davidcr01
commented
4 months ago Update Report
Development
The best choice in the development, in order not to modify too much code, is to remove the openssl and lsof packages from the dependency list, and install them separately.
This change implies installing them inside the function that uses them, and saving them into a variable in order to uninstall them when the installation is finished.
Although the variables are removed from the list, a comment has been added to the file specifying that they are kept as dependencies, but not specified in the list.
Testing
After the development, the certificate generation, the cluster initialization, and an AIO installation were performed correctly.
:green_circle: Certificates generation
root@ubuntu22:/home/vagrant# lsof
bash: /usr/bin/lsof: No such file or directory
root@ubuntu22:/home/vagrant# openssl
bash: /usr/bin/openssl: No such file or directory
root@ubuntu22:/home/vagrant# bash wazuh-install.sh -g -i
04/03/2024 13:57:34 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
04/03/2024 13:57:34 INFO: Verbose logging redirected to /var/log/wazuh-install.log
04/03/2024 13:57:40 WARNING: Hardware and system checks ignored.
04/03/2024 13:57:40 INFO: --- Configuration files ---
04/03/2024 13:57:40 INFO: Generating configuration files.
04/03/2024 13:57:40 INFO: --- Dependencies ----
04/03/2024 13:57:40 INFO: Installing openssl.
04/03/2024 13:57:44 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
04/03/2024 13:57:44 INFO: --- Dependencies ----
04/03/2024 13:57:44 INFO: Removing openssl.
root@ubuntu22:/home/vagrant# tar -xvf wazuh-install-files.tar
wazuh-install-files/
wazuh-install-files/root-ca.key
wazuh-install-files/wazuh-indexer-key.pem
wazuh-install-files/admin-key.pem
wazuh-install-files/wazuh-passwords.txt
wazuh-install-files/config.yml
wazuh-install-files/root-ca.pem
wazuh-install-files/admin.pem
wazuh-install-files/wazuh-dashboard-key.pem
wazuh-install-files/wazuh-server-key.pem
wazuh-install-files/wazuh-server.pem
wazuh-install-files/wazuh-dashboard.pem
wazuh-install-files/wazuh-indexer.pem
root@ubuntu22:/home/vagrant# :green_circle: Cluster initialization
root@ubuntu22:/home/vagrant# bash wazuh-install.sh -wi wazuh-indexer -i
04/03/2024 14:04:48 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
04/03/2024 14:04:48 INFO: Verbose logging redirected to /var/log/wazuh-install.log
04/03/2024 14:04:57 WARNING: Hardware and system checks ignored.
04/03/2024 14:04:57 INFO: --- Dependencies ----
04/03/2024 14:04:57 INFO: Installing lsof.
04/03/2024 14:05:11 INFO: Wazuh development repository added.
04/03/2024 14:05:11 INFO: --- Wazuh indexer ---
04/03/2024 14:05:11 INFO: Starting Wazuh indexer installation.
04/03/2024 14:09:38 INFO: Wazuh indexer installation finished.
04/03/2024 14:09:38 INFO: Wazuh indexer post-install configuration finished.
04/03/2024 14:09:38 INFO: Starting service wazuh-indexer.
04/03/2024 14:10:08 INFO: wazuh-indexer service started.
04/03/2024 14:10:08 INFO: Initializing Wazuh indexer cluster security settings.
04/03/2024 14:10:11 INFO: Wazuh indexer cluster initialized.
04/03/2024 14:10:11 INFO: --- Dependencies ----
04/03/2024 14:10:11 INFO: Removing lsof.
04/03/2024 14:10:13 INFO: Installation finished.
root@ubuntu22:/home/vagrant#
root@ubuntu22:/home/vagrant# bash wazuh-install.sh -s -i
04/03/2024 14:10:39 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
04/03/2024 14:10:39 INFO: Verbose logging redirected to /var/log/wazuh-install.log
04/03/2024 14:10:51 WARNING: Hardware and system checks ignored.
04/03/2024 14:10:59 INFO: Wazuh indexer cluster security configuration initialized.
04/03/2024 14:11:00 INFO: The Wazuh indexer cluster ISM initialized.
