Fix startup errors on STIG compliant systems due to noexec filesystems #533
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Moved tmp dir creation from postinst to preinst Update .restart tmp file to be stored in the new tmp dir
|
Reproduced the error installing wazuh-indexer package without the fix on a STIG compliant system (/var/log, /var/tmp, /tmp being Nov 11 12:58:44 ubuntu2204.localdomain systemd-entrypoint[4549]: WARNING: A terminally deprecated method in java.lang.System has been called
Nov 11 12:58:44 ubuntu2204.localdomain systemd-entrypoint[4549]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/usr/s>
Nov 11 12:58:44 ubuntu2204.localdomain systemd-entrypoint[4549]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch
Nov 11 12:58:44 ubuntu2204.localdomain systemd-entrypoint[4549]: WARNING: System::setSecurityManager will be removed in a future release
Nov 11 12:58:44 ubuntu2204.localdomain systemd-entrypoint[4549]: Nov 11, 2024 12:58:44 PM sun.util.locale.provider.LocaleProviderAdapter <clinit>
Nov 11 12:58:44 ubuntu2204.localdomain systemd-entrypoint[4549]: WARNING: COMPAT locale provider will be removed in a future release
Nov 11 12:58:45 ubuntu2204.localdomain systemd-entrypoint[4549]: WARNING: A terminally deprecated method in java.lang.System has been called
Nov 11 12:58:45 ubuntu2204.localdomain systemd-entrypoint[4549]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.Security (file:/usr/sha>
Nov 11 12:58:45 ubuntu2204.localdomain systemd-entrypoint[4549]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.Security
Nov 11 12:58:45 ubuntu2204.localdomain systemd-entrypoint[4549]: WARNING: System::setSecurityManager will be removed in a future release
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: ERROR: [1] bootstrap checks failed
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: [1]: system call filters failed to install; check the logs and fix your configuration or disable system>
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: ERROR: OpenSearch did not exit normally - check the logs at /var/log/wazuh-indexer/wazuh-cluster.log
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: fatal error in thread [Thread-3], exiting
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: java.lang.NoClassDefFoundError: Could not initialize class com.sun.jna.Native
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: at org.opensearch.systemd.Libsystemd.lambda$static$0(Libsystemd.java:48)
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: at java.base/java.security.AccessController.doPrivileged(AccessController.java:319)
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: at org.opensearch.systemd.Libsystemd.<clinit>(Libsystemd.java:47)
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: at org.opensearch.systemd.SystemdPlugin.sd_notify(SystemdPlugin.java:126)
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: at org.opensearch.systemd.SystemdPlugin.close(SystemdPlugin.java:152)
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: at org.opensearch.common.util.io.IOUtils.close(IOUtils.java:89)
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: at org.opensearch.common.util.io.IOUtils.close(IOUtils.java:131)
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: at org.opensearch.common.util.io.IOUtils.close(IOUtils.java:114)
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: at org.opensearch.node.Node.close(Node.java:1791)
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: at org.opensearch.common.util.io.IOUtils.close(IOUtils.java:89)
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: at org.opensearch.common.util.io.IOUtils.close(IOUtils.java:131)
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: at org.opensearch.common.util.io.IOUtils.close(IOUtils.java:81)
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: at org.opensearch.bootstrap.Bootstrap$4.run(Bootstrap.java:206)
Nov 11 12:58:50 ubuntu2204.localdomain systemd-entrypoint[4549]: Caused by: java.lang.ExceptionInInitializerError: Exception java.lang.UnsatisfiedLinkError: /var/log/wa>Validate the package with the fix can be correctly installed and started on the same system
|
|
Check service maintains its previous status on a upgrade using this PR's package
|
|
Packages from this branch get installed and run properly on an almalinux 9 installation with [root@node-1 scripts]# cat /etc/os-release
NAME="AlmaLinux"
VERSION="9.3 (Shamrock Pampas Cat)"
ID="almalinux"
ID_LIKE="rhel centos fedora"
VERSION_ID="9.3"
PLATFORM_ID="platform:el9"
PRETTY_NAME="AlmaLinux 9.3 (Shamrock Pampas Cat)"
ANSI_COLOR="0;34"
LOGO="fedora-logo-icon"
CPE_NAME="cpe:/o:almalinux:almalinux:9::baseos"
HOME_URL="https://almalinux.org/"
DOCUMENTATION_URL="https://wiki.almalinux.org/"
BUG_REPORT_URL="https://bugs.almalinux.org/"
ALMALINUX_MANTISBT_PROJECT="AlmaLinux-9"
ALMALINUX_MANTISBT_PROJECT_VERSION="9.3"
REDHAT_SUPPORT_PRODUCT="AlmaLinux"
REDHAT_SUPