Merge pull request #1048 from wazuh/bump-unattended-4.3.0

Bump unattended 4.3.0
wazuh · Dec 9, 2021 · 10ba6d1 · 10ba6d1
2 parents 7b414d0 + a600908
commit 10ba6d1
Show file tree

Hide file tree

Showing 8 changed files with 88 additions and 510 deletions.
diff --git a/unattended_scripts/elastic-stack/unattended-installation/all-in-one-installation.sh b/unattended_scripts/elastic-stack/unattended-installation/all-in-one-installation.sh
@@ -8,6 +8,12 @@
 # License (version 2) as published by the FSF - Free Software
 # Foundation.
 
+WAZUH_VER="4.3.0"
+WAZUH_REV="1"
+ELK_VER="7.14.2"
+
+WAZUH_KIB_PLUG_REV="1"
+
 ## Check if system is based on yum or apt-get or zypper
 char="."
 debug='> /dev/null 2>&1'
@@ -184,7 +190,7 @@ addWazuhrepo() {
     if [ $sys_type == "yum" ]
     then
         eval "rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH $debug"
-        eval "echo -e '[wazuh]\ngpgcheck=1\ngpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH\nenabled=1\nname=EL-$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1' | tee /etc/yum.repos.d/wazuh.repo $debug"
+        eval "echo -e '[wazuh]\ngpgcheck=1\ngpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1' | tee /etc/yum.repos.d/wazuh.repo $debug"
     elif [ $sys_type == "zypper" ]
     then
         rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH > /dev/null 2>&1
@@ -243,13 +249,13 @@ installElasticsearch() {
 
     if [ $sys_type == "yum" ]
     then
-        eval "yum install elasticsearch-7.11.2 -y -q $debug"
+        eval "yum install elasticsearch-${ELK_VER} -y -q $debug"
     elif [ $sys_type == "apt-get" ] 
     then
-        eval "apt-get install elasticsearch=7.11.2 -y -q $debug"
+        eval "apt-get install elasticsearch=${ELK_VER} -y -q $debug"
     elif [ $sys_type == "zypper" ] 
     then
-        eval "zypper -n install elasticsearch-7.11.2 $debug"
+        eval "zypper -n install elasticsearch-${ELK_VER} $debug"
     fi
 
     if [  "$?" != 0  ]
@@ -317,13 +323,13 @@ installFilebeat() {
     logger "Installing Filebeat..."
     if [ $sys_type == "yum" ]
     then
-        eval "yum install filebeat-7.11.2 -y -q  $debug"    
+        eval "yum install filebeat-${ELK_VER} -y -q  $debug"    
     elif [ $sys_type == "zypper" ] 
     then
-        eval "zypper -n install filebeat-7.11.2 $debug"
+        eval "zypper -n install filebeat-${ELK_VER} $debug"
     elif [ $sys_type == "apt-get" ] 
     then
-        eval "apt-get install filebeat=7.11.2 -y -q  $debug"
+        eval "apt-get install filebeat=${ELK_VER} -y -q  $debug"
     fi
     if [  "$?" != 0  ]
     then
@@ -354,13 +360,13 @@ installKibana() {
     logger "Installing Kibana..."
     if [ $sys_type == "yum" ]
     then
-        eval "yum install kibana-7.11.2 -y -q  $debug"    
+        eval "yum install kibana-${ELK_VER} -y -q  $debug"    
     elif [ $sys_type == "zypper" ] 
     then
-        eval "zypper -n install kibana-7.11.2 $debug"
+        eval "zypper -n install kibana-${ELK_VER} $debug"
     elif [ $sys_type == "apt-get" ] 
     then
-        eval "apt-get install kibana=7.11.2 -y -q  $debug"
+        eval "apt-get install kibana=${ELK_VER} -y -q  $debug"
     fi
     if [  "$?" != 0  ]
     then
@@ -371,7 +377,7 @@ installKibana() {
         eval "mkdir /usr/share/kibana/data ${debug}"
         eval "chown -R kibana:kibana /usr/share/kibana/ ${debug}"
         eval "cd /usr/share/kibana ${debug}"
-        eval "sudo -u kibana /usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-4.2.2_7.11.2-1.zip ${debug}"
+        eval "sudo -u kibana /usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_VER}_${ELK_VER}-${WAZUH_KIB_PLUG_REV}.zip ${debug}"
         if [  "$?" != 0  ]; then
             logger -e "Wazuh Kibana plugin could not be installed."
             exit 1;
@@ -406,7 +412,7 @@ healthCheck() {
         logger -e "Your system does not meet the recommended minimum hardware requirements of 4Gb of RAM and 2 CPU cores . If you want to proceed with the installation use the -i option to ignore these requirements."
         exit 1;
     elif [[ -f /etc/elasticsearch/elasticsearch.yml ]] && [[ -f /etc/kibana/kibana.yml ]] && [[ -f /etc/filebeat/filebeat.yml ]]; then
-        logger -w "All the componens have already been installed."
+        logger -e "All the components have already been installed."
         exit 1;    
     else
         logger "Starting the installation..."

diff --git a/...d_scripts/elastic-stack/unattended-installation/distributed/elastic-stack-installation.sh b/...d_scripts/elastic-stack/unattended-installation/distributed/elastic-stack-installation.sh
@@ -8,6 +8,13 @@
 # License (version 2) as published by the FSF - Free Software
 # Foundation.
 
+WAZUH_MAJOR="4.3"
+WAZUH_VER="4.3.0"
+WAZUH_REV="1"
+ELK_VER="7.14.2"
+
+WAZUH_KIB_PLUG_REV="1"
+
 ## Check if system is based on yum or apt-get
 char="."
 debug='> /dev/null 2>&1'
@@ -228,13 +235,13 @@ installElasticsearch() {
 
     if [ $sys_type == "yum" ]
     then
-        eval "yum install elasticsearch-7.11.2 -y -q $debug"
+        eval "yum install elasticsearch-${ELK_VER} -y -q $debug"
     elif [ $sys_type == "apt-get" ] 
     then
-        eval "apt-get install elasticsearch=7.11.2 -y -q $debug"
+        eval "apt-get install elasticsearch=${ELK_VER} -y -q $debug"
     elif [ $sys_type == "zypper" ] 
     then
-        eval "zypper -n install elasticsearch-7.11.2 $debug"
+        eval "zypper -n install elasticsearch-${ELK_VER} $debug"
     fi
 
     if [  "$?" != 0  ]
@@ -323,6 +330,7 @@ installElasticsearch() {
             copyCertificates iname
         fi
         initializeElastic
+
         logger "Done"
     fi
 
@@ -434,13 +442,13 @@ installKibana() {
     logger "Installing Kibana..."
     if [ $sys_type == "yum" ]
     then
-        eval "yum install kibana-7.11.2 -y -q  $debug"    
+        eval "yum install kibana-${ELK_VER} -y -q  $debug"    
     elif [ $sys_type == "zypper" ] 
     then
-        eval "zypper -n install kibana-7.11.2 $debug"
+        eval "zypper -n install kibana-${ELK_VER} $debug"
     elif [ $sys_type == "apt-get" ] 
         then
-        eval "apt-get install kibana=7.11.2 -y -q  $debug"
+        eval "apt-get install kibana=${ELK_VER} -y -q  $debug"
     fi
     if [  "$?" != 0  ]
     then
@@ -452,7 +460,7 @@ installKibana() {
         eval "mkdir /usr/share/kibana/data ${debug}"
         eval "chown -R kibana:kibana /usr/share/kibana/ ${debug}"
         eval "cd /usr/share/kibana ${debug}"
-        eval "sudo -u kibana /usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-4.2.2_7.11.2-1.zip ${debug}"
+        eval "sudo -u kibana /usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_VER}_${ELK_VER}-${WAZUH_KIB_PLUG_REV}.zip ${debug}"
         if [  "$?" != 0  ]; then
             logger -e "Wazuh Kibana plugin could not be installed."
             exit 1;
@@ -518,7 +526,7 @@ initializeKibana() {
         echo -ne $char
         sleep 10
     done
-    echo "" 
+    echo ""
     sleep 10
     wip=$(grep -A 2 ${iname} ~/config.yml | tail -1)
     rw1="- "

diff --git a/unattended_scripts/open-distro/tools/certificate-utility/wazuh-cert-tool.sh b/unattended_scripts/open-distro/tools/certificate-utility/wazuh-cert-tool.sh
@@ -43,7 +43,7 @@ readInstances() {
         logger "Configuration file found. Creating certificates..."
         eval "mkdir ~/certs $debug"
     else
-        logger -e "no configuration file found."
+        logger -e "No configuration file found."
         exit 1;
     fi
 
@@ -167,7 +167,7 @@ generateCertificateconfiguration() {
         conf="$(awk '{sub("IP.1 = cip", "DNS.1 = '${cip}'")}1' ~/certs/$cname.conf)"
         echo "${conf}" > ~/certs/$cname.conf 
     else
-        echo "Error. The given information does not match with an IP or a DNS"  
+        logger -e "The given information does not match with an IP or a DNS"  
         exit 1; 
     fi   
 

diff --git a/unattended_scripts/open-distro/tools/wazuh-passwords-tool.sh b/unattended_scripts/open-distro/tools/wazuh-passwords-tool.sh
@@ -35,10 +35,11 @@ logger() {
             message="$1"
             ;;
     esac
-    echo  $now $mtype $message
+    echo $now $mtype $message
 }
 
 ## Checks if the script is run with enough privileges
+
 checkRoot() {
     if [ "$EUID" -ne 0 ]; then
         logger -e "This script must be run as root."
@@ -165,15 +166,16 @@ readFileUsers() {
 
     FILECORRECT=$(grep -Pzc '\A(User:\s*name:\s*\w+\s*password:\s*\w+\s*)+\Z' $FILE)
     if [ $FILECORRECT -ne 1 ]; then
-        logger -e "the password file doesn't have a correct format.
-        It must have this format:
-        User:
-        name: wazuh
-        password: wazuhpasword
-        User:
-        name: kibanaserver
-        password: kibanaserverpassword"
-        exit 1
+	logger -e "The password file doesn't have a correct format.
+
+It must have this format:
+User:
+   name: wazuh
+   password: wazuhpasword
+User:
+   name: kibanaserver
+   password: kibanaserverpassword"
+	exit 1
     fi	
 
     SFILEUSERS=$(grep name: ${FILE} | awk '{ print substr( $2, 1, length($2) ) }')
@@ -199,7 +201,6 @@ readFileUsers() {
             if [ $supported = false ]; then
                 logger -e "The given user ${FILEUSERS[j]} does not exist"
             fi
-
         done
     else
         FINALUSERS=()
@@ -214,7 +215,7 @@ readFileUsers() {
                     supported=true
                 fi
             done
-            if [ $supported = false ];then
+            if [ $supported = false ]; then
                 logger -e "The given user ${FILEUSERS[j]} does not exist"
             fi
         done
@@ -374,7 +375,6 @@ changePassword() {
 		    restartService "kibana"
 	    fi         
     fi
-
 }
 
 ## Runs the Security Admin script to load the changes
@@ -393,11 +393,11 @@ runSecurityAdmin() {
 
     if [[ -n "${NUSER}" ]] && [[ -n ${AUTOPASS} ]]; then
         echo -e "The password for user '${NUSER}' is '${PASSWORD}'\n"
-        logger "Passwords changed. Remember to update the password in /etc/filebeat/filebeat.yml and /etc/kibana/kibana.yml if necessary and restart the services. More info: https://documentation.wazuh.com/current/user-manual/elasticsearch/elastic-tuning.html#change-users-password"
+        logger -w "Password changed. Remember to update the password in /etc/filebeat/filebeat.yml and /etc/kibana/kibana.yml if necessary and restart the services."
     fi
 
     if [[ -n "${NUSER}" ]] && [[ -z ${AUTOPASS} ]]; then
-        logger "Passwords changed. Remember to update the password in /etc/filebeat/filebeat.yml and /etc/kibana/kibana.yml if necessary and restart the services. More info: https://documentation.wazuh.com/current/user-manual/elasticsearch/elastic-tuning.html#change-users-password"
+        logger -w "Password changed. Remember to update the password in /etc/filebeat/filebeat.yml and /etc/kibana/kibana.yml if necessary and restart the services."
     fi    
 
     if [ -n "${CHANGEALL}" ]; then
@@ -406,7 +406,7 @@ runSecurityAdmin() {
         do
             echo -e "The password for ${USERS[i]} is ${PASSWORDS[i]}\n"
         done
-        logger "Passwords changed. Remember to update the password in /etc/filebeat/filebeat.yml and /etc/kibana/kibana.yml if necessary and restart the services. More info: https://documentation.wazuh.com/current/user-manual/elasticsearch/elastic-tuning.html#change-users-password"
+        logger -w "Passwords changed. Remember to update the password in /etc/filebeat/filebeat.yml and /etc/kibana/kibana.yml if necessary and restart the services."
     fi 
 
 }
@@ -477,7 +477,7 @@ main() {
         if [ -n "${PASSWORD}" ] && [ -n "${CHANGEALL}" ]; then
             getHelp
         fi 
-
+        
         if [ -n "${NUSER}" ] && [ -n "${FILE}" ]; then
             getHelp
         fi