-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update RPM spec file to avoid overwriting modified config files #410
Update RPM spec file to avoid overwriting modified config files #410
Conversation
Upgrading from root@deb-upgrade:~# apt install ./wazuh-indexer_4.9.1_amd64.deb
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'wazuh-indexer' instead of './wazuh-indexer_4.9.1_amd64.deb'
The following packages were automatically installed and are no longer required:
libmpfr6 libsigsegv2
Use 'apt autoremove' to remove them.
The following packages will be upgraded:
wazuh-indexer
1 upgraded, 0 newly installed, 0 to remove and 5 not upgraded.
Need to get 0 B/851 MB of archives.
After this operation, 26.9 MB of additional disk space will be used.
Get:1 /root/wazuh-indexer_4.9.1_amd64.deb wazuh-indexer amd64 4.9.1-0 [851 MB]
(Reading database ... 18754 files and directories currently installed.)
Preparing to unpack .../wazuh-indexer_4.9.1_amd64.deb ...
Running Wazuh Indexer Pre-Installation Script
Stop existing wazuh-indexer.service
Unpacking wazuh-indexer (4.9.1-0) over (4.8.2-1) ...
Setting up wazuh-indexer (4.9.1-0) ...
Installing new version of config file /etc/default/wazuh-indexer ...
Installing new version of config file /etc/wazuh-indexer/log4j2.properties ...
Installing new version of config file /etc/wazuh-indexer/opensearch-performance-analyzer/opensearch_security.policy ...
Installing new version of config file /etc/wazuh-indexer/opensearch-security/roles_mapping.yml ...
Running Wazuh Indexer Post-Installation Script
### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable wazuh-indexer.service
### You can start wazuh-indexer service by executing
sudo systemctl start wazuh-indexer.service
N: Download is performed unsandboxed as root as file '/root/wazuh-indexer_4.9.1_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) |
After internal discussion, it was decided that An upgrade does throw a warning alerting the user of the presence of newer versions of their configuration files. [root@rpm-upgrade ~]# yum install ./wazuh-indexer-4.9.1.x86_64.rpm
Last metadata expiration check: 18:46:39 ago on Mon Sep 16 20:20:51 2024.
Dependencies resolved.
=============================================================================================================================================
Package Architecture Version Repository Size
=============================================================================================================================================
Upgrading:
wazuh-indexer x86_64 4.9.1-0 @commandline 813 M
Transaction Summary
=============================================================================================================================================
Upgrade 1 Package
Total size: 813 M
Is this ok [y/N]: y
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: wazuh-indexer-4.9.1-0.x86_64 1/2
Stop existing wazuh-indexer.service
Upgrading : wazuh-indexer-4.9.1-0.x86_64 1/2
warning: /etc/wazuh-indexer/jvm.options created as /etc/wazuh-indexer/jvm.options.rpmnew
warning: /etc/wazuh-indexer/opensearch-security/internal_users.yml created as /etc/wazuh-indexer/opensearch-security/internal_users.yml.rpmnew
Running scriptlet: wazuh-indexer-4.9.1-0.x86_64 1/2
### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable wazuh-indexer.service
### You can start wazuh-indexer service by executing
sudo systemctl start wazuh-indexer.service
Running scriptlet: wazuh-indexer-4.8.2-1.x86_64 2/2
Cleanup : wazuh-indexer-4.8.2-1.x86_64 2/2
Running scriptlet: wazuh-indexer-4.8.2-1.x86_64 2/2
Verifying : wazuh-indexer-4.9.1-0.x86_64 1/2
Verifying : wazuh-indexer-4.8.2-1.x86_64 2/2
Upgraded:
wazuh-indexer-4.9.1-0.x86_64
Complete! Otherwise, the upgrade seems to work ok. |
Running package builder: |
Both set of packages were built successfully. |
@f-galland does this mean these configuration files are being overwritten??
I've also noticed this error message that did not appear before.
|
Testing Debian packages Using the Debian production package from the workflow run above, I installed it over a [email protected]. Pre-upgrade status Details
[root@rhel7 vagrant]# cat /usr/share/wazuh-indexer/VERSION
4.8.2
[root@rhel7 vagrant]# ls -lR /etc/wazuh-indexer/
/etc/wazuh-indexer/:
total 28
dr-x------. 2 wazuh-indexer wazuh-indexer 117 Sep 6 09:12 certs
drwxr-x---. 2 wazuh-indexer wazuh-indexer 52 Sep 6 09:27 internalusers-backup
-rw-rw----. 1 wazuh-indexer wazuh-indexer 2735 Sep 6 09:12 jvm.options
drwxr-x---. 2 wazuh-indexer wazuh-indexer 6 Aug 19 17:16 jvm.options.d
-rw-rw----. 1 wazuh-indexer wazuh-indexer 14808 Aug 19 17:16 log4j2.properties
drwxr-x---. 2 wazuh-indexer wazuh-indexer 31 Sep 6 09:11 opensearch-notifications
drwxr-x---. 2 wazuh-indexer wazuh-indexer 36 Sep 6 09:11 opensearch-notifications-core
drwxr-x---. 2 wazuh-indexer wazuh-indexer 31 Sep 6 09:11 opensearch-observability
drwxr-x---. 2 wazuh-indexer wazuh-indexer 263 Sep 6 09:11 opensearch-performance-analyzer
drwxr-x---. 2 wazuh-indexer wazuh-indexer 35 Sep 6 09:11 opensearch-reports-scheduler
drwxr-x---. 2 wazuh-indexer wazuh-indexer 245 Sep 6 09:11 opensearch-security
-rw-rw----. 1 wazuh-indexer wazuh-indexer 196 Sep 6 09:12 opensearch.keystore
-rw-rw----. 1 wazuh-indexer wazuh-indexer 2152 Sep 6 09:12 opensearch.yml
/etc/wazuh-indexer/certs:
total 20
-r--------. 1 wazuh-indexer wazuh-indexer 1708 Sep 6 09:04 admin-key.pem
-r--------. 1 wazuh-indexer wazuh-indexer 1107 Sep 6 09:04 admin.pem
-r--------. 1 wazuh-indexer wazuh-indexer 1184 Sep 6 09:04 root-ca.pem
-r--------. 1 wazuh-indexer wazuh-indexer 1704 Sep 6 09:04 wazuh-indexer-key.pem
-r--------. 1 wazuh-indexer wazuh-indexer 1229 Sep 6 09:04 wazuh-indexer.pem
/etc/wazuh-indexer/internalusers-backup:
total 4
-rw-r-----. 1 wazuh-indexer wazuh-indexer 1145 Sep 6 09:27 internal_users_20240906_092707.yml.bkp
/etc/wazuh-indexer/jvm.options.d:
total 0
/etc/wazuh-indexer/opensearch-notifications:
total 4
-rw-r-----. 1 wazuh-indexer wazuh-indexer 407 Aug 19 17:16 notifications.yml
/etc/wazuh-indexer/opensearch-notifications-core:
total 4
-rw-r-----. 1 wazuh-indexer wazuh-indexer 550 Aug 19 17:16 notifications-core.yml
/etc/wazuh-indexer/opensearch-observability:
total 4
-rw-rw----. 1 wazuh-indexer wazuh-indexer 1349 Aug 19 17:16 observability.yml
/etc/wazuh-indexer/opensearch-performance-analyzer:
total 44
-rw-r-----. 1 wazuh-indexer wazuh-indexer 104 Aug 19 17:16 agent-stats-metadata
-rw-r-----. 1 wazuh-indexer wazuh-indexer 2393 Aug 19 17:16 log4j2.xml
-rw-r-----. 1 wazuh-indexer wazuh-indexer 493 Aug 19 17:16 opensearch_security.policy
-rw-r-----. 1 wazuh-indexer wazuh-indexer 1668 Aug 19 17:16 performance-analyzer.properties
-rw-r-----. 1 wazuh-indexer wazuh-indexer 106 Aug 19 17:16 plugin-stats-metadata
-rw-r-----. 1 wazuh-indexer wazuh-indexer 2868 Aug 19 17:16 rca.conf
-rw-r-----. 1 wazuh-indexer wazuh-indexer 4180 Aug 19 17:16 rca_cluster_manager.conf
-rw-r-----. 1 wazuh-indexer wazuh-indexer 4185 Aug 19 17:16 rca_idle_cluster_manager.conf
-rw-r-----. 1 wazuh-indexer wazuh-indexer 1931 Aug 19 17:16 supervisord.conf
/etc/wazuh-indexer/opensearch-reports-scheduler:
total 4
-rw-rw----. 1 wazuh-indexer wazuh-indexer 297 Aug 19 17:16 reports-scheduler.yml
/etc/wazuh-indexer/opensearch-security:
total 68
-rw-r-----. 1 wazuh-indexer wazuh-indexer 50 Aug 19 17:16 action_groups.yml
-rw-r-----. 1 wazuh-indexer wazuh-indexer 1973 Aug 19 17:16 allowlist.yml
-rw-r-----. 1 wazuh-indexer wazuh-indexer 2541 Aug 19 17:16 audit.yml
-rw-r-----. 1 wazuh-indexer wazuh-indexer 10063 Aug 19 17:16 config.yml
-rw-r-----. 1 wazuh-indexer wazuh-indexer 1133 Sep 6 09:27 internal_users.yml
-rw-r-----. 1 wazuh-indexer wazuh-indexer 154 Aug 19 17:16 nodes_dn.yml
-rw-r-----. 1 wazuh-indexer wazuh-indexer 12381 Aug 19 17:16 opensearch.yml.example
-rw-r-----. 1 wazuh-indexer wazuh-indexer 4643 Aug 19 17:31 roles.yml
-rw-r-----. 1 wazuh-indexer wazuh-indexer 1510 Aug 19 17:31 roles_mapping.yml
-rw-r-----. 1 wazuh-indexer wazuh-indexer 170 Aug 19 17:16 tenants.yml
-rw-r-----. 1 wazuh-indexer wazuh-indexer 1973 Aug 19 17:16 whitelist.yml Upgrade Details
root@ubuntu2204:/home/vagrant# apt install ./wazuh-indexer_4.9.1-0_amd64.deb
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'wazuh-indexer' instead of './wazuh-indexer_4.9.1-0_amd64.deb'
The following packages will be upgraded:
wazuh-indexer
1 upgraded, 0 newly installed, 0 to remove and 157 not upgraded.
Need to get 0 B/850 MB of archives.
After this operation, 26.6 MB of additional disk space will be used.
Get:1 /home/vagrant/wazuh-indexer_4.9.1-0_amd64.deb wazuh-indexer amd64 4.9.1-0 [850 MB]
(Reading database ... 190752 files and directories currently installed.)
Preparing to unpack .../wazuh-indexer_4.9.1-0_amd64.deb ...
Running Wazuh Indexer Pre-Installation Script
Stop existing wazuh-indexer.service
Unpacking wazuh-indexer (4.9.1-0) over (4.8.2-1) ...
Setting up wazuh-indexer (4.9.1-0) ...
Installing new version of config file /etc/default/wazuh-indexer ...
Installing new version of config file /etc/wazuh-indexer/log4j2.properties ...
Installing new version of config file /etc/wazuh-indexer/opensearch-performance-analyzer/opensearch_security.policy ...
Installing new version of config file /etc/wazuh-indexer/opensearch-security/roles_mapping.yml ...
Running Wazuh Indexer Post-Installation Script
### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable wazuh-indexer.service
### You can start wazuh-indexer service by executing
sudo systemctl start wazuh-indexer.service
Scanning processes...
Scanning linux images...
Running kernel seems to be up-to-date.
No services need to be restarted.
No containers need to be restarted.
No user sessions are running outdated binaries.
No VM guests are running outdated hypervisor (qemu) binaries on this host.
N: Download is performed unsandboxed as root as file '/home/vagrant/wazuh-indexer_4.9.1-0_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) Post-upgrade status Details
root@ubuntu2204:/home/vagrant# ls -lR /etc/wazuh-indexer
/etc/wazuh-indexer:
total 76
dr-x------ 2 wazuh-indexer wazuh-indexer 4096 Sep 6 13:14 certs
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Sep 6 13:23 internalusers-backup
-rw-rw---- 1 wazuh-indexer wazuh-indexer 2943 Sep 6 13:14 jvm.options
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Aug 19 17:14 jvm.options.d
-rw-rw---- 1 wazuh-indexer wazuh-indexer 3062 Sep 17 2024 jvm.options.new
-rw-r----- 1 wazuh-indexer wazuh-indexer 17919 Sep 17 2024 log4j2.properties
-rw-rw---- 1 wazuh-indexer wazuh-indexer 196 Sep 6 13:14 opensearch.keystore
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Sep 6 15:53 opensearch-notifications
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Sep 6 15:53 opensearch-notifications-core
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Sep 6 15:53 opensearch-observability
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Sep 6 15:53 opensearch-performance-analyzer
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Sep 6 15:53 opensearch-reports-scheduler
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Sep 6 15:53 opensearch-security
-rw-rw---- 1 wazuh-indexer wazuh-indexer 2152 Sep 6 13:14 opensearch.yml
-rw-rw---- 1 wazuh-indexer wazuh-indexer 2081 Sep 17 2024 opensearch.yml.new
/etc/wazuh-indexer/certs:
total 20
-r-------- 1 wazuh-indexer wazuh-indexer 1704 Sep 6 13:06 admin-key.pem
-r-------- 1 wazuh-indexer wazuh-indexer 1119 Sep 6 13:06 admin.pem
-r-------- 1 wazuh-indexer wazuh-indexer 1204 Sep 6 13:06 root-ca.pem
-r-------- 1 wazuh-indexer wazuh-indexer 1704 Sep 6 13:06 wazuh-indexer-key.pem
-r-------- 1 wazuh-indexer wazuh-indexer 1285 Sep 6 13:06 wazuh-indexer.pem
/etc/wazuh-indexer/internalusers-backup:
total 4
-rw-r----- 1 wazuh-indexer wazuh-indexer 1145 Sep 6 13:23 internal_users_20240906_132300.yml.bkp
/etc/wazuh-indexer/jvm.options.d:
total 0
/etc/wazuh-indexer/opensearch-notifications:
total 4
-rw-r----- 1 wazuh-indexer wazuh-indexer 407 Aug 19 17:14 notifications.yml
/etc/wazuh-indexer/opensearch-notifications-core:
total 4
-rw-r----- 1 wazuh-indexer wazuh-indexer 550 Aug 19 17:14 notifications-core.yml
/etc/wazuh-indexer/opensearch-observability:
total 4
-rw-r----- 1 wazuh-indexer wazuh-indexer 1349 Aug 19 17:14 observability.yml
/etc/wazuh-indexer/opensearch-performance-analyzer:
total 44
-rw-r----- 1 wazuh-indexer wazuh-indexer 104 Aug 19 17:14 agent-stats-metadata
-rw-r----- 1 wazuh-indexer wazuh-indexer 2393 Aug 19 17:14 log4j2.xml
-rw-r----- 1 wazuh-indexer wazuh-indexer 570 Sep 17 2024 opensearch_security.policy
-rw-r----- 1 wazuh-indexer wazuh-indexer 1668 Aug 19 17:14 performance-analyzer.properties
-rw-r----- 1 wazuh-indexer wazuh-indexer 106 Aug 19 17:14 plugin-stats-metadata
-rw-r----- 1 wazuh-indexer wazuh-indexer 4180 Aug 19 17:14 rca_cluster_manager.conf
-rw-r----- 1 wazuh-indexer wazuh-indexer 2868 Aug 19 17:14 rca.conf
-rw-r----- 1 wazuh-indexer wazuh-indexer 4185 Aug 19 17:14 rca_idle_cluster_manager.conf
-rw-r----- 1 wazuh-indexer wazuh-indexer 1931 Aug 19 17:14 supervisord.conf
/etc/wazuh-indexer/opensearch-reports-scheduler:
total 4
-rw-r----- 1 wazuh-indexer wazuh-indexer 297 Aug 19 17:14 reports-scheduler.yml
/etc/wazuh-indexer/opensearch-security:
total 88
-rw-r----- 1 wazuh-indexer wazuh-indexer 50 Aug 19 17:14 action_groups.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 1973 Aug 19 17:14 allowlist.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 2541 Aug 19 17:14 audit.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 10063 Aug 19 17:14 config.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 1133 Sep 6 13:23 internal_users.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 1667 Sep 17 2024 internal_users.yml.new
-rw-r----- 1 wazuh-indexer wazuh-indexer 154 Aug 19 17:14 nodes_dn.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 12381 Aug 19 17:14 opensearch.yml.example
-rw-r----- 1 wazuh-indexer wazuh-indexer 1509 Sep 17 2024 roles_mapping.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 4643 Aug 19 17:24 roles.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 13387 Sep 17 2024 roles.yml.new
-rw-r----- 1 wazuh-indexer wazuh-indexer 170 Aug 19 17:14 tenants.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 1973 Aug 19 17:14 whitelist.yml |
If any of the files listed here are modified before the upgrade, root@ubuntu2204:/home/vagrant# apt install ./wazuh-indexer_4.9.1-0_amd64.deb
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'wazuh-indexer' instead of './wazuh-indexer_4.9.1-0_amd64.deb'
The following packages will be upgraded:
wazuh-indexer
1 upgraded, 0 newly installed, 0 to remove and 157 not upgraded.
Need to get 0 B/850 MB of archives.
After this operation, 26.6 MB of additional disk space will be used.
Get:1 /home/vagrant/wazuh-indexer_4.9.1-0_amd64.deb wazuh-indexer amd64 4.9.1-0 [850 MB]
(Reading database ... 190752 files and directories currently installed.)
Preparing to unpack .../wazuh-indexer_4.9.1-0_amd64.deb ...
Running Wazuh Indexer Pre-Installation Script
Unpacking wazuh-indexer (4.9.1-0) over (4.8.2-1) ...
Setting up wazuh-indexer (4.9.1-0) ...
Installing new version of config file /etc/default/wazuh-indexer ...
Installing new version of config file /etc/wazuh-indexer/log4j2.properties ...
Installing new version of config file /etc/wazuh-indexer/opensearch-performance-analyzer/opensearch_security.policy ...
Configuration file '/etc/wazuh-indexer/opensearch-security/roles_mapping.yml'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
*** roles_mapping.yml (Y/I/N/O/D/Z) [default=N] ?
Progress: [ 40%] [###########################################################################.................................................................................................................] We would need to add every configuration file to the |
The new agreed approach is to let apt know that we want to use the existing configuration files (modified by them) over the new maintainer's configuration files. I've tried using Detailsroot@ubuntu2204:/home/vagrant# vi /etc/wazuh-indexer/opensearch-security/roles_mapping.yml
root@ubuntu2204:/home/vagrant# systemctl stop wazuh-indexer
root@ubuntu2204:/home/vagrant# ls -l /etc/wazuh-indexer/opensearch-security/roles_mapping.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 1517 Sep 6 15:53 /etc/wazuh-indexer/opensearch-security/roles_mapping.yml
root@ubuntu2204:/home/vagrant# apt install ./wazuh-indexer_4.9.1-0_amd64.deb --verbose-versions --assume-no
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'wazuh-indexer' instead of './wazuh-indexer_4.9.1-0_amd64.deb'
wazuh-indexer is already the newest version (4.9.1-0).
0 upgraded, 0 newly installed, 0 to remove and 157 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] N
Abort.
root@ubuntu2204:/home/vagrant# apt install ./wazuh-indexer_4.9.1-0_amd64.deb --verbose-versions --assume-yes
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'wazuh-indexer' instead of './wazuh-indexer_4.9.1-0_amd64.deb'
wazuh-indexer is already the newest version (4.9.1-0).
0 upgraded, 0 newly installed, 0 to remove and 157 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Setting up wazuh-indexer (4.9.1-0) ...
Configuration file '/etc/wazuh-indexer/opensearch-security/roles_mapping.yml'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
*** roles_mapping.yml (Y/I/N/O/D/Z) [default=N] ?
Progress: [ 0%] [........................................................................................................................................................]
|
After some research, I stumped upon these questions, which seem to resolve this same problem.
So we would need to use a command like this one to perform the upgrade, telling apt-get -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" install wazuh-indexer Details
root@ubuntu2204:/home/vagrant# apt-get -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" install ./wazuh-indexer_4.9.1-0_amd64.deb
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'wazuh-indexer' instead of './wazuh-indexer_4.9.1-0_amd64.deb'
wazuh-indexer is already the newest version (4.9.1-0).
0 upgraded, 0 newly installed, 0 to remove and 157 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] y
Setting up wazuh-indexer (4.9.1-0) ...
Configuration file '/etc/wazuh-indexer/opensearch-security/roles_mapping.yml'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
==> Keeping old config file as default.
