From 16e2e7bcd89709b733657ad3b3664d654a79fc0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 31 Oct 2023 16:54:39 +0100 Subject: [PATCH 1/2] Added YUM lock logic --- .../common_functions/common.sh | 6 ++- .../install_functions/installCommon.sh | 46 +++++++++++++++++-- .../install_functions/installVariables.sh | 1 + 3 files changed, 49 insertions(+), 4 deletions(-) diff --git a/unattended_installer/common_functions/common.sh b/unattended_installer/common_functions/common.sh index 9581f45b74..fe0c7e8d9b 100644 --- a/unattended_installer/common_functions/common.sh +++ b/unattended_installer/common_functions/common.sh @@ -70,6 +70,7 @@ function common_checkInstalled() { dashboard_installed="" if [ "${sys_type}" == "yum" ]; then + installCommon_checkYumLock wazuh_installed=$(yum list installed 2>/dev/null | grep wazuh-manager) elif [ "${sys_type}" == "apt-get" ]; then wazuh_installed=$(apt list --installed 2>/dev/null | grep wazuh-manager) @@ -81,6 +82,7 @@ function common_checkInstalled() { fi if [ "${sys_type}" == "yum" ]; then + installCommon_checkYumLock indexer_installed=$(yum list installed 2>/dev/null | grep wazuh-indexer) elif [ "${sys_type}" == "apt-get" ]; then indexer_installed=$(apt list --installed 2>/dev/null | grep wazuh-indexer) @@ -92,6 +94,7 @@ function common_checkInstalled() { fi if [ "${sys_type}" == "yum" ]; then + installCommon_checkYumLock filebeat_installed=$(yum list installed 2>/dev/null | grep filebeat) elif [ "${sys_type}" == "apt-get" ]; then filebeat_installed=$(apt list --installed 2>/dev/null | grep filebeat) @@ -103,6 +106,7 @@ function common_checkInstalled() { fi if [ "${sys_type}" == "yum" ]; then + installCommon_checkYumLock dashboard_installed=$(yum list installed 2>/dev/null | grep wazuh-dashboard) elif [ "${sys_type}" == "apt-get" ]; then dashboard_installed=$(apt list --installed 2>/dev/null | grep wazuh-dashboard) @@ -170,7 +174,7 @@ function common_remove_gpg_key() { if [ "${sys_type}" == "yum" ]; then if { rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n' | grep "Wazuh"; } >/dev/null ; then key=$(rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n' | grep "Wazuh Signing Key" | awk '{print $1}' ) - rpm -e "${key}" "${debug}" + rpm -e "${key}" else common_logger "Wazuh GPG key not found in the system" return 1 diff --git a/unattended_installer/install_functions/installCommon.sh b/unattended_installer/install_functions/installCommon.sh index cca1b53122..f2b9f9275b 100644 --- a/unattended_installer/install_functions/installCommon.sh +++ b/unattended_installer/install_functions/installCommon.sh @@ -189,6 +189,19 @@ function installCommon_checkOptionalInstallation() { } +function installCommon_checkYumLock() { + + attempt=0 + seconds=30 + + while [ -f "${yum_lockfile}" ]; do + attempt=$((attempt+1)) + common_logger "Another process is using YUM. Waiting for it to release the lock. Next retry in ${seconds} seconds (${attempt}/10)" + sleep "${seconds}" + done + +} + function installCommon_createCertificates() { common_logger -d "Creating Wazuh certificates." @@ -298,6 +311,7 @@ function installCommon_changePasswords() { function installCommon_checkChromium() { if [ "${sys_type}" == "yum" ]; then + installCommon_checkYumLock if (! yum list installed 2>/dev/null | grep -q -E ^"google-chrome-stable"\\.) && (! yum list installed 2>/dev/null | grep -q -E ^"chromium"\\.); then if [ "${DIST_NAME}" == "amzn" ]; then installCommon_installChrome @@ -609,6 +623,7 @@ function installCommon_rollBack() { if [[ -n "${wazuh_installed}" && ( -n "${wazuh}" || -n "${AIO}" || -n "${uninstall}" ) ]];then common_logger "Removing Wazuh manager." if [ "${sys_type}" == "yum" ]; then + installCommon_checkYumLock eval "yum remove wazuh-manager -y ${debug}" elif [ "${sys_type}" == "apt-get" ]; then eval "apt-get remove --purge wazuh-manager -y ${debug}" @@ -623,6 +638,7 @@ function installCommon_rollBack() { if [[ -n "${indexer_installed}" && ( -n "${indexer}" || -n "${AIO}" || -n "${uninstall}" ) ]]; then common_logger "Removing Wazuh indexer." if [ "${sys_type}" == "yum" ]; then + installCommon_checkYumLock eval "yum remove wazuh-indexer -y ${debug}" elif [ "${sys_type}" == "apt-get" ]; then eval "apt-get remove --purge wazuh-indexer -y ${debug}" @@ -639,6 +655,7 @@ function installCommon_rollBack() { if [[ -n "${filebeat_installed}" && ( -n "${wazuh}" || -n "${AIO}" || -n "${uninstall}" ) ]]; then common_logger "Removing Filebeat." if [ "${sys_type}" == "yum" ]; then + installCommon_checkYumLock eval "yum remove filebeat -y ${debug}" elif [ "${sys_type}" == "apt-get" ]; then eval "apt-get remove --purge filebeat -y ${debug}" @@ -655,6 +672,7 @@ function installCommon_rollBack() { if [[ -n "${dashboard_installed}" && ( -n "${dashboard}" || -n "${AIO}" || -n "${uninstall}" ) ]]; then common_logger "Removing Wazuh dashboard." if [ "${sys_type}" == "yum" ]; then + installCommon_checkYumLock eval "yum remove wazuh-dashboard -y ${debug}" elif [ "${sys_type}" == "apt-get" ]; then eval "apt-get remove --purge wazuh-dashboard -y ${debug}" @@ -758,6 +776,7 @@ function installCommon_yumInstallList(){ dependencies=("$@") not_installed=() for dep in "${dependencies[@]}"; do + installCommon_checkYumLock if ! yum list installed 2>/dev/null | grep -q -E ^"${dep}"\\.;then not_installed+=("${dep}") fi @@ -767,14 +786,35 @@ function installCommon_yumInstallList(){ common_logger "--- Dependencies ---" for dep in "${not_installed[@]}"; do common_logger "Installing $dep." - yum_output=$(yum install ${dep} -y 2>&1) + installCommon_yumInstall "${dep}" yum_code="${PIPESTATUS[0]}" - eval "echo \${yum_output} ${debug}" - if [ "${yum_code}" != 0 ]; then + if [ "${install_result}" != 0 ]; then installCommon_checkOptionalInstallation fi done fi } + +function installCommon_yumInstall() { + + package="${1}" + version="${2}" + install_result=1 + if [ -n "${version}" ]; then + installer="${package}-${version}" + else + installer="${package}" + fi + + command="yum install ${installer} -y" + installCommon_checkYumLock + + if [ ! -f "${yum_lockfile}" ]; then + yum_output=$(eval "${command} 2>&1") + install_result="${PIPESTATUS[0]}" + eval "echo \${yum_output} ${debug}" + fi + +} \ No newline at end of file diff --git a/unattended_installer/install_functions/installVariables.sh b/unattended_installer/install_functions/installVariables.sh index afb97f013a..cca3712ed1 100644 --- a/unattended_installer/install_functions/installVariables.sh +++ b/unattended_installer/install_functions/installVariables.sh @@ -30,6 +30,7 @@ readonly indexer_cert_path="/etc/wazuh-indexer/certs" readonly logfile="/var/log/wazuh-install.log" debug=">> ${logfile} 2>&1" +readonly yum_lockfile="/var/run/yum.pid" ## Offline Installation vars readonly base_dest_folder="wazuh-offline" From baf5e4f0a37023568bea4eb6bd9d25806825d406 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 2 Nov 2023 17:52:30 +0100 Subject: [PATCH 2/2] Improved APT lock logic --- .../install_functions/installCommon.sh | 42 ++++++++++++------- .../install_functions/installVariables.sh | 1 + 2 files changed, 27 insertions(+), 16 deletions(-) diff --git a/unattended_installer/install_functions/installCommon.sh b/unattended_installer/install_functions/installCommon.sh index f2b9f9275b..4af3388778 100644 --- a/unattended_installer/install_functions/installCommon.sh +++ b/unattended_installer/install_functions/installCommon.sh @@ -98,22 +98,13 @@ function installCommon_aptInstall() { installer=${package} fi command="DEBIAN_FRONTEND=noninteractive apt-get install ${installer} -y -q" - seconds=30 - apt_output=$(eval "${command} 2>&1") - install_result="${PIPESTATUS[0]}" - eval "echo \${apt_output} ${debug}" - eval "tail -n 2 ${logfile} | grep -q 'Could not get lock'" - grep_result="${PIPESTATUS[0]}" - while [ "${grep_result}" -eq 0 ] && [ "${attempt}" -lt 10 ]; do - attempt=$((attempt+1)) - common_logger "An external process is using APT. This process has to end to proceed with the Wazuh installation. Next retry in ${seconds} seconds (${attempt}/10)" - sleep "${seconds}" + installCommon_checkAptLock + + if [ "${attempt}" -ne "${max_attempts}" ]; then apt_output=$(eval "${command} 2>&1") install_result="${PIPESTATUS[0]}" eval "echo \${apt_output} ${debug}" - eval "tail -n 2 ${logfile} | grep -q 'Could not get lock'" - grep_result="${PIPESTATUS[0]}" - done + fi } @@ -189,14 +180,29 @@ function installCommon_checkOptionalInstallation() { } +function installCommon_checkAptLock() { + + attempt=0 + seconds=30 + max_attempts=10 + + while fuser "${apt_lockfile}" >/dev/null 2>&1 && [ "${attempt}" -lt "${max_attempts}" ]; do + attempt=$((attempt+1)) + common_logger "Another process is using APT. Waiting for it to release the lock. Next retry in ${seconds} seconds (${attempt}/${max_attempts})" + sleep "${seconds}" + done + +} + function installCommon_checkYumLock() { attempt=0 seconds=30 + max_attempts=10 - while [ -f "${yum_lockfile}" ]; do + while [ -f "${yum_lockfile}" ] && [ "${attempt}" -lt "${max_attempts}" ]; do attempt=$((attempt+1)) - common_logger "Another process is using YUM. Waiting for it to release the lock. Next retry in ${seconds} seconds (${attempt}/10)" + common_logger "Another process is using YUM. Waiting for it to release the lock. Next retry in ${seconds} seconds (${attempt}/${max_attempts})" sleep "${seconds}" done @@ -626,6 +632,7 @@ function installCommon_rollBack() { installCommon_checkYumLock eval "yum remove wazuh-manager -y ${debug}" elif [ "${sys_type}" == "apt-get" ]; then + installCommon_checkAptLock eval "apt-get remove --purge wazuh-manager -y ${debug}" fi common_logger "Wazuh manager removed." @@ -641,6 +648,7 @@ function installCommon_rollBack() { installCommon_checkYumLock eval "yum remove wazuh-indexer -y ${debug}" elif [ "${sys_type}" == "apt-get" ]; then + installCommon_checkAptLock eval "apt-get remove --purge wazuh-indexer -y ${debug}" fi common_logger "Wazuh indexer removed." @@ -658,6 +666,7 @@ function installCommon_rollBack() { installCommon_checkYumLock eval "yum remove filebeat -y ${debug}" elif [ "${sys_type}" == "apt-get" ]; then + installCommon_checkAptLock eval "apt-get remove --purge filebeat -y ${debug}" fi common_logger "Filebeat removed." @@ -675,6 +684,7 @@ function installCommon_rollBack() { installCommon_checkYumLock eval "yum remove wazuh-dashboard -y ${debug}" elif [ "${sys_type}" == "apt-get" ]; then + installCommon_checkAptLock eval "apt-get remove --purge wazuh-dashboard -y ${debug}" fi common_logger "Wazuh dashboard removed." @@ -811,7 +821,7 @@ function installCommon_yumInstall() { command="yum install ${installer} -y" installCommon_checkYumLock - if [ ! -f "${yum_lockfile}" ]; then + if [ "${attempt}" -ne "${max_attempts}" ]; then yum_output=$(eval "${command} 2>&1") install_result="${PIPESTATUS[0]}" eval "echo \${yum_output} ${debug}" diff --git a/unattended_installer/install_functions/installVariables.sh b/unattended_installer/install_functions/installVariables.sh index cca3712ed1..f7aa93ae57 100644 --- a/unattended_installer/install_functions/installVariables.sh +++ b/unattended_installer/install_functions/installVariables.sh @@ -31,6 +31,7 @@ readonly indexer_cert_path="/etc/wazuh-indexer/certs" readonly logfile="/var/log/wazuh-install.log" debug=">> ${logfile} 2>&1" readonly yum_lockfile="/var/run/yum.pid" +readonly apt_lockfile="/var/lib/dpkg/lock" ## Offline Installation vars readonly base_dest_folder="wazuh-offline"