-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Release 4.3.6 - Release Candidate 1 - E2E UX tests - Configuration assessment #14268
Comments
|
Server install🟢 Wazuh install on Amazon linux 2For this tests the
🟢 Wazuh Manager
🟢 Wazuh indexer
🟢 Wazuh dashboard
Agent install🟢Wazuh agent installation on linux
For this test we used the one liner command provided by the wazuh dasboard WUI:
SCARequisites🟢 Defaults and temples are properly set.
Previous release tests🟢 Ensure sticky bit is set on all world-writable directories.🟢 Ensure iptables are flushed with nftables.
🟢 Policy doesn't create the /dev/null file.
🔴 Ensure XD/NX support is enabled.
Proposed solutions
New tests🟢 Ensure journald is configured to write logfiles to persistent disk.
🟢 Ensure SSH PermitEmptyPasswords is disabled.
🟡 Ensure iptables packages are installed.
🟢 Ensure noexec option set on /dev/shm partition.
|
The following issue aims to run the specified test for the current release candidate, report the results, and open new issues for any encountered errors.
Modules tests information
Installation procedure
Description
Validate issues reported from last E2E test
#13030
#12347
Validate changes from v4.3.0 to 4.3.6 (only if applies)
#13893
#13905
#13781
#13950
Validate documentation consistency
https://documentation-dev.wazuh.com/4.3.6-rc/user-manual/capabilities/sec-config-assessment/index.html
Validate use case
https://documentation-dev.wazuh.com/4.3.6-rc/user-manual/capabilities/sec-config-assessment/use-case.html
Check Wazuh Dasboard SCA scan results
Test report procedure
All test results must have one of the following statuses:
Any failing test must be properly addressed with a new issue, detailing the error and the possible cause.
An extended report of the test results can be attached as a ZIP or TXT file. Please attach any documents, screenshots, or tables to the issue update with the results. This report can be used by the auditors to dig deeper into any possible failures and details.
Conclusions
All tests have been executed and the results can be found in the issue updates.
Auditors validation
The definition of done for this one is the validation of the conclusions and the test results from all auditors.
All checks from below must be accepted in order to close this issue.
The text was updated successfully, but these errors were encountered: