Capturing indexer IP should be improved in WPT

[davidcr01]

Wazuh version	Install type	Action performed	Platform
4.7.1	Indexer	Install	Any

Related: wazuh/wazuh#20935
The user reported that if the specified IP of the /etc/wazuh-indexer/opensearch.yml file is contained in double quotes, the function passwords_getNetworkHost does not fetch it properly and it does not replace it with localhost:

function passwords_getNetworkHost() {

    IP=$(grep -hr "^network.host:" /etc/wazuh-indexer/opensearch.yml)
    NH="network.host: "
    IP="${IP//$NH}"

    # Allow finding IP with an interface
    if [[ ${IP} =~ _.*_ ]]; then
        interface="${IP//_}"
        IP=$(ip -o -4 addr list "${interface}" | awk '{print $4}' | cut -d/ -f1)
    fi

    if [ "${IP}" == "0.0.0.0" ]; then
        IP="localhost"
    fi
}

Tasks

I suggest to add the following code to the function:

  # Remove surrounding double quotes if present
    IP="${IP//\"}"

With this, the double quotes of the IP will be removed, if they exist.

• Apply the fix
• Validate the fix: the 0.0.0.0 is replaced with localhost and it does not affect the other installation types.

[davidcr01]

Update Report

Testing

Using WIA

root@ubuntu22:/home/vagrant# bash wazuh-install.sh -wi node-1 
21/12/2023 15:49:59 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
21/12/2023 15:49:59 INFO: Verbose logging redirected to /var/log/wazuh-install.log
21/12/2023 15:50:08 INFO: Verifying that your system meets the recommended minimum hardware requirements.
21/12/2023 15:50:21 INFO: Wazuh development repository added.
21/12/2023 15:50:21 INFO: --- Wazuh indexer ---
21/12/2023 15:50:21 INFO: Starting Wazuh indexer installation.
21/12/2023 15:54:54 INFO: Wazuh indexer installation finished.
21/12/2023 15:54:54 INFO: Wazuh indexer post-install configuration finished.
21/12/2023 15:54:54 INFO: Starting service wazuh-indexer.
21/12/2023 15:55:16 INFO: wazuh-indexer service started.
21/12/2023 15:55:16 INFO: Initializing Wazuh indexer cluster security settings.
21/12/2023 15:55:18 INFO: Wazuh indexer cluster initialized.
21/12/2023 15:55:18 INFO: Installation finished.

Step-by-step

[root@centos7 vagrant]# bash /usr/share/wazuh-indexer/bin/indexer-security-init.sh
++ grep -hr network.host: /etc/wazuh-indexer/opensearch.yml
+ HOST='network.host: "0.0.0.0"'
+ NH='network.host: '
+ HOST='"0.0.0.0"'
+ HOST=0.0.0.0
++ echo 0.0.0.0
++ tr -d '["\'\'']'
+ HOST=0.0.0.0
++ echo 0.0.0.0
++ grep -P '^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$'
+ isIP=0.0.0.0
++ echo 0.0.0.0
++ grep -P '^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$'
+ isDNS=
+ '[' -z 0.0.0.0 ']'
+ '[' 0.0.0.0 = 0.0.0.0 ']'
+ HOST=127.0.0.1
+ set +x
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755           **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.8.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index does not exists, attempt to create it ... done (0-all replicas)
Populate config from /etc/wazuh-indexer/opensearch-security/
Will update '/config' with /etc/wazuh-indexer/opensearch-security/config.yml 
   SUCC: Configuration for 'config' created or updated
Will update '/roles' with /etc/wazuh-indexer/opensearch-security/roles.yml 
   SUCC: Configuration for 'roles' created or updated
Will update '/rolesmapping' with /etc/wazuh-indexer/opensearch-security/roles_mapping.yml 
   SUCC: Configuration for 'rolesmapping' created or updated
Will update '/internalusers' with /etc/wazuh-indexer/opensearch-security/internal_users.yml 
   SUCC: Configuration for 'internalusers' created or updated
Will update '/actiongroups' with /etc/wazuh-indexer/opensearch-security/action_groups.yml 
   SUCC: Configuration for 'actiongroups' created or updated
Will update '/tenants' with /etc/wazuh-indexer/opensearch-security/tenants.yml 
   SUCC: Configuration for 'tenants' created or updated
Will update '/nodesdn' with /etc/wazuh-indexer/opensearch-security/nodes_dn.yml 
   SUCC: Configuration for 'nodesdn' created or updated
Will update '/whitelist' with /etc/wazuh-indexer/opensearch-security/whitelist.yml 
   SUCC: Configuration for 'whitelist' created or updated
Will update '/audit' with /etc/wazuh-indexer/opensearch-security/audit.yml 
   SUCC: Configuration for 'audit' created or updated
Will update '/allowlist' with /etc/wazuh-indexer/opensearch-security/allowlist.yml 
   SUCC: Configuration for 'allowlist' created or updated
SUCC: Expected 10 config types for node {"updated_config_types":["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"],"updated_config_size":10,"message":null} is 10 (["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"]) due to: null
Done with success
[root@centos7 vagrant]#