Running Wazuh Indexer Post-Installation Script
### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable wazuh-indexer.service
### You can start wazuh-indexer service by executing
sudo systemctl start wazuh-indexer.service
Scanning processes...
Scanning linux images...
Running kernel seems to be up-to-date.
No services need to be restarted.
No containers need to be restarted.
No user sessions are running outdated binaries.
No VM guests are running outdated hypervisor (qemu) binaries on this host.
root@ubuntu2204:/home/vagrant# ls -lR /etc/wazuh-indexer/
/etc/wazuh-indexer/:
total 76
dr-x------ 2 wazuh-indexer wazuh-indexer 4096 Sep 6 13:14 certs
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Sep 6 13:23 internalusers-backup
-rw-rw---- 1 wazuh-indexer wazuh-indexer 2943 Sep 6 13:14 jvm.options
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Aug 19 17:14 jvm.options.d
-rw-rw---- 1 wazuh-indexer wazuh-indexer 3062 Sep 17 15:37 jvm.options.new
-rw-r----- 1 wazuh-indexer wazuh-indexer 17919 Sep 17 15:35 log4j2.properties
-rw-rw---- 1 wazuh-indexer wazuh-indexer 196 Sep 6 13:14 opensearch.keystore
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Sep 6 15:54 opensearch-notifications
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Sep 6 15:54 opensearch-notifications-core
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Sep 6 15:54 opensearch-observability
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Sep 6 15:54 opensearch-performance-analyzer
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Sep 6 15:54 opensearch-reports-scheduler
drwxr-x--- 2 wazuh-indexer wazuh-indexer 4096 Sep 18 11:24 opensearch-security
-rw-rw---- 1 wazuh-indexer wazuh-indexer 2152 Sep 6 13:14 opensearch.yml
-rw-rw---- 1 wazuh-indexer wazuh-indexer 2081 Sep 17 15:37 opensearch.yml.new
/etc/wazuh-indexer/certs:
total 20
-r-------- 1 wazuh-indexer wazuh-indexer 1704 Sep 6 13:06 admin-key.pem
-r-------- 1 wazuh-indexer wazuh-indexer 1119 Sep 6 13:06 admin.pem
-r-------- 1 wazuh-indexer wazuh-indexer 1204 Sep 6 13:06 root-ca.pem
-r-------- 1 wazuh-indexer wazuh-indexer 1704 Sep 6 13:06 wazuh-indexer-key.pem
-r-------- 1 wazuh-indexer wazuh-indexer 1285 Sep 6 13:06 wazuh-indexer.pem
/etc/wazuh-indexer/internalusers-backup:
total 4
-rw-r----- 1 wazuh-indexer wazuh-indexer 1145 Sep 6 13:23 internal_users_20240906_132300.yml.bkp
/etc/wazuh-indexer/jvm.options.d:
total 0
/etc/wazuh-indexer/opensearch-notifications:
total 4
-rw-r----- 1 wazuh-indexer wazuh-indexer 407 Aug 19 17:14 notifications.yml
/etc/wazuh-indexer/opensearch-notifications-core:
total 4
-rw-r----- 1 wazuh-indexer wazuh-indexer 550 Aug 19 17:14 notifications-core.yml
/etc/wazuh-indexer/opensearch-observability:
total 4
-rw-r----- 1 wazuh-indexer wazuh-indexer 1349 Aug 19 17:14 observability.yml
/etc/wazuh-indexer/opensearch-performance-analyzer:
total 44
-rw-r----- 1 wazuh-indexer wazuh-indexer 104 Aug 19 17:14 agent-stats-metadata
-rw-r----- 1 wazuh-indexer wazuh-indexer 2393 Aug 19 17:14 log4j2.xml
-rw-r----- 1 wazuh-indexer wazuh-indexer 570 Sep 17 15:37 opensearch_security.policy
-rw-r----- 1 wazuh-indexer wazuh-indexer 1668 Aug 19 17:14 performance-analyzer.properties
-rw-r----- 1 wazuh-indexer wazuh-indexer 106 Aug 19 17:14 plugin-stats-metadata
-rw-r----- 1 wazuh-indexer wazuh-indexer 4180 Aug 19 17:14 rca_cluster_manager.conf
-rw-r----- 1 wazuh-indexer wazuh-indexer 2868 Aug 19 17:14 rca.conf
-rw-r----- 1 wazuh-indexer wazuh-indexer 4185 Aug 19 17:14 rca_idle_cluster_manager.conf
-rw-r----- 1 wazuh-indexer wazuh-indexer 1931 Aug 19 17:14 supervisord.conf
/etc/wazuh-indexer/opensearch-reports-scheduler:
total 4
-rw-r----- 1 wazuh-indexer wazuh-indexer 297 Aug 19 17:14 reports-scheduler.yml
/etc/wazuh-indexer/opensearch-security:
total 92
-rw-r----- 1 wazuh-indexer wazuh-indexer 50 Aug 19 17:14 action_groups.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 1973 Aug 19 17:14 allowlist.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 2541 Aug 19 17:14 audit.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 10063 Aug 19 17:14 config.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 1133 Sep 6 13:23 internal_users.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 1667 Sep 17 15:37 internal_users.yml.new
-rw-r----- 1 wazuh-indexer wazuh-indexer 154 Aug 19 17:14 nodes_dn.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 12381 Aug 19 17:14 opensearch.yml.example
-rw-r----- 1 wazuh-indexer wazuh-indexer 1517 Sep 6 15:53 roles_mapping.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 1509 Sep 17 15:37 roles_mapping.yml.dpkg-dist
-rw-r----- 1 wazuh-indexer wazuh-indexer 4643 Aug 19 17:24 roles.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 13387 Sep 17 15:37 roles.yml.new
-rw-r----- 1 wazuh-indexer wazuh-indexer 170 Aug 19 17:14 tenants.yml
-rw-r----- 1 wazuh-indexer wazuh-indexer 1973 Aug 19 17:14 whitelist.yml |
The proposed solution was not approved. Debian packages are to be shipped as is. |
Packages builder run: https://github.com/wazuh/wazuh-indexer/actions/runs/10939721847 |
Testing RPM packages [root@rhel7 vagrant]# systemctl stop wazuh-indexer
[root@rhel7 vagrant]# yum localinstall ./wazuh-indexer-4.9.1-0.x86_64.rpm
Failed to set locale, defaulting to C
Loaded plugins: product-id, search-disabled-repos
Examining ./wazuh-indexer-4.9.1-0.x86_64.rpm: wazuh-indexer-4.9.1-0.x86_64
Marking ./wazuh-indexer-4.9.1-0.x86_64.rpm as an update to wazuh-indexer-4.8.2-1.x86_64
Resolving Dependencies
--> Running transaction check
---> Package wazuh-indexer.x86_64 0:4.8.2-1 will be updated
---> Package wazuh-indexer.x86_64 0:4.9.1-0 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
==============================================================================================================================================================
Package Arch Version Repository Size
==============================================================================================================================================================
Updating:
wazuh-indexer x86_64 4.9.1-0 /wazuh-indexer-4.9.1-0.x86_64 1.0 G
Transaction Summary
==============================================================================================================================================================
Upgrade 1 Package
Total size: 1.0 G
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : wazuh-indexer-4.9.1-0.x86_64 1/2
warning: /etc/wazuh-indexer/jvm.options created as /etc/wazuh-indexer/jvm.options.rpmnew
warning: /etc/wazuh-indexer/opensearch-security/internal_users.yml created as /etc/wazuh-indexer/opensearch-security/internal_users.yml.rpmnew
### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable wazuh-indexer.service
### You can start wazuh-indexer service by executing
sudo systemctl start wazuh-indexer.service
Cleanup : wazuh-indexer-4.8.2-1.x86_64 2/2
Verifying : wazuh-indexer-4.9.1-0.x86_64 1/2
Verifying : wazuh-indexer-4.8.2-1.x86_64 2/2
Updated:
wazuh-indexer.x86_64 0:4.9.1-0
Complete! |
Description
This PR changes the packaging scripts to avoid getting the user prompted to decide if they want to overwrite a configuration file.
Configuration files will always bear a
.new
suffix and will be copied withcp
's--no-clobber
option to their original filenames.This ensures no user changes are lost on upgrades while at the same time avoiding interactively prompting the user on installation.
Issues Resolved
Resolves #380
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.