Install Wazuh dashboard report dependencies in Wazuh installation assistant

[rauldpm]

Wazuh version	Install type	Action performed	Platform
-	Wazuh installation assistant	Install dependencies	Recommended systems

Main issue: https://github.com/wazuh/wazuh-packages/issues/1520

It is necessary to include in the Wazuh dashboard installation process the installation of the necessary dependencies to generate PDF reports, which according to the OpenSearch documentation are:

• RPM (Red Hat/CentOS/Amazon Linux 2)

sudo yum install -y libnss3.so xorg-x11-fonts-100dpi xorg-x11-fonts-75dpi xorg-x11-utils xorg-x11-fonts-cyrillic xorg-x11-fonts-Type1 xorg-x11-fonts-misc fontconfig freetype ipa-gothic-fonts

In Red Hat systems it is necessary to register the system through subscription, if it is not done the packages will not be found when installed, in this https://github.com/wazuh/wazuh-packages/issues/1520#issuecomment-1240928321 it is verified that through subscription the installation is carried out correctly, so it would be interesting to add a note about these systems.

• Debian

sudo apt install -y libnss3-dev fonts-liberation libfontconfig1

It is also necessary to decide whether or not the installation should continue in case of finding an error in these recommended systems when installing the dependencies.

Related links:

• https://opensearch.org/docs/latest/dashboards/reporting/#troubleshooting
• https://github.com/opensearch-project/dashboards-reports/blob/main/dashboards-reports/rendering-engine/headless-chrome/README.md#additional-libaries

Resolution

The summary of the resolution of this issue is in: https://github.com/wazuh/wazuh-packages/issues/1840#issuecomment-1461569918

Testing

The testing for the resolution of this issue is in: https://github.com/wazuh/wazuh-packages/issues/1840#issuecomment-1441654661

[zbalkan]

Just a small edge case: Oracle Enterprise Linux is also RHEL based. But the OEL repositories does not have ipa-gothic-fonts package, it needs to be downloaded by other means. Since Wazuh is not supported on OEL at all, packages does not need to handle this issue in the installation script. I am mentioning this for the sake of documentation.

[davidcr01]

Update Report

Research

First of all, it is needed if all the reported packages exist and are installed correctly in DEB and RPM systems.

Debian

• [x] libnss3-dev
• [x] fonts-liberation
• [x] libfontconfig1

RPM

• [x] libnss3.so -> Changed to nss as yum list installed does not recognize libnss3.so package as installed.
• [x] xorg-x11-fonts-100dpi
• [x] xorg-x11-fonts-75dpi
• [x] xorg-x11-utils
• [x] xorg-x11-fonts-cyrillic
• [x] xorg-x11-fonts-Type1
• [x] xorg-x11-fonts-misc
• [x] fontconfig
• [x] freetype
• [ ] ipa-gothic-fonts

Extra

• [x] Chrome or Chromium

:red_circle: There is a problem with the ipa-gothic-fonts package: in CentOS7/RHEL 7 this package is from the official repository. However, in CentOS8/RHEL8 this package is from the Raven repository, so it is not fetched by default when trying to install it.

An issue related to this was opened in the Kibana repository. https://github.com/elastic/kibana/issues/68823. An option could be to install the vlgothic-fonts package instead.

After talking with the team, we decided to ignore this package as it only concerns the Japanese characters, and we can suppose that the Japanese package font is installed in a system that uses Japanese characters.

[davidcr01]

Update Report

Testing ipa-gothic-fonts package.

To test the issue commented above, I tested to install all the packages except ipa-gothic-fonts in a CentOS 8 system, and the report was successfully created and downloaded. :heavy_check_mark: With this test, it is ensured that ipa-gothic-fonts is not strictly necessary.

Testing

Amazon Linux 2 :green_circle: :

 ``` 07/03/2023 12:51:01 INFO: --- Dependencies --- 07/03/2023 12:51:01 INFO: Installing xorg-x11-fonts-Type1. 07/03/2023 12:51:06 INFO: Installing xorg-x11-fonts-misc. 07/03/2023 12:51:14 INFO: Starting Wazuh dashboard installation. 07/03/2023 12:52:55 INFO: Wazuh dashboard installation finished. 07/03/2023 12:52:55 INFO: Wazuh dashboard post-install configuration finished. 07/03/2023 12:52:55 INFO: Starting service wazuh-dashboard. 07/03/2023 12:52:55 INFO: wazuh-dashboard service started. 07/03/2023 12:53:12 INFO: Initializing Wazuh dashboard web application. 07/03/2023 12:53:13 INFO: Wazuh dashboard web application initialized. 07/03/2023 12:53:13 INFO: --- Summary --- 07/03/2023 12:53:13 INFO: You can access the web interface https:// User: admin Password: TJJ8*anJL.zykK47LJlOdTmDU.BYif2V 07/03/2023 12:53:13 INFO: Installation finished. [root@amazonlinux2 vagrant]# yum list installed | grep chr chromium.x86_64 110.0.5481.177-1.el7 @epel chromium-common.x86_64 110.0.5481.177-1.el7 @epel chrony.x86_64 4.2-5.amzn2.0.2 installed [root@amazonlinux2 vagrant]# ```

CentOS 7 :green_circle: :

``` Installed: chromium.x86_64 0:110.0.5481.77-1.el7 Dependency Installed: adwaita-cursor-theme.noarch 0:3.28.0-1.el7 adwaita-icon-theme.noarch 0:3.28.0-1.el7 alsa-lib.x86_64 0:1.1.8-1.el7 at-spi2-atk.x86_64 0:2.26.2-1.el7 at-spi2-core.x86_64 0:2.28.0-1.el7 atk.x86_64 0:2.28.1-2.el7 audit-libs-python.x86_64 0:2.8.5-4.el7 avahi.x86_64 0:0.6.31-20.el7 avahi-libs.x86_64 0:0.6.31-20.el7 cairo.x86_64 0:1.15.12-4.el7 cairo-gobject.x86_64 0:1.15.12-4.el7 checkpolicy.x86_64 0:2.5-8.el7 chromium-common.x86_64 0:110.0.5481.77-1.el7 colord-libs.x86_64 0:1.3.4-2.el7 cups-libs.x86_64 1:1.6.3-51.el7 dconf.x86_64 0:0.28.0-4.el7 flac-libs.x86_64 0:1.3.0-5.el7_1 fribidi.x86_64 0:1.0.2-1.el7_7.1 gdk-pixbuf2.x86_64 0:2.36.12-3.el7 glib-networking.x86_64 0:2.56.1-1.el7 gnutls.x86_64 0:3.3.29-9.el7_6 graphite2.x86_64 0:1.3.10-1.el7_3 gsettings-desktop-schemas.x86_64 0:3.28.0-3.el7 gsm.x86_64 0:1.0.13-11.el7 gstreamer1.x86_64 0:1.10.4-2.el7 gtk-update-icon-cache.x86_64 0:3.22.30-8.el7_9 gtk3.x86_64 0:3.22.30-8.el7_9 harfbuzz.x86_64 0:1.7.5-2.el7 hicolor-icon-theme.noarch 0:0.12-7.el7 jasper-libs.x86_64 0:1.900.1-33.el7 jbigkit-libs.x86_64 0:2.0-11.el7 json-glib.x86_64 0:1.4.2-2.el7 lcms2.x86_64 0:2.6-3.el7 libICE.x86_64 0:1.0.9-9.el7 libSM.x86_64 0:1.2.2-2.el7 libXcomposite.x86_64 0:0.4.4-4.1.el7 libXcursor.x86_64 0:1.1.15-1.el7 libXdamage.x86_64 0:1.1.4-4.1.el7 libXfixes.x86_64 0:5.0.3-1.el7 libXft.x86_64 0:2.3.2-2.el7 libasyncns.x86_64 0:0.8-7.el7 libatomic.x86_64 0:4.8.5-44.el7 libbrotli.x86_64 0:1.0.9-10.el7 libcanberra.x86_64 0:0.30-9.el7 libcanberra-gtk3.x86_64 0:0.30-9.el7 libcgroup.x86_64 0:0.41-21.el7 libepoxy.x86_64 0:1.5.2-1.el7 libglvnd.x86_64 1:1.0.1-0.8.git5baa1e5.el7 libglvnd-egl.x86_64 1:1.0.1-0.8.git5baa1e5.el7 libglvnd-glx.x86_64 1:1.0.1-0.8.git5baa1e5.el7 libgusb.x86_64 0:0.2.9-1.el7 libjpeg-turbo.x86_64 0:1.2.90-8.el7 libmodman.x86_64 0:2.0.1-8.el7 libogg.x86_64 2:1.3.0-7.el7 libproxy.x86_64 0:0.4.11-11.el7 libsemanage-python.x86_64 0:2.5-14.el7 libsndfile.x86_64 0:1.0.25-12.el7_9.1 libsoup.x86_64 0:2.62.2-2.el7 libtdb.x86_64 0:1.3.18-1.el7 libthai.x86_64 0:0.1.14-9.el7 libtiff.x86_64 0:4.0.3-35.el7 libtool-ltdl.x86_64 0:2.4.2-22.el7_3 libusbx.x86_64 0:1.0.21-1.el7 libvorbis.x86_64 1:1.3.3-8.el7.1 libwayland-client.x86_64 0:1.15.0-1.el7 libwayland-cursor.x86_64 0:1.15.0-1.el7 libwayland-egl.x86_64 0:1.15.0-1.el7 libwayland-server.x86_64 0:1.15.0-1.el7 libxkbcommon.x86_64 0:0.7.1-3.el7 libxshmfence.x86_64 0:1.2-1.el7 libxslt.x86_64 0:1.1.28-6.el7 mesa-libEGL.x86_64 0:18.3.4-12.el7_9 mesa-libGL.x86_64 0:18.3.4-12.el7_9 mesa-libgbm.x86_64 0:18.3.4-12.el7_9 mesa-libglapi.x86_64 0:18.3.4-12.el7_9 nettle.x86_64 0:2.7.1-9.el7_9 nss-mdns.x86_64 0:0.14.1-9.el7 pango.x86_64 0:1.42.4-4.el7_7 pixman.x86_64 0:0.34.0-1.el7 policycoreutils-python.x86_64 0:2.5-34.el7 pulseaudio-libs.x86_64 0:10.0-6.el7_9 python-IPy.noarch 0:0.75-6.el7 rest.x86_64 0:0.8.1-2.el7 setools-libs.x86_64 0:3.3.8-4.el7 sound-theme-freedesktop.noarch 0:0.8-3.el7 trousers.x86_64 0:0.3.14-2.el7 xkeyboard-config.noarch 0:2.24-1.el7 Complete! ``` 

