search

wazuh / wazuh-packages

Wazuh - Tools for packages creation
https://wazuh.com
GNU General Public License v2.0
104 stars 94 forks source link

Cert-tool logfile added. Modified common_logger function to write on files without root permission. #2911

Closed CarlosALgit closed 5 months ago

CarlosALgit commented 5 months ago
Related issue

2536

||

Description

The first problem to be solved was to add a path to write the logfile. The logfiles is going now to be created on the same directory where the wazuh-certs-tool.sh is executed.

I have left a comment here explaining in detail the issues we were having during the process of solving the primary issue and how we solved them.

Logs example

The tests that have been done are the following.

Build and execute the cert tool

Build and execute with -v option

Captura desde 2024-04-17 10-33-05

Build and execute without -v option

Captura desde 2024-04-17 10-33-44

Folder wazuh-certificates created

Captura desde 2024-04-17 10-42-32

Build the necessary files with wazuh-install.sh -g

Wazuh install tool was launched and the files on wazuh-install-files.tar are listed.

17/04/2024 10:49:56 INFO: Starting Wazuh installation assistant. Wazuh version: 4.9.0
17/04/2024 10:49:56 INFO: Verbose logging redirected to /var/log/wazuh-install.log
17/04/2024 10:50:02 INFO: --- Dependencies ----
17/04/2024 10:50:02 INFO: Installing gawk.
17/04/2024 10:50:05 INFO: Verifying that your system meets the recommended minimum hardware requirements.
17/04/2024 10:50:05 INFO: --- Configuration files ---
17/04/2024 10:50:05 INFO: Generating configuration files.
17/04/2024 10:50:06 INFO: Generating the root certificate.
17/04/2024 10:50:06 INFO: Generating Admin certificates.
17/04/2024 10:50:06 INFO: Generating Wazuh indexer certificates.
17/04/2024 10:50:06 INFO: Generating Filebeat certificates.
17/04/2024 10:50:06 INFO: Generating Wazuh dashboard certificates.
17/04/2024 10:50:07 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
17/04/2024 10:50:07 INFO: --- Dependencies ----
17/04/2024 10:50:07 INFO: Removing gawk.
root@carlos-laptop:/home/carlos/Documentos/wazuh/wazuh-packages/unattended_installer# tar -tf wazuh-install-files.tar 
wazuh-install-files/
wazuh-install-files/config.yml
wazuh-install-files/dashboard-1-key.pem
wazuh-install-files/wazuh-passwords.txt
wazuh-install-files/server-1-key.pem
wazuh-install-files/dashboard-1.pem
wazuh-install-files/root-ca.key
wazuh-install-files/admin.pem
wazuh-install-files/admin-key.pem
wazuh-install-files/indexer-1-key.pem
wazuh-install-files/root-ca.pem
wazuh-install-files/server-1.pem
wazuh-install-files/indexer-1.pem

CentOs test fail

On the automated tests, it's detected that the installation of wazuh-dashboard component fails because it's not still available for CentOs. As seen on the logs: download.cf.centos.org No package wazuh-dashboard-4.9.0-* available. Error: Nothing to do

New issue

While doing this issue I noticed that when the wazuh-certs-tool.sh is created it doesn't have execute permissions so you have to manually give them. We are going to open a new issue for this to grant execute permissions when the tool is builded.