Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix client keys Ownership for 3.7.x and previous versions #1123

Merged
merged 11 commits into from
Dec 29, 2021
Merged

Fix client keys Ownership for 3.7.x and previous versions #1123

merged 11 commits into from
Dec 29, 2021

Conversation

c-bordon
Copy link
Member

Related issue
#1025

Description

The ownership change process is moved so that it is the last thing to do in the upgrade process

A validation is added for the ossec-authd daemon, if it is started, the process is eliminated before the upgrade

Logs example

Tests

https://devel.ci.wazuh.info/view/Tests/job/Test_upgrade_tier/1496/consoleFull

Screenshot_20211228_081025
Screenshot_20211228_081044

  • Build the package in any supported platform
    • Linux
    • Windows
    • macOS
    • Solaris
    • AIX
    • HP-UX
  • Package installation
  • Package upgrade
  • Package downgrade
  • Package remove
  • Package install/remove/install
  • Change added to CHANGELOG.md
  • Tests for Linux RPM
    • Build the package for x86_64
    • Build the package for i386
    • Build the package for armhf
    • Build the package for aarch64
    • %files section is correctly updated if necessary
  • Tests for Linux deb
    • Build the package for x86_64
    • Build the package for i386
    • Build the package for armhf
    • Build the package for aarch64
    • Package install/remove/install
    • Package install/purge/install
    • Check file permissions after installing the package
  • Tests for macOS
    • Test the package from macOS Sierra to Mojave
  • Tests for Solaris
    • Test the package on Solaris 10
    • Test the package on Solaris 11
    • Check file permissions on Solaris 11 template
  • Tests for IBM AIX
    • %files section is correctly updated if necessary
    • Check the changes from IBM AIX 5 to 7

@c-bordon c-bordon changed the title 1025 fix client keys owner to4.3 Fix client keys Ownership for 3.7.x and previous versions Dec 28, 2021
alberpilot
alberpilot suggested changes Dec 28, 2021
View reviewed changes
Copy link
Contributor

@alberpilot alberpilot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please review the requested changes

debs/SPECS/4.3.0/wazuh-manager/debian/preinst Outdated
@@ -21,6 +21,9 @@ case "$1" in
install|upgrade)

if [ "$1" = "upgrade" ]; then
if pgrep -f ossec-authd > /dev/null 2>&1; then
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I.e: upgrade from 4.0.0 to 4.3.0, this code kills unnecessarily the ossec-authd daemon. This kill must be done only in those cases where none of the wazuh or ossec control stops works.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done: c8a4ee1

rpms/SPECS/4.3.0/wazuh-manager-4.3.0.spec Outdated
@@ -183,6 +183,10 @@ if ! id -u wazuh > /dev/null 2>&1; then
fi

# Stop the services to upgrade the package
if pgrep -f ossec-authd > /dev/null 2>&1; then
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done: c8a4ee1

@c-bordon
Copy link
Member Author

New tests were run after the changes
https://devel.ci.wazuh.info/view/Tests/job/Test_upgrade_tier/1499/console

okynos
okynos approved these changes Dec 28, 2021
View reviewed changes
Copy link
Contributor

@okynos okynos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

alberpilot
alberpilot approved these changes Dec 29, 2021
View reviewed changes
Copy link
Contributor

@alberpilot alberpilot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

debs/SPECS/4.3.0/wazuh-manager/debian/postinst Outdated
@@ -280,6 +280,9 @@ case "$1" in
if [ -z "$(ls -A ${WAZUH_GLOBAL_TMP_DIR})" ]; then
rm -rf ${WAZUH_GLOBAL_TMP_DIR}
fi

# change client.keys ownership
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove the comment.

@alberpilot alberpilot merged commit 36e9d3a into 4.3 Dec 29, 2021
@alberpilot alberpilot deleted the 1025-FixClientKeysOwnerTo4.3 branch December 29, 2021 06:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alberpilot alberpilot alberpilot approved these changes

@okynos okynos okynos approved these changes

@DFolchA DFolchA Awaiting requested review from DFolchA

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@c-bordon @alberpilot @okynos