BraulioV
commented
5 years ago Hi @Lopuiz,
I was able to reproduce this issue on Debian packages but I couldn't do it on RPM packages. Here you can see the output of installing the manager on a CentOS 7 Docker container:
$ docker run -it --rm -v $(pwd):/wazuh centos bash
[root@217c0c912856 /]# cat > /etc/yum.repos.d/wazuh.repo <<\EOF
> [wazuh_repo]
> gpgcheck=1
> gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH
> enabled=1
> name=Wazuh repository
> baseurl=https://packages.wazuh.com/3.x/yum/
> protect=1
> EOF
[root@217c0c912856 /]# yum install -y wazuh-manager
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
* base: mirror.tedra.es
* extras: mirror.airenetworks.es
* updates: mirror.gadix.com
base | 3.6 kB 00:00:00
extras | 3.4 kB 00:00:00
updates | 3.4 kB 00:00:00
wazuh_repo | 3.4 kB 00:00:00
(1/5): base/7/x86_64/group_gz | 166 kB 00:00:00
(2/5): extras/7/x86_64/primary_db | 215 kB 00:00:00
(3/5): wazuh_repo/primary_db | 110 kB 00:00:00
(4/5): base/7/x86_64/primary_db | 6.0 MB 00:00:01
(5/5): updates/7/x86_64/primary_db | 7.4 MB 00:00:01
Resolving Dependencies
--> Running transaction check
---> Package wazuh-manager.x86_64 0:3.9.5-1 will be installed
--> Processing Dependency: /sbin/service for package: wazuh-manager-3.9.5-1.x86_64
--> Running transaction check
---> Package initscripts.x86_64 0:9.49.46-1.el7 will be installed
--> Processing Dependency: sysvinit-tools >= 2.87-5 for package: initscripts-9.49.46-1.el7.x86_64
--> Processing Dependency: iproute for package: initscripts-9.49.46-1.el7.x86_64
--> Running transaction check
---> Package iproute.x86_64 0:4.11.0-14.el7_6.2 will be installed
--> Processing Dependency: libmnl.so.0(LIBMNL_1.0)(64bit) for package: iproute-4.11.0-14.el7_6.2.x86_64
--> Processing Dependency: libxtables.so.10()(64bit) for package: iproute-4.11.0-14.el7_6.2.x86_64
--> Processing Dependency: libmnl.so.0()(64bit) for package: iproute-4.11.0-14.el7_6.2.x86_64
---> Package sysvinit-tools.x86_64 0:2.88-14.dsf.el7 will be installed
--> Running transaction check
---> Package iptables.x86_64 0:1.4.21-28.el7 will be installed
--> Processing Dependency: libnfnetlink.so.0()(64bit) for package: iptables-1.4.21-28.el7.x86_64
--> Processing Dependency: libnetfilter_conntrack.so.3()(64bit) for package: iptables-1.4.21-28.el7.x86_64
---> Package libmnl.x86_64 0:1.0.3-7.el7 will be installed
--> Running transaction check
---> Package libnetfilter_conntrack.x86_64 0:1.0.6-1.el7_3 will be installed
---> Package libnfnetlink.x86_64 0:1.0.1-4.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=======================================================================================================================================================================================================================
Package Arch Version Repository Size
=======================================================================================================================================================================================================================
Installing:
wazuh-manager x86_64 3.9.5-1 wazuh_repo 62 M
Installing for dependencies:
initscripts x86_64 9.49.46-1.el7 base 439 k
iproute x86_64 4.11.0-14.el7_6.2 updates 764 k
iptables x86_64 1.4.21-28.el7 base 433 k
libmnl x86_64 1.0.3-7.el7 base 23 k
libnetfilter_conntrack x86_64 1.0.6-1.el7_3 base 55 k
libnfnetlink x86_64 1.0.1-4.el7 base 26 k
sysvinit-tools x86_64 2.88-14.dsf.el7 base 63 k
Transaction Summary
=======================================================================================================================================================================================================================
