Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updating Filebeat credentials when trying to install Wazuh dashboard #3115

Closed
c-bordon opened this issue Sep 10, 2024 · 1 comment · Fixed by #3118
Closed

Updating Filebeat credentials when trying to install Wazuh dashboard #3115

c-bordon opened this issue Sep 10, 2024 · 1 comment · Fixed by #3118
Assignees
@CarlosALgit
Labels
level/task Subtask issue type/bug Bug issue

Comments

@c-bordon
Copy link
Member

c-bordon commented Sep 10, 2024
edited
Loading

It was detected that when the central components are installed individually, at the time of installing Wazuh dashboard, the validation that is done when updating the password is incomplete since it only validates that if Filebeat is installed it enters, the problem is that this should only happen in the cases of installing Wazuh manager.

image

wazuh-packages/unattended_installer/passwords_tool/passwordsFunctions.sh

Lines 48 to 66 in 11c56bc

if [ "${nuser}" == "admin" ] || [ -n "${changeall}" ]; then
if [ -n "${filebeat_installed}" ]; then
file_username=$(grep "username:" /etc/filebeat/filebeat.yml | awk '{print $2}')
file_password=$(grep "password:" /etc/filebeat/filebeat.yml | awk '{print $2}')
if [ "$file_username" != "\${username}" ] || [ "$file_password" != "\${password}" ]; then
common_logger -w "The user and password configured in the filebeat.yml file will be updated and stored in Filebeat Keystore."
fi
eval "echo ${adminpass} | filebeat keystore add password --force --stdin ${debug}"
conf="$(awk '{sub("password: .*", "password: ${password}")}1' /etc/filebeat/filebeat.yml)"
echo "${conf}" > /etc/filebeat/filebeat.yml
eval "echo admin | filebeat keystore add username --force --stdin ${debug}"
conf="$(awk '{sub("username: .*", "username: ${username}")}1' /etc/filebeat/filebeat.yml)"
echo "${conf}" > /etc/filebeat/filebeat.yml
common_logger "The filebeat.yml file has been updated to use the Filebeat Keystore username and password."
passwords_restartService "filebeat"
eval "/var/ossec/bin/wazuh-keystore -f indexer -k password -v ${adminpass}"
passwords_restartService "wazuh-manager"
fi
fi

This corresponds to the password tool, and we must only execute the password change of the component that is being installed.
@c-bordon c-bordon added level/task Subtask issue type/bug Bug issue labels Sep 10, 2024
@wazuhci wazuhci moved this to Backlog in Release 4.9.1 Sep 10, 2024
@CarlosALgit CarlosALgit moved this from Backlog to In progress in Release 4.9.1 Sep 11, 2024
@CarlosALgit
Copy link
Member

Update Report

I've tried the fix for this and I'm currently testing different types of installations.
I need to test the installation component by component, an AIO and in both rpm and deb package managers.
I also need to test if the change breaks the Wazuh Password tool when it's used alone.

@CarlosALgit CarlosALgit mentioned this issue Sep 13, 2024
Merged
@CarlosALgit CarlosALgit linked a pull request Sep 13, 2024 that will close this issue
Change Filebeat passwords only when installing Wazuh Server or changing passwords #3118
Merged
@CarlosALgit CarlosALgit moved this from In progress to Pending review in Release 4.9.1 Sep 13, 2024
@wazuhci wazuhci moved this from Pending review to In review in Release 4.9.1 Sep 13, 2024
@wazuhci wazuhci moved this from In review to Pending review in Release 4.9.1 Sep 13, 2024
@wazuhci wazuhci moved this from Pending review to Done in Release 4.9.1 Sep 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@CarlosALgit CarlosALgit

Labels
level/task Subtask issue type/bug Bug issue
Projects
No open projects
Release 4.9.1
Status: Done
Milestone
No milestone
2 participants
@c-bordon @CarlosALgit