Skip to content

Commit

Permalink
Merge pull request #1506 from wazuh/assistant-changes-1-may
Browse files Browse the repository at this point in the history 
Fix error not showing verbose mode
  • Loading branch information
@alberpilot
alberpilot authored May 3, 2022
2 parents 81055f0 + 00286d9 commit e448201
Show file tree
Hide file tree
Showing 9 changed files with 44 additions and 43 deletions.
6 changes: 3 additions & 3 deletions unattended_installer/install_functions/dashboard.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ function dashboard_initialize() {

for i in "${!indexer_node_ips[@]}"; do
curl=$(curl -XGET https://${indexer_node_ips[i]}:9200/ -uadmin:${u_pass} -k -w %{http_code} -s -o /dev/null)
exit_code=$?
exit_code=${PIPESTATUS[0]}
if [[ "${exit_code}" -eq "7" ]]; then
failed_connect=1
failed_nodes+=("${indexer_node_names[i]}")
Expand Down Expand Up @@ -160,10 +160,10 @@ function dashboard_install() {
common_logger "Starting Wazuh dashboard installation."
if [ "${sys_type}" == "zypper" ]; then
eval "zypper -n install wazuh-dashboard=${wazuh_version}-${wazuh_revision} ${debug}"
install_result="$?"
install_result="${PIPESTATUS[0]}"
elif [ "${sys_type}" == "yum" ]; then
eval "yum install wazuh-dashboard${sep}${wazuh_version}-${wazuh_revision} -y ${debug}"
install_result="$?"
install_result="${PIPESTATUS[0]}"
elif [ "${sys_type}" == "apt-get" ]; then
installCommon_aptInstall "wazuh-dashboard" "${wazuh_version}-${wazuh_revision}"
fi
Expand Down
6 changes: 3 additions & 3 deletions unattended_installer/install_functions/filebeat.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,15 +79,15 @@ function filebeat_install() {
common_logger "Starting Filebeat installation."
if [ "${sys_type}" == "zypper" ]; then
eval "zypper -n install filebeat-${filebeat_version} ${debug}"
install_result="$?"
install_result="${PIPESTATUS[0]}"
elif [ "${sys_type}" == "yum" ]; then
eval "yum install filebeat${sep}${filebeat_version} -y -q ${debug}"
install_result="$?"
install_result="${PIPESTATUS[0]}"
elif [ "${sys_type}" == "apt-get" ]; then
installCommon_aptInstall "filebeat" "${filebeat_version}"
fi

install_result="$?"
install_result="${PIPESTATUS[0]}"
common_checkInstalled
if [ "$install_result" != 0 ] || [ -z "${filebeat_installed}" ]; then
common_logger -e "Filebeat installation failed."
Expand Down
12 changes: 6 additions & 6 deletions unattended_installer/install_functions/indexer.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,10 +137,10 @@ function indexer_install() {

if [ "${sys_type}" == "yum" ]; then
eval "yum install wazuh-indexer-${wazuh_version}-${wazuh_revision} -y ${debug}"
install_result="$?"
install_result="${PIPESTATUS[0]}"
elif [ "${sys_type}" == "zypper" ]; then
eval "zypper -n install wazuh-indexer=${wazuh_version}-${wazuh_revision} ${debug}"
install_result="$?"
install_result="${PIPESTATUS[0]}"
elif [ "${sys_type}" == "apt-get" ]; then
installCommon_aptInstall "wazuh-indexer" "${wazuh_version}-${wazuh_revision}"
fi
Expand All @@ -163,12 +163,12 @@ function indexer_startCluster() {
retries=0
for ip_to_test in "${indexer_node_ips[@]}"; do
eval "curl -XGET https://"${ip_to_test}":9300/ -k -s -o /dev/null"
e_code="$?"
e_code="${PIPESTATUS[0]}"
until [ "${e_code}" -ne 7 ] || [ "${retries}" -eq 12 ]; do
sleep 10
retries=$((retries+1))
eval "curl -XGET https://"${ip_to_test}":9300/ -k -s -o /dev/null"
e_code="$?"
e_code="${PIPESTATUS[0]}"
done
if [ ${retries} -eq 12 ]; then
common_logger -e "Connectivity check failed on node ${ip_to_test} port 9300. Possible causes: Wazuh indexer not installed on the node, the Wazuh indexer service is not running or you have connectivity issues with that node. Please check this before trying again."
Expand All @@ -177,15 +177,15 @@ function indexer_startCluster() {
done
eval "wazuh_indexer_ip=( $(cat /etc/wazuh-indexer/opensearch.yml | grep network.host | sed 's/network.host:\s//') )"
eval "sudo -u wazuh-indexer JAVA_HOME=/usr/share/wazuh-indexer/jdk/ OPENSEARCH_PATH_CONF=/etc/wazuh-indexer /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -p 9300 -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -icl -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem -h ${wazuh_indexer_ip} ${debug}"
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "The Wazuh indexer cluster security configuration could not be initialized."
installCommon_rollBack
exit 1
else
common_logger "Wazuh indexer cluster security configuration initialized."
fi
eval "curl --silent ${filebeat_wazuh_template} | curl -X PUT 'https://${indexer_node_ips[pos]}:9200/_template/wazuh' -H 'Content-Type: application/json' -d @- -uadmin:admin -k --silent ${debug}"
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "The wazuh-alerts template could not be inserted into the Wazuh indexer cluster."
installCommon_rollBack
exit 1
Expand Down
16 changes: 8 additions & 8 deletions unattended_installer/install_functions/installCommon.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,17 +81,17 @@ function installCommon_aptInstall() {
command="DEBIAN_FRONTEND=noninteractive apt-get install ${installer} -y -q ${debug}"
seconds=30
eval "${command}"
install_result="$?"
install_result="${PIPESTATUS[0]}"
eval "tail -n 2 ${logfile} | grep -q 'Could not get lock'"
grep_result="$?"
grep_result="${PIPESTATUS[0]}"
while [ "${grep_result}" -eq 0 ] && [ "${attempt}" -lt 10 ]; do
attempt=$((attempt+1))
common_logger "An external process is using APT. This process has to end to proceed with the Wazuh installation. Next retry in ${seconds} seconds (${attempt}/10)"
sleep "${seconds}"
eval "${command}"
install_result="$?"
install_result="${PIPESTATUS[0]}"
eval "tail -n 2 ${logfile} | grep -q 'Could not get lock'"
grep_result="$?"
grep_result="${PIPESTATUS[0]}"
done

}
Expand Down Expand Up @@ -239,7 +239,7 @@ function installCommon_installPrerequisites() {
for dep in "${not_installed[@]}"; do
common_logger "Installing $dep."
eval "yum install ${dep} -y ${debug}"
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "Cannot install dependency: ${dep}."
exit 1
fi
Expand Down Expand Up @@ -486,7 +486,7 @@ function installCommon_startService() {
eval "systemctl daemon-reload ${debug}"
eval "systemctl enable ${1}.service ${debug}"
eval "systemctl start ${1}.service ${debug}"
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "${1} could not be started."
if [ -n "$(command -v journalctl)" ]; then
eval "journalctl -u ${1} >> ${logfile}"
Expand All @@ -500,7 +500,7 @@ function installCommon_startService() {
eval "chkconfig ${1} on ${debug}"
eval "service ${1} start ${debug}"
eval "/etc/init.d/${1} start ${debug}"
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "${1} could not be started."
if [ -n "$(command -v journalctl)" ]; then
eval "journalctl -u ${1} >> ${logfile}"
Expand All @@ -512,7 +512,7 @@ function installCommon_startService() {
fi
elif [ -x "/etc/rc.d/init.d/${1}" ] ; then
eval "/etc/rc.d/init.d/${1} start ${debug}"
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "${1} could not be started."
if [ -n "$(command -v journalctl)" ]; then
eval "journalctl -u ${1} >> ${logfile}"
Expand Down
8 changes: 5 additions & 3 deletions unattended_installer/install_functions/installMain.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ function getHelp() {

echo -e ""
echo -e "NAME"
echo -e " $(basename "$0") - Install and configure Wazuh central components: Wazuh manager, Wazuh indexer, and Wazuh dashboard."
echo -e " $(basename "$0") - Install and configure Wazuh central components: Wazuh server, Wazuh indexer, and Wazuh dashboard."
echo -e ""
echo -e "SYNOPSIS"
echo -e " $(basename "$0") [OPTIONS] -a | -c | -s | -wi <indexer-node-name> | -wd <dashboard-node-name> | -ws <server-node-name>"
Expand All @@ -23,7 +23,7 @@ function getHelp() {
echo -e " Path to the configuration file used to generate wazuh-install-files.tar file containing the files that will be needed for installation. By default, the Wazuh installation assistant will search for a file named config.yml in the same path as the script."
echo -e ""
echo -e " -fd, --force-install-dashboard"
echo -e " Force Wazuh dashboard installation to continue even when it is not capable to connect to the Wazuh indexer."
echo -e " Force Wazuh dashboard installation to continue even when it is not capable of connecting to the Wazuh indexer."
echo -e ""
echo -e " -g, --generate-config-files"
echo -e " Generate wazuh-install-files.tar file containing the files that will be needed for installation from config.yml. In distributed deployments you will need to copy this file to all hosts."
Expand Down Expand Up @@ -147,7 +147,7 @@ function main() {
;;
"-v"|"--verbose")
debugEnabled=1
debug="&>> ${logfile}"
debug="2>&1 | tee -a ${logfile}"
shift 1
;;
"-V"|"--version")
Expand Down Expand Up @@ -200,6 +200,8 @@ function main() {
esac
done

cat /dev/null > "${logfile}"

if [ -n "${showVersion}" ]; then
common_logger "Wazuh version: ${wazuh_version}"
common_logger "Filebeat version: ${filebeat_version}"
Expand Down
1 change: 0 additions & 1 deletion unattended_installer/install_functions/installVariables.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,6 @@ readonly indexer_cert_path="/etc/wazuh-indexer/certs"

readonly logfile="/var/log/wazuh-install.log"
debug=">> ${logfile} 2>&1"
cat /dev/null > "${logfile}"

## Offline Installation vars
readonly base_dest_folder="wazuh-offline"
Expand Down
4 changes: 2 additions & 2 deletions unattended_installer/install_functions/manager.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,10 +46,10 @@ function manager_install() {
common_logger "Starting the Wazuh manager installation."
if [ "${sys_type}" == "zypper" ]; then
eval "${sys_type} -n install wazuh-manager=${wazuh_version}-${wazuh_revision} ${debug}"
install_result="$?"
install_result="${PIPESTATUS[0]}"
elif [ "${sys_type}" == "yum" ]; then
eval "${sys_type} install wazuh-manager${sep}${wazuh_version}-${wazuh_revision} -y ${debug}"
install_result="$?"
install_result="${PIPESTATUS[0]}"
elif [ "${sys_type}" == "apt-get" ]; then
installCommon_aptInstall "wazuh-manager" "${wazuh_version}-${wazuh_revision}"
fi
Expand Down
4 changes: 2 additions & 2 deletions unattended_installer/install_functions/wazuh-offline-download.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ function offline_download() {
eval "package_base_url=${package}_${package_type}_base_url"

eval "curl -so ${dest_path}/${!package_name} ${!package_base_url}/${!package_name}"
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "The ${package} package could not be downloaded. Exiting."
exit 1
else
Expand Down Expand Up @@ -60,7 +60,7 @@ function offline_download() {
do

eval "curl -sO ${file}"
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "The resource ${file} could not be downloaded. Exiting."
exit 1
else
Expand Down
30 changes: 15 additions & 15 deletions unattended_installer/passwords_tool/passwordsFunctions.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ function passwords_createBackUp() {
common_logger -d "Creating password backup."
eval "mkdir /usr/share/wazuh-indexer/backup ${debug}"
eval "JAVA_HOME=/usr/share/wazuh-indexer/jdk/ OPENSEARCH_PATH_CONF=/etc/wazuh-indexer /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -icl -p 9300 -backup /usr/share/wazuh-indexer/backup -nhnv -cacert ${capem} -cert ${adminpem} -key ${adminkey} -h ${IP} ${debug}"
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "The backup could not be created"
exit 1;
fi
Expand All @@ -116,7 +116,7 @@ function passwords_generateHash() {
for i in "${!passwords[@]}"
do
nhash=$(bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/hash.sh -p "${passwords[i]}" | grep -v WARNING)
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "Hash generation failed."
exit 1;
fi
Expand All @@ -126,7 +126,7 @@ function passwords_generateHash() {
else
common_logger "Generating password hash"
hash=$(bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/hash.sh -p ${password} | grep -v WARNING)
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "Hash generation failed."
exit 1;
fi
Expand All @@ -140,7 +140,7 @@ function passwords_generatePassword() {
if [ -n "${nuser}" ]; then
common_logger -d "Generating random password."
password=$(< /dev/urandom tr -dc A-Za-z0-9 | head -c${1:-32};echo;)
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "The password could not been generated."
exit 1;
fi
Expand All @@ -149,7 +149,7 @@ function passwords_generatePassword() {
for i in "${!users[@]}"; do
PASS=$(< /dev/urandom tr -dc A-Za-z0-9 | head -c${1:-32};echo;)
passwords+=("${PASS}")
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "The password could not been generated."
exit 1;
fi
Expand All @@ -164,11 +164,11 @@ function passwords_generatePasswordFile() {
"Admin user for the web user interface and Wazuh indexer. Use this user to log in to Wazuh dashboard"
"Wazuh dashboard user for establishing the connection with Wazuh indexer"
"Regular Dashboard user, only has read permissions to all indices and all permissions on the .kibana index"
"Filebeat user has CRUD and create index permissions on filebeat indices"
"Filebeat user for CRUD operations on Wazuh indices"
"User with READ access to all indices"
"User with permissions to perform snapshot and restore operations"
"Admin user used to comunicate with Wazuh API"
"Regular user able to query Wazuh API"
"Admin user used to communicate with Wazuh API"
"Regular user to query Wazuh API"
)
passwords_generatePassword
for i in "${!users[@]}"; do
Expand Down Expand Up @@ -298,7 +298,7 @@ function passwords_restartService() {
if ps -e | grep -E -q "^\ *1\ .*systemd$"; then
eval "systemctl daemon-reload ${debug}"
eval "systemctl restart ${1}.service ${debug}"
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "${1} could not be started."
if [ -n "$(command -v journalctl)" ]; then
eval "journalctl -u ${1} >> ${logfile}"
Expand All @@ -312,7 +312,7 @@ function passwords_restartService() {
fi
elif ps -e | grep -E -q "^\ *1\ .*init$"; then
eval "/etc/init.d/${1} restart ${debug}"
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "${1} could not be started."
if [ -n "$(command -v journalctl)" ]; then
eval "journalctl -u ${1} >> ${logfile}"
Expand All @@ -326,7 +326,7 @@ function passwords_restartService() {
fi
elif [ -x "/etc/rc.d/init.d/${1}" ] ; then
eval "/etc/rc.d/init.d/${1} restart ${debug}"
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "${1} could not be started."
if [ -n "$(command -v journalctl)" ]; then
eval "journalctl -u ${1} >> ${logfile}"
Expand All @@ -353,27 +353,27 @@ function passwords_runSecurityAdmin() {
common_logger -d "Loading new passwords changes."
eval "cp /usr/share/wazuh-indexer/backup/* /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ ${debug}"
eval "OPENSEARCH_PATH_CONF=/etc/wazuh-indexer /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -p 9300 -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert ${capem} -cert ${adminpem} -key ${adminkey} -icl -h ${IP} ${debug}"
if [ "$?" != 0 ]; then
if [ "${PIPESTATUS[0]}" != 0 ]; then
common_logger -e "Could not load the changes."
exit 1;
fi
eval "rm -rf /usr/share/wazuh-indexer/backup/ ${debug}"

if [[ -n "${nuser}" ]] && [[ -n ${autopass} ]]; then
common_logger -nl $'\nThe password for user '${nuser}' is '${password}''
common_logger -w "Password changed. Remember to update the password in /etc/filebeat/filebeat.yml and /etc/wazuh-dashboard/opensearch_dashboards.yml if necessary and restart the services."
common_logger -w "Password changed. Remember to update the password in the Wazuh dashboard and Filebeat nodes if necessary, and restart the services."
fi

if [[ -n "${nuser}" ]] && [[ -z ${autopass} ]]; then
common_logger -w "Password changed. Remember to update the password in /etc/filebeat/filebeat.yml and /etc/wazuh-dashboard/opensearch_dashboards.yml if necessary and restart the services."
common_logger -w "Password changed. Remember to update the password in the Wazuh dashboard and Filebeat nodes if necessary, and restart the services."
fi

if [ -n "${changeall}" ]; then
if [ -z "${AIO}" ] && [ -z "${indexer}" ] && [ -z "${dashboard}" ] && [ -z "${wazuh}" ] && [ -z "${start_indexer_cluster}" ]; then
for i in "${!users[@]}"; do
common_logger -nl $'The password for user '${users[i]}' is '${passwords[i]}''
done
common_logger -w "Passwords changed. Remember to update the password in /etc/filebeat/filebeat.yml and /etc/wazuh-dashboard/opensearch_dashboards.yml if necessary and restart the services."
common_logger -w "Passwords changed. Remember to update the password in the Wazuh dashboard and Filebeat nodes if necessary, and restart the services."
else
common_logger -d "Passwords changed."
fi
Expand Down

0 comments on commit e448201

Please sign in to comment.