wazuh-dashboard-plugins
wazuh-dashboard-plugins copied to clipboard
wazuh
Windows deployment command is broken
| Wazuh | Rev | Browser |
|---|---|---|
| 4.7.3 | N/A | N/A |
Description
Windows deployment command generated in the "Deploy new agent" window includes an invalid variable ${env.tmp} while it should be $ENV:TMP or $env:tmp -Powershell is not case-sensitive.
Preconditions
- Have the latest Wazuh Dashboard, yet it may be applicable to older versions.
Steps to reproduce
- Navigate to 'Deploy New Agent'
- Click on Windows agent settings
- Scroll down to generated command
Expected Result
Invoke-WebRequest -Uri https://packages.wazuh.com/4.x/windows/wazuh-agent-4.7.3-1.msi -OutFile $env:tmp\wazuh-agent; msiexec.exe /i $env:tmp\wazuh-agent /q WAZUH_MANAGER='' WAZUH_REGISTRATION_PASSWORD='' WAZUH_AGENT_GROUP='default' WAZUH_REGISTRATION_SERVER=''
Actual Result
Invoke-WebRequest -Uri https://packages.wazuh.com/4.x/windows/wazuh-agent-4.7.3-1.msi -OutFile ${env.tmp}\wazuh-agent; msiexec.exe /i ${env.tmp}\wazuh-agent /q WAZUH_MANAGER='' WAZUH_REGISTRATION_PASSWORD='' WAZUH_AGENT_GROUP='default' WAZUH_REGISTRATION_SERVER=''
Screenshots
Additional context I don't know when this is broken but it was not there when we deployed it earlier, around 4.3.10.
Hi @zbalkan , thank you so much for reporting us this issue.
It seems the bug is present in 4.6.0 until the current release 4.7.3 at the moment. Older versions are using ${env:tmp}.
4.6.0 uses ${env.tmp}: https://github.com/wazuh/wazuh-dashboard-plugins/blob/v4.6.0-2.8.0/plugins/main/public/controllers/register-agent/services/register-agent-os-commands-services.tsx#L121
4.5.4 uses ${env:tmp}: https://github.com/wazuh/wazuh-dashboard-plugins/blob/v4.5.4-2.6.0/public/controllers/agent/components/register-agent.js#L1029
I did a check on Windows Server 2019, and ${env.tmp} does not resolve to anything while the ${env:tmp} returns the temporal directory:
I did not check if its usage in the command provided by the deploy new agent guide, but I guess the provided command to deploy the Windows agent could be working because the file is downloaded into the current directory instead of the temporal directory.
I saw some E2E tests, that we did it, did not have any functional problem executing the command with ${env.tmp}:
- https://github.com/wazuh/wazuh/issues/19465#issuecomment-1753649108
- https://github.com/wazuh/wazuh/issues/21361#issuecomment-1889560992
I understand the intention is the package is downloaded into the temporal directory so the usage of ${env.tmp} is not valid.
We should change it to ${env:tmp}.
Hi @Desvelao,
Even though ${env:tmp} works, it is not the Powershell way. It's generally $Env:TMP.
One the other hand, TMP and TEMP outdates Powershell itself. It's a bit of nitpicking as Powershell is case insensitive.
https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_environment_variables?view=powershell-7.4 https://devblogs.microsoft.com/oldnewthing/20150417-00/?p=44213
Hi @zbalkan , thank you so much for the provided information. It is appreciated.
Today we had this input from a user in a community:
I'd like to point out a change in the Windows agent deployment command.
The environment variable used is not correct and causes the .MSI to be downloaded to the root of C:\.
OLD :
Invoke-WebRequest -Uri https://packages.wazuh.com/4.x/windows/wazuh-agent-4.7.5-1.msi -OutFile ${env.tmp}\wazuh-agent; msiexec.exe /i ${env.tmp}\wazuh-agent /q WAZUH_MANAGER='test.fr' WAZUH_REGISTRATION_SERVER='test.fr'
NEW :
Invoke-WebRequest -Uri https://packages.wazuh.com/4.x/windows/wazuh-agent-4.7.5-1.msi -OutFile $env:temp\wazuh-agent; msiexec.exe /i $env:temp\wazuh-agent /q WAZUH_MANAGER='test.fr' WAZUH_REGISTRATION_SERVER='test.fr'
Replace ${env.tmp} by $env:temp
Thank You,
Loris
Isn't that funny that this simple thing has not been fixed for several versions published since I created this issue?