From 3bd87c5c51885abff7422a96b4c3fd975bf0316c Mon Sep 17 00:00:00 2001 From: f-galland Date: Mon, 16 Sep 2024 13:20:35 -0300 Subject: [PATCH 1/7] Make new config files install with .new prefix --- distribution/packages/src/deb/debian/postinst | 6 ++++++ distribution/packages/src/deb/debmake_install.sh | 13 +++++++++++++ 2 files changed, 19 insertions(+) diff --git a/distribution/packages/src/deb/debian/postinst b/distribution/packages/src/deb/debian/postinst index 4541f924534df..883c77d71eb55 100644 --- a/distribution/packages/src/deb/debian/postinst +++ b/distribution/packages/src/deb/debian/postinst @@ -24,6 +24,12 @@ tmp_dir=/var/log/wazuh-indexer/tmp # Create needed directories mkdir -p ${tmp_dir} +# Create config files if not already present +cp -n ${config_dir}/jvm.options.new ${config_dir}/jvm.options +cp -n ${config_dir}/opensearch.yml.new ${config_dir}/opensearch.yml +cp -n ${config_dir}/opensearch-security/roles.yml.new ${config_dir}/opensearch-security/roles.yml +cp -n ${config_dir}/opensearch-security/internal_users.yml.new ${config_dir}/opensearch-security/internal_users.yml + # Set owner chown -R wazuh-indexer:wazuh-indexer ${product_dir} chown -R wazuh-indexer:wazuh-indexer ${config_dir} diff --git a/distribution/packages/src/deb/debmake_install.sh b/distribution/packages/src/deb/debmake_install.sh index 6bc8e89d48f68..5a2789a8e5336 100644 --- a/distribution/packages/src/deb/debmake_install.sh +++ b/distribution/packages/src/deb/debmake_install.sh @@ -90,5 +90,18 @@ for i in "${binary_files[@]}"; do chmod -c 750 "$i" done +# Append ".new" to configuration file names +dot_new_config_files=() +dot_new_config_files+=("${buildroot}/${config_dir}/jvm.options") +dot_new_config_files+=("${buildroot}/${config_dir}/opensearch.yml") +dot_new_config_files+=("${buildroot}/${config_dir}/opensearch-security/roles.yml") +dot_new_config_files+=("${buildroot}/${config_dir}/opensearch-security/internal_users.yml") + +for i in "${dot_new_config_files}" +do + mv "$i" "$i".new +done + + exit 0 From d116c970f4cdb754aefd9c2babe6f394a4e1c716 Mon Sep 17 00:00:00 2001 From: f-galland Date: Mon, 16 Sep 2024 16:42:51 -0300 Subject: [PATCH 2/7] Fix errors and add .new prefix to /etc/init.d/wazuh-indexer --- distribution/packages/src/deb/debian/postinst | 3 ++- distribution/packages/src/deb/debmake_install.sh | 7 +++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/distribution/packages/src/deb/debian/postinst b/distribution/packages/src/deb/debian/postinst index 883c77d71eb55..ee97e024da055 100644 --- a/distribution/packages/src/deb/debian/postinst +++ b/distribution/packages/src/deb/debian/postinst @@ -24,7 +24,8 @@ tmp_dir=/var/log/wazuh-indexer/tmp # Create needed directories mkdir -p ${tmp_dir} -# Create config files if not already present +# Create config files only if not already present +cp -n /etc/init.d/wazuh-indexer.new /etc/init.d/wazuh-indexer cp -n ${config_dir}/jvm.options.new ${config_dir}/jvm.options cp -n ${config_dir}/opensearch.yml.new ${config_dir}/opensearch.yml cp -n ${config_dir}/opensearch-security/roles.yml.new ${config_dir}/opensearch-security/roles.yml diff --git a/distribution/packages/src/deb/debmake_install.sh b/distribution/packages/src/deb/debmake_install.sh index 5a2789a8e5336..37abaf414604c 100644 --- a/distribution/packages/src/deb/debmake_install.sh +++ b/distribution/packages/src/deb/debmake_install.sh @@ -92,16 +92,15 @@ done # Append ".new" to configuration file names