search

wazuh / wazuh-packages

Wazuh - Tools for packages creation
https://wazuh.com
GNU General Public License v2.0
100 stars 90 forks source link

WIA accepts CentOS 9 as a recommended system #2778

Closed rauldpm closed 6 months ago

rauldpm commented 6 months ago
Wazuh version Install type Action performed Platform
4.8.0-alpha2 WUS System check CentOS 9 Stream

During the review of the issue https://github.com/wazuh/wazuh/issues/21362, a bug has been detected in the operating systems check that allows the script to be executed on a system not listed as recommended in the same script.

function check_dist() {
    common_logger -d "Checking system distribution."
    dist_detect
    if [ "${DIST_NAME}" != "centos" ] && [ "${DIST_NAME}" != "rhel" ] && [ "${DIST_NAME}" != "amzn" ] && [ "${DIST_NAME}" != "ubuntu" ]; then
        notsupported=1
    fi
    if { [ "${DIST_NAME}" == "centos" ] || [ "${DIST_NAME}" == "rhel" ]; } && { [ "${DIST_VER}" -ne "7" ] && [ "${DIST_VER}" -ne "8" ] && [ "${DIST_VER}" -ne "9" ]; }; then
        notsupported=1
    fi

According to the check_dist function, installation is accepted on RHEL 7, 8, and 9 systems, in addition to CentOS 7, 8, and 9, but this does not match the message shown if the system is not recommended, since CentOS 9 is not supported in that list

    if [ -n "${notsupported}" ] && [ -z "${ignore}" ]; then
        common_logger -e "The recommended systems are: Red Hat Enterprise Linux 7, 8, 9; CentOS 7, 8; Amazon Linux 2; Ubuntu 16.04, 18.04, 20.04, 22.04. The current system does not match this list. Use -i|--ignore-check to skip this check."
        exit 1

It is necessary to fix the message or fix the if conditions

[root@centos9stream vagrant]# cat /etc/os-release 
NAME="CentOS Stream"
VERSION="9"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="9"
PLATFORM_ID="platform:el9"
PRETTY_NAME="CentOS Stream 9"
ANSI_COLOR="0;31"
LOGO="fedora-logo-icon"
CPE_NAME="cpe:/o:centos:centos:9"
HOME_URL="https://centos.org/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux 9"
REDHAT_SUPPORT_PRODUCT_VERSION="CentOS Stream"
[root@centos9stream vagrant]# curl -sO https://packages-dev.wazuh.com/4.8/wazuh-install.sh && sudo bash ./wazuh-install.sh -a
17/01/2024 13:21:34 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
17/01/2024 13:21:34 INFO: Verbose logging redirected to /var/log/wazuh-install.log
17/01/2024 13:21:38 INFO: Verifying that your system meets the recommended minimum hardware requirements.
17/01/2024 13:21:38 INFO: Wazuh web interface port will be 443.
17/01/2024 13:21:38 WARNING: The system has Firewalld enabled. Please ensure that traffic is allowed on these ports: 1515, 1514, 443.
17/01/2024 13:21:40 INFO: Wazuh development repository added.
17/01/2024 13:21:40 INFO: --- Configuration files ---
17/01/2024 13:21:40 INFO: Generating configuration files.
17/01/2024 13:21:41 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
17/01/2024 13:21:41 INFO: --- Wazuh indexer ---
17/01/2024 13:21:41 INFO: Starting Wazuh indexer installation.

According to the documentation, CentOS 9 is not present in the recommended systems list

image

vcerenu commented 6 months ago

The OS version check for Centos and RHEL was modified, splitting it to be able to individually assign each version:

    if [ "${DIST_NAME}" == "centos" ] && { [ "${DIST_VER}" -ne "7" ] && [ "${DIST_VER}" -ne "8" ]; }; then
        notsupported=1
    fi
    if [ "${DIST_NAME}" == "rhel" ] && { [ "${DIST_VER}" -ne "7" ] && [ "${DIST_VER}" -ne "8" ] && [ "${DIST_VER}" -ne "9" ]; }; then
        notsupported=1
    fi

Tests were carried out with this new check:

Centos 9:

[root@server1 wazuh-packages]# git checkout 2778-wia-accepts-centos-9-as-a-recommended-system
branch '2778-wia-accepts-centos-9-as-a-recommended-system' set up to track 'origin/2778-wia-accepts-centos-9-as-a-recommended-system'.
Switched to a new branch '2778-wia-accepts-centos-9-as-a-recommended-system'
[root@server1 wazuh-packages]# bash unattended_installer/builder.sh -i -d
[root@server1 wazuh-packages]# cd unattended_installer/
[root@server1 unattended_installer]# ls -ltr
total 216
-rw-r--r--. 1 root root   2397 Jan 18 13:11 Development-guide.md
drwxr-xr-x. 6 root root     73 Jan 18 13:11 config
drwxr-xr-x. 2 root root     49 Jan 18 13:11 common_functions
drwxr-xr-x. 2 root root     73 Jan 18 13:11 cert_tool
drwxr-xr-x. 2 root root     88 Jan 18 13:23 passwords_tool
-rwxr-xr-x. 1 root root  12956 Jan 18 13:23 builder.sh
-r-x------. 1 root root 174673 Jan 18 13:24 wazuh-install.sh
drwxr-xr-x. 2 root root   4096 Jan 18 13:24 install_functions
[root@server1 unattended_installer]# cat /etc/os-release
NAME="CentOS Stream"
VERSION="9"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="9"
PLATFORM_ID="platform:el9"
PRETTY_NAME="CentOS Stream 9"
ANSI_COLOR="0;31"
LOGO="fedora-logo-icon"
CPE_NAME="cpe:/o:centos:centos:9"
HOME_URL="https://centos.org/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux 9"
REDHAT_SUPPORT_PRODUCT_VERSION="CentOS Stream"
[root@server1 unattended_installer]# sudo bash ./wazuh-install.sh -a
18/01/2024 13:24:55 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
18/01/2024 13:24:55 INFO: Verbose logging redirected to /var/log/wazuh-install.log
18/01/2024 13:24:55 ERROR: The recommended systems are: Red Hat Enterprise Linux 7, 8, 9; CentOS 7, 8; Amazon Linux 2; Ubuntu 16.04, 18.04, 20.04, 22.04. The current system does not match this list. Use -i|--ignore-check to skip this check.
[root@server1 unattended_installer]#

Centos 7:

[root@server1 wazuh-packages]# git checkout 2778-wia-accepts-centos-9-as-a-recommended-system
Branch 2778-wia-accepts-centos-9-as-a-recommended-system set up to track remote branch 2778-wia-accepts-centos-9-as-a-recommended-system from origin.
Switched to a new branch '2778-wia-accepts-centos-9-as-a-recommended-system'
[root@server1 wazuh-packages]# bash unattended_installer/builder.sh -i -d
[root@server1 wazuh-packages]# cd unattended_installer/
[root@server1 unattended_installer]# ls -ltr
total 212
-rw-r--r--. 1 root root   2397 Jan 18 14:34 Development-guide.md
drwxr-xr-x. 6 root root     73 Jan 18 14:34 config
drwxr-xr-x. 2 root root     49 Jan 18 14:34 common_functions
drwxr-xr-x. 2 root root     73 Jan 18 14:34 cert_tool
-rwxr-xr-x. 1 root root  12956 Jan 18 14:34 builder.sh
drwxr-xr-x. 2 root root     88 Jan 18 14:34 passwords_tool
-r-x------. 1 root root 174673 Jan 18 14:35 wazuh-install.sh
drwxr-xr-x. 2 root root    204 Jan 18 14:35 install_functions
[root@server1 unattended_installer]# cat /etc/os-release
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"

CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"

[root@server1 unattended_installer]# sudo bash ./wazuh-install.sh -a
18/01/2024 14:35:49 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
18/01/2024 14:35:49 INFO: Verbose logging redirected to /var/log/wazuh-install.log
18/01/2024 14:35:55 INFO: --- Dependencies ---
18/01/2024 14:35:55 INFO: Installing lsof.
18/01/2024 14:35:56 INFO: Verifying that your system meets the recommended minimum hardware requirements.
18/01/2024 14:35:56 INFO: Wazuh web interface port will be 443.
18/01/2024 14:35:59 INFO: Wazuh development repository added.
18/01/2024 14:35:59 INFO: --- Configuration files ---
18/01/2024 14:35:59 INFO: Generating configuration files.
18/01/2024 14:35:59 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
18/01/2024 14:35:59 INFO: --- Wazuh indexer ---
18/01/2024 14:35:59 INFO: Starting Wazuh indexer installation.
18/01/2024 14:38:57 INFO: Wazuh indexer installation finished.
18/01/2024 14:38:57 INFO: Wazuh indexer post-install configuration finished.
18/01/2024 14:38:57 INFO: Starting service wazuh-indexer.
18/01/2024 14:39:14 INFO: wazuh-indexer service started.
18/01/2024 14:39:14 INFO: Initializing Wazuh indexer cluster security settings.
18/01/2024 14:39:27 INFO: The Wazuh indexer cluster ISM initialized.
18/01/2024 14:39:27 INFO: Wazuh indexer cluster initialized.
18/01/2024 14:39:27 INFO: --- Wazuh server ---
18/01/2024 14:39:27 INFO: Starting the Wazuh manager installation.
18/01/2024 14:41:21 INFO: Wazuh manager installation finished.
18/01/2024 14:41:21 INFO: Starting service wazuh-manager.
18/01/2024 14:41:36 INFO: wazuh-manager service started.
18/01/2024 14:41:36 INFO: Starting Filebeat installation.
18/01/2024 14:41:47 INFO: Filebeat installation finished.
18/01/2024 14:41:48 INFO: Filebeat post-install configuration finished.
18/01/2024 14:41:48 INFO: Starting service filebeat.
18/01/2024 14:41:48 INFO: filebeat service started.
18/01/2024 14:41:48 INFO: --- Wazuh dashboard ---
18/01/2024 14:41:48 INFO: Starting Wazuh dashboard installation.
18/01/2024 14:44:04 INFO: Wazuh dashboard installation finished.
18/01/2024 14:44:04 INFO: Wazuh dashboard post-install configuration finished.
18/01/2024 14:44:04 INFO: Starting service wazuh-dashboard.
18/01/2024 14:44:04 INFO: wazuh-dashboard service started.
18/01/2024 14:44:06 INFO: Updating the internal users.
18/01/2024 14:44:12 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
18/01/2024 14:44:33 INFO: Initializing Wazuh dashboard web application.
18/01/2024 14:44:34 INFO: Wazuh dashboard web application initialized.
18/01/2024 14:44:34 INFO: --- Summary ---
18/01/2024 14:44:34 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
    User: admin
    Password: pAe0m2.tIu4.*3wZzxsssDi14lBbdqX2
18/01/2024 14:44:34 INFO: --- Dependencies ---
18/01/2024 14:44:34 INFO: Removing lsof.
18/01/2024 14:44:35 INFO: Installation finished.
[root@server1 unattended_installer]#
vcerenu commented 6 months ago

RHEL 9:

[root@ip-172-31-95-96 wazuh-packages]# git checkout 2778-wia-accepts-centos-9-as-a-recommended-system
branch '2778-wia-accepts-centos-9-as-a-recommended-system' set up to track 'origin/2778-wia-accepts-centos-9-as-a-recommended-system'.
Switched to a new branch '2778-wia-accepts-centos-9-as-a-recommended-system'
[root@ip-172-31-95-96 wazuh-packages]# bash unattended_installer/builder.sh -i -d
[root@ip-172-31-95-96 wazuh-packages]# cd unattended_installer/
[root@ip-172-31-95-96 unattended_installer]# ls -ltr
total 216
-rw-r--r--. 1 root root   2397 Jan 19 14:30 Development-guide.md
drwxr-xr-x. 2 root root     49 Jan 19 14:30 common_functions
drwxr-xr-x. 2 root root     73 Jan 19 14:30 cert_tool
drwxr-xr-x. 6 root root     73 Jan 19 14:30 config
-rwxr-xr-x. 1 root root  12956 Jan 19 14:31 builder.sh
drwxr-xr-x. 2 root root     88 Jan 19 14:31 passwords_tool
-r-x------. 1 root root 174673 Jan 19 14:32 wazuh-install.sh
drwxr-xr-x. 2 root root   4096 Jan 19 14:32 install_functions
[root@ip-172-31-95-96 unattended_installer]# cat /etc/os-release
NAME="Red Hat Enterprise Linux"
VERSION="9.3 (Plow)"
ID="rhel"
ID_LIKE="fedora"
VERSION_ID="9.3"
PLATFORM_ID="platform:el9"
PRETTY_NAME="Red Hat Enterprise Linux 9.3 (Plow)"
ANSI_COLOR="0;31"
LOGO="fedora-logo-icon"
CPE_NAME="cpe:/o:redhat:enterprise_linux:9::baseos"
HOME_URL="https://www.redhat.com/"
DOCUMENTATION_URL="https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9"
BUG_REPORT_URL="https://bugzilla.redhat.com/"

REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 9"
REDHAT_BUGZILLA_PRODUCT_VERSION=9.3
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="9.3"
[root@ip-172-31-95-96 unattended_installer]# sudo bash ./wazuh-install.sh -a
19/01/2024 14:33:25 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
19/01/2024 14:33:25 INFO: Verbose logging redirected to /var/log/wazuh-install.log
19/01/2024 14:33:39 INFO: --- Dependencies ---
19/01/2024 14:33:39 INFO: Installing lsof.
19/01/2024 14:33:57 INFO: Verifying that your system meets the recommended minimum hardware requirements.
19/01/2024 14:33:57 INFO: Wazuh web interface port will be 443.
19/01/2024 14:34:01 INFO: Wazuh development repository added.
19/01/2024 14:34:01 INFO: --- Configuration files ---
19/01/2024 14:34:01 INFO: Generating configuration files.
19/01/2024 14:34:03 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
19/01/2024 14:34:03 INFO: --- Wazuh indexer ---
19/01/2024 14:34:03 INFO: Starting Wazuh indexer installation.
[root@ip-172-31-95-96 unattended_installer]# bash ./wazuh-install.sh -a -o
19/01/2024 15:25:07 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
19/01/2024 15:25:07 INFO: Verbose logging redirected to /var/log/wazuh-install.log
19/01/2024 15:25:22 INFO: --- Dependencies ---
19/01/2024 15:25:22 INFO: Installing lsof.
19/01/2024 15:25:40 INFO: Verifying that your system meets the recommended minimum hardware requirements.
19/01/2024 15:25:40 INFO: Wazuh web interface port will be 443.
19/01/2024 15:25:44 INFO: Wazuh development repository added.
19/01/2024 15:25:44 INFO: --- Configuration files ---
19/01/2024 15:25:44 INFO: Generating configuration files.
19/01/2024 15:25:46 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
19/01/2024 15:25:46 INFO: --- Wazuh indexer ---
19/01/2024 15:25:46 INFO: Starting Wazuh indexer installation.
19/01/2024 15:28:19 INFO: Wazuh indexer installation finished.
19/01/2024 15:28:19 INFO: Wazuh indexer post-install configuration finished.
19/01/2024 15:28:19 INFO: Starting service wazuh-indexer.
19/01/2024 15:28:43 INFO: wazuh-indexer service started.
19/01/2024 15:28:43 INFO: Initializing Wazuh indexer cluster security settings.
19/01/2024 15:28:57 INFO: The Wazuh indexer cluster ISM initialized.
19/01/2024 15:28:57 INFO: Wazuh indexer cluster initialized.
19/01/2024 15:28:57 INFO: --- Wazuh server ---
19/01/2024 15:28:57 INFO: Starting the Wazuh manager installation.
19/01/2024 15:33:46 INFO: Wazuh manager installation finished.
19/01/2024 15:33:46 INFO: Starting service wazuh-manager.
19/01/2024 15:34:06 INFO: wazuh-manager service started.
19/01/2024 15:34:06 INFO: Starting Filebeat installation.
19/01/2024 15:34:19 INFO: Filebeat installation finished.
19/01/2024 15:34:20 INFO: Filebeat post-install configuration finished.
19/01/2024 15:34:20 INFO: Starting service filebeat.
19/01/2024 15:34:21 INFO: filebeat service started.
19/01/2024 15:34:21 INFO: --- Wazuh dashboard ---
19/01/2024 15:34:21 INFO: Starting Wazuh dashboard installation.
19/01/2024 15:36:46 INFO: Wazuh dashboard installation finished.
19/01/2024 15:36:46 INFO: Wazuh dashboard post-install configuration finished.
19/01/2024 15:36:46 INFO: Starting service wazuh-dashboard.
19/01/2024 15:36:47 INFO: wazuh-dashboard service started.
19/01/2024 15:36:52 INFO: Updating the internal users.
19/01/2024 15:37:03 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
19/01/2024 15:37:34 INFO: Initializing Wazuh dashboard web application.
19/01/2024 15:37:34 INFO: Wazuh dashboard web application initialized.
19/01/2024 15:37:34 INFO: --- Summary ---
19/01/2024 15:37:34 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
    User: admin
    Password: *3OfUvrEk9?g*g6Kgy*hCDaM69GiW.jU
19/01/2024 15:37:34 INFO: --- Dependencies ---
19/01/2024 15:37:34 INFO: Removing lsof.
19/01/2024 15:37:37 INFO: Installation finished.