04/03/2024 14:11:02 INFO: Updating the internal users.
04/03/2024 14:11:07 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
04/03/2024 14:11:24 INFO: Wazuh indexer cluster started.
root@ubuntu22:/home/vagrant#
:green_circle: AIO installation
root@ubuntu22:/home/vagrant# bash wazuh-install.sh -a -i
04/03/2024 14:52:42 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
04/03/2024 14:52:42 INFO: Verbose logging redirected to /var/log/wazuh-install.log
04/03/2024 14:52:52 WARNING: Hardware and system checks ignored.
04/03/2024 14:52:52 INFO: Wazuh web interface port will be 443.
04/03/2024 14:52:53 INFO: --- Dependencies ----
04/03/2024 14:52:53 INFO: Installing lsof.
04/03/2024 14:53:07 INFO: --- Dependencies ----
04/03/2024 14:53:07 INFO: Installing debhelper.
04/03/2024 14:53:41 INFO: Installing software-properties-common.
04/03/2024 14:54:02 INFO: Wazuh development repository added.
04/03/2024 14:54:02 INFO: --- Configuration files ---
04/03/2024 14:54:02 INFO: Generating configuration files.
04/03/2024 14:54:05 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
04/03/2024 14:54:05 INFO: --- Wazuh indexer ---
04/03/2024 14:54:05 INFO: Starting Wazuh indexer installation.
04/03/2024 14:55:11 INFO: Wazuh indexer installation finished.
04/03/2024 14:55:11 INFO: Wazuh indexer post-install configuration finished.
04/03/2024 14:55:11 INFO: Starting service wazuh-indexer.
04/03/2024 14:55:40 INFO: wazuh-indexer service started.
04/03/2024 14:55:40 INFO: Initializing Wazuh indexer cluster security settings.
04/03/2024 14:55:53 INFO: The Wazuh indexer cluster ISM initialized.
04/03/2024 14:55:53 INFO: Wazuh indexer cluster initialized.
04/03/2024 14:55:53 INFO: --- Wazuh server ---
04/03/2024 14:55:53 INFO: Starting the Wazuh manager installation.
04/03/2024 14:58:47 INFO: Wazuh manager installation finished.
04/03/2024 14:58:47 INFO: Starting service wazuh-manager.
04/03/2024 14:59:10 INFO: wazuh-manager service started.
04/03/2024 14:59:10 INFO: Starting Filebeat installation.
04/03/2024 14:59:48 INFO: Filebeat installation finished.
04/03/2024 14:59:54 INFO: Filebeat post-install configuration finished.
04/03/2024 14:59:54 INFO: Starting service filebeat.
04/03/2024 14:59:57 INFO: filebeat service started.
04/03/2024 14:59:57 INFO: --- Wazuh dashboard ---
04/03/2024 14:59:57 INFO: Starting Wazuh dashboard installation.
04/03/2024 15:02:07 INFO: Wazuh dashboard installation finished.
04/03/2024 15:02:07 INFO: Wazuh dashboard post-install configuration finished.
04/03/2024 15:02:07 INFO: Starting service wazuh-dashboard.
04/03/2024 15:02:08 INFO: wazuh-dashboard service started.
04/03/2024 15:02:11 INFO: Updating the internal users.
04/03/2024 15:02:20 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
04/03/2024 15:02:54 INFO: Initializing Wazuh dashboard web application.
04/03/2024 15:02:55 INFO: Wazuh dashboard web application initialized.
04/03/2024 15:02:55 INFO: --- Summary ---
04/03/2024 15:02:55 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
User: admin
Password: jfVHiNDdA4fjD049VOee8E6A*+pCFVqW
04/03/2024 15:02:55 INFO: --- Dependencies ----
04/03/2024 15:02:55 INFO: Removing lsof.
04/03/2024 15:02:58 INFO: Installation finished.
Source issue: https://github.com/wazuh/wazuh/issues/21361
It has been discovered that the certificate creation using the Wazuh Installation Assistant installs two dependencies:
lsofandopenssl. Those dependencies are removed shortly after the certificate creation but thelsofpackage is not used for the certificate creation and should not be installed.This also happens when using other specific options like starting the Wazuh indexer cluster