`wazuh-indexer` user does not exist in deb packages

[AlexRuiz7]

Description

Related issue: https://github.com/wazuh/wazuh-indexer/issues/99

The installation of the deb packages fail, caused by the wazuh-indexer user not being created.

Errors are thrown during installation on Ubuntu 22.04:

/usr/lib/tmpfiles.d/wazuh-indexer.conf:1: Failed to resolve user 'wazuh-indexer': No such process
Processing triggers for libc-bin (2.35-0ubuntu3.1) ...
Processing triggers for man-db (2.10.2-1) ...
needrestart is being skipped since dpkg has failed

Step 2, section on deploying certificates from the step-by-step installation guide fails 🔴

root@pkg-tests-ubuntu2204:~# mkdir /etc/wazuh-indexer/certs  
tar -xf ./wazuh-certificates.tar -C /etc/wazuh-indexer/certs/ ./$NODE_NAME.pem ./$NODE_NAME-key.pem ./admin.pem ./admin-key.pem ./root-ca.pem
mv -n /etc/wazuh-indexer/certs/$NODE_NAME.pem /etc/wazuh-indexer/certs/indexer.pem
mv -n /etc/wazuh-indexer/certs/$NODE_NAME-key.pem /etc/wazuh-indexer/certs/indexer-key.pem
chmod 500 /etc/wazuh-indexer/certs
chmod 400 /etc/wazuh-indexer/certs/*
chown -R wazuh-indexer:wazuh-indexer /etc/wazuh-indexer/certs
chown: invalid user: ‘wazuh-indexer:wazuh-indexer’

The service cannot be started due to lack of a wazuh-indexer user's credentials:

Jan 08 10:45:41 pkg-tests-ubuntu2204 systemd[34965]: wazuh-indexer.service: Failed to determine user credentials: No such process
Jan 08 10:45:41 pkg-tests-ubuntu2204 systemd[34965]: wazuh-indexer.service: Failed at step USER spawning /usr/share/wazuh-indexer/bin/systemd-entrypoint: No such process

Originally posted by @f-galland in https://github.com/wazuh/wazuh-indexer/issues/99#issuecomment-1879128847

[AlexRuiz7]

We are missing this folder.

[f-galland]

After adding the folder, the user is still not getting created:

Setting up wazuh-indexer (4.9.0) ...
/usr/lib/tmpfiles.d/wazuh-indexer.conf:1: Failed to resolve user 'wazuh-indexer': No such process
Scanning processes...                                                                      
Scanning linux images...                                                                   

Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
N: Download is performed unsandboxed as root as file '/root/wazuh-indexer-4.9.0-1_amd64_8f716057590.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)
root@pkg-tests-ubuntu2204:~#

[f-galland]

Looks like rpm packages handle this through wazuh-indexer.rpm.spec:

fede@tyner:~/src/wazuh-indexer (101-wazuh-indexer-user-doesnt-exist)$ sed -n '100,105p' distribution/packages/src/rpm/wazuh-indexer.rpm.spec 
# Create user and group if they do not already exist.
getent group %{name} > /dev/null 2>&1 || groupadd -r %{name}
getent passwd %{name} > /dev/null 2>&1 || \
    useradd -r -g %{name} -M -s /sbin/nologin \
        -c "%{name} user/group" %{name}
exit 0

[f-galland]

It seems debmake ignores the existing contents of the debian folder: https://www.debian.org/doc/manuals/debmake-doc/ch04.en.html

[f-galland]

Package installation throws a warning whenever systemd-sysctl.service cannot be restarted by postinst on certain platforms (tested on Vagrant with a generic/ubuntu2204 box instance).

However this happens with OpenSearch's packages as well:

postinst is checking only whether systemctl exists before it goes ahead and tries to restart the systemd-sysctl service:

fede@tyner:~/src/wazuh-indexer (101-wazuh-indexer-user-doesnt-exist)
$ sed -n '35,42p' distribution/packages/src/deb/debian/postinst 
# Reload other configs
if command -v systemctl > /dev/null; then
    systemctl restart systemd-sysctl.service || true
fi

if command -v systemd-tmpfiles > /dev/null; then
    systemd-tmpfiles --create wazuh-indexer.conf
fi