Agent not restarted during (unattended) deb pkg upgrade (systemd)

[d4nys3k]

Wazuh version	Component	Install type	Install method	Platform
4.9.1	Wazuh agent	Agent	Debian packages	all debian/ubuntu versions

During .deb package upgrade in Debian/Ubuntu envinronments with systemd, agent isn't restarted properly.

This is due to bad workflow in preinst/prerm/postinst scripts. See installation workflow in documentation.

At the first, prerm script is called - this stops wazuh-agent. After this, preinst script is called - this script tries to check, if wazuh-agent is running by calling systemctl is-active --quiet wazuh-agent - but at this time unit is already inactive. So ${WAZUH_TMP_DIR}/wazuh.restart file isn't created and code in postinst code doesn't start agent, because ${WAZUH_TMP_DIR}/wazuh.restart doesn't exist.

I think ${WAZUH_TMP_DIR}/wazuh.restart should be created in prerm script to restart agent after upgrade properly.

[vikman90]

Hi @d4nys3k,

Thank you for reporting this bug. I've reproduced it:

apt-get install -y wazuh-agent=4.9.0-1
sed -i'' 's/MANAGER_IP/192.168.1.8/' /var/ossec/etc/ossec.conf
systemctl start wazuh-agent
systemctl is-active wazuh-agent

active

apt-get upgrade -y wazuh-agent
systemctl is-active wazuh-agent

inactive

The explanation you have provided is very enlightening, I think it is the best solution to this problem. Let us add it to the backlog and we will keep you informed.

Thanks again.

[vikman90]

@d4nys3k We followed your suggestion and applied the fix in 4.10.0. Since it was applied in prerm, the fix will be noticeable in upgrades from 4.10.0 to 4.10.1 and later.

Thanks again for your comment. Regards.