Install 1 Package (+7 Dependent packages)
Total download size: 64 M
Installed size: 361 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/iptables-1.4.21-28.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for iptables-1.4.21-28.el7.x86_64.rpm is not installed
(1/8): iptables-1.4.21-28.el7.x86_64.rpm | 433 kB 00:00:00
(2/8): initscripts-9.49.46-1.el7.x86_64.rpm | 439 kB 00:00:00
(3/8): libmnl-1.0.3-7.el7.x86_64.rpm | 23 kB 00:00:00
Public key for iproute-4.11.0-14.el7_6.2.x86_64.rpm is not installed
(4/8): iproute-4.11.0-14.el7_6.2.x86_64.rpm | 764 kB 00:00:00
(5/8): libnetfilter_conntrack-1.0.6-1.el7_3.x86_64.rpm | 55 kB 00:00:00
(6/8): libnfnetlink-1.0.1-4.el7.x86_64.rpm | 26 kB 00:00:00
(7/8): sysvinit-tools-2.88-14.dsf.el7.x86_64.rpm | 63 kB 00:00:00
warning: /var/cache/yum/x86_64/7/wazuh_repo/packages/wazuh-manager-3.9.5-1.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 29111145: NOKEY======================================= ] 8.7 MB/s | 62 MB 00:00:00 ETA
Public key for wazuh-manager-3.9.5-1.x86_64.rpm is not installed
(8/8): wazuh-manager-3.9.5-1.x86_64.rpm | 62 MB 00:00:05
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 11 MB/s | 64 MB 00:00:05
Retrieving key from https://packages.wazuh.com/key/GPG-KEY-WAZUH
Importing GPG key 0x29111145:
Userid : "Wazuh.com (Wazuh Signing Key) <support@wazuh.com>"
Fingerprint: 0dcf ca55 47b1 9d2a 6099 5060 96b3 ee5f 2911 1145
From : https://packages.wazuh.com/key/GPG-KEY-WAZUH
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package : centos-release-7-6.1810.2.el7.centos.x86_64 (@CentOS)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : libmnl-1.0.3-7.el7.x86_64 1/8
Installing : libnfnetlink-1.0.1-4.el7.x86_64 2/8
Installing : libnetfilter_conntrack-1.0.6-1.el7_3.x86_64 3/8
Installing : iptables-1.4.21-28.el7.x86_64 4/8
Installing : iproute-4.11.0-14.el7_6.2.x86_64 5/8
Installing : sysvinit-tools-2.88-14.dsf.el7.x86_64 6/8
Installing : initscripts-9.49.46-1.el7.x86_64 7/8
Installing : wazuh-manager-3.9.5-1.x86_64 8/8
./src/init/shared.sh: line 17: which: command not found
./src/init/shared.sh: line 17: which: command not found
Verifying : wazuh-manager-3.9.5-1.x86_64 1/8
Verifying : libnfnetlink-1.0.1-4.el7.x86_64 2/8
Verifying : libmnl-1.0.3-7.el7.x86_64 3/8
Verifying : iproute-4.11.0-14.el7_6.2.x86_64 4/8
Verifying : libnetfilter_conntrack-1.0.6-1.el7_3.x86_64 5/8
Verifying : sysvinit-tools-2.88-14.dsf.el7.x86_64 6/8
Verifying : initscripts-9.49.46-1.el7.x86_64 7/8
Verifying : iptables-1.4.21-28.el7.x86_64 8/8
Installed:
wazuh-manager.x86_64 0:3.9.5-1
Dependency Installed:
initscripts.x86_64 0:9.49.46-1.el7 iproute.x86_64 0:4.11.0-14.el7_6.2 iptables.x86_64 0:1.4.21-28.el7 libmnl.x86_64 0:1.0.3-7.el7 libnetfilter_conntrack.x86_64 0:1.0.6-1.el7_3
libnfnetlink.x86_64 0:1.0.1-4.el7 sysvinit-tools.x86_64 0:2.88-14.dsf.el7
Complete!
[root@217c0c912856 /]# cat /etc/ossec-init.conf
DIRECTORY="/var/ossec"
NAME="Wazuh"
VERSION="v3.9.5"
REVISION="3937"
DATE="Thu Aug 8 12:27:15 UTC 2019"
TYPE="server"
[root@217c0c912856That date is the compilation date of the manager or the agent, that's why the dates from the ossec-init.conf and date command may be different, so I asume that the only package with this bug are the Debian's.
@alguacilaguamara will continue with this issue to solve it.
Regards.
Lopuiz
alguacilaguamara
Hi team!
I am testing 3.10 packages and I've noted an issue. Some packages like MACOS package, Solaris 11 Intel or AIX have following information in
/etc/ossec-init.conf.MACOS output:
And the date is:
But debian and RPM packages have the instalation date.
Ubuntu 19.04 output:
Best regards, Eva