AlexRuiz7
commented
1 week ago jvm.options diff
https://www.diffchecker.com/DKDFpu2N/
internal_users.yml diff
https://www.diffchecker.com/lXVpvDV0/
internal_users - Diffchecker.pdf
/etc/init.d/wazuh-indexer
This file does not exist in 4.8.0, and is included in 4.9.0, like in upstream.
Details
```
#!/usr/bin/env bash
#
# wazuh-indexer
#
# chkconfig: 2345 80 20
# description: Starts and stops a single wazuh-indexer instance on this system
#
### BEGIN INIT INFO
# Provides: OpenSearch
# Required-Start: $network $named
# Required-Stop: $network $named
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: This service manages the wazuh-indexer daemon
# Description: OpenSearch is a very scalable, schema-free and high-performance search solution supporting multi-tenancy and near realtime search.
### END INIT INFO
set -e -o pipefail
#
# init.d / servicectl compatibility (openSUSE)
#
if [ -f /etc/rc.status ]; then
. /etc/rc.status
rc_reset
fi
#
# Source function library.
#
if [ -f /etc/rc.d/init.d/functions ]; then
. /etc/rc.d/init.d/functions
fi
# Sets the default values for wazuh-indexer variables used in this script
OPENSEARCH_HOME="/usr/share/wazuh-indexer"
MAX_OPEN_FILES=65535
MAX_MAP_COUNT=262144
OPENSEARCH_PATH_CONF="/etc/wazuh-indexer"
PID_DIR="/run/wazuh-indexer"
# Source the default env file
OPENSEARCH_ENV_FILE="/etc/sysconfig/wazuh-indexer"
if [ -f "$OPENSEARCH_ENV_FILE" ]; then
. "$OPENSEARCH_ENV_FILE"
fi
exec="$OPENSEARCH_HOME/bin/opensearch"
prog="wazuh-indexer"
pidfile="$PID_DIR/${prog}.pid"
export OPENSEARCH_JAVA_OPTS
export JAVA_HOME
export OPENSEARCH_PATH_CONF
export OPENSEARCH_STARTUP_SLEEP_TIME
export OPENSEARCH_JAVA_HOME
lockfile=/var/lock/subsys/$prog
if [ ! -x "$exec" ]; then
echo "The wazuh-indexer startup script does not exists or it is not executable, tried: $exec"
exit 1
fi
start() {
[ -x $exec ] || exit 5
if [ -n "$MAX_OPEN_FILES" ]; then
ulimit -n $MAX_OPEN_FILES
fi
if [ -n "$MAX_LOCKED_MEMORY" ]; then
ulimit -l $MAX_LOCKED_MEMORY
fi
if [ -n "$MAX_MAP_COUNT" -a -f /proc/sys/vm/max_map_count ] && [ "$MAX_MAP_COUNT" -gt $(cat /proc/sys/vm/max_map_count) ]; then
sysctl -q -w vm.max_map_count=$MAX_MAP_COUNT
fi
# Ensure that the PID_DIR exists (it is cleaned at OS startup time)
if [ -n "$PID_DIR" ] && [ ! -e "$PID_DIR" ]; then
mkdir -p "$PID_DIR" && chown wazuh-indexer:wazuh-indexer "$PID_DIR"
fi
if [ -n "$pidfile" ] && [ ! -e "$pidfile" ]; then
touch "$pidfile" && chown wazuh-indexer:wazuh-indexer "$pidfile"
fi
cd $OPENSEARCH_HOME
echo -n $"Starting $prog: "
# if not running, start it up here, usually something like "daemon $exec"
daemon --user wazuh-indexer --pidfile $pidfile $exec -p $pidfile -d
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
# stop it here, often "killproc $prog"
killproc -p $pidfile -d 86400 $prog
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
start
}
reload() {
restart
}
force_reload() {
restart
}
rh_status() {
# run checks to determine if the service is running or use generic status
status -p $pidfile $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?
```
f-galland
Description
During the upgrade to wazuh-indexer@4.9.0, there are some configuration files that are modified. Depending on the package manager, it asks for actions from the user (apt) or continues creating backups (yum).
deb
```bash root@server:/home/vagrant# apt-get install wazuh-indexer Reading package lists... Done Building dependency tree... Done Reading state information... Done The following packages will be upgraded: wazuh-indexer 1 upgraded, 0 newly installed, 0 to remove and 207 not upgraded. Need to get 850 MB of archives. After this operation, 26.6 MB of additional disk space will be used. Get:1 https://packages.wazuh.com/4.x/apt stable/main amd64 wazuh-indexer amd64 4.9.0-1 [850 MB] Fetched 850 MB in 1min 10s (12.2 MB/s) (Reading database ... 158706 files and directories currently installed.) Preparing to unpack .../wazuh-indexer_4.9.0-1_amd64.deb ... Running Wazuh Indexer Pre-Installation Script Unpacking wazuh-indexer (4.9.0-1) over (4.8.2-1) ... Setting up wazuh-indexer (4.9.0-1) ... Installing new version of config file /etc/default/wazuh-indexer ... Configuration file '/etc/init.d/wazuh-indexer' ==> Deleted (by you or by a script) since installation. ==> Package distributor has shipped an updated version. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : start a shell to examine the situation The default action is to keep your current version. *** wazuh-indexer (Y/I/N/O/D/Z) [default=N] ? Y Installing new version of config file /etc/init.d/wazuh-indexer ... Configuration file '/etc/wazuh-indexer/jvm.options' ==> Modified (by you or by a script) since installation. ==> Package distributor has shipped an updated version. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : start a shell to examine the situation The default action is to keep your current version. *** jvm.options (Y/I/N/O/D/Z) [default=N] ? Y Installing new version of config file /etc/wazuh-indexer/jvm.options ... Installing new version of config file /etc/wazuh-indexer/log4j2.properties ... Installing new version of config file /etc/wazuh-indexer/opensearch-performance-analyzer/opensearch_security.policy ... Configuration file '/etc/wazuh-indexer/opensearch-security/internal_users.yml' ==> Modified (by you or by a script) since installation. ==> Package distributor has shipped an updated version. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : start a shell to examine the situation The default action is to keep your current version. *** internal_users.yml (Y/I/N/O/D/Z) [default=N] ? N Installing new version of config file /etc/wazuh-indexer/opensearch-security/roles.yml ... Installing new version of config file /etc/wazuh-indexer/opensearch-security/roles_mapping.yml ... Running Wazuh Indexer Post-Installation Script ### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd sudo systemctl daemon-reload sudo systemctl enable wazuh-indexer.service ### You can start wazuh-indexer service by executing sudo systemctl start wazuh-indexer.service Scanning processes... Scanning linux images... Running kernel seems to be up-to-date. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host ```
yum
```bash [root@rhel7 vagrant]# yum upgrade wazuh-indexer-4.9.0-1.x86_64.rpm Failed to set locale, defaulting to C Loaded plugins: product-id, search-disabled-repos Examining wazuh-indexer-4.9.0-1.x86_64.rpm: wazuh-indexer-4.9.0-1.x86_64 Marking wazuh-indexer-4.9.0-1.x86_64.rpm as an update to wazuh-indexer-4.8.2-1.x86_64 Resolving Dependencies --> Running transaction check ---> Package wazuh-indexer.x86_64 0:4.8.2-1 will be updated ---> Package wazuh-indexer.x86_64 0:4.9.0-1 will be an update --> Finished Dependency Resolution Dependencies Resolved ================================================================================================================================================================================================ Package Arch Version Repository Size ================================================================================================================================================================================================ Updating: wazuh-indexer x86_64 4.9.0-1 /wazuh-indexer-4.9.0-1.x86_64 1.0 G Transaction Summary ================================================================================================================================================================================================ Upgrade 1 Package Total size: 1.0 G Is this ok [y/d/N]: y Downloading packages: Running transaction check Running transaction test Transaction test succeeded Running transaction Updating : wazuh-indexer-4.9.0-1.x86_64 1/2 warning: /etc/wazuh-indexer/jvm.options created as /etc/wazuh-indexer/jvm.options.rpmnew warning: /etc/wazuh-indexer/opensearch-security/internal_users.yml saved as /etc/wazuh-indexer/opensearch-security/internal_users.yml.rpmsave ### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd sudo systemctl daemon-reload sudo systemctl enable wazuh-indexer.service ### You can start wazuh-indexer service by executing sudo systemctl start wazuh-indexer.service Cleanup : wazuh-indexer-4.8.2-1.x86_64 2/2 Verifying : wazuh-indexer-4.9.0-1.x86_64 1/2 Verifying : wazuh-indexer-4.8.2-1.x86_64 2/2 Updated: wazuh-indexer.x86_64 0:4.9.0-1 Complete! [root@rhel7 vagrant]# ```
We need to carefully analyze the differences and whenever possible, command apt to use the new files by default, not asking for user input.
Plan
Functional requirements
Proposals to this problem must fit these requirements: