0/08/2024 09:03:23 DEBUG: Configuring Wazuh manager.
20/08/2024 09:03:23 DEBUG: Setting provisional Wazuh indexer password.
20/08/2024 09:03:23 INFO: Wazuh manager vulnerability detection configuration finished.
20/08/2024 09:03:23 INFO: Starting service wazuh-manager.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-manager.service → /lib/systemd/system/wazuh-manager.service.
20/08/2024 09:03:38 INFO: wazuh-manager service started.
20/08/2024 09:03:38 INFO: Checking Wazuh API connection
20/08/2024 09:03:38 ERROR: Wazuh API connection Error. {
"data": {
"affected_items": [],
"total_affected_items": 0,
"total_failed_items": 0,
"failed_items": []
},
"message": "No agent information was returned",
"error": 0
}
wazuh-clusterd not running...
wazuh-modulesd is running...
wazuh-monitord is running...
wazuh-logcollector is running...
wazuh-remoted is running...
wazuh-syscheckd is running...
wazuh-analysisd is running...
wazuh-maild not running...
wazuh-execd is running...
wazuh-db is running...
wazuh-authd is running...
wazuh-agentlessd not running...
wazuh-integratord not running...
wazuh-dbd not running...
wazuh-csyslogd not running...
wazuh-apid is running...
20/08/2024 09:03:38 INFO: --- Removing existing Wazuh installation ---
If I debug the execution trace, I see that curl returns a valid JSON where there is no error, but the assistant handles it as if there is one:
+ wm_error='{
"data": {
"affected_items": [],
"total_affected_items": 0,
"total_failed_items": 0,
"failed_items": []
},
"message": "No agent information was returned",
"error": 0
}'
+ [[ {
"data": {
"affected_items": [],
"total_affected_items": 0,
"total_failed_items": 0,
"failed_items": []
},
"message": "no agent information was returned",
"error": 0
} = \"\e\r\r\o\r\"\:\ \0 ]]
+ common_logger -e 'Wazuh API connection Error. {
If I look at the code that was incorporated in https://github.com/wazuh/wazuh-packages/pull/3059, I see that the entire content of the vm_error variable is being passed to minuscules and compared with the string error: 0 (exact comparison, that is, the vm_error variable must only contain the string error: 0 for the condition to evaluate as true):
wm_error=$(curl -k -s -X GET "https://127.0.0.1:55000/agents/outdated?pretty=true" -H "Authorization: Bearer ${TOKEN}")
if [[ ${wm_error,,} = '"error": 0' ]]; then
common_logger "Wazuh API connection successful"
Validation
[x] Investigate a fix (use the substring operator)
Description
While validating the installation assistant in https://github.com/wazuh/wazuh-installation-assistant/issues/19, I encountered an issue when the assistant detects that there is an error connecting to the API:
If I debug the execution trace, I see that curl returns a valid JSON where there is no error, but the assistant handles it as if there is one:
If I look at the code that was incorporated in https://github.com/wazuh/wazuh-packages/pull/3059, I see that the entire content of the
vm_errorvariable is being passed to minuscules and compared with the stringerror: 0(exact comparison, that is, thevm_errorvariable must only contain the stringerror: 0for the condition to evaluate as true):Validation