wazuh · alberpilot · Jan 18, 2022 · Jan 14, 2022 · Jan 14, 2022 · Jan 14, 2022
diff --git a/unattended_installer/install_functions/opendistro/checks.sh b/unattended_installer/install_functions/opendistro/checks.sh
@@ -112,12 +112,12 @@ function checkArguments() {
         fi
     fi
 
-    if [[ -n "${configurations}" && ( -n "${AIO}" || -n "${elasticsearch}" || -n "${kibana}" || -n "${wazuh}" || -n "${development}" || -n "${overwrite}" || -n "${start_elastic_cluster}" || -n "${tar_conf}" || -n "${uninstall}" ) ]]; then
-        logger -e "The argument -c|--certificates can't be used with -a, -k, -e, -u or -w arguments."
+    if [[ -n "${configurations}" && ( -n "${AIO}" || -n "${elasticsearch}" || -n "${kibana}" || -n "${wazuh}" || -n "${overwrite}" || -n "${start_elastic_cluster}" || -n "${tar_conf}" || -n "${uninstall}" ) ]]; then
+        logger -e "The argument -c|--create-configurations can't be used with -a, -k, -e, -u or -w arguments."
         exit 1
     fi
 
-    if [[ -n "${start_elastic_cluster}" && ( -n "${AIO}" || -n "${elasticsearch}" || -n "${kibana}" || -n "${wazuh}" || -n "${development}" || -n "${overwrite}" || -n "${configurations}" || -n "${tar_conf}" || -n "${uninstall}") ]]; then
+    if [[ -n "${start_elastic_cluster}" && ( -n "${AIO}" || -n "${elasticsearch}" || -n "${kibana}" || -n "${wazuh}" || -n "${overwrite}" || -n "${configurations}" || -n "${tar_conf}" || -n "${uninstall}") ]]; then
         logger -e "The argument -s|--start-cluster can't be used with -a, -k, -e or -w arguments."
         exit 1
     fi
@@ -269,16 +269,18 @@ function checkNames() {
         exit 1
     fi
 
-    all_node_names=("${elasticsearch_node_names[@]}" "${wazuh_servers_node_names[@]}" "${kibana_node_names[@]}")
-    found=0
-    for i in "${all_node_names[@]}"; do
-        if [[ ( -n "${elasticsearch}" && "${i}" == "${einame}" ) || ( -n "${wazuh}"  && "${i}" == "${winame}" ) || ( -n "${kibana}"  && "${i}" == "${kiname}" ) ]]; then
-            found=1
-            break
-        fi
-    done
-    if [[ $found -eq 0 ]]; then
-        logger -e "The name given for the node does not appear on the configuration file."
+    if [ -n "${winame}" ] && [[ ! "${wazuh_servers_node_names[@]}" =~ "${winame}" ]]; then
+        logger -e "The Wazuh server node name ${winame} does not appear on the configuration file."
+        exit 1
+    fi 
+
+    if [ -n "${einame}" ] && [[ ! "${elasticsearch_node_names[@]}" =~ "${einame}" ]]; then
+        logger -e "The Elasticsearch node name ${einame} does not appear on the configuration file."
+        exit 1
+    fi
+
+    if [ -n "${kiname}" ] && [[ ! "${kibana_node_names[@]}" =~ "${kiname}" ]]; then
+        logger -e "The Kibana node name ${kiname} does not appear on the configuration file."
         exit 1
     fi
 

diff --git a/unattended_installer/install_functions/opendistro/kibana.sh b/unattended_installer/install_functions/opendistro/kibana.sh
@@ -112,11 +112,6 @@ function initializeKibana() {
         sleep 10
         i=$((i+1))
     done
-    if [ $i -eq 12 ]; then
-        logger -e "Cannot connect to Kibana."
-        rollBack
-        exit 1
-    fi
     if [ "${#wazuh_servers_node_names[@]}" -eq 1 ]; then
         wazuh_api_address=${wazuh_servers_node_ips[0]}
     else
@@ -126,6 +121,11 @@ function initializeKibana() {
             fi
         done
     fi
+    if [ ${i} -eq 12 ]; then
+        logger -e "Cannot connect to Kibana. Please check the status of your elasticsearch cluster"
+        logger "When Kibana is able to connect to your elasticsearch cluster, you can access the web interface https://${nodes_kibana_ip}. The credentials are admin:${u_pass}"
+        exit 1
+    fi
     eval "sed -i 's,url: https://localhost,url: https://${wazuh_api_address},g' /usr/share/kibana/data/wazuh/config/wazuh.yml ${debug}"
     logger "Kibana started."
     logger "You can access the web interface https://${nodes_kibana_ip}. The credentials are admin:${u_pass}"
@@ -151,7 +151,7 @@ function initializeKibanaAIO() {
         sleep 10
         i=$((i+1))
     done
-    if [ $i -eq 12 ]; then
+    if [ ${i} -eq 12 ]; then
         logger -e "Cannot connect to Kibana."
         rollBack
         exit 1

diff --git a/unattended_installer/install_functions/opendistro/wazuh-cert-tool.sh b/unattended_installer/install_functions/opendistro/wazuh-cert-tool.sh
@@ -117,45 +117,45 @@ function generateCertificateconfiguration() {
 
 function generateElasticsearchcertificates() {
 
-    logger_cert "Creating the Elasticsearch certificates."
-
-    i=0
-    while [ ${i} -lt "${#elasticsearch_node_names[@]}" ]; do
-        generateCertificateconfiguration "${elasticsearch_node_names[i]}" "${elasticsearch_node_ips[i]}"
-        eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${elasticsearch_node_names[i]}-key.pem -out ${base_path}/certs/${elasticsearch_node_names[i]}.csr -config ${base_path}/certs/${elasticsearch_node_names[i]}.conf -days 3650 ${debug_cert}"
-        eval "openssl x509 -req -in ${base_path}/certs/${elasticsearch_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${elasticsearch_node_names[i]}.pem -extfile ${base_path}/certs/${elasticsearch_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}"
-        eval "chmod 444 ${base_path}/certs/${elasticsearch_node_names[i]}-key.pem ${debug_cert}"    
-        i=$(( i + 1 ))
-    done
+    if [ ${#elasticsearch_node_names[@]} -gt 0 ]; then
+        logger_cert "Creating the Elasticsearch certificates."
+
+        for i in "${!elasticsearch_node_names[@]}"; do
+            generateCertificateconfiguration "${elasticsearch_node_names[i]}" "${elasticsearch_node_ips[i]}"
+            eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${elasticsearch_node_names[i]}-key.pem -out ${base_path}/certs/${elasticsearch_node_names[i]}.csr -config ${base_path}/certs/${elasticsearch_node_names[i]}.conf -days 3650 ${debug_cert}"
+            eval "openssl x509 -req -in ${base_path}/certs/${elasticsearch_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${elasticsearch_node_names[i]}.pem -extfile ${base_path}/certs/${elasticsearch_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}"
+            eval "chmod 444 ${base_path}/certs/${elasticsearch_node_names[i]}-key.pem ${debug_cert}"    
+        done
+    fi
 
 }
 
 function generateFilebeatcertificates() {
 
-    logger_cert "Creating the Wazuh server certificates."
+    if [ ${#wazuh_servers_node_names[@]} -gt 0 ]; then
+        logger_cert "Creating the Wazuh server certificates."
 
-    i=0
-    while [ ${i} -lt "${#wazuh_servers_node_names[@]}" ]; do
-        generateCertificateconfiguration "${wazuh_servers_node_names[i]}" "${wazuh_servers_node_ips[i]}"
-        eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${wazuh_servers_node_names[i]}-key.pem -out ${base_path}/certs/${wazuh_servers_node_names[i]}.csr -config ${base_path}/certs/${wazuh_servers_node_names[i]}.conf -days 3650 ${debug_cert}"
-        eval "openssl x509 -req -in ${base_path}/certs/${wazuh_servers_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${wazuh_servers_node_names[i]}.pem -extfile ${base_path}/certs/${wazuh_servers_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}"
-        i=$(( i + 1 ))
-    done      
+        for i in "${!wazuh_servers_node_names[@]}"; do
+            generateCertificateconfiguration "${wazuh_servers_node_names[i]}" "${wazuh_servers_node_ips[i]}"
+            eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${wazuh_servers_node_names[i]}-key.pem -out ${base_path}/certs/${wazuh_servers_node_names[i]}.csr -config ${base_path}/certs/${wazuh_servers_node_names[i]}.conf -days 3650 ${debug_cert}"
+            eval "openssl x509 -req -in ${base_path}/certs/${wazuh_servers_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${wazuh_servers_node_names[i]}.pem -extfile ${base_path}/certs/${wazuh_servers_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}"
+        done
+    fi  
 
 }
 
 function generateKibanacertificates() {
-
-    logger_cert "Creating the Kibana certificate."
-
-    i=0
-    while [ ${i} -lt "${#kibana_node_names[@]}" ]; do
-        generateCertificateconfiguration "${kibana_node_names[i]}" "${kibana_node_ips[i]}"
-        eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${kibana_node_names[i]}-key.pem -out ${base_path}/certs/${kibana_node_names[i]}.csr -config ${base_path}/certs/${kibana_node_names[i]}.conf -days 3650 ${debug_cert}"
-        eval "openssl x509 -req -in ${base_path}/certs/${kibana_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${kibana_node_names[i]}.pem -extfile ${base_path}/certs/${kibana_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}"
-        eval "chmod 444 ${base_path}/certs/${kibana_node_names[i]}-key.pem ${debug_cert}"    
-        i=$(( i + 1 ))
-    done
+    
+    if [ ${#kibana_node_names[@]} -gt 0 ]; then
+        logger_cert "Creating the Kibana certificate."
+
+        for i in "${!kibana_node_names[@]}"; do
+            generateCertificateconfiguration "${kibana_node_names[i]}" "${kibana_node_ips[i]}"
+            eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${kibana_node_names[i]}-key.pem -out ${base_path}/certs/${kibana_node_names[i]}.csr -config ${base_path}/certs/${kibana_node_names[i]}.conf -days 3650 ${debug_cert}"
+            eval "openssl x509 -req -in ${base_path}/certs/${kibana_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${kibana_node_names[i]}.pem -extfile ${base_path}/certs/${kibana_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}"
+            eval "chmod 444 ${base_path}/certs/${kibana_node_names[i]}-key.pem ${debug_cert}"    
+        done
+    fi
 
 }
 
@@ -318,6 +318,10 @@ function parse_yaml() {
 function readConfig() {
 
     if [ -f "${config_file}" ]; then
+        if [ ! -s "${config_file}" ]; then
+            logger_cert -e "File ${config_file} is empty"
+            exit 1
+        fi
         eval "$(parse_yaml "${config_file}")"
         eval "elasticsearch_node_names=( $(parse_yaml "${config_file}" | grep nodes_elasticsearch_name | sed 's/nodes_elasticsearch_name=//') )"
         eval "wazuh_servers_node_names=( $(parse_yaml "${config_file}" | grep nodes_wazuh_servers_name | sed 's/nodes_wazuh_servers_name=//') )"
@@ -379,16 +383,19 @@ function readConfig() {
 
         if [ "${#wazuh_servers_node_names[@]}" -le 1 ]; then
             if [ "${#wazuh_servers_node_types[@]}" -ne 0 ]; then
-                logger_cert -e "node_type must be used with more than one Wazuh server."
+                logger_cert -e "The tag node_type can only be used with more than one Wazuh server."
                 exit 1
             fi
-        elif [ "${#wazuh_servers_node_names[@]}" -ne "${#wazuh_servers_node_types[@]}" ]; then
-            logger_cert -e "Different number of Wazuh server node names and node types."
+        elif [ "${#wazuh_servers_node_names[@]}" -gt "${#wazuh_servers_node_types[@]}" ]; then
+            logger_cert -e "The tag node_type needs to be specified for all Wazuh server nodes."
+            exit 1
+        elif [ "${#wazuh_servers_node_names[@]}" -lt "${#wazuh_servers_node_types[@]}" ]; then
+            logger_cert -e "Found extra node_type tags."
             exit 1
         elif [ $(grep -io master <<< ${wazuh_servers_node_types[*]} | wc -l) -ne 1 ]; then
             logger_cert -e "Wazuh cluster needs a single master node."
             exit 1
-        elif [ $(grep -io worker <<< ${wazuh_servers_node_types[*]} | wc -l) -ne $(( "${#wazuh_servers_node_types[@]}" - 1 ))  ]; then
+        elif [ $(grep -io worker <<< ${wazuh_servers_node_types[*]} | wc -l) -ne $(( ${#wazuh_servers_node_types[@]} - 1 ))  ]; then
             logger_cert -e "Incorrect number of workers."
             exit 1
         fi

diff --git a/unattended_installer/install_functions/opendistro/wazuh-passwords-tool.sh b/unattended_installer/install_functions/opendistro/wazuh-passwords-tool.sh
@@ -8,7 +8,9 @@
 # License (version 2) as published by the FSF - Free Software
 # Foundation.
 
-logfile="/var/log/wazuh-password-tool.log"
+if [[ -z "${logfile}" ]]; then
+    logfile="/var/log/wazuh-password-tool.log"
+fi
 debug_pass=">> ${logfile} 2>&1"
 if [ -n "$(command -v yum)" ]; then
     sys_type="yum"
@@ -28,7 +30,7 @@ changePassword() {
             fi
 
             if [ "${users[i]}" == "admin" ]; then
-                wazuhpass=${passwords[i]}
+                adminpass=${passwords[i]}
             elif [ "${users[i]}" == "kibanaserver" ]; then
                 kibpass=${passwords[i]}
             fi  
@@ -39,8 +41,8 @@ changePassword() {
             awk -v new="$hash" 'prev=="'${nuser}':"{sub(/\042.*/,""); $0=$0 new} {prev=$1} 1' /usr/share/elasticsearch/backup/internal_users.yml > internal_users.yml_tmp && mv -f internal_users.yml_tmp /usr/share/elasticsearch/backup/internal_users.yml
         fi
 
-        if [ "${nuser}" == "wazuh" ]; then
-            wazuhpass=${password}
+        if [ "${nuser}" == "admin" ]; then
+            adminpass=${password}
         elif [ "${nuser}" == "kibanaserver" ]; then
             kibpass=${password}
         fi        
@@ -53,7 +55,7 @@ changePassword() {
             wazuhold=$(grep "password:" /etc/filebeat/filebeat.yml )
             ra="  password: "
             wazuhold="${wazuhold//$ra}"
-            conf="$(awk '{sub("password: .*", "password: '${wazuhpass}'")}1' /etc/filebeat/filebeat.yml)"
+            conf="$(awk '{sub("password: .*", "password: '${adminpass}'")}1' /etc/filebeat/filebeat.yml)"
             echo "${conf}" > /etc/filebeat/filebeat.yml  
             restartService "filebeat"
         fi 
@@ -86,7 +88,7 @@ checkInstalledPass() {
     if [ "${sys_type}" == "yum" ]; then
         filebeatinstalled=$(yum list installed 2>/dev/null | grep filebeat)
     elif [ "${sys_type}" == "zypper" ]; then
-        filebeatinstalled=$(zypper packages | grep filebeat | grep i+ | grep noarch)
+        filebeatinstalled=$(zypper packages | grep filebeat | grep i+)
     elif [ "${sys_type}" == "apt-get" ]; then
         filebeatinstalled=$(apt list --installed  2>/dev/null | grep filebeat)
     fi 
@@ -465,8 +467,8 @@ readFileUsers() {
 
 It must have this format:
 User:
-  name: wazuh
-  password: wazuhpassword
+  name: admin
+  password: adminpassword
 User:
   name: kibanaserver
   password: kibanaserverpassword"