Merge pull request #2874 from wazuh/merge-4.9.0-into-master

Merge 4.9.0 into master

.github/actions/offline-installation/common.sh

@@ -44,7 +44,7 @@ function check_file() {
 function check_shards() {
 
     retries=0
-    until [ "$(curl -s -k -u admin:admin "https://localhost:9200/_template/wazuh?pretty&filter_path=wazuh.settings.index.number_of_shards" | grep "number_of_shards")" ] || [ "${retries}" -eq 5 ]; do
+    until [ "$(curl -s -k -u admin:admin "https://127.0.0.1:9200/_template/wazuh?pretty&filter_path=wazuh.settings.index.number_of_shards" | grep "number_of_shards")" ] || [ "${retries}" -eq 5 ]; do
         sleep 5
         retries=$((retries+1))
     done
@@ -53,7 +53,7 @@ function check_shards() {
         echo "ERROR: Could not get the number of shards."
         exit 1
     fi
-    curl -s -k -u admin:admin "https://localhost:9200/_template/wazuh?pretty&filter_path=wazuh.settings.index.number_of_shards"
+    curl -s -k -u admin:admin "https://127.0.0.1:9200/_template/wazuh?pretty&filter_path=wazuh.settings.index.number_of_shards"
     echo "INFO: Number of shards detected."
 
 }
@@ -79,13 +79,19 @@ function dashboard_installation() {
         /usr/share/wazuh-dashboard/bin/opensearch-dashboards "-c /etc/wazuh-dashboard/opensearch_dashboards.yml" --allow-root > /dev/null 2>&1 &
     fi
 
-    sleep 10
+    retries=0
     # In this context, 302 HTTP code refers to SSL certificates warning: success.
-    if [ "$(curl -k -s -I -w "%{http_code}" https://localhost -o /dev/null --fail)" -ne "302" ]; then
+    until [ "$(curl -k -s -I -w "%{http_code}" https://127.0.0.1 -o /dev/null --fail)" -ne "302" ] || [ "${retries}" -eq 5 ]; do
+        echo "INFO: Sleeping 10 seconds."
+        sleep 10
+        retries=$((retries+1))
+    done
+    if [ ${retries} -eq 5 ]; then
         echo "ERROR: The Wazuh dashboard installation has failed."
         exit 1
+    else
+        echo "INFO: The Wazuh dashboard is ready."
     fi
-    echo "INFO: The Wazuh dashboard is ready."
 
 }
 
@@ -190,7 +196,7 @@ function indexer_initialize() {
         echo "ERROR: The indexer node is not started."
         exit 1
     fi
-    /usr/share/wazuh-indexer/bin/indexer-init.sh
+    /usr/share/wazuh-indexer/bin/indexer-security-init.sh
 
 }
 
@@ -226,7 +232,7 @@ function indexer_installation() {
 
     indexer_initialize
     sleep 10
-    eval "curl -s -XGET https://localhost:9200 -u admin:admin -k --fail"
+    eval "curl -s -XGET https://127.0.0.1:9200 -u admin:admin -k --fail"
     if [ "${PIPESTATUS[0]}" != 0 ]; then
         echo "ERROR: The Wazuh indexer installation has failed."
         exit 1

.github/actions/passwords-tool/tests-stack-success.sh

@@ -22,7 +22,7 @@ echo '::endgroup::'
 
 echo '::group:: Change all passwords except Wazuh API ones.'
 
-mapfile -t pass < <(bash wazuh-passwords-tool.sh -a | awk '{ print $NF }' | sed \$d | sed '1d' )
+mapfile -t pass < <(bash wazuh-passwords-tool.sh -a | grep 'The password for' | awk '{ print $NF }')
 for i in "${!users[@]}"; do
     if curl -s -XGET https://localhost:9200/ -u "${users[i]}":"${pass[i]}" -k -w %{http_code} | grep "401"; then
         exit 1
@@ -35,7 +35,7 @@ echo '::group:: Change all passwords.'
 
 wazuh_pass="$(cat wazuh-install-files/wazuh-passwords.txt | awk "/username: 'wazuh'/{getline;print;}" | awk '{ print $2 }' | tr -d \' )"
 
-mapfile -t passall < <(bash wazuh-passwords-tool.sh -a -au wazuh -ap "${wazuh_pass}" | awk '{ print $NF }' | sed \$d ) 
+mapfile -t passall < <(bash wazuh-passwords-tool.sh -a -au wazuh -ap "${wazuh_pass}" | grep 'The password for' | awk '{ print $NF }' ) 
 passindexer=("${passall[@]:0:6}")
 passapi=("${passall[@]:(-2)}")
 
@@ -63,7 +63,7 @@ echo '::endgroup::'
 
 echo '::group:: Change all passwords except Wazuh API ones using a file.'
 
-mapfile -t passfile < <(bash wazuh-passwords-tool.sh -f wazuh-install-files/wazuh-passwords.txt | awk '{ print $NF }' | sed \$d | sed '1d' )
+mapfile -t passfile < <(bash wazuh-passwords-tool.sh -f wazuh-install-files/wazuh-passwords.txt | grep 'The password for' | awk '{ print $NF }' ) 
 for i in "${!users[@]}"; do
     if curl -s -XGET https://localhost:9200/ -u "${users[i]}":"${passfile[i]}" -k -w %{http_code} | grep "401"; then
         exit 1
@@ -72,7 +72,7 @@ done
 echo '::endgroup::'
 
 echo '::group:: Change all passwords from a file.'
-mapfile -t passallf < <(bash wazuh-passwords-tool.sh -f wazuh-install-files/wazuh-passwords.txt -au wazuh -ap BkJt92r*ndzN.CkCYWn?d7i5Z7EaUt63 | awk '{ print $NF }' | sed \$d ) 
+mapfile -t passallf < <(bash wazuh-passwords-tool.sh -f wazuh-install-files/wazuh-passwords.txt -au wazuh -ap BkJt92r*ndzN.CkCYWn?d7i5Z7EaUt63 | grep 'The password for' | awk '{ print $NF }' )
 passindexerf=("${passallf[@]:0:6}")
 passapif=("${passallf[@]:(-2)}")
 

.github/workflows/build-rpm-packages.yml

@@ -10,6 +10,8 @@ on:
 
 jobs:
   Wazuh-agent-rpm-package-build:
+    env:
+      BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
     runs-on: ubuntu-latest
     strategy:
       matrix:
@@ -68,8 +70,13 @@ jobs:
         if : steps.changes.outputs.rpm_packages == 'true' || (steps.changes.outputs.rpm_images_agent_i386 == 'true' && matrix.ARCHITECTURE == 'i386') || ((steps.changes.outputs.rpm_images_manager_x86_64 == 'true' || steps.changes.outputs.rpm_images_agent_x86_64 == 'true') && matrix.ARCHITECTURE == 'x86_64')
         working-directory: ./rpms
         run: |
+          if [ "X`git ls-remote --heads https://github.com/wazuh/wazuh.git ${BRANCH_NAME}`" != "X" ]; then
+              W_BRANCH=${BRANCH_NAME}
+          else
+              W_BRANCH=${{ env.VERSION }}
+          fi
           REVISION=$( echo ${{ github.head_ref }} | sed 's/-/./g; s/\//./g' )
-          bash generate_rpm_package.sh -b ${{ env.VERSION }} -t ${{ matrix.TYPE }} -a ${{ matrix.ARCHITECTURE }} --dev -j 2 --dont-build-docker --tag ${{ env.TAG }} -r $REVISION
+          bash generate_rpm_package.sh -b ${W_BRANCH} -t ${{ matrix.TYPE }} -a ${{ matrix.ARCHITECTURE }} --dev -j 2 --dont-build-docker --tag ${{ env.TAG }} -r $REVISION
           echo "PACKAGE_NAME=$(ls ./output | grep .rpm | head -n 1)" >> $GITHUB_ENV
 
       - name: Upload Wazuh ${{ matrix.TYPE }} ${{ matrix.ARCHITECTURE }} package as artifact

CHANGELOG.md

@@ -20,6 +20,10 @@ All notable changes to this project will be documented in this file.
 
 - https://github.com/wazuh/wazuh-packages/releases/tag/v4.8.0
 
+## [4.7.3]
+
+- https://github.com/wazuh/wazuh-packages/releases/tag/v4.7.3
+
 ## [4.7.2]
 
 - https://github.com/wazuh/wazuh-packages/releases/tag/v4.7.2

aix/SPECS/wazuh-agent-aix.spec

@@ -294,12 +294,14 @@ rm -fr %{buildroot}
 - More info: https://documentation.wazuh.com/current/release-notes/release-5-0-0.html
 * Tue May 14 2024 support <info@wazuh.com> - 4.9.0
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-9-0.html
-* Tue Mar 26 2024 support <info@wazuh.com> - 4.8.2
+* Wed Apr 17 2024 support <info@wazuh.com> - 4.8.2
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-8-2.html
-* Wed Feb 28 2024 support <info@wazuh.com> - 4.8.1
+* Wed Apr 03 2024 support <info@wazuh.com> - 4.8.1
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-8-1.html
-* Wed Feb 21 2024 support <info@wazuh.com> - 4.8.0
+* Wed Mar 20 2024 support <info@wazuh.com> - 4.8.0
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-8-0.html
+* Tue Feb 27 2024 support <info@wazuh.com> - 4.7.3
+- More info: https://documentation.wazuh.com/current/release-notes/release-4-7-3.html
 * Tue Jan 09 2024 support <info@wazuh.com> - 4.7.2
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-7-2.html
 * Wed Dec 13 2023 support <info@wazuh.com> - 4.7.1

debs/SPECS/wazuh-agent/debian/changelog

@@ -26,7 +26,13 @@ wazuh-agent (4.8.0-RELEASE) stable; urgency=low
 
   * More info: https://documentation.wazuh.com/current/release-notes/release-4-8-0.html
 
- -- Wazuh, Inc <info@wazuh.com>  Wed, 21 Feb 2024 00:00:00 +0000
+ -- Wazuh, Inc <info@wazuh.com>  Wed, 20 Mar 2024 00:00:00 +0000
+
+wazuh-agent (4.7.3-RELEASE) stable; urgency=low
+
+  * More info: https://documentation.wazuh.com/current/release-notes/release-4-7-3.html
+
+ -- Wazuh, Inc <info@wazuh.com>  Tue, 27 Feb 2024 00:00:00 +0000
 
 wazuh-agent (4.7.2-RELEASE) stable; urgency=low
 

debs/SPECS/wazuh-manager/debian/changelog

@@ -26,7 +26,13 @@ wazuh-manager (4.8.0-RELEASE) stable; urgency=low
 
   * More info: https://documentation.wazuh.com/current/release-notes/release-4-8-0.html
 
- -- Wazuh, Inc <info@wazuh.com>  Wed, 21 Feb 2024 00:00:00 +0000
+ -- Wazuh, Inc <info@wazuh.com>  Wed, 20 Mar 2024 00:00:00 +0000
+
+wazuh-manager (4.7.3-RELEASE) stable; urgency=low
+
+  * More info: https://documentation.wazuh.com/current/release-notes/release-4-7-3.html
+
+ -- Wazuh, Inc <info@wazuh.com>  Tue, 27 Feb 2024 00:00:00 +0000
 
 wazuh-manager (4.7.2-RELEASE) stable; urgency=low
 

debs/SPECS/wazuh-manager/debian/control

@@ -8,7 +8,7 @@ Homepage: http://www.wazuh.com
 
 Package: wazuh-manager
 Architecture: any
-Depends: ${shlibs:Depends}, libc6 (>= 2.7), lsb-release, debconf, adduser, xz-utils
+Depends: ${shlibs:Depends}, libc6 (>= 2.7), lsb-release, debconf, adduser
 Suggests: expect
 Conflicts: ossec-hids-agent, wazuh-agent, ossec-hids, wazuh-api
 Replaces: wazuh-api

debs/SPECS/wazuh-manager/debian/postinst

@@ -15,7 +15,6 @@ case "$1" in
     OSMYSHELL="/sbin/nologin"
     SCRIPTS_DIR="${WAZUH_GLOBAL_TMP_DIR}/manager_installation_scripts"
     SCA_BASE_DIR="${SCRIPTS_DIR}/sca"
-    VD_FILENAME='vd_1.0.0_vd_4.8.0.tar.xz'
 
     if [ -d /run/systemd/system ]; then
         rm -f /etc/init.d/wazuh-manager
@@ -72,13 +71,6 @@ case "$1" in
         chown ${USER}:${GROUP} ${DIR}/queue/db/global.db*
     fi
 
-    if [ -f "${DIR}/${VD_FILENAME}" ]; then
-        tar -xf ${DIR}/${VD_FILENAME} -C ${DIR}
-        chown ${USER}:${GROUP} ${DIR}/queue/vd
-        chown ${USER}:${GROUP} ${DIR}/queue/vd_updater
-        rm -rf ${DIR}/${VD_FILENAME}
-    fi
-
     # Delete uncompatible DBs versions
     if [ ! -z $2 ]; then
 
@@ -274,7 +266,7 @@ case "$1" in
             find ${DIR}/ -group ossec -user ossecr -print0 | xargs -0 chown ${USER}:${GROUP} > /dev/null 2>&1 || true
             deluser ossecr > /dev/null 2>&1
         fi
-        if getent group ossec > /dev/null 2>&1; then 
+        if getent group ossec > /dev/null 2>&1; then
             delgroup ossec > /dev/null 2>&1
         fi
     fi
@@ -311,7 +303,7 @@ case "$1" in
     if [ -z "$(ls -A ${WAZUH_GLOBAL_TMP_DIR})" ]; then
         rm -rf ${WAZUH_GLOBAL_TMP_DIR}
     fi
-   
+
     ;;
 
 

debs/SPECS/wazuh-manager/debian/rules

@@ -64,7 +64,7 @@ override_dh_install:
 	USER_GENERATE_AUTHD_CERT="y" \
 	USER_AUTO_START="n" \
 	USER_CREATE_SSL_CERT="n" \
-	DOWNLOAD_CONTENT="yes" \
+	DOWNLOAD_CONTENT="y" \
 	./install.sh
 
 	# Copying init.d script
@@ -156,11 +156,11 @@ override_dh_install:
 	mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/20/04
 	mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/22/04
 	mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/windows
-	mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sunos/5/11
-	mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/almalinux/9
-	mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rocky/8
 	mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rocky/9
 	mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/almalinux/8
+	mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/almalinux/9
+	mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sunos/5/11
+	mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rocky/8
 
 	cp -r ruleset/sca/* ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca
 
@@ -219,8 +219,8 @@ override_dh_install:
 	cp etc/templates/config/ubuntu/20/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/20/04
 	cp etc/templates/config/ubuntu/22/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/22/04
 
-	cp etc/templates/config/rocky/9/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rocky/8
-	cp etc/templates/config/rocky/8/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rocky/9
+	cp etc/templates/config/rocky/9/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rocky/9
+	cp etc/templates/config/rocky/8/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rocky/8
 
 	cp etc/templates/config/almalinux/8/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/almalinux/8
 	cp etc/templates/config/almalinux/9/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/almalinux/9