wazuh-packages
wazuh-packages copied to clipboard
Published
20 hours ago •
wazuh
wazuh
Adapt the manager package to use wazuh-authd
| Related issue |
|---|
| https://github.com/wazuh/wazuh-packages/issues/1676 |
Description
Core is developing a new option for wazuh-authd to avoid having OpenSSL as a dependency. We need to adapt the packages to this new changes.
Logs example
RPM
[root@ip-172-31-28-40 ec2-user]# openssl version -a
bash: openssl: command not found
[root@ip-172-31-28-40 ec2-user]# yum install -y wazuh-manager-4.5.0-1.x86_64.rpm
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
Examining wazuh-manager-4.5.0-1.x86_64.rpm: wazuh-manager-4.5.0-1.x86_64
Marking wazuh-manager-4.5.0-1.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package wazuh-manager.x86_64 0:4.5.0-1 will be installed
--> Finished Dependency Resolution
amzn2-core/2/x86_64 | 3.7 kB 00:00:00
Dependencies Resolved
==================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================
Installing:
wazuh-manager x86_64 4.5.0-1 /wazuh-manager-4.5.0-1.x86_64 440 M
Transaction Summary
==================================================================================================================================
Install 1 Package
Total size: 440 M
Installed size: 440 M
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : wazuh-manager-4.5.0-1.x86_64 1/1
Verifying : wazuh-manager-4.5.0-1.x86_64 1/1
Installed:
wazuh-manager.x86_64 0:4.5.0-1
Complete!
[root@ip-172-31-28-40 ec2-user]# systemctl daemon-reload
[root@ip-172-31-28-40 ec2-user]# systemctl enable wazuh-manager
[root@ip-172-31-28-40 ec2-user]# systemctl start wazuh-manager
[root@ip-172-31-28-40 ec2-user]# systemctl status wazuh-manager.service
● wazuh-manager.service - Wazuh manager
Loaded: loaded (/usr/lib/systemd/system/wazuh-manager.service; enabled; vendor preset: disabled)
Active: active (running) since mar 2022-08-30 09:11:53 UTC; 3s ago
Process: 9898 ExecStart=/usr/bin/env /var/ossec/bin/wazuh-control start (code=exited, status=0/SUCCESS)
CGroup: /system.slice/wazuh-manager.service
├─ 9957 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
├─ 9999 /var/ossec/bin/wazuh-authd
├─10016 /var/ossec/bin/wazuh-db
├─10029 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
├─10032 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
├─10047 /var/ossec/bin/wazuh-execd
├─10062 /var/ossec/bin/wazuh-analysisd
├─10106 /var/ossec/bin/wazuh-syscheckd
├─10122 /var/ossec/bin/wazuh-remoted
├─10154 /var/ossec/bin/wazuh-logcollector
├─10177 /var/ossec/bin/wazuh-monitord
├─10201 /var/ossec/bin/wazuh-modulesd
└─10697 rpm -q firewalld
ago 30 09:11:45 ip-172-31-28-40.us-east-2.compute.internal env[9898]: Started wazuh-execd...
ago 30 09:11:46 ip-172-31-28-40.us-east-2.compute.internal env[9898]: Started wazuh-analysisd...
ago 30 09:11:47 ip-172-31-28-40.us-east-2.compute.internal env[9898]: Started wazuh-syscheckd...
ago 30 09:11:48 ip-172-31-28-40.us-east-2.compute.internal env[9898]: Started wazuh-remoted...
ago 30 09:11:49 ip-172-31-28-40.us-east-2.compute.internal env[9898]: Started wazuh-logcollector...
ago 30 09:11:50 ip-172-31-28-40.us-east-2.compute.internal env[9898]: Started wazuh-monitord...
ago 30 09:11:50 ip-172-31-28-40.us-east-2.compute.internal crontab[10291]: (root) LIST (root)
ago 30 09:11:51 ip-172-31-28-40.us-east-2.compute.internal env[9898]: Started wazuh-modulesd...
ago 30 09:11:53 ip-172-31-28-40.us-east-2.compute.internal env[9898]: Completed.
ago 30 09:11:53 ip-172-31-28-40.us-east-2.compute.internal systemd[1]: Started Wazuh manager.
DEB
root@ubuntu1804:/home/vagrant# openssl version -a
bash: /usr/bin/openssl: No such file or directory
root@ubuntu1804:/home/vagrant# apt install ./wazuh-manager_4.5.0-1_amd64.deb
Reading package lists... Done
Building dependency tree
Reading state information... Done
Note, selecting 'wazuh-manager' instead of './wazuh-manager_4.5.0-1_amd64.deb'
The following packages were automatically installed and are no longer required:
fonts-lato javascript-common libjs-jquery liblua5.2-0 libtcl8.6 ruby-did-you-mean ruby-minitest ruby-net-telnet
ruby-power-assert unzip zip
Use 'sudo apt autoremove' to remove them.
Suggested packages:
expect
The following NEW packages will be installed:
wazuh-manager
0 upgraded, 1 newly installed, 0 to remove and 32 not upgraded.
Need to get 0 B/120 MB of archives.
After this operation, 460 MB of additional disk space will be used.
Get:1 /home/vagrant/wazuh-manager_4.5.0-1_amd64.deb wazuh-manager amd64 4.5.0-1 [120 MB]
Selecting previously unselected package wazuh-manager.
(Reading database ... 104884 files and directories currently installed.)
Preparing to unpack .../wazuh-manager_4.5.0-1_amd64.deb ...
Unpacking wazuh-manager (4.5.0-1) ...
Setting up wazuh-manager (4.5.0-1) ...
Processing triggers for systemd (237-3ubuntu10.53) ...
Processing triggers for ureadahead (0.100.0-21) ...
root@ubuntu1804:/home/vagrant# systemctl daemon-reload
root@ubuntu1804:/home/vagrant# systemctl enable wazuh-manager
Synchronizing state of wazuh-manager.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable wazuh-manager
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-manager.service → /usr/lib/systemd/system/wazuh-manager.service.
root@ubuntu1804:/home/vagrant# systemctl start wazuh-manager
root@ubuntu1804:/home/vagrant# systemctl status wazuh-manager
● wazuh-manager.service - Wazuh manager
Loaded: loaded (/usr/lib/systemd/system/wazuh-manager.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2022-08-30 12:31:09 UTC; 31s ago
Process: 19131 ExecStart=/usr/bin/env /var/ossec/bin/wazuh-control start (code=exited, status=0/SUCCESS)
Tasks: 115 (limit: 2313)
CGroup: /system.slice/wazuh-manager.service
├─19205 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
├─19246 /var/ossec/bin/wazuh-authd
├─19260 /var/ossec/bin/wazuh-db
├─19277 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
├─19280 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
├─19293 /var/ossec/bin/wazuh-execd
├─19307 /var/ossec/bin/wazuh-analysisd
├─19350 /var/ossec/bin/wazuh-syscheckd
├─19371 /var/ossec/bin/wazuh-remoted
├─19428 /var/ossec/bin/wazuh-logcollector
├─19482 /var/ossec/bin/wazuh-monitord
└─19542 /var/ossec/bin/wazuh-modulesd
Aug 30 12:31:00 ubuntu1804.localdomain env[19131]: Started wazuh-db...
Aug 30 12:31:01 ubuntu1804.localdomain env[19131]: Started wazuh-execd...
Aug 30 12:31:02 ubuntu1804.localdomain env[19131]: Started wazuh-analysisd...
Aug 30 12:31:03 ubuntu1804.localdomain env[19131]: Started wazuh-syscheckd...
root@ubuntu1804:/home/vagrant# ls /var/ossec/etc/
client.keys internal_options.conf local_internal_options.conf ossec.conf rules sslmanager.cert
decoders lists localtime rootcheck shared sslmanager.key
