-
Notifications
You must be signed in to change notification settings - Fork 94
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix client keys Ownership for 3.7.x and previous versions #1123
Conversation
…ientKeysOwnerTo4.3
…ientKeysOwnerTo4.3
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please review the requested changes
@@ -21,6 +21,9 @@ case "$1" in | |||
install|upgrade) | |||
|
|||
if [ "$1" = "upgrade" ]; then | |||
if pgrep -f ossec-authd > /dev/null 2>&1; then |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I.e: upgrade from 4.0.0 to 4.3.0, this code kills unnecessarily the ossec-authd
daemon. This kill must be done only in those cases where none of the wazuh
or ossec
control stops works.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done: c8a4ee1
@@ -183,6 +183,10 @@ if ! id -u wazuh > /dev/null 2>&1; then | |||
fi | |||
|
|||
# Stop the services to upgrade the package | |||
if pgrep -f ossec-authd > /dev/null 2>&1; then |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done: c8a4ee1
New tests were run after the changes |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@@ -280,6 +280,9 @@ case "$1" in | |||
if [ -z "$(ls -A ${WAZUH_GLOBAL_TMP_DIR})" ]; then | |||
rm -rf ${WAZUH_GLOBAL_TMP_DIR} | |||
fi | |||
|
|||
# change client.keys ownership |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove the comment.
Description
The ownership change process is moved so that it is the last thing to do in the upgrade process
A validation is added for the ossec-authd daemon, if it is started, the process is eliminated before the upgrade
Logs example
Tests
https://devel.ci.wazuh.info/view/Tests/job/Test_upgrade_tier/1496/consoleFull
%files
section is correctly updated if necessary%files
section is correctly updated if necessary