CentOS 8 :green_circle:

``` [root@centos8 vagrant]# yum install -y nss xorg-x11-fonts-100dpi xorg-x11-fonts-75dpi xorg-x11-utils xorg-x11-fonts-cyrillic xorg-x11-fonts-Type1 xorg-x11-fonts-misc fontconfig freetype CentOS Linux 8 - AppStream 5.3 kB/s | 4.3 kB 00:00 CentOS Linux 8 - BaseOS 16 kB/s | 3.9 kB 00:00 CentOS Linux 8 - Extras 6.6 kB/s | 1.5 kB 00:00 Extra Packages for Enterprise Linux 8 - x86_64 40 kB/s | 29 kB 00:00 Extra Packages for Enterprise Linux Modular 8 - x86_64 68 kB/s | 30 kB 00:00 EL-8 - Wazuh 14 kB/s | 3.4 kB 00:00 Dependencies resolved. ============================================ ============================================================ Package Architecture Version Repository Size ======================================================================================================== Installing: fontconfig x86_64 2.13.1-4.el8 baseos 274 k freetype x86_64 2.9.1-4.el8_3.1 baseos 394 k nss x86_64 3.67.0-7.el8_5 appstream 741 k xorg-x11-fonts-100dpi noarch 7.5-19.el8 appstream 3.1 M xorg-x11-fonts-75dpi noarch 7.5-19.el8 appstream 2.8 M xorg-x11-fonts-Type1 noarch 7.5-19.el8 appstream 522 k xorg-x11-fonts-cyrillic noarch 7.5-19.el8 appstream 397 k xorg-x11-fonts-misc noarch 7.5-19.el8 appstream 5.8 M xorg-x11-utils x86_64 7.5-28.el8 appstream 136 k Installing dependencies: dejavu-fonts-common noarch 2.35-7.el8 baseos 74 k dejavu-sans-fonts noarch 2.35-7.el8 baseos 1.6 M fontpackages-filesystem noarch 1.44-22.el8 baseos 16 k libX11 x86_64 1.6.8-5.el8 appstream 611 k libX11-common noarch 1.6.8-5.el8 appstream 158 k libX11-xcb x86_64 1.6.8-5.el8 appstream 14 k libXau x86_64 1.0.9-3.el8 appstream 37 k libXcomposite x86_64 0.4.4-14.el8 appstream 28 k libXext x86_64 1.3.4-1.el8 appstream 45 k libXi x86_64 1.7.10-1.el8 appstream 49 k libXinerama x86_64 1.1.4-1.el8 appstream 16 k libXrandr x86_64 1.5.2-1.el8 appstream 34 k libXrender x86_64 0.9.10-7.el8 appstream 33 k libXtst x86_64 1.2.3-7.el8 appstream 22 k libXv x86_64 1.0.11-7.el8 appstream 20 k libXxf86dga x86_64 1.1.5-1.el8 appstream 26 k libXxf86misc x86_64 1.0.4-1.el8 appstream 23 k libXxf86vm x86_64 1.1.4-9.el8 appstream 19 k libdmx x86_64 1.1.4-3.el8 appstream 22 k libfontenc x86_64 1.1.3-8.el8 appstream 37 k libpng x86_64 2:1.6.34-5.el8 baseos 126 k libxcb x86_64 1.13.1-1.el8 appstream 229 k nspr x86_64 4.32.0-1.el8_4 appstream 142 k nss-softokn x86_64 3.67.0-7.el8_5 appstream 487 k nss-softokn-freebl x86_64 3.67.0-7.el8_5 appstream 395 k nss-sysinit x86_64 3.67.0-7.el8_5 appstream 73 k nss-util x86_64 3.67.0-7.el8_5 appstream 137 k ttmkfdir x86_64 3.0.9-54.el8 appstream 62 k xorg-x11-font-utils x86_64 1:7.5-41.el8 appstream 104 k Transaction Summary ======================================================================================================== Install 38 Packages Total download size: 19 M Installed size: 32 M Downloading Packages: (1/38): libX11-xcb-1.6.8-5.el8.x86_64.rpm 58 kB/s | 14 kB 00:00 (2/38): libXau-1.0.9-3.el8.x86_64.rpm 538 kB/s | 37 kB 00:00 (3/38): libX11-common-1.6.8-5.el8.noarch.rpm 486 kB/s | 158 kB 00:00 (4/38): libXcomposite-0.4.4-14.el8.x86_64.rpm 326 kB/s | 28 kB 00:00 (5/38): libXext-1.3.4-1.el8.x86_64.rpm 562 kB/s | 45 kB 00:00 (6/38): libX11-1.6.8-5.el8.x86_64.rpm 1.4 MB/s | 611 kB 00:00 (7/38): libXinerama-1.1.4-1.el8.x86_64.rpm 302 kB/s | 16 kB 00:00 (8/38): libXi-1.7.10-1.el8.x86_64.rpm 847 kB/s | 49 kB 00:00 (9/38): libXrandr-1.5.2-1.el8.x86_64.rpm 375 kB/s | 34 kB 00:00 (10/38): libXtst-1.2.3-7.el8.x86_64.rpm 415 kB/s | 22 kB 00:00 (11/38): libXrender-0.9.10-7.el8.x86_64.rpm 510 kB/s | 33 kB 00:00 (12/38): libXv-1.0.11-7.el8.x86_64.rpm 410 kB/s | 20 kB 00:00 (13/38): libXxf86dga-1.1.5-1.el8.x86_64.rpm 540 kB/s | 26 kB 00:00 (14/38): libXxf86misc-1.0.4-1.el8.x86_64.rpm 443 kB/s | 23 kB 00:00 (15/38): libXxf86vm-1.1.4-9.el8.x86_64.rpm 821 kB/s | 19 kB 00:00 (16/38): libdmx-1.1.4-3.el8.x86_64.rpm 781 kB/s | 22 kB 00:00 (17/38): libfontenc-1.1.3-8.el8.x86_64.rpm 946 kB/s | 37 kB 00:00 (18/38): libxcb-1.13.1-1.el8.x86_64.rpm 2.4 MB/s | 229 kB 00:00 (19/38): nspr-4.32.0-1.el8_4.x86_64.rpm 885 kB/s | 142 kB 00:00 (20/38): nss-softokn-3.67.0-7.el8_5.x86_64.rpm 2.1 MB/s | 487 kB 00:00 (21/38): nss-sysinit-3.67.0-7.el8_5.x86_64.rpm 649 kB/s | 73 kB 00:00 (22/38): nss-softokn-freebl-3.67.0-7.el8_5.x86_64.rpm 1.1 MB/s | 395 kB 00:00 (23/38): nss-util-3.67.0-7.el8_5.x86_64.rpm 1.4 MB/s | 137 kB 00:00 (24/38): ttmkfdir-3.0.9-54.el8.x86_64.rpm 904 kB/s | 62 kB 00:00 (25/38): xorg-x11-font-utils-7.5-41.el8.x86_64.rpm 1.1 MB/s | 104 kB 00:00 (26/38): nss-3.67.0-7.el8_5.x86_64.rpm 1.1 MB/s | 741 kB 00:00 (27/38): xorg-x11-fonts-Type1-7.5-19.el8.noarch.rpm 487 kB/s | 522 kB 00:01 (28/38): xorg-x11-fonts-cyrillic-7.5-19.el8.noarch.rpm 948 kB/s | 397 kB 00:00 (29/38): xorg-x11-fonts-75dpi-7.5-19.el8.noarch.rpm 1.6 MB/s | 2.8 MB 00:01 (30/38): xorg-x11-utils-7.5-28.el8.x86_64.rpm 619 kB/s | 136 kB 00:00 (31/38): dejavu-fonts-common-2.35-7.el8.noarch.rpm 520 kB/s | 74 kB 00:00 (32/38): xorg-x11-fonts-100dpi-7.5-19.el8.noarch.rpm 1.1 MB/s | 3.1 MB 00:02 (33/38): dejavu-sans-fonts-2.35-7.el8.noarch.rpm 1.9 MB/s | 1.6 MB 00:00 (34/38): fontpackages-filesystem-1.44-22.el8.noarch.rpm 210 kB/s | 16 kB 00:00 (35/38): fontconfig-2.13.1-4.el8.x86_64.rpm 1.1 MB/s | 274 kB 00:00 (36/38): libpng-1.6.34-5.el8.x86_64.rpm 811 kB/s | 126 kB 00:00 (37/38): freetype-2.9.1-4.el8_3.1.x86_64.rpm 1.5 MB/s | 394 kB 00:00 (38/38): xorg-x11-fonts-misc-7.5-19.el8.noarch.rpm 2.0 MB/s | 5.8 MB 00:02 -------------------------------------------------------------------------------------------------------- Total 3.2 MB/s | 19 MB 00:05 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : nspr-4.32.0-1.el8_4.x86_64 1/38 Running scriptlet: nspr-4.32.0-1.el8_4.x86_64 1/38 Installing : nss-util-3.67.0-7.el8_5.x86_64 2/38 Installing : fontpackages-filesystem-1.44-22.el8.noarch 3/38 Installing : dejavu-fonts-common-2.35-7.el8.noarch 4/38 Installing : dejavu-sans-fonts-2.35-7.el8.noarch 5/38 Installing : nss-softokn-freebl-3.67.0-7.el8_5.x86_64 6/38 Installing : nss-softokn-3.67.0-7.el8_5.x86_64 7/38 Installing : nss-3.67.0-7.el8_5.x86_64 8/38 Installing : nss-sysinit-3.67.0-7.el8_5.x86_64 9/38 Installing : libpng-2:1.6.34-5.el8.x86_64 10/38 Installing : freetype-2.9.1-4.el8_3.1.x86_64 11/38 Installing : fontconfig-2.13.1-4.el8.x86_64 12/38 Running scriptlet: fontconfig-2.13.1-4.el8.x86_64 12/38 Installing : ttmkfdir-3.0.9-54.el8.x86_64 13/38 Installing : libfontenc-1.1.3-8.el8.x86_64 14/38 Installing : xorg-x11-font-utils-1:7.5-41.el8.x86_64 15/38 Installing : libXau-1.0.9-3.el8.x86_64 16/38 Installing : libxcb-1.13.1-1.el8.x86_64 17/38 Installing : libX11-xcb-1.6.8-5.el8.x86_64 18/38 Installing : libX11-common-1.6.8-5.el8.noarch 19/38 Installing : libX11-1.6.8-5.el8.x86_64 20/38 Installing : libXext-1.3.4-1.el8.x86_64 21/38 Installing : libXi-1.7.10-1.el8.x86_64 22/38 Installing : libXrender-0.9.10-7.el8.x86_64 23/38 Installing : libXrandr-1.5.2-1.el8.x86_64 24/38 Installing : libXtst-1.2.3-7.el8.x86_64 25/38 Installing : libXinerama-1.1.4-1.el8.x86_64 26/38 Installing : libXv-1.0.11-7.el8.x86_64 27/38 Installing : libXxf86dga-1.1.5-1.el8.x86_64 28/38 Installing : libXxf86misc-1.0.4-1.el8.x86_64 29/38 Installing : libXxf86vm-1.1.4-9.el8.x86_64 30/38 Installing : libdmx-1.1.4-3.el8.x86_64 31/38 Installing : libXcomposite-0.4.4-14.el8.x86_64 32/38 Installing : xorg-x11-utils-7.5-28.el8.x86_64 33/38 Installing : xorg-x11-fonts-100dpi-7.5-19.el8.noarch 34/38 Running scriptlet: xorg-x11-fonts-100dpi-7.5-19.el8.noarch 34/38 Installing : xorg-x11-fonts-75dpi-7.5-19.el8.noarch 35/38 Running scriptlet: xorg-x11-fonts-75dpi-7.5-19.el8.noarch 35/38 Installing : xorg-x11-fonts-Type1-7.5-19.el8.noarch 36/38 Running scriptlet: xorg-x11-fonts-Type1-7.5-19.el8.noarch 36/38 Installing : xorg-x11-fonts-cyrillic-7.5-19.el8.noarch 37/38 Running scriptlet: xorg-x11-fonts-cyrillic-7.5-19.el8.noarch 37/38 Installing : xorg-x11-fonts-misc-7.5-19.el8.noarch 38/38 Running scriptlet: xorg-x11-fonts-misc-7.5-19.el8.noarch 38/38 Running scriptlet: nss-3.67.0-7.el8_5.x86_64 38/38 Running scriptlet: xorg-x11-fonts-misc-7.5-19.el8.noarch 38/38 Running scriptlet: fontconfig-2.13.1-4.el8.x86_64 38/38 Verifying : libX11-1.6.8-5.el8.x86_64 1/38 Verifying : libX11-common-1.6.8-5.el8.noarch 2/38 Verifying : libX11-xcb-1.6.8-5.el8.x86_64 3/38 Verifying : libXau-1.0.9-3.el8.x86_64 4/38 Verifying : libXcomposite-0.4.4-14.el8.x86_64 5/38 Verifying : libXext-1.3.4-1.el8.x86_64 6/38 Verifying : libXi-1.7.10-1.el8.x86_64 7/38 Verifying : libXinerama-1.1.4-1.el8.x86_64 8/38 Verifying : libXrandr-1.5.2-1.el8.x86_64 9/38 Verifying : libXrender-0.9.10-7.el8.x86_64 10/38 Verifying : libXtst-1.2.3-7.el8.x86_64 11/38 Verifying : libXv-1.0.11-7.el8.x86_64 12/38 Verifying : libXxf86dga-1.1.5-1.el8.x86_64 13/38 Verifying : libXxf86misc-1.0.4-1.el8.x86_64 14/38 Verifying : libXxf86vm-1.1.4-9.el8.x86_64 15/38 Verifying : libdmx-1.1.4-3.el8.x86_64 16/38 Verifying : libfontenc-1.1.3-8.el8.x86_64 17/38 Verifying : libxcb-1.13.1-1.el8.x86_64 18/38 Verifying : nspr-4.32.0-1.el8_4.x86_64 19/38 Verifying : nss-3.67.0-7.el8_5.x86_64 20/38 Verifying : nss-softokn-3.67.0-7.el8_5.x86_64 21/38 Verifying : nss-softokn-freebl-3.67.0-7.el8_5.x86_64 22/38 Verifying : nss-sysinit-3.67.0-7.el8_5.x86_64 23/38 Verifying : nss-util-3.67.0-7.el8_5.x86_64 24/38 Verifying : ttmkfdir-3.0.9-54.el8.x86_64 25/38 Verifying : xorg-x11-font-utils-1:7.5-41.el8.x86_64 26/38 Verifying : xorg-x11-fonts-100dpi-7.5-19.el8.noarch 27/38 Verifying : xorg-x11-fonts-75dpi-7.5-19.el8.noarch 28/38 Verifying : xorg-x11-fonts-Type1-7.5-19.el8.noarch 29/38 Verifying : xorg-x11-fonts-cyrillic-7.5-19.el8.noarch 30/38 Verifying : xorg-x11-fonts-misc-7.5-19.el8.noarch 31/38 Verifying : xorg-x11-utils-7.5-28.el8.x86_64 32/38 Verifying : dejavu-fonts-common-2.35-7.el8.noarch 33/38 Verifying : dejavu-sans-fonts-2.35-7.el8.noarch 34/38 Verifying : fontconfig-2.13.1-4.el8.x86_64 35/38 Verifying : fontpackages-filesystem-1.44-22.el8.noarch 36/38 Verifying : freetype-2.9.1-4.el8_3.1.x86_64 37/38 Verifying : libpng-2:1.6.34-5.el8.x86_64 38/38 Installed: dejavu-fonts-common-2.35-7.el8.noarch dejavu-sans-fonts-2.35-7.el8.noarch fontconfig-2.13.1-4.el8.x86_64 fontpackages-filesystem-1.44-22.el8.noarch freetype-2.9.1-4.el8_3.1.x86_64 libX11-1.6.8-5.el8.x86_64 libX11-common-1.6.8-5.el8.noarch libX11-xcb-1.6.8-5.el8.x86_64 libXau-1.0.9-3.el8.x86_64 libXcomposite-0.4.4-14.el8.x86_64 libXext-1.3.4-1.el8.x86_64 libXi-1.7.10-1.el8.x86_64 libXinerama-1.1.4-1.el8.x86_64 libXrandr-1.5.2-1.el8.x86_64 libXrender-0.9.10-7.el8.x86_64 libXtst-1.2.3-7.el8.x86_64 libXv-1.0.11-7.el8.x86_64 libXxf86dga-1.1.5-1.el8.x86_64 libXxf86misc-1.0.4-1.el8.x86_64 libXxf86vm-1.1.4-9.el8.x86_64 libdmx-1.1.4-3.el8.x86_64 libfontenc-1.1.3-8.el8.x86_64 libpng-2:1.6.34-5.el8.x86_64 libxcb-1.13.1-1.el8.x86_64 nspr-4.32.0-1.el8_4.x86_64 nss-3.67.0-7.el8_5.x86_64 nss-softokn-3.67.0-7.el8_5.x86_64 nss-softokn-freebl-3.67.0-7.el8_5.x86_64 nss-sysinit-3.67.0-7.el8_5.x86_64 nss-util-3.67.0-7.el8_5.x86_64 ttmkfdir-3.0.9-54.el8.x86_64 xorg-x11-font-utils-1:7.5-41.el8.x86_64 xorg-x11-fonts-100dpi-7.5-19.el8.noarch xorg-x11-fonts-75dpi-7.5-19.el8.noarch xorg-x11-fonts-Type1-7.5-19.el8.noarch xorg-x11-fonts-cyrillic-7.5-19.el8.noarch xorg-x11-fonts-misc-7.5-19.el8.noarch xorg-x11-utils-7.5-28.el8.x86_64 Complete! [root@centos8 vagrant]# ``` 

RHEL 7 :green_circle: :

