Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix .deb upgrade to v4.8 by replacing old VD configuration #2680

Closed
wants to merge 1 commit into from
Closed

Fix .deb upgrade to v4.8 by replacing old VD configuration #2680

wants to merge 1 commit into from

Conversation

tsarquis88
Copy link
Contributor

@tsarquis88 tsarquis88 commented Dec 12, 2023
edited
Loading

Related issue
#2683

Description

This PR improves the postinst script of the Debian manager package generation process in order to upgrade the new vulnerability detection configuration.

Results

Package generation

The package has been generated by running

% ./generate_debian_package.sh -b dev-14153-vulndet-refactor -t manager -a amd64 -j 8 --packages-branch dev-abc-vulndet-upgrade

Full output of the command above: package_generation.log.gz

Fresh install

  • Installation
# apt install ./wazuh-manager_4.8.0-1_amd64.deb 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'wazuh-manager' instead of './wazuh-manager_4.8.0-1_amd64.deb'
Suggested packages:
  expect
The following NEW packages will be installed:
  wazuh-manager
0 upgraded, 1 newly installed, 0 to remove and 1 not upgraded.
Need to get 0 B/121 MB of archives.
After this operation, 719 MB of additional disk space will be used.
Get:1 /home/server-admin/wazuh-manager_4.8.0-1_amd64.deb wazuh-manager amd64 4.8.0-1 [121 MB]
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package wazuh-manager.
(Reading database ... 100346 files and directories currently installed.)
Preparing to unpack .../wazuh-manager_4.8.0-1_amd64.deb ...
Unpacking wazuh-manager (4.8.0-1) ...
Setting up wazuh-manager (4.8.0-1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Scanning processes...                                                                                                                                                                         
Scanning processor microcode...                                                                                                                                                               
Scanning linux images...                                                                                                                                                                      

Running kernel seems to be up-to-date.

The processor microcode seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
  • Service start
# systemctl start wazuh-manager

# systemctl status wazuh-manager
● wazuh-manager.service - Wazuh manager
     Loaded: loaded (/lib/systemd/system/wazuh-manager.service; disabled; vendor preset: enabled)
     Active: active (running) since Tue 2023-12-12 16:35:53 UTC; 11s ago
    Process: 892002 ExecStart=/usr/bin/env /var/ossec/bin/wazuh-control start (code=exited, status=0/SUCCESS)
      Tasks: 126 (limit: 9249)
     Memory: 208.5M
        CPU: 26.219s
     CGroup: /system.slice/wazuh-manager.service
             ├─892058 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─892097 /var/ossec/bin/wazuh-authd
             ├─892113 /var/ossec/bin/wazuh-db
             ├─892138 /var/ossec/bin/wazuh-execd
             ├─892149 /var/ossec/bin/wazuh-analysisd
             ├─892210 /var/ossec/bin/wazuh-syscheckd
             ├─892223 /var/ossec/bin/wazuh-remoted
             ├─892226 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─892229 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─892232 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─892267 /var/ossec/bin/wazuh-logcollector
             └─892289 /var/ossec/bin/wazuh-monitord

Dec 12 16:35:47 ubuntu-server env[892002]: Started wazuh-analysisd...
Dec 12 16:35:47 ubuntu-server env[892002]: Started wazuh-syscheckd...
Dec 12 16:35:48 ubuntu-server env[892002]: Started wazuh-remoted...
Dec 12 16:35:49 ubuntu-server env[892002]: Started wazuh-logcollector...
Dec 12 16:35:50 ubuntu-server env[892002]: Started wazuh-monitord...
Dec 12 16:35:50 ubuntu-server env[892345]: 2023/12/12 16:35:50 wazuh-modulesd:router: INFO: Loaded router module.
Dec 12 16:35:50 ubuntu-server env[892345]: 2023/12/12 16:35:50 wazuh-modulesd:content_manager: INFO: Loaded content_manager module.
Dec 12 16:35:51 ubuntu-server env[892002]: Started wazuh-modulesd...
Dec 12 16:35:53 ubuntu-server env[892002]: Completed.
Dec 12 16:35:53 ubuntu-server systemd[1]: Started Wazuh manager.

Upgrade from v4.7 to v4.8

  • Upgrade
# apt install ./wazuh-manager_4.8.0-1_amd64.deb 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'wazuh-manager' instead of './wazuh-manager_4.8.0-1_amd64.deb'
Suggested packages:
  expect
The following packages will be upgraded:
  wazuh-manager
1 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
Need to get 0 B/121 MB of archives.
After this operation, 89.3 MB of additional disk space will be used.
Get:1 /home/server-admin/wazuh-manager_4.8.0-1_amd64.deb wazuh-manager amd64 4.8.0-1 [121 MB]
debconf: delaying package configuration, since apt-utils is not installed
(Reading database ... 121634 files and directories currently installed.)
Preparing to unpack .../wazuh-manager_4.8.0-1_amd64.deb ...
Unpacking wazuh-manager (4.8.0-1) over (4.7.0-1) ...
Setting up wazuh-manager (4.8.0-1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Scanning processes...                                                                                                                                                                         
Scanning processor microcode...                                                                                                                                                               
Scanning linux images...                                                                                                                                                                      

Running kernel seems to be up-to-date.

The processor microcode seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
  • Status after upgrade
# systemctl status wazuh-manager
● wazuh-manager.service - Wazuh manager
     Loaded: loaded (/lib/systemd/system/wazuh-manager.service; disabled; vendor preset: enabled)
     Active: active (running) since Tue 2023-12-12 18:28:16 UTC; 40s ago
    Process: 1519293 ExecStart=/usr/bin/env /var/ossec/bin/wazuh-control start (code=exited, status=0/SUCCESS)
      Tasks: 189 (limit: 9249)
     Memory: 230.6M
        CPU: 30.763s
     CGroup: /system.slice/wazuh-manager.service
             ├─1519349 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─1519350 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─1519353 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─1519356 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─1519397 /var/ossec/bin/wazuh-authd
             ├─1519410 /var/ossec/bin/wazuh-db
             ├─1519435 /var/ossec/bin/wazuh-execd
             ├─1519446 /var/ossec/bin/wazuh-analysisd
             ├─1519455 /var/ossec/bin/wazuh-syscheckd
             ├─1519472 /var/ossec/bin/wazuh-remoted
             ├─1519481 /var/ossec/bin/wazuh-logcollector
             ├─1519571 /var/ossec/bin/wazuh-monitord
             └─1519609 /var/ossec/bin/wazuh-modulesd

Dec 12 18:28:10 ubuntu-server env[1519293]: Started wazuh-analysisd...
Dec 12 18:28:11 ubuntu-server env[1519293]: Started wazuh-syscheckd...
Dec 12 18:28:11 ubuntu-server env[1519293]: Started wazuh-remoted...
Dec 12 18:28:12 ubuntu-server env[1519293]: Started wazuh-logcollector...
Dec 12 18:28:13 ubuntu-server env[1519293]: Started wazuh-monitord...
Dec 12 18:28:13 ubuntu-server env[1519604]: 2023/12/12 18:28:13 wazuh-modulesd:router: INFO: Loaded router module.
Dec 12 18:28:13 ubuntu-server env[1519604]: 2023/12/12 18:28:13 wazuh-modulesd:content_manager: INFO: Loaded content_manager module.
Dec 12 18:28:14 ubuntu-server env[1519293]: Started wazuh-modulesd...
Dec 12 18:28:16 ubuntu-server env[1519293]: Completed.
Dec 12 18:28:16 ubuntu-server systemd[1]: Started Wazuh manager.

Reinstallation of v4.8

  • Reinstallation
# dpkg -i ./wazuh-manager_4.8.0-1_amd64.deb 
(Reading database ... 122390 files and directories currently installed.)
Preparing to unpack .../wazuh-manager_4.8.0-1_amd64.deb ...
Unpacking wazuh-manager (4.8.0-1) over (4.8.0-1) ...
Setting up wazuh-manager (4.8.0-1) ...
  • Service status
# systemctl status wazuh-manager
● wazuh-manager.service - Wazuh manager
     Loaded: loaded (/lib/systemd/system/wazuh-manager.service; disabled; vendor preset: enabled)
     Active: active (running) since Tue 2023-12-12 18:31:45 UTC; 4s ago
    Process: 1564764 ExecStart=/usr/bin/env /var/ossec/bin/wazuh-control start (code=exited, status=0/SUCCESS)
      Tasks: 189 (limit: 9249)
     Memory: 229.7M
        CPU: 23.417s
     CGroup: /system.slice/wazuh-manager.service
             ├─1564820 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─1564821 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─1564824 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─1564827 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─1564868 /var/ossec/bin/wazuh-authd
             ├─1564881 /var/ossec/bin/wazuh-db
             ├─1564906 /var/ossec/bin/wazuh-execd
             ├─1564917 /var/ossec/bin/wazuh-analysisd
             ├─1564926 /var/ossec/bin/wazuh-syscheckd
             ├─1564943 /var/ossec/bin/wazuh-remoted
             ├─1565026 /var/ossec/bin/wazuh-logcollector
             ├─1565058 /var/ossec/bin/wazuh-monitord
             └─1565121 /var/ossec/bin/wazuh-modulesd

Dec 12 18:31:38 ubuntu-server env[1564764]: Started wazuh-analysisd...
Dec 12 18:31:39 ubuntu-server env[1564764]: Started wazuh-syscheckd...
Dec 12 18:31:40 ubuntu-server env[1564764]: Started wazuh-remoted...
Dec 12 18:31:41 ubuntu-server env[1564764]: Started wazuh-logcollector...
Dec 12 18:31:42 ubuntu-server env[1564764]: Started wazuh-monitord...
Dec 12 18:31:42 ubuntu-server env[1565119]: 2023/12/12 18:31:42 wazuh-modulesd:router: INFO: Loaded router module.
Dec 12 18:31:42 ubuntu-server env[1565119]: 2023/12/12 18:31:42 wazuh-modulesd:content_manager: INFO: Loaded content_manager module.
Dec 12 18:31:43 ubuntu-server env[1564764]: Started wazuh-modulesd...
Dec 12 18:31:45 ubuntu-server env[1564764]: Completed.
Dec 12 18:31:45 ubuntu-server systemd[1]: Started Wazuh manager.

@tsarquis88 tsarquis88 self-assigned this Dec 12, 2023
@tsarquis88 tsarquis88 force-pushed the dev-abc-vulndet-upgrade branch 2 times, most recently from b8c79fc to 6e90d2b Compare December 12, 2023 16:12
@tsarquis88 tsarquis88 force-pushed the dev-abc-vulndet-upgrade branch from 1631708 to 283fd82 Compare December 12, 2023 18:36
@tsarquis88 tsarquis88 linked an issue Dec 12, 2023 that may be closed by this pull request
Config failure when upgrading manager to v4.8 through a .deb package #2683
Closed
@tsarquis88 tsarquis88 changed the title Fix upgrade to v4.8 by replacing old VD configuration Fix .deb upgrade to v4.8 by replacing old VD configuration Dec 12, 2023
@tsarquis88 tsarquis88 closed this Dec 12, 2023
@tsarquis88 tsarquis88 deleted the dev-abc-vulndet-upgrade branch December 12, 2023 18:51
@tsarquis88
Copy link
Contributor Author

tsarquis88 commented Dec 12, 2023
edited
Loading

PR closed due to branch renaming. New PR -> #2684

@tsarquis88 tsarquis88 removed a link to an issue Dec 13, 2023
Config failure when upgrading manager to v4.8 through a .deb package #2683
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@tsarquis88 tsarquis88

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@tsarquis88