wazuh · tsarquis88 · Dec 12, 2023
diff --git a/debs/SPECS/wazuh-manager/debian/postinst b/debs/SPECS/wazuh-manager/debian/postinst
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 # postinst script for Wazuh
 # Wazuh, Inc 2015
 set -e
@@ -264,6 +264,52 @@ case "$1" in
         fi
     fi
 
+    # Function that checks if the old (< v4.8) VD configuration is present.
+    is_old_vulndet_config_present()
+    {
+        local OSSEC_CONFIGURATION_FILE="$1"
+        local VULNERABILITY_DETECTOR_PATTERN="<vulnerability-detector>"
+
+        if ( grep -q "$VULNERABILITY_DETECTOR_PATTERN" "$OSSEC_CONFIGURATION_FILE" ); then
+            return 0
+        fi
+        return 1
+    }
+
+    # Function that updates the old (< v4.8) VD configuration with the latest one.
+    update_vulndet_config()
+    {
+        local OSSEC_CONFIGURATION_FILE="$1"
+        local OSSEC_CONFIGURATION_FILE_TMP="$1.tmp"
+
+        touch $OSSEC_CONFIGURATION_FILE_TMP
+        local OSSEC_CONFIGURATION_FILE_BEFORE_VD="$(sed -ne '/<vulnerability-detector>/q;p' $OSSEC_CONFIGURATION_FILE)"
+        local OSSEC_CONFIGURATION_FILE_AFTER_VD="$(sed -e '1,/<\/vulnerability-detector>/d' $OSSEC_CONFIGURATION_FILE)"
+
+        # Append current config preceding the old VD config.
+        echo "${OSSEC_CONFIGURATION_FILE_BEFORE_VD}" >> $OSSEC_CONFIGURATION_FILE_TMP
+        echo "" >> $OSSEC_CONFIGURATION_FILE_TMP
+
+        # Append new VD config.
+        local VULNDET_TEMPLATE_FILE="${SCRIPTS_DIR}/etc/templates/config/generic/wodle-vulnerability-detection.manager.template"
+        cat ${VULNDET_TEMPLATE_FILE} >> $OSSEC_CONFIGURATION_FILE_TMP
+        echo "" >> $OSSEC_CONFIGURATION_FILE_TMP
+
+        # Append new Indexer config.
+        local INDEXER_TEMPLATE_FILE="${SCRIPTS_DIR}/etc/templates/config/generic/wodle-indexer.manager.template"
+        cat ${INDEXER_TEMPLATE_FILE} >> $OSSEC_CONFIGURATION_FILE_TMP
+
+        # Append current config succeeding the old VD config.
+        echo "$OSSEC_CONFIGURATION_FILE_AFTER_VD" >> $OSSEC_CONFIGURATION_FILE_TMP
+
+        mv $OSSEC_CONFIGURATION_FILE_TMP $OSSEC_CONFIGURATION_FILE
+    }
+
+    # Update VD configuration if necessary.
+    if is_old_vulndet_config_present "${DIR}/etc/ossec.conf"; then
+        update_vulndet_config "${DIR}/etc/ossec.conf"
+    fi
+
     if [ ! -z "$2" ]; then
         if [ -f ${WAZUH_TMP_DIR}/wazuh.restart ] ; then
             if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then