Installation Assistant not changing wazuh-wui password on wazuh.yml file

[CarlosALgit]

Wazuh version	Install type	Action performed	Platform
4.9.0-alpha3	AIO	Install	Amazon Linux 2

During the tests of the Installation Assistant for 4.9.0-alpha3, I got stopped when trying to access the Wazuh web interface.

This error is due to the Installation Assistant not updating the wazuh-wui password on the wazuh.yml file.

Then, I got the password from the wazuh-install-files/wazuh-passwords.txt and changed it manually in the wazuh.yml file.
Then, restarted all the services and tried to access the web interface. Now, the connection was successfully but there was an error on the Updates status check as you can see on the following image:

When holding the question mark it displays:

Wazuh Internal Error
Error in CTI service request: 2730a20a-f031-46e8-855c-fae75d1be776, V4.9.0

So, we need to fix the unattended installer to make sure it updates the wazuh-wui password on the wazuh.yml file when installing.

[CarlosALgit]

Update Report

I installed the a Wazuh AIO version 4.9.0 using the Installation Assistant and the installation worked fine. I could access the Wazuh web interface as you can see below:

The wazuh.yml file contains the changed password for wazuh-wui user as it's expected. You can see it below:

hosts:
  - default:
      url: https://127.0.0.1
      port: 55000
      username: wazuh-wui
      password: "?tLWEHawsZ2sqIkZYdcwQ+Jus.azmI8s"
      run_as: false

Next approach

I'm going to try replicate the error by installing Wazuh AIO with the step-by-step configuration.

[CarlosALgit]

Update Report

I installed a Wazuh AIO with the step-by-step installation and everything worked fine. I could access the web interface with no issues:

Next approach

Since I have not been able to replicate the issue using the Installation Assistant or the step-by-step configuration I will deploy an AIO using the Offline Installation Assistant.

[CarlosALgit]

Update Report

While installing a Wazuh AIO with the Offline Installation Assistant I got stuck with a dependencies installation error. (Related: #3062)
I will be investigating the related issue while I try to replicate this issue in other OSs.

[c-bordon]

I performed the installation on an Amazon Linux 2 using the offline installation, and I was unable to replicate the error, the password for the wazuh-wui user is successfully modified:

The changes from this PR were used to perform the test.

