davidcr01
commented
3 weeks ago Update Report
For the Vagrant base box generation, I created two script:
- generate_base_box.sh: script to generate the Vagrant base box. It creates a AL2023 VM and exports it, generating the
.boxfile. - setup.sh: called by the
generate_base_box.shscript. It is executed inside the VM, and configured the VM: creates user, installs packages and Guest Additions, and clean up.
These scripts are useful to avoid making this Vagrant base box manually.
Here are the two scripts:
generate_base_box.sh
```bash #!/bin/bash # AL2023 Vagrant base box generator # Copyright (C) 2015, Wazuh Inc. # # This program is a free software; you can redistribute it # and/or modify it under the terms of the GNU General Public # License (version 2) as published by the FSF - Free Software # Foundation." set -euxo pipefail # Constants for version and filenames AL2023_VERSION="latest" if [ "${AL2023_VERSION}" == "latest" ]; then AL2023_VERSION=$(curl -I https://cdn.amazonlinux.com/al2023/os-images/latest/ | grep -i location | awk -F'/' '{print $(NF)}') fi OVA_FILENAME="al2023-vmware_esx-${AL2023_VERSION}-kernel-6.1-x86_64.xfs.gpt.ova" VMDK_FILENAME="al2023-vmware_esx-${AL2023_VERSION}-kernel-6.1-x86_64.xfs.gpt-disk1.vmdk" # Temporary directories for raw, mount, and VDI files RAW_DIR="$(mktemp -d -t al2023_raw_XXXXXXXX)" MOUNT_DIR="$(mktemp -d -t al2023_mnt_XXXXXXXX)" VDI_DIR="$(mktemp -d -t al2023_vdi_XXXXXXXX)" cleanup() { # Cleanup temporary directories and unmount if necessary umount "${MOUNT_DIR}/dev" || true umount "${MOUNT_DIR}/proc" || true umount "${MOUNT_DIR}/sys" || true umount "${MOUNT_DIR}" || true rm -rf "${RAW_DIR}" "${MOUNT_DIR}" "${VDI_DIR}" vboxmanage unregistervm al2023 --delete || true } trap cleanup EXIT check_dependencies() { for cmd in vboxmanage wget tar chroot; do if ! command -v "$cmd" &> /dev/null; then echo "$cmd is required but not installed. Exiting." exit 1 fi done } download_and_extract_ova() { if [ ! -f "${VMDK_FILENAME}" ]; then wget "https://cdn.amazonlinux.com/al2023/os-images/${AL2023_VERSION}/vmware/${OVA_FILENAME}" tar xvf "${OVA_FILENAME}" "${VMDK_FILENAME}" fi } convert_vmdk_to_raw() { vboxmanage clonemedium "${VMDK_FILENAME}" "${RAW_DIR}/al2023.raw" --format RAW vboxmanage closemedium "${VMDK_FILENAME}" vboxmanage closemedium "${RAW_DIR}/al2023.raw" } mount_and_setup_image() { mount -o loop,offset=12582912 "${RAW_DIR}/al2023.raw" "${MOUNT_DIR}" cp -a setup.sh "${MOUNT_DIR}/." mount -o bind /dev "${MOUNT_DIR}/dev" mount -o bind /proc "${MOUNT_DIR}/proc" mount -o bind /sys "${MOUNT_DIR}/sys" chroot "${MOUNT_DIR}" /setup.sh umount "${MOUNT_DIR}/dev" umount "${MOUNT_DIR}/proc" umount "${MOUNT_DIR}/sys" umount "${MOUNT_DIR}" } convert_raw_to_vdi() { vboxmanage convertfromraw "${RAW_DIR}/al2023.raw" "${VDI_DIR}/al2023.vdi" --format VDI } create_virtualbox_vm() { vboxmanage createvm --name al2023 --ostype Linux26_64 --register vboxmanage modifyvm al2023 --memory 1024 --vram 16 --audio none vboxmanage storagectl al2023 --name IDE --add ide vboxmanage storagectl al2023 --name SATA --add sata --portcount 1 vboxmanage storageattach al2023 --storagectl IDE --port 1 --device 0 --type dvddrive --medium emptydrive vboxmanage storageattach al2023 --storagectl SATA --port 0 --device 0 --type hdd --medium "${VDI_DIR}/al2023.vdi" } package_vagrant_box() { vagrant package --base al2023 --output al2023.box } # Main script execution check_dependencies download_and_extract_ova convert_vmdk_to_raw mount_and_setup_image convert_raw_to_vdi create_virtualbox_vm package_vagrant_box ```setup.sh
```bash #!/bin/bash # AL2023 Vagrant base box configuration script # Copyright (C) 2015, Wazuh Inc. # # This program is a free software; you can redistribute it # and/or modify it under the terms of the GNU General Public # License (version 2) as published by the FSF - Free Software # Foundation." set -eux # The image doesn't have any resolvers specified configure_dns() { rm -f /etc/resolv.conf echo "nameserver 8.8.8.8" > /etc/resolv.conf } # Set up wazuh-user setup_user() { useradd -m -s /bin/bash wazuh-user mkdir -p /home/wazuh-user/.ssh wget -nv https://raw.githubusercontent.com/hashicorp/vagrant/main/keys/vagrant.pub -O /home/wazuh-user/.ssh/authorized_keys chmod 600 /home/wazuh-user/.ssh/authorized_keys chmod 700 /home/wazuh-user/.ssh chown -R wazuh-user:wazuh-user /home/wazuh-user echo 'wazuh-user ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/wazuh-user chmod 440 /etc/sudoers.d/wazuh-user } # Install legacy network-scripts required by Vagrant install_network_scripts() { yum -y install network-scripts } # Install the VirtualBox guest additions install_guest_additions() { yum -y install gcc elfutils-libelf-devel kernel-devel libX11 libXt libXext libXmu package-cleanup -y --oldkernels --count=1 KERNEL_VERSION=$(ls /lib/modules) VIRTUALBOX_VERSION=$(wget -q http://download.virtualbox.org/virtualbox/LATEST.TXT -O -) wget -nv https://download.virtualbox.org/virtualbox/${VIRTUALBOX_VERSION}/VBoxGuestAdditions_${VIRTUALBOX_VERSION}.iso -O /root/VBoxGuestAdditions.iso mount -o ro,loop /root/VBoxGuestAdditions.iso /mnt sh /mnt/VBoxLinuxAdditions.run || true # Allow script to proceed despite potential errors umount /mnt rm -f /root/VBoxGuestAdditions.iso # Run VBox guest additions setup for the Amazon provided kernel /etc/kernel/postinst.d/vboxadd ${KERNEL_VERSION} /sbin/depmod ${KERNEL_VERSION} } # Clean up temporary files and free up space cleanup() { yum clean all rm -rf /var/cache/yum/* rm -f /etc/resolv.conf rm -f /setup.sh for i in `seq 10`; do sync; cat /dev/zero > /zero$i; sleep 1; done rm -f /zero* } # Main script execution configure_dns setup_user install_network_scripts install_guest_additions cleanup ```Here is the ouput of the Vagrant base box generation:
Description
We need to change the OVA OS to AL2023
Tasks
NOTE: the tests can be made using the 4.8.0 packages.