityManager will be removed in a future release
Aug 01 19:29:20 alma9 systemd-entrypoint[3913]: Aug 01, 2024 7:29:20 PM sun.util.locale.provider.LocaleProviderAdapter <clinit>
Aug 01 19:29:20 alma9 systemd-entrypoint[3913]: WARNING: COMPAT locale provider will be removed in a future release
Aug 01 19:29:21 alma9 systemd-entrypoint[3913]: WARNING: A terminally deprecated method in java.lang.System has been called
Aug 01 19:29:21 alma9 systemd-entrypoint[3913]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.Security (file:/usr/share/wazuh-indexer/lib/opensearch-2.13.0.jar)
Aug 01 19:29:21 alma9 systemd-entrypoint[3913]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.Security
Aug 01 19:29:21 alma9 systemd-entrypoint[3913]: WARNING: System::setSecurityManager will be removed in a future release
Aug 01 19:29:27 alma9 systemd[1]: Started wazuh-indexer.
[root@alma9 ~]# service wazuh-indexer stop
Redirecting to /bin/systemctl stop wazuh-indexer.service
[root@alma9 ~]# systemctl status wazuh-indexer
○ wazuh-indexer.service - wazuh-indexer
Loaded: loaded (/usr/lib/systemd/system/wazuh-indexer.service; enabled; preset: disabled)
Drop-In: /run/systemd/system/service.d
└─zzz-lxc-service.conf
Active: inactive (dead) since Thu 2024-08-01 19:36:10 UTC; 5s ago
Duration: 6min 42.554s
Docs: https://documentation.wazuh.com
Process: 3913 ExecStart=/usr/share/wazuh-indexer/bin/systemd-entrypoint -p ${PID_DIR}/wazuh-indexer.pid --quiet (code=exited, status=143)
Main PID: 3913 (code=exited, status=143)
CPU: 43.750s
Aug 01 19:29:20 alma9 systemd-entrypoint[3913]: WARNING: COMPAT locale provider will be removed in a future release
Aug 01 19:29:21 alma9 systemd-entrypoint[3913]: WARNING: A terminally deprecated method in java.lang.System has been called
Aug 01 19:29:21 alma9 systemd-entrypoint[3913]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.Security (file:/usr/share/wazuh-indexer/lib/opensearch-2.13.0.jar)
Aug 01 19:29:21 alma9 systemd-entrypoint[3913]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.Security
Aug 01 19:29:21 alma9 systemd-entrypoint[3913]: WARNING: System::setSecurityManager will be removed in a future release
Aug 01 19:29:27 alma9 systemd[1]: Started wazuh-indexer.
Aug 01 19:36:10 alma9 systemd[1]: Stopping wazuh-indexer...
Aug 01 19:36:10 alma9 systemd[1]: wazuh-indexer.service: Deactivated successfully.
Aug 01 19:36:10 alma9 systemd[1]: Stopped wazuh-indexer.
Aug 01 19:36:10 alma9 systemd[1]: wazuh-indexer.service: Consumed 43.750s CPU time.