[root@vagrant ~]# ./wazuh-install.sh -dw rpm
30/07/2024 14:57:47 INFO: Starting Wazuh installation assistant. Wazuh version: 4.9.0
30/07/2024 14:57:47 INFO: Verbose logging redirected to /var/log/wazuh-install.log
30/07/2024 14:57:47 INFO: Verifying that your system meets the recommended minimum hardware requirements.
30/07/2024 14:57:48 INFO: --- Download Packages ---
30/07/2024 14:57:48 INFO: Starting Wazuh packages download.
30/07/2024 14:57:48 INFO: Downloading Wazuh rpm packages for x86_64.
30/07/2024 14:58:29 INFO: The manager package was downloaded.
30/07/2024 14:58:33 INFO: The filebeat package was downloaded.
30/07/2024 15:00:02 INFO: The indexer package was downloaded.
30/07/2024 15:00:32 INFO: The dashboard package was downloaded.
30/07/2024 15:00:32 INFO: The packages are in wazuh-offline/wazuh-packages
30/07/2024 15:00:32 INFO: Downloading configuration files and assets.
30/07/2024 15:00:33 INFO: The resource https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH was downloaded.
30/07/2024 15:00:34 INFO: The resource https://packages-dev.wazuh.com/4.9/tpl/wazuh/filebeat/filebeat.yml was downloaded.
30/07/2024 15:00:34 INFO: The resource https://raw.githubusercontent.com/wazuh/wazuh/4.9.0/extensions/elasticsearch/7.x/wazuh-template.json was downloaded.
30/07/2024 15:00:35 INFO: The resource https://packages-dev.wazuh.com/pre-release/filebeat/wazuh-filebeat-0.4.tar.gz was downloaded.
30/07/2024 15:00:35 INFO: The configuration files and assets are in wazuh-offline.tar.gz
30/07/2024 15:01:15 INFO: You can follow the installation guide here https://documentation.wazuh.com/current/deployment-options/offline-installation.html
[root@vagrant ~]# bash wazuh-install.sh --offline-installation --wazuh-indexer node-1
30/07/2024 15:01:23 INFO: Starting Wazuh installation assistant. Wazuh version: 4.9.0
30/07/2024 15:01:23 INFO: Verbose logging redirected to /var/log/wazuh-install.log
30/07/2024 15:01:23 INFO: Checking installed dependencies for Offline installation.
30/07/2024 15:01:24 INFO: Verifying that your system meets the recommended minimum hardware requirements.
30/07/2024 15:01:24 INFO: Checking wazuh-offline.tar.gz file.
30/07/2024 15:01:30 INFO: --- Wazuh indexer ---
30/07/2024 15:01:30 INFO: Starting Wazuh indexer installation.
30/07/2024 15:01:40 INFO: Wazuh indexer installation finished.
30/07/2024 15:01:41 INFO: Wazuh indexer post-install configuration finished.
30/07/2024 15:01:41 INFO: Starting service wazuh-indexer.
30/07/2024 15:02:20 INFO: wazuh-indexer service started.
30/07/2024 15:02:20 INFO: Initializing Wazuh indexer cluster security settings.
30/07/2024 15:02:21 INFO: Wazuh indexer cluster initialized.
30/07/2024 15:02:21 INFO: Installation finished.
[root@vagrant ~]# bash wazuh-install.sh --start-cluster
30/07/2024 15:03:06 INFO: Starting Wazuh installation assistant. Wazuh version: 4.9.0
30/07/2024 15:03:06 INFO: Verbose logging redirected to /var/log/wazuh-install.log
30/07/2024 15:03:06 INFO: Verifying that your system meets the recommended minimum hardware requirements.
30/07/2024 15:03:19 INFO: Wazuh indexer cluster security configuration initialized.
30/07/2024 15:04:54 INFO: Updating the internal users.
30/07/2024 15:05:06 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
30/07/2024 15:05:33 INFO: Wazuh indexer cluster started.
[root@vagrant ~]# tar -axf wazuh-install-files.tar wazuh-install-files/wazuh-passwords.txt -O | grep -P "\'admin\'" -A 1
  indexer_username: 'admin'
  indexer_password: 'N?ZRNWPEsD1XUk3w?0?YccFmTalOD6pA'
[root@vagrant ~]# curl -k -u admin:N?ZRNWPEsD1XUk3w?0?YccFmTalOD6pA https://127.0.0.1:9200
{
  "name" : "node-1",
  "cluster_name" : "wazuh-indexer-cluster",
  "cluster_uuid" : "LnrdF1gvQseZTDdQ_us3pA",
  "version" : {
    "number" : "7.10.2",
    "build_type" : "rpm",
    "build_hash" : "2c952aba7735bee5f4b0bb9cfc821d68ffbdd636",
    "build_date" : "2024-07-19T16:30:35.251438Z",
    "build_snapshot" : false,
    "lucene_version" : "9.10.0",
    "minimum_wire_compatibility_version" : "7.10.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "The OpenSearch Project: https://opensearch.org/"
}
[root@vagrant ~]# bash wazuh-install.sh --offline-installation --wazuh-server wazuh-1
30/07/2024 15:06:36 INFO: Starting Wazuh installation assistant. Wazuh version: 4.9.0
30/07/2024 15:06:36 INFO: Verbose logging redirected to /var/log/wazuh-install.log
30/07/2024 15:06:36 INFO: Checking installed dependencies for Offline installation.
30/07/2024 15:06:37 INFO: Verifying that your system meets the recommended minimum hardware requirements.
30/07/2024 15:06:37 INFO: Checking wazuh-offline.tar.gz file.
30/07/2024 15:06:37 INFO: --- Wazuh server ---
30/07/2024 15:06:37 INFO: Starting the Wazuh manager installation.
30/07/2024 15:06:56 INFO: Wazuh manager installation finished.
30/07/2024 15:06:56 INFO: Wazuh manager vulnerability detection configuration finished.
30/07/2024 15:06:56 INFO: Starting service wazuh-manager.
30/07/2024 15:07:05 INFO: wazuh-manager service started.
30/07/2024 15:07:05 INFO: Starting Filebeat installation.
30/07/2024 15:07:05 INFO: Another process is using YUM. Waiting for it to release the lock. Next retry in 30 seconds (1/10)
30/07/2024 15:07:39 INFO: Filebeat installation finished.
30/07/2024 15:07:39 INFO: Filebeat post-install configuration finished.
30/07/2024 15:07:40 INFO: The filebeat.yml file has been updated to use the Filebeat Keystore username and password.
30/07/2024 15:07:58 INFO: Starting service filebeat.
30/07/2024 15:07:58 INFO: filebeat service started.
30/07/2024 15:07:58 INFO: Installation finished.
[root@vagrant ~]# bash wazuh-install.sh --offline-installation --wazuh-dashboard dashboard
30/07/2024 15:08:23 INFO: Starting Wazuh installation assistant. Wazuh version: 4.9.0
30/07/2024 15:08:23 INFO: Verbose logging redirected to /var/log/wazuh-install.log
30/07/2024 15:08:23 INFO: Checking installed dependencies for Offline installation.
30/07/2024 15:08:25 INFO: Verifying that your system meets the recommended minimum hardware requirements.
30/07/2024 15:08:25 INFO: Wazuh web interface port will be 443.
30/07/2024 15:08:25 INFO: Checking wazuh-offline.tar.gz file.
30/07/2024 15:08:25 INFO: --- Wazuh dashboard ----
30/07/2024 15:08:25 INFO: Starting Wazuh dashboard installation.
30/07/2024 15:09:28 INFO: Wazuh dashboard installation finished.
30/07/2024 15:09:28 INFO: Wazuh dashboard post-install configuration finished.
30/07/2024 15:09:28 INFO: Starting service wazuh-dashboard.
30/07/2024 15:09:29 INFO: wazuh-dashboard service started.
30/07/2024 15:09:30 INFO: The filebeat.yml file has been updated to use the Filebeat Keystore username and password.
30/07/2024 15:10:10 INFO: Initializing Wazuh dashboard web application.
30/07/2024 15:10:23 INFO: Wazuh dashboard web application initialized.
30/07/2024 15:10:23 INFO: --- Summary ---
30/07/2024 15:10:23 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
    User: admin
    Password: N?ZRNWPEsD1XUk3w?0?YccFmTalOD6pA
30/07/2024 15:10:23 INFO: Installation finished.

[CarlosALgit]

Update Report

With the test done above by @c-bordon and his fixes on this PR we can conclude that this issue is fixed.

[c-bordon]

LGTM