dot_new_config_files=() +dot_new_config_files+=("${buildroot}/etc/init.d/${name}") dot_new_config_files+=("${buildroot}/${config_dir}/jvm.options") dot_new_config_files+=("${buildroot}/${config_dir}/opensearch.yml") dot_new_config_files+=("${buildroot}/${config_dir}/opensearch-security/roles.yml") dot_new_config_files+=("${buildroot}/${config_dir}/opensearch-security/internal_users.yml") -for i in "${dot_new_config_files}" +for i in "${dot_new_config_files[@]}" do - mv "$i" "$i".new + mv "$i" "$i.new" done - - exit 0 From 5dc35007c0fbd8c6f0a54d35e9118a1936fd08f1 Mon Sep 17 00:00:00 2001 From: f-galland Date: Mon, 16 Sep 2024 19:04:48 -0300 Subject: [PATCH 3/7] Fix errors in build.sh and assemble.sh --- .../packages/src/rpm/wazuh-indexer.rpm.spec | 27 ++++++++++++++----- packaging_scripts/assemble.sh | 2 +- packaging_scripts/build.sh | 2 +- 3 files changed, 23 insertions(+), 8 deletions(-) diff --git a/distribution/packages/src/rpm/wazuh-indexer.rpm.spec b/distribution/packages/src/rpm/wazuh-indexer.rpm.spec index 34048a66ac59a..3c2e6c43a52de 100644 --- a/distribution/packages/src/rpm/wazuh-indexer.rpm.spec +++ b/distribution/packages/src/rpm/wazuh-indexer.rpm.spec @@ -88,6 +88,13 @@ if [ ! -f %{buildroot}%{data_dir}/performance_analyzer_enabled.conf ]; then echo 'true' > %{buildroot}%{data_dir}/performance_analyzer_enabled.conf fi +# Append ".new" to configuration file names +mv "%{buildroot}/etc/init.d/%{name}" "%{buildroot}/etc/init.d/%{name}.new" +mv "%{buildroot}/%{config_dir}/jvm.options" "%{buildroot}/%{config_dir}/jvm.options.new" +mv "%{buildroot}/%{config_dir}/opensearch.yml" "%{buildroot}/%{config_dir}/opensearch.yml.new" +mv "%{buildroot}/%{config_dir}/opensearch-security/roles.yml" "%{buildroot}/%{config_dir}/opensearch-security/roles.yml.new" +mv "%{buildroot}/%{config_dir}/opensearch-security/internal_users.yml" "%{buildroot}/%{config_dir}/opensearch-security/internal_users.yml.new" + # Build a filelist to be included in the %files section echo '%defattr(640, %{name}, %{name}, 750)' > filelist.txt find %{buildroot} -type d >> filelist.txt @@ -117,8 +124,8 @@ set -- "$@" "%%dir /usr/lib/sysctl.d" set -- "$@" "%%dir /usr/lib/systemd" set -- "$@" "%{_sysconfdir}/sysconfig/%{name}" set -- "$@" "%{config_dir}/log4j2.properties" -set -- "$@" "%{config_dir}/jvm.options" -set -- "$@" "%{config_dir}/opensearch.yml" +set -- "$@" "%{config_dir}/jvm.options.new" +set -- "$@" "%{config_dir}/opensearch.yml.new" set -- "$@" "%{product_dir}/VERSION" set -- "$@" "%{product_dir}/plugins/opensearch-security/tools/.*\.sh" set -- "$@" "%{product_dir}/bin/.*" @@ -131,7 +138,7 @@ set -- "$@" "%{product_dir}/README.md" set -- "$@" "%{product_dir}/LICENSE.txt" set -- "$@" "%{_prefix}/lib/systemd/system/%{name}.service" set -- "$@" "%{_prefix}/lib/systemd/system/%{name}-performance-analyzer.service" -set -- "$@" "%{_sysconfdir}/init.d/%{name}" +set -- "$@" "%{_sysconfdir}/init.d/%{name}.new" set -- "$@" "%{_sysconfdir}/sysconfig/%{name}" set -- "$@" "%{_prefix}/lib/sysctl.d/%{name}.conf" set -- "$@" "%{_prefix}/lib/tmpfiles.d/%{name}.conf" @@ -191,6 +198,14 @@ if ! grep -q '## OpenSearch Performance Analyzer' %{config_dir}/jvm.options; the echo "-Djava.security.policy=file://%{config_dir}/opensearch-performance-analyzer/opensearch_security.policy" >> %{config_dir}/jvm.options echo "--add-opens=jdk.attach/sun.tools.attach=ALL-UNNAMED" >> %{config_dir}/jvm.options fi + +# Create config files only if not already present +cp -n /etc/init.d/wazuh-indexer.new /etc/init.d/wazuh-indexer +cp -n %{config_dir}/jvm.options.new %{config_dir}/jvm.options +cp -n %{config_dir}/opensearch.yml.new %{config_dir}/opensearch.yml +cp -n %{config_dir}/opensearch-security/roles.yml.new %{config_dir}/opensearch-security/roles.yml +cp -n %{config_dir}/opensearch-security/internal_users.yml.new %{config_dir}/opensearch-security/internal_users.yml + # Reload systemctl daemon if command -v systemctl > /dev/null; then systemctl daemon-reload @@ -234,16 +249,16 @@ exit 0 # Service files %attr(0644, root, root) %{_prefix}/lib/systemd/system/%{name}.service %attr(0644, root, root) %{_prefix}/lib/systemd/system/%{name}-performance-analyzer.service -%attr(0750, root, root) %{_sysconfdir}/init.d/%{name} +%attr(0750, root, root) %{_sysconfdir}/init.d/%{name}.new %attr(0644, root, root) %config(noreplace) %{_prefix}/lib/sysctl.d/%{name}.conf %attr(0644, root, root) %config(noreplace) %{_prefix}/lib/tmpfiles.d/%{name}.conf # Configuration files +%attr(660, %{name}, %{name}) %{config_dir}/jvm.options.new +%attr(660, %{name}, %{name}) %{config_dir}/opensearch.yml.new %config(noreplace) %attr(0660, root, %{name}) "%{_sysconfdir}/sysconfig/%{name}" %config(noreplace) %attr(660, %{name}, %{name}) %{config_dir}/log4j2.properties -%config(noreplace) %attr(660, %{name}, %{name}) %{config_dir}/jvm.options -%config(noreplace) %attr(660, %{name}, %{name}) %{config_dir}/opensearch.yml %if %observability_plugin diff --git a/packaging_scripts/assemble.sh b/packaging_scripts/assemble.sh index 872689b5f78b0..99369b6fcf98d 100755 --- a/packaging_scripts/assemble.sh +++ b/packaging_scripts/assemble.sh @@ -390,7 +390,7 @@ function main() { echo "Assembling wazuh-indexer for $PLATFORM-$DISTRIBUTION-$ARCHITECTURE" VERSION=$(bash packaging_scripts/upstream_version.sh) - ARTIFACT_BUILD_NAME=$(ls "${OUTPUT}/dist/" | grep "wazuh-indexer-min.*$SUFFIX.*\.$EXT") + ARTIFACT_BUILD_NAME=$(ls "${OUTPUT}/dist/" | grep "wazuh-indexer-min-$( Date: Tue, 17 Sep 2024 12:10:58 -0300 Subject: [PATCH 4/7] Revert "Fix errors in build.sh and assemble.sh" This reverts commit 5dc35007c0fbd8c6f0a54d35e9118a1936fd08f1. --- .../packages/src/rpm/wazuh-indexer.rpm.spec | 27 +++++-------------- packaging_scripts/assemble.sh | 2 +- packaging_scripts/build.sh | 2 +- 3 files changed, 8 insertions(+), 23 deletions(-) diff --git a/distribution/packages/src/rpm/wazuh-indexer.rpm.spec b/distribution/packages/src/rpm/wazuh-indexer.rpm.spec index 3c2e6c43a52de..34048a66ac59a 100644 --- a/distribution/packages/src/rpm/wazuh-indexer.rpm.spec +++ b/distribution/packages/src/rpm/wazuh-indexer.rpm.spec @@ -88,13 +88,6 @@ if [ ! -f %{buildroot}%{data_dir}/performance_analyzer_enabled.conf ]; then echo 'true' > %{buildroot}%{data_dir}/performance_analyzer_enabled.conf fi -# Append ".new" to configuration file names -mv "%{buildroot}/etc/init.d/%{name}" "%{buildroot}/etc/init.d/%{name}.new" -mv "%{buildroot}/%{config_dir}/jvm.options" "%{buildroot}/%{config_dir}/jvm.options.new" -mv "%{buildroot}/%{config_dir}/opensearch.yml" "%{buildroot}/%{config_dir}/opensearch.yml.new" -mv "%{buildroot}/%{config_dir}/opensearch-security/roles.yml" "%{buildroot}/%{config_dir}/opensearch-security/roles.yml.new" -mv "%{buildroot}/%{config_dir}/opensearch-security/internal_users.yml" "%{buildroot}/%{config_dir}/opensearch-security/internal_users.yml.new" - # Build a filelist to be included in the %files section echo '%defattr(640, %{name}, %{name}, 750)' > filelist.txt find %{buildroot} -type d >> filelist.txt @@ -124,8 +117,8 @@ set -- "$@" "%%dir /usr/lib/sysctl.d" set -- "$@" "%%dir /usr/lib/systemd" set -- "$@" "%{_sysconfdir}/sysconfig/%{name}" set -- "$@" "%{config_dir}/log4j2.properties" -set -- "$@" "%{config_dir}/jvm.options.new" -set -- "$@" "%{config_dir}/opensearch.yml.new" +set -- "$@" "%{config_dir}/jvm.options" +set -- "$@" "%{config_dir}/opensearch.yml" set -- "$@" "%{product_dir}/VERSION" set -- "$@" "%{product_dir}/plugins/opensearch-security/tools/.