[root@alma9 ~]# ^C
[root@alma9 ~]# service wazuh-indexer start
Redirecting to /bin/systemctl start wazuh-indexer.service
[root@alma9 ~]# systemctl status wazuh-indexer
● wazuh-indexer.service - wazuh-indexer
Loaded: loaded (/usr/lib/systemd/system/wazuh-indexer.service; enabled; preset: disabled)
Drop-In: /run/systemd/system/service.d
└─zzz-lxc-service.conf
Active: active (running) since Thu 2024-08-01 19:36:41 UTC; 5s ago
Docs: https://documentation.wazuh.com
Main PID: 4420 (java)
Tasks: 104 (limit: 200975)
Memory: 1.4G
CPU: 31.588s
CGroup: /system.slice/wazuh-indexer.service
└─4420 /usr/share/wazuh-indexer/jdk/bin/java -Xshare:auto -Dopensearch.networkaddress.cache.ttl=60 -Dopensearch.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -XX:-OmitStackTraceInFastThrow -XX:+ShowCodeDetailsInExceptionMessages -Dio.netty.noUnsafe=true -Dio.netty.noKeySetOptimization=true -Dio.netty.recycler.maxCapacityPerThread=0 -Dio.netty.allocator.numDirectArenas=0 -Dlog4j.shutdownHookEnabled=false -Dlog4j2.disable.jmx=true -Djava.security.manager=allow -Djava.locale.providers=SPI,COMPAT -Xms1g -Xmx1g -XX:+UseG1GC -XX:G1ReservePercent=25 -XX:InitiatingHeapOccupancyPercent=30 -Djava.io.tmpdir=/var/log/wazuh-indexer/tmp -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/lib/wazuh-indexer -XX:ErrorFile=/var/log/wazuh-indexer/hs_err_pid%p.log "-Xlog:gc*,gc+age=trace,safepoint:file=/var/log/wazuh-indexer/gc.log:utctime,pid,tags:filecount=32,filesize=64m" -Djava.security.manager=allow -Djava.util.concurrent.ForkJoinPool.common.threadFactory=org.opensearch.secure_sm.SecuredForkJoinWorkerThreadFactory -Dclk.tck=100 -Djdk.attach.allowAttachSelf=true -Djava.security.policy=file:///etc/wazuh-indexer/opensearch-performance-analyzer/opensearch_security.policy --add-opens=jdk.attach/sun.tools.attach=ALL-UNNAMED -XX:MaxDirectMemorySize=536870912 -Dopensearch.path.home=/usr/share/wazuh-indexer -Dopensearch.path.conf=/etc/wazuh-indexer -Dopensearch.distribution.type=rpm -Dopensearch.bundled_jdk=true -cp "/usr/share/wazuh-indexer/lib/*" org.opensearch.bootstrap.OpenSearch -p /run/wazuh-indexer/wazuh-indexer.pid --quiet
Aug 01 19:36:41 alma9 systemd-entrypoint[4420]: at org.opensearch.cluster.service.ClusterApplierService.applyChanges(ClusterApplierService.java:579)
Aug 01 19:36:41 alma9 systemd-entrypoint[4420]: at org.opensearch.cluster.service.ClusterApplierService.runTask(ClusterApplierService.java:486)
Aug 01 19:36:41 alma9 systemd-entrypoint[4420]: at org.opensearch.cluster.service.ClusterApplierService$UpdateTask.run(ClusterApplierService.java:188)
Aug 01 19:36:41 alma9 systemd-entrypoint[4420]: at org.opensearch.common.util.concurrent.ThreadContext$ContextPreservingRunnable.run(ThreadContext.java:854)
Aug 01 19:36:41 alma9 systemd-entrypoint[4420]: at org.opensearch.common.util.concurrent.PrioritizedOpenSearchThreadPoolExecutor$TieBreakingPrioritizedRunnable.runAndClean(PrioritizedOpenSearchThreadPoolExecutor.java:283)
Aug 01 19:36:41 alma9 systemd-entrypoint[4420]: at org.opensearch.common.util.concurrent.PrioritizedOpenSearchThreadPoolExecutor$TieBreakingPrioritizedRunnable.run(PrioritizedOpenSearchThreadPoolExecutor.java:246)
Aug 01 19:36:41 alma9 systemd-entrypoint[4420]: at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
Aug 01 19:36:41 alma9 systemd-entrypoint[4420]: at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
Aug 01 19:36:41 alma9 systemd-entrypoint[4420]: at java.base/java.lang.Thread.run(Thread.java:1583)
Aug 01 19:36:41 alma9 systemd-entrypoint[4420]: For complete error details, refer to the log at /var/log/wazuh-indexer/wazuh-cluster.log
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR removes the
/etc/init.d/wazuh-indexerfile fromrpmpackages, which is standing in the way of backwards compatibility withsysvand theservice wazuh-indexer {start,stop,status}commands.Issues Resolved
solves #340
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.