 ``` [root@rhel7 vagrant]# yum list installed | grep chro chromium.x86_64 110.0.5481.77-1.el7 @epel chromium-common.x86_64 110.0.5481.77-1.el7 @epel chrony.x86_64 3.4-1.el7 @anaconda/7.9 [root@rhel7 vagrant]# ```

RHEL 8 :green_circle: :

 ``` [root@redhat8 vagrant]# yum list installed | grep chro Failed to set locale, defaulting to C.UTF-8 chromium.x86_64 110.0.5481.177-1.el8 @epel chromium-common.x86_64 110.0.5481.177-1.el8 @epel chrony.x86_64 4.2-1.el8 @anaconda [root@redhat8 vagrant]# ```

RHEL 9 :green_circle: :

``` 08/03/2023 15:34:27 INFO: --- Wazuh dashboard --- 08/03/2023 15:34:32 INFO: --- Dependencies --- 08/03/2023 15:34:32 INFO: Installing chromium. 08/03/2023 15:35:56 INFO: Installing xorg-x11-fonts-100dpi. 08/03/2023 15:35:59 INFO: Installing xorg-x11-fonts-75dpi. 08/03/2023 15:36:01 INFO: Installing xorg-x11-utils. 08/03/2023 15:36:02 INFO: Installing xorg-x11-fonts-cyrillic. 08/03/2023 15:36:04 INFO: Installing xorg-x11-fonts-Type1. 08/03/2023 15:36:06 INFO: Installing xorg-x11-fonts-misc. 08/03/2023 15:36:10 INFO: Installing fontconfig. 08/03/2023 15:36:11 INFO: Installing freetype. 08/03/2023 15:36:11 INFO: Starting Wazuh dashboard installation. 08/03/2023 15:37:56 INFO: Wazuh dashboard installation finished. 08/03/2023 15:37:56 INFO: Wazuh dashboard post-install configuration finished. 08/03/2023 15:37:56 INFO: Starting service wazuh-dashboard. 08/03/2023 15:37:56 INFO: wazuh-dashboard service started. 08/03/2023 15:38:16 INFO: Initializing Wazuh dashboard web application. 08/03/2023 15:38:16 INFO: Wazuh dashboard web application initialized. 08/03/2023 15:38:16 INFO: --- Summary --- 08/03/2023 15:38:16 INFO: You can access the web interface https:// User: admin Password: 4G20wX7gESB?NPRlv3RC1QgkBuKfEU1T 08/03/2023 15:38:16 INFO: Installation finished. [root@redhat9 vagrant]# yum list installed | grep chro chromium.x86_64 110.0.5481.100-1.el9 @epel chromium-common.x86_64 110.0.5481.100-1.el9 @epel chrony.x86_64 4.2-1.el9 @anaconda libchromaprint.x86_64 1.5.1-1.el9 @epel ``` 

Ubuntu 16.04 :green_circle: :

``` root@vagrant:/home/vagrant# apt list --installed | grep chro chromium-browser/xenial-updates,xenial-security,now 90.0.4430.72-0ubuntu0.16.04.1 amd64 [installed] chromium-browser-l10n/xenial-updates,xenial-security,now 90.0.4430.72-0ubuntu0.16.04.1 all [installed,automatic] chromium-codecs-ffmpeg-extra/xenial-updates,xenial-security,now 90.0.4430.72-0ubuntu0.16.04.1 amd64 [installed,automatic] root@ubuntu16:/home/vagrant# ``` 

Ubuntu 18.04 :green_circle: :


Ubuntu 20.04 :green_circle: :

 ``` root@ubuntu20:/home/vagrant# apt list --installed | grep chro WARNING: apt does not have a stable CLI interface. Use with caution in scripts. google-chrome-stable/now 110.0.5481.177-1 amd64 [installed,local] ```

Ubuntu 22.04 :green_circle: :


[davidcr01]

Update Report

Testing

An error has been found while performing an AIO installation in a fresh CentOS 7 (Vagrant box with a private address added).

24/02/2023 11:33:38 INFO: --- Dependencies ---
24/02/2023 11:33:38 INFO: Installing xorg-x11-fonts-100dpi.
24/02/2023 11:33:42 INFO: Installing xorg-x11-fonts-75dpi.
24/02/2023 11:33:45 INFO: Installing xorg-x11-utils.
24/02/2023 11:33:51 INFO: Installing xorg-x11-fonts-cyrillic.
24/02/2023 11:33:54 INFO: Installing xorg-x11-fonts-Type1.
24/02/2023 11:33:59 INFO: Installing xorg-x11-fonts-misc.
24/02/2023 11:34:06 INFO: Installing fontconfig.
24/02/2023 11:34:06 INFO: Starting Wazuh dashboard installation.
24/02/2023 11:37:13 INFO: Wazuh dashboard installation finished.
24/02/2023 11:37:13 INFO: Wazuh dashboard post-install configuration finished.
24/02/2023 11:37:13 INFO: Starting service wazuh-dashboard.
24/02/2023 11:37:13 INFO: wazuh-dashboard service started.
24/02/2023 11:37:48 INFO: Initializing Wazuh dashboard web application.
24/02/2023 11:37:50 INFO: Wazuh dashboard web application initialized.
24/02/2023 11:37:50 INFO: --- Summary ---
24/02/2023 11:37:50 INFO: You can access the web interface https://192.168.56.115
    User: admin
    Password: HYicz*va58nk?4llQG2nBRueA3L?k4IS
24/02/2023 11:37:50 INFO: Installation finished.

If I navigate to the URL the Wazuh app displays:

{"statusCode":500,"error":"Internal Server Error","message":"An internal server error occurred."}

The journalctl -r wazuh-dashboard.service | grep -i -e "Error" command displays:

Show log

``` Feb 24 11:13:28 localhost.localdomain opensearch-dashboards[6904]: {"type":"error","@timestamp":"2023-02-24T11:13:28Z","tags":[],"pid":6904,"level":"error","error":{"message":"Internal Server Error","name":"Error","stack":"Error: Internal Server Error\n at HapiResponseAdapter.toInternalError (/usr/share/wazuh-dashboard/src/core/server/http/router/response_adapter.js:80:19)\n at Object.interceptAuth [as authenticate] (/usr/share/wazuh-dashboard/src/core/server/http/lifecycle/auth.js:151:34)\n at processTicksAndRejections (internal/process/task_queues.js:95:5)\n at exports.Manager.execute (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/toolkit.js:60:28)\n at module.exports.internals.Auth._authenticate (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/auth.js:273:30)\n at Request._lifecycle (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/request.js:371:32)\n at Request._execute (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/request.js:281:9)"},"url":"https://192.168.56.115/favicon.ico","message":"Internal Server Error"} Feb 24 11:13:28 localhost.localdomain opensearch-dashboards[6904]: {"type":"log","@timestamp":"2023-02-24T11:13:28Z","tags":["error","http","server","OpenSearchDashboards"],"pid":6904,"message":"Error: Authentication Exception\n at SecurityClient.authinfo (/usr/share/wazuh-dashboard/plugins/securityDashboards/server/backend/opensearch_security_client.ts:115:13)\n at processTicksAndRejections (internal/process/task_queues.js:95:5)\n at /usr/share/wazuh-dashboard/plugins/securityDashboards/server/auth/types/authentication_type.ts:208:18\n at Object.interceptAuth [as authenticate] (/usr/share/wazuh-dashboard/src/core/server/http/lifecycle/auth.js:112:22)\n at exports.Manager.execute (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/toolkit.js:60:28)\n at module.exports.internals.Auth._authenticate (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/auth.js:273:30)\n at Request._lifecycle (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/request.js:371:32)\n at Request._execute (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/request.js:281:9)"} Feb 24 11:13:28 localhost.localdomain opensearch-dashboards[6904]: {"type":"error","@timestamp":"2023-02-24T11:13:28Z","tags":[],"pid":6904,"level":"error","error":{"message":"Internal Server Error","name":"Error","stack":"Error: Internal Server Error\n at HapiResponseAdapter.toInternalError (/usr/share/wazuh-dashboard/src/core/server/http/router/response_adapter.js:80:19)\n at Object.interceptAuth [as authenticate] (/usr/share/wazuh-dashboard/src/core/server/http/lifecycle/auth.js:151:34)\n at processTicksAndRejections (internal/process/task_queues.js:95:5)\n at exports.Manager.execute (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/toolkit.js:60:28)\n at module.exports.internals.Auth._authenticate (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/auth.js:273:30)\n at Request._lifecycle (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/request.js:371:32)\n at Request._execute (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/request.js:281:9)"},"url":"https://192.168.56.115/","message":"Internal Server Error"} Feb 24 11:13:28 localhost.localdomain opensearch-dashboards[6904]: {"type":"log","@timestamp":"2023-02-24T11:13:28Z","tags":["error","http","server","OpenSearchDashboards"],"pid":6904,"message":"Error: Authentication Exception\n at SecurityClient.authinfo (/usr/share/wazuh-dashboard/plugins/securityDashboards/server/backend/opensearch_security_client.ts:115:13)\n at processTicksAndRejections (internal/process/task_queues.js:95:5)\n at /usr/share/wazuh-dashboard/plugins/securityDashboards/server/auth/types/authentication_type.ts:208:18\n at Object.interceptAuth [as authenticate] (/usr/share/wazuh-dashboard/src/core/server/http/lifecycle/auth.js:112:22)\n at exports.Manager.execute (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/toolkit.js:60:28)\n at module.exports.internals.Auth._authenticate (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/auth.js:273:30)\n at Request._lifecycle (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/request.js:371:32)\n at Request._execute (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/request.js:281:9)"} Feb 24 11:13:28 localhost.localdomain opensearch-dashboards[6904]: {"type":"error","@timestamp":"2023-02-24T11:13:28Z","tags":["connection","client","error"],"pid":6904,"level":"error","error":{"message":"140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n","name":"Error","stack":"Error: 140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n","code":"ERR_SSL_SSLV3_ALERT_CERTIFICATE_UNKNOWN"},"message":"140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n"} Feb 24 11:13:28 localhost.localdomain opensearch-dashboards[6904]: {"type":"error","@timestamp":"2023-02-24T11:13:28Z","tags":["connection","client","error"],"pid":6904,"level":"error","error":{"message":"140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n","name":"Error","stack":"Error: 140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n","code":"ERR_SSL_SSLV3_ALERT_CERTIFICATE_UNKNOWN"},"message":"140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n"} Feb 24 11:13:25 localhost.localdomain opensearch-dashboards[6904]: {"type":"error","@timestamp":"2023-02-24T11:13:25Z","tags":["connection","client","error"],"pid":6904,"level":"error","error":{"message":"140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n","name":"Error","stack":"Error: 140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n","code":"ERR_SSL_SSLV3_ALERT_CERTIFICATE_UNKNOWN"},"message":"140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n"} Feb 24 11:13:25 localhost.localdomain opensearch-dashboards[6904]: {"type":"error","@timestamp":"2023-02-24T11:13:25Z","tags":["connection","client","error"],"pid":6904,"level":"error","error":{"message":"140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n","name":"Error","stack":"Error: 140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n","code":"ERR_SSL_SSLV3_ALERT_CERTIFICATE_UNKNOWN"},"message":"140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n"} Feb 24 11:13:25 localhost.localdomain opensearch-dashboards[6904]: {"type":"error","@timestamp":"2023-02-24T11:13:25Z","tags":["connection","client","error"],"pid":6904,"level":"error","error":{"message":"140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n","name":"Error","stack":"Error: 140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n","code":"ERR_SSL_SSLV3_ALERT_CERTIFICATE_UNKNOWN"},"message":"140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n"} Feb 24 11:13:24 localhost.localdomain opensearch-dashboards[6904]: {"type":"error","@timestamp":"2023-02-24T11:13:24Z","tags":["connection","client","error"],"pid":6904,"level":"error","error":{"message":"140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n","name":"Error","stack":"Error: 140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n","code":"ERR_SSL_SSLV3_ALERT_CERTIFICATE_UNKNOWN"},"message":"140446284380032:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46\n"} Feb 24 11:12:24 localhost.localdomain opensearch-dashboards[6419]: {"type":"log","@timestamp":"2023-02-24T11:12:24Z","tags":["error","opensearch","data"],"pid":6419,"message":"[ResponseError]: Response Error"} Feb 24 11:12:24 localhost.localdomain opensearch-dashboards[6419]: {"type":"log","@timestamp":"2023-02-24T11:12:24Z","tags":["error","opensearch","data"],"pid":6419,"message":"[ResponseError]: Response Error"} ```

:heavy_check_mark: The error was related to the IP of the VM: the 192.168.56.115 did not work, but 192.168.56.114 worked.

:warning: In CentOS 7 I detected that the chromium or chrome package is essential to generate the reports, as suggested in the documentation. Hence, it is necessary to install it in case google-chrome-stable is not installed. Chromium and Chrome are two alternatives to generate the reports, but in case Chrome is not installed is better to install Chromium as it is lighter.

[davidcr01]

Update Report

Tests

:warning: In a CentOS 7 system, I tested to generate a report installing the dependencies and the chromium-headless package, but the report could not be generated. Instead, I installed the chromium package and the report was generated successfully.

 [root@centos8 vagrant]# yum list installed | grep chrom
chromium.x86_64                      110.0.5481.77-1.el8                    @epel     
chromium-common.x86_64               110.0.5481.77-1.el8                    @epel     
chromium-headless.x86_64             110.0.5481.77-1.el8                    @epel  

This could mean that the headless chrome and the specified dependencies are not the only things necessary to generate reports. A complete installation of Chrome or Chromium is needed.

Development

A new function has been added to the installCommon.sh file:

function installCommon_checkChromium() {

    if [ "${sys_type}" == "yum" ]; then
        if (! yum list installed 2>/dev/null | grep -q -E ^"google-chrome-stable"\\.) && (yum list installed 2>/dev/null | grep -q -E ^"chromium"\\.); then
            dependencies+=(chromium)
        fi
    elif [ "${sys_type}" == "apt-get" ]; then
        if (! apt list --installed 2>/dev/null | grep -q -E ^"google-chrome-stable"\/) && (apt list --installed 2>/dev/null | grep -q -E ^"chromium-browser"\/); then
            dependencies+=(chromium-browser)
        fi
    fi
}

This function checks if the Chrome or Chromium browser is installed, and if none of them are installed, it installs Chromium. This function considered the different names of the browsers depending on the OS, notice that:

• In RPM-based systems, the package is called chromium
• In DEB-based systems, the package is called chromium-browser.

:warning: It seems in DEB-based systems it is not necessary to install Chrome o Chromium. This needs some testing to decide definitely if DEB-based systems need a Chrome alternative.

:red_circle: : Ubuntu 16.04 :green_circle: : Ubuntu 18.04 :green_circle: Ubuntu 20.04 :green_circle: Ubuntu 22.04

Next steps

• [x] Check if DEB-based systems need a Chrome alternative
• [ ] Finish the tests.

Conclusions

With the DEB-based system tests done, I can assure that in these systems neither Chrome nor Chromium are not necessary, but in the test of Ubuntu16 I discovered that:

• Chromium was apparently needed.
• After the uninstallation, report generation still works.

This shows that Chrome or Chromium are not strictly necessary, but some of their dependencies are. After some research, if I remove the fontconfig package the report generation stops working, so this package is necessary for DEB-based systems.

[davidcr01]

Update Report

Tests

After huge testing and research, headless-chrome is necessary to generate reports. With that, I conclude that it must be a dependency of the Installation Assitant, and have to be installed if Chrome or Chromium are not installed.

I tested the function installCommon_checkChromium and Chromium is installed if none of both tools are not installed:

02/03/2023 12:52:57 INFO: --- Wazuh dashboard ---
02/03/2023 12:53:00 INFO: --- Dependencies ----
02/03/2023 12:53:00 INFO: Installing chromium-browser.
02/03/2023 13:00:36 INFO: Starting Wazuh dashboard installation.
02/03/2023 13:01:36 INFO: Wazuh dashboard installation finished.
02/03/2023 13:01:36 INFO: Wazuh dashboard post-install configuration finished.
02/03/2023 13:01:36 INFO: Starting service wazuh-dashboard.
02/03/2023 13:01:38 INFO: wazuh-dashboard service started.
02/03/2023 13:02:24 INFO: Initializing Wazuh dashboard web application.
02/03/2023 13:02:25 INFO: Wazuh dashboard web application initialized.
02/03/2023 13:02:25 INFO: --- Summary ---
02/03/2023 13:02:25 INFO: You can access the web interface https://<wazuh-dashboard-ip>
    User: admin
    Password: uiO64FUDfi6S+Z1T9wCmCpOJA*D+Y2Dm
02/03/2023 13:02:25 INFO: Installation finished.
root@vagrant:/home/vagrant# 

[davidcr01]

Update Report

The problem with Ubuntu 22.04

It seems that with this approach, in Ubuntu 22.04 systems the PDF generation report can not be done, even if:

• The dependencies are installed.
• The chromium-browser package is installed. Whereas the rest of the Ubuntu versions that Wazuh supports (16.04, 18.04, 20.04) the PDF generation report can be done.

To solve this problem some workarounds are possible:

• Install the Chromium package of Ubuntu 18.04 through repositories.
• Install the Chromium package of Ubuntu 18.04 manually.
• Install Chrome instead of Chromium in Ubuntu 22.04

Next steps

It is mandatory to test the previous alternative and talk with the team about which is the best option.

[davidcr01]

Update Report

The problem with Ubuntu 22.04

I have performed the test specified in the previous update and the results are: :x: Install the Chromium package through repositories failed. I added the bionic repository in the /etc/apt/source.list and the output of the apt-get update command is:

root@vagrant:/home/vagrant# apt-get update
Hit:1 http://us.archive.ubuntu.com/ubuntu jammy InRelease
Get:2 http://us.archive.ubuntu.com/ubuntu bionic InRelease [242 kB]
Hit:3 http://us.archive.ubuntu.com/ubuntu jammy-updates InRelease
Err:2 http://us.archive.ubuntu.com/ubuntu bionic InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 3B4FE6ACC0B21F32
Hit:4 http://us.archive.ubuntu.com/ubuntu jammy-backports InRelease
Hit:5 http://us.archive.ubuntu.com/ubuntu jammy-security InRelease
Reading package lists... Done
W: GPG error: http://us.archive.ubuntu.com/ubuntu bionic InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 3B4FE6ACC0B21F32
E: The repository 'http://us.archive.ubuntu.com/ubuntu bionic InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
root@vagrant:/home/vagrant# 

:heavy_check_mark: Install de Chromium package of Ubuntu 18.04 manually succeeded. This alternative works as well as report generation, but installing a package of an older distribution may not be a good idea. The system can upgrade this package to the newer, making the report generation not work again.

:heavy_check_mark: After talking with the team, we decided that the best option is to install Chrome instead of Chromium only in Ubuntu 22.

Development

To perform this action, a new function has been added:

function installCommon_aptInstallChrome() {

    chrome_package="/tmp/wazuh-install-files/chrome.deb"
    curl -so "${chrome_package}" https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

    common_logger "Installing chrome"
    installCommon_aptInstall "${chrome_package}"

}

The package is downloaded from the official site of google and placed in the temporary directory where Wazuh stores the temporary files, which will be removed at the end of the script.

And the function installCommon_checkChromium has been modified by adding a new conditional:

# Report generation doesn't work with Chromium in Ubuntu 22
            if [ "${DIST_NAME}" == "ubuntu" ] && [ "${DIST_VER}" == "22" ]; then
                installCommon_aptInstallChrome
            else
                dependencies=(chromium-browser)
            fi

With this change, Chrome will only be installed in Ubuntu 22 and Chromium will be installed in the rest of the systems.

Testing

06/03/2023 11:40:21 INFO: Initializing Wazuh dashboard web application.
06/03/2023 11:40:54 INFO: Wazuh dashboard web application initialized.
06/03/2023 11:40:54 INFO: --- Summary ---
06/03/2023 11:40:54 INFO: You can access the web interface https://<wazuh-dashboard-ip>
    User: admin
    Password: WhyN*BfbG3tirfqs11fLYEYbJ?XM0.fb
06/03/2023 11:40:54 INFO: Installation finished.
root@ubuntu22:/home/vagrant# apt list --installed | grep chro

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

google-chrome-stable/stable,now 110.0.5481.177-1 amd64 [installed]
root@ubuntu22:/home/vagrant# 

[davidcr01]

Update Report

Testing

Amazon Linux 2

• For AmazonLinux2 it is necessary to execute this command in order to fetch the chromium package. sudo amazon-linux-extras install epel -y This command is added to the function installCommon_checkChromium

With this, report generation in AL2 works as expected.

07/03/2023 09:10:13 INFO: --- Wazuh dashboard ---
07/03/2023 09:10:21 INFO: --- Dependencies ---
07/03/2023 09:10:21 INFO: Installing chromium.
07/03/2023 09:10:47 INFO: Installing xorg-x11-fonts-100dpi.
07/03/2023 09:10:54 INFO: Installing xorg-x11-fonts-75dpi.
07/03/2023 09:10:59 INFO: Installing xorg-x11-utils.
07/03/2023 09:11:04 INFO: Installing xorg-x11-fonts-cyrillic.
07/03/2023 09:11:10 INFO: Installing xorg-x11-fonts-Type1.
07/03/2023 09:11:15 INFO: Installing xorg-x11-fonts-misc.
07/03/2023 09:11:23 INFO: Starting Wazuh dashboard installation.
07/03/2023 09:12:52 INFO: Wazuh dashboard installation finished.
07/03/2023 09:12:52 INFO: Wazuh dashboard post-install configuration finished.
07/03/2023 09:12:52 INFO: Starting service wazuh-dashboard.
07/03/2023 09:12:52 INFO: wazuh-dashboard service started.
07/03/2023 09:13:21 INFO: Initializing Wazuh dashboard web application.
07/03/2023 09:13:22 INFO: Wazuh dashboard web application initialized.
07/03/2023 09:13:22 INFO: --- Summary ---
07/03/2023 09:13:22 INFO: You can access the web interface https://<wazuh-dashboard-ip>
    User: admin
    Password: 5mlT3gHQkgrkOKY16NLpAVc.SNnSzPOG
07/03/2023 09:13:22 INFO: Installation finished.

:heavy_check_mark: : With the correct installation, the generation of reports works:

Ubuntu 20

:x: In Ubuntu 20.04, the PDF generation report does not work installing Chromium but it works with Chrome (similar to the behavior of Ubuntu 22).

Hence, Ubuntu 20 will be taken into count in the unattended script to install Chrome instead of Chromium.

[davidcr01]

Update Report

Tests in RHEL8 and 9

To test the installation in these systems, I must add the CentOS repositories to the list of available repositories. I think these notes could be useful if we need to install extra dependencies that are not in the default RHEL repositories or in the EPEL repository.

RHEL 8

[extras]
name=CentOS Linux $releasever - Extras
baseurl=http://vault.centos.org/centos/$releasever/extras/$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial

[baseos]
name=CentOS Linux 8 - BaseOS
baseurl=http://vault.centos.org/centos/8/BaseOS/$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial

[appstream]
name=CentOS Linux 8 - AppStream
baseurl=http://vault.centos.org/centos/8/AppStream/$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial

RHEL 9

[appstream]
name=CentOS Stream $releasever - AppStream
baseurl=https://mirror.stream.centos.org/9-stream/AppStream/x86_64/os/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1

[baseos]
name=CentOS Stream $releasever - BaseOS
baseurl=https://mirror.stream.centos.org/9-stream/BaseOS/x86_64/os/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1

[davidcr01]

Update Report

Summary

To summarize, the workaround that has been done is:

• Delete the ipa-gothic-fonts from the necessary packages as it is not needed. It only concerns the Japanese characters and we can suppose that a Japanese system will have a Japanese characters package.
• Install Chrome or Chomium when needed:
  • Chrome in Ubuntu 18, 20, 22 and Amazon Linux 2 (by downloading the package from the official site of Google). In Ubuntu 18 Chromium works, but it takes too much time to download it (up to 16 minutes!).
  • Chromium in the rest of the systems.
• Install the rest of the dependencies listed by OpenSearch.
• Created a new logic to allow optional installations. Please see https://github.com/wazuh/wazuh-packages/issues/1840#issuecomment-1462012443.
• New functions added: installCommon_checkChromium and installCommon_aptInstallChrome.

Besides, I created a simple script that adds the Centos repositories to the RHEL8 and RHEL9 systems:

Display code

``` #!/bin/bash # This script adds the CentOS repositories in RHEL systems (8 and 9-stream) ​ function dist_detect() { ​ eval "cat /etc/os-release | grep 'Red Hat Enterprise Linux 8'" if [ "${PIPESTATUS[0]}" == "0" ]; then system="rhel8" fi eval "cat /etc/os-release | grep 'Red Hat Enterprise Linux 9'" if [ "${PIPESTATUS[0]}" == "0" ]; then system="rhel9" fi echo "System detected: ${system}." } ​ function download_centos_key() { ​ curl 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-Official' -so /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial if [ ! -f "/etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial" ]; then echo "ERROR: the GPG CentOS key could not be downloaded." exit 1 fi } ​ ​ function add_repositories() { output_repo="/etc/yum.repos.d/centos.repo" touch "${output_repo}" if [ "${system}" == "rhel9" ]; then echo '[appstream]' >> "${output_repo}" echo 'name=CentOS Stream $releasever - AppStream' >> "${output_repo}" echo 'baseurl=https://mirror.stream.centos.org/9-stream/AppStream/x86_64/os/' >> "${output_repo}" echo 'gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial' >> "${output_repo}" echo 'gpgcheck=1' >> "${output_repo}" echo 'repo_gpgcheck=0 '>> "${output_repo}" echo 'metadata_expire=6h' >> "${output_repo}" echo 'countme=1' >> "${output_repo}" echo 'enabled=1' >> "${output_repo}" echo '[baseos]' >> "${output_repo}" echo 'name=CentOS Stream $releasever - BaseOS' >> "${output_repo}" echo 'baseurl=https://mirror.stream.centos.org/9-stream/BaseOS/x86_64/os/' >> "${output_repo}" echo 'gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial' >> "${output_repo}" echo 'gpgcheck=1' >> "${output_repo}" echo 'repo_gpgcheck=0' >> "${output_repo}" echo 'metadata_expire=6h' >> "${output_repo}" echo 'countme=1' >> "${output_repo}" echo 'enabled=1' >> "${output_repo}" elif [ "${system}" == "rhel8" ]; then echo '[extras]' >> "${output_repo}" echo 'name=CentOS Linux $releasever - Extras' >> "${output_repo}" echo 'baseurl=http://vault.centos.org/centos/$releasever/extras/$basearch/os/' >> "${output_repo}" echo 'gpgcheck=1' >> "${output_repo}" echo 'enabled=1' >> "${output_repo}" echo 'gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial' >> "${output_repo}" echo '[baseos]' >> "${output_repo}" echo 'name=CentOS Linux 8 - BaseOS' >> "${output_repo}" echo 'baseurl=http://vault.centos.org/centos/8/BaseOS/$basearch/os/' >> "${output_repo}" echo 'gpgcheck=1' >> "${output_repo}" echo 'enabled=1' >> "${output_repo}" echo 'gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial' >> "${output_repo}" echo '[appstream]' >> "${output_repo}" echo 'name=CentOS Linux 8 - AppStream' >> "${output_repo}" echo 'baseurl=http://vault.centos.org/centos/8/AppStream/$basearch/os/' >> "${output_repo}" echo 'gpgcheck=1' >> "${output_repo}" echo 'enabled=1' >> "${output_repo}" echo 'gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial' >> "${output_repo}" fi } ​ dist_detect download_centos_key add_repositories ```

[davidcr01]

Update Report

Development

After the requested changes of @DFolchA I have created a new logic to allow optional installations. This is done by some flags that indicate this type of installation. The use of flags is to avoid creating new functions that may repeat code.

Every time the installation is going to be optional, the flag optional_installation must be set to 1, and set to 0 when that optional installation is completed. In this case, the installation of the PDF report dependencies is optional as they are not essential to make the Wazuh dashboard work. To warn this, if an optional dependency installation fails, the flag report_dependencies is set to 1 to make the Installation Assistant print a warning message.

This has been done in https://github.com/wazuh/wazuh-packages/pull/2122/commits/053e1387a6ce55dd2bc5ad8ff4d9d6e30ecd0980.

Test

To test this behavior, and force the failure of an optional installation dependency, I have tested in Ubuntu 20.04 with the Chrome package:

Show log

``` root@ubuntu20:/home/vagrant# bash wazuh-install.sh -a -i 09/03/2023 12:41:32 INFO: Starting Wazuh installation assistant. Wazuh version: 4.5.0 09/03/2023 12:41:32 INFO: Verbose logging redirected to /var/log/wazuh-install.log 09/03/2023 12:41:45 WARNING: Hardware and system checks ignored. 09/03/2023 12:41:47 INFO: --- Dependencies ---- 09/03/2023 12:41:47 INFO: Installing apt-transport-https. 09/03/2023 12:41:52 INFO: Wazuh development repository added. 09/03/2023 12:41:52 INFO: --- Configuration files --- 09/03/2023 12:41:52 INFO: Generating configuration files. 09/03/2023 12:41:53 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 09/03/2023 12:41:53 INFO: --- Wazuh indexer --- 09/03/2023 12:41:53 INFO: Starting Wazuh indexer installation. 09/03/2023 12:44:02 INFO: Wazuh indexer installation finished. 09/03/2023 12:44:02 INFO: Wazuh indexer post-install configuration finished. 09/03/2023 12:44:02 INFO: Starting service wazuh-indexer. 09/03/2023 12:44:10 INFO: wazuh-indexer service started. 09/03/2023 12:44:10 INFO: Initializing Wazuh indexer cluster security settings. 09/03/2023 12:44:21 INFO: Wazuh indexer cluster initialized. 09/03/2023 12:44:21 INFO: --- Wazuh server --- 09/03/2023 12:44:21 INFO: Starting the Wazuh manager installation. 09/03/2023 12:45:26 INFO: Wazuh manager installation finished. 09/03/2023 12:45:26 INFO: Starting service wazuh-manager. 09/03/2023 12:45:33 INFO: wazuh-manager service started. 09/03/2023 12:45:33 INFO: Starting Filebeat installation. 09/03/2023 12:45:44 INFO: Filebeat installation finished. 09/03/2023 12:45:46 INFO: Filebeat post-install configuration finished. 09/03/2023 12:45:46 INFO: Starting service filebeat. 09/03/2023 12:45:46 INFO: filebeat service started. 09/03/2023 12:45:46 INFO: --- Wazuh dashboard --- 09/03/2023 12:45:47 INFO: Installing chrome. 09/03/2023 12:45:47 WARNING: Cannot install optional dependency: chrome. 09/03/2023 12:45:49 INFO: --- Dependencies ---- 09/03/2023 12:45:49 INFO: Installing libnss3-dev. 09/03/2023 12:45:53 INFO: Installing fonts-liberation. 09/03/2023 12:45:55 INFO: Installing libfontconfig1. 09/03/2023 12:45:58 WARNING: Dependencies skipped. PDF report generation may not work. 09/03/2023 12:45:58 INFO: Starting Wazuh dashboard installation. 09/03/2023 12:48:18 INFO: Wazuh dashboard installation finished. 09/03/2023 12:48:18 INFO: Wazuh dashboard post-install configuration finished. 09/03/2023 12:48:18 INFO: Starting service wazuh-dashboard. 09/03/2023 12:48:19 INFO: wazuh-dashboard service started. 09/03/2023 12:48:37 INFO: Initializing Wazuh dashboard web application. 09/03/2023 12:48:38 INFO: Wazuh dashboard web application initialized. 09/03/2023 12:48:38 INFO: --- Summary --- 09/03/2023 12:48:38 INFO: You can access the web interface https:// User: admin Password: JlmPGfsBJs*.SJPI2APmCDbsh7JBL24A 09/03/2023 12:48:38 INFO: Installation finished. ```

Notice that the Chrome installation has failed and notified with WARNING: Cannot install optional dependency: chrome., and after, another warning is displayed: WARNING: Dependencies skipped. PDF report generation may not work.

[zbalkan]

As an external person or a user, I would like to point that adding new repositories is a system-wide change, which must be explicit as possible: both during the installation and within documentation. Because there will be conflicts. Also in corporate use cases where a local repository is used, the dependencies should be explicit so the admins should add them to their local repository.

[davidcr01]

Hello @zbalkan.

If you refer to the Google repository to install Chrome, this repository has not been added by the consequences you mention. To avoid this, the Chrome package is downloaded and installed from the official repository.

If you refer to the EPEL package in Amazon Linux 2, this has been changed as it is not a good idea to add new repositories. The solution for this is what I commented before, to install the tool by downloading the package. This has been done in https://github.com/wazuh/wazuh-packages/pull/2122/commits/2095105006b6f3e1965c387a4b89756cbf561dde

If you are interested in the changes made in this issue, you can read the summary comment https://github.com/wazuh/wazuh-packages/issues/1840#issuecomment-1461569918 or the changed files of the associated PR: https://github.com/wazuh/wazuh-packages/pull/2122/files

Hope it helps. Regards. The Wazuh team.

[davidcr01]

Update Report

Amazon Linux 2

Due to the recommendation of @zbalkan and after talking with the team, we decided to remove the amazon-linux-extras install epel -y command and install Chrome by downloading it from the official site, as done in some Ubuntu systems.

:green_circle: The installation and generation of PDF reports are correct in Amazon Linux 2:

Show log

``` [root@amazonlinux2 vagrant]# bash wazuh-install.sh -a -i 13/03/2023 12:45:04 INFO: Starting Wazuh installation assistant. Wazuh version: 4.5.0 13/03/2023 12:45:04 INFO: Verbose logging redirected to /var/log/wazuh-install.log 13/03/2023 12:45:05 WARNING: Hardware and system checks ignored. 13/03/2023 12:45:07 INFO: Wazuh development repository added. 13/03/2023 12:45:07 INFO: --- Configuration files --- 13/03/2023 12:45:07 INFO: Generating configuration files. 13/03/2023 12:45:07 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 13/03/2023 12:45:07 INFO: --- Wazuh indexer --- 13/03/2023 12:45:07 INFO: Starting Wazuh indexer installation. 13/03/2023 12:47:36 INFO: Wazuh indexer installation finished. 13/03/2023 12:47:36 INFO: Wazuh indexer post-install configuration finished. 13/03/2023 12:47:36 INFO: Starting service wazuh-indexer. 13/03/2023 12:47:45 INFO: wazuh-indexer service started. 13/03/2023 12:47:45 INFO: Initializing Wazuh indexer cluster security settings. 13/03/2023 12:47:55 INFO: Wazuh indexer cluster initialized. 13/03/2023 12:47:55 INFO: --- Wazuh server --- 13/03/2023 12:47:55 INFO: Starting the Wazuh manager installation. 13/03/2023 12:48:33 INFO: Wazuh manager installation finished. 13/03/2023 12:48:33 INFO: Starting service wazuh-manager. 13/03/2023 12:48:45 INFO: wazuh-manager service started. 13/03/2023 12:48:45 INFO: Starting Filebeat installation. 13/03/2023 12:48:57 INFO: Filebeat installation finished. 13/03/2023 12:48:58 INFO: Filebeat post-install configuration finished. 13/03/2023 12:48:58 INFO: Starting service filebeat. 13/03/2023 12:48:58 INFO: filebeat service started. 13/03/2023 12:48:58 INFO: --- Wazuh dashboard --- 13/03/2023 12:49:03 INFO: Installing chrome. 13/03/2023 12:49:35 INFO: --- Dependencies --- 13/03/2023 12:49:35 INFO: Installing chromium. 13/03/2023 12:50:16 INFO: Starting Wazuh dashboard installation. 13/03/2023 12:52:16 INFO: Wazuh dashboard installation finished. 13/03/2023 12:52:16 INFO: Wazuh dashboard post-install configuration finished. 13/03/2023 12:52:16 INFO: Starting service wazuh-dashboard. 13/03/2023 12:52:16 INFO: wazuh-dashboard service started. 13/03/2023 12:52:33 INFO: Initializing Wazuh dashboard web application. 13/03/2023 12:52:34 INFO: Wazuh dashboard web application initialized. 13/03/2023 12:52:34 INFO: --- Summary --- 13/03/2023 12:52:34 INFO: You can access the web interface https:// User: admin Password: uxVjyTyI6cV*gQu7rai+L6?55ZFGFNFi 13/03/2023 12:52:34 INFO: Installation finished. [root@amazonlinux2 vagrant]# yum list installed | grep chrome google-chrome-stable.x86_64 111.0.5563.64-1 installed [root@amazonlinux2 vagrant]# ```

[zbalkan]

Dear @davidcr01 ,

Thank you for considering my feedback. I would like to ask about one thing, when installation goes south. If the server is isolated from internet and downloads over curl fail, what would be the action? According to the PR, it looks like it will just exit with a warning. Yet, IMHO, this is not a big issue to break the installation. With a proper and clear warning, preferably after a prompt to continue, a user should be able to continue installation without the missing package, knowing that they have to solve the issue over their local repository.

[davidcr01]

Hello @zbalkan

The behavior of the Installation Assistant, in that case, would be the following:

• If it is installing a package from the repositories, not from a manual download, and it fails, the script displays a warning and continues the installation. If it is installing the Wazuh dashboard package and there is no internet connection, it would display an error and the installation would be broken as it is a necessary package to continue the installation.
• If it is downloading a package with curl (in this case, only the Chrome package), the behavior would be the same. But, in this case, I improved this task by changing the curl command to our common_curl function. This function retries the specified curl several times in case a transient error is generated. If there is an internet connection loss, it will retry the curl X times until a timeout is reached, and then the warning message would be displayed. If the timeout is not reached yet and there is internet connection, the package would be successfully downloaded.

I hope I clarified your question. Regards. David.