*\.sh" set -- "$@" "%{product_dir}/bin/.*" @@ -138,7 +131,7 @@ set -- "$@" "%{product_dir}/README.md" set -- "$@" "%{product_dir}/LICENSE.txt" set -- "$@" "%{_prefix}/lib/systemd/system/%{name}.service" set -- "$@" "%{_prefix}/lib/systemd/system/%{name}-performance-analyzer.service" -set -- "$@" "%{_sysconfdir}/init.d/%{name}.new" +set -- "$@" "%{_sysconfdir}/init.d/%{name}" set -- "$@" "%{_sysconfdir}/sysconfig/%{name}" set -- "$@" "%{_prefix}/lib/sysctl.d/%{name}.conf" set -- "$@" "%{_prefix}/lib/tmpfiles.d/%{name}.conf" @@ -198,14 +191,6 @@ if ! grep -q '## OpenSearch Performance Analyzer' %{config_dir}/jvm.options; the echo "-Djava.security.policy=file://%{config_dir}/opensearch-performance-analyzer/opensearch_security.policy" >> %{config_dir}/jvm.options echo "--add-opens=jdk.attach/sun.tools.attach=ALL-UNNAMED" >> %{config_dir}/jvm.options fi - -# Create config files only if not already present -cp -n /etc/init.d/wazuh-indexer.new /etc/init.d/wazuh-indexer -cp -n %{config_dir}/jvm.options.new %{config_dir}/jvm.options -cp -n %{config_dir}/opensearch.yml.new %{config_dir}/opensearch.yml -cp -n %{config_dir}/opensearch-security/roles.yml.new %{config_dir}/opensearch-security/roles.yml -cp -n %{config_dir}/opensearch-security/internal_users.yml.new %{config_dir}/opensearch-security/internal_users.yml - # Reload systemctl daemon if command -v systemctl > /dev/null; then systemctl daemon-reload @@ -249,16 +234,16 @@ exit 0 # Service files %attr(0644, root, root) %{_prefix}/lib/systemd/system/%{name}.service %attr(0644, root, root) %{_prefix}/lib/systemd/system/%{name}-performance-analyzer.service -%attr(0750, root, root) %{_sysconfdir}/init.d/%{name}.new +%attr(0750, root, root) %{_sysconfdir}/init.d/%{name} %attr(0644, root, root) %config(noreplace) %{_prefix}/lib/sysctl.d/%{name}.conf %attr(0644, root, root) %config(noreplace) %{_prefix}/lib/tmpfiles.d/%{name}.conf # Configuration files -%attr(660, %{name}, %{name}) %{config_dir}/jvm.options.new -%attr(660, %{name}, %{name}) %{config_dir}/opensearch.yml.new %config(noreplace) %attr(0660, root, %{name}) "%{_sysconfdir}/sysconfig/%{name}" %config(noreplace) %attr(660, %{name}, %{name}) %{config_dir}/log4j2.properties +%config(noreplace) %attr(660, %{name}, %{name}) %{config_dir}/jvm.options +%config(noreplace) %attr(660, %{name}, %{name}) %{config_dir}/opensearch.yml %if %observability_plugin diff --git a/packaging_scripts/assemble.sh b/packaging_scripts/assemble.sh index 99369b6fcf98d..872689b5f78b0 100755 --- a/packaging_scripts/assemble.sh +++ b/packaging_scripts/assemble.sh @@ -390,7 +390,7 @@ function main() { echo "Assembling wazuh-indexer for $PLATFORM-$DISTRIBUTION-$ARCHITECTURE" VERSION=$(bash packaging_scripts/upstream_version.sh) - ARTIFACT_BUILD_NAME=$(ls "${OUTPUT}/dist/" | grep "wazuh-indexer-min-$( Date: Tue, 17 Sep 2024 12:12:37 -0300 Subject: [PATCH 5/7] Using noreplace on config files for rpm --- distribution/packages/src/rpm/wazuh-indexer.rpm.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/distribution/packages/src/rpm/wazuh-indexer.rpm.spec b/distribution/packages/src/rpm/wazuh-indexer.rpm.spec index 34048a66ac59a..efd3fd97073c7 100644 --- a/distribution/packages/src/rpm/wazuh-indexer.rpm.spec +++ b/distribution/packages/src/rpm/wazuh-indexer.rpm.spec @@ -244,6 +244,7 @@ exit 0 %config(noreplace) %attr(660, %{name}, %{name}) %{config_dir}/log4j2.properties %config(noreplace) %attr(660, %{name}, %{name}) %{config_dir}/jvm.options %config(noreplace) %attr(660, %{name}, %{name}) %{config_dir}/opensearch.yml +%config(noreplace) %attr(640, %{name}, %{name}) %{config_dir}/opensearch-security/* %if %observability_plugin From ede39187c083bfee34c67309fac2966d11129f00 Mon Sep 17 00:00:00 2001 From: f-galland Date: Tue, 17 Sep 2024 12:15:19 -0300 Subject: [PATCH 6/7] Fix issues in debmake.sh --- distribution/packages/src/deb/debmake_install.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/distribution/packages/src/deb/debmake_install.sh b/distribution/packages/src/deb/debmake_install.sh index 37abaf414604c..e209ef0f1fbd2 100644 --- a/distribution/packages/src/deb/debmake_install.sh +++ b/distribution/packages/src/deb/debmake_install.sh @@ -91,12 +91,13 @@ for i in "${binary_files[@]}"; do done # Append ".new" to configuration file names -dot_new_config_files=() -dot_new_config_files+=("${buildroot}/etc/init.d/${name}") -dot_new_config_files+=("${buildroot}/${config_dir}/jvm.options") -dot_new_config_files+=("${buildroot}/${config_dir}/opensearch.yml") -dot_new_config_files+=("${buildroot}/${config_dir}/opensearch-security/roles.yml") -dot_new_config_files+=("${buildroot}/${config_dir}/opensearch-security/internal_users.yml") +dot_new_config_files=( + "${buildroot}/etc/init.d/${name}" + "${buildroot}/${config_dir}/jvm.options" + "${buildroot}/${config_dir}/opensearch.yml" + "${buildroot}/${config_dir}/opensearch-security/roles.yml" + "${buildroot}/${config_dir}/opensearch-security/internal_users.yml" +) for i in "${dot_new_config_files[@]}" do From 98ea62f49df9baa752183ee643a9c503b86783c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lex=20Ruiz?= Date: Thu, 19 Sep 2024 13:02:48 +0200 Subject: [PATCH 7/7] Revert changes to Debian packages --- distribution/packages/src/deb/debian/postinst | 7 ------- distribution/packages/src/deb/debmake_install.sh | 14 -------------- 2 files changed, 21 deletions(-) diff --git a/distribution/packages/src/deb/debian/postinst b/distribution/packages/src/deb/debian/postinst index ee97e024da055..4541f924534df 100644 --- a/distribution/packages/src/deb/debian/postinst +++ b/distribution/packages/src/deb/debian/postinst @@ -24,13 +24,6 @@ tmp_dir=/var/log/wazuh-indexer/tmp # Create needed directories mkdir -p ${tmp_dir} -# Create config files only if not already present -cp -n /etc/init.d/wazuh-indexer.new /etc/init.d/wazuh-indexer -cp -n ${config_dir}/jvm.options.new ${config_dir}/jvm.options -cp -n ${config_dir}/opensearch.yml.new ${config_dir}/opensearch.yml -cp -n ${config_dir}/opensearch-security/roles.yml.new ${config_dir}/opensearch-security/roles.yml -cp -n ${config_dir}/opensearch-security/internal_users.yml.new ${config_dir}/opensearch-security/internal_users.yml - # Set owner chown -R wazuh-indexer:wazuh-indexer ${product_dir} chown -R wazuh-indexer:wazuh-indexer ${config_dir} diff --git a/distribution/packages/src/deb/debmake_install.sh b/distribution/packages/src/deb/debmake_install.sh index e209ef0f1fbd2..9b7c366742551 100644 --- a/distribution/packages/src/deb/debmake_install.sh +++ b/distribution/packages/src/deb/debmake_install.sh @@ -90,18 +90,4 @@ for i in "${binary_files[@]}"; do chmod -c 750 "$i" done -# Append ".new" to configuration file names -dot_new_config_files=( - "${buildroot}/etc/init.d/${name}" - "${buildroot}/${config_dir}/jvm.options" - "${buildroot}/${config_dir}/opensearch.yml" - "${buildroot}/${config_dir}/opensearch-security/roles.yml" - "${buildroot}/${config_dir}/opensearch-security/internal_users.yml" -) - -for i in "${dot_new_config_files[@]}" -do - mv "$i" "$i.new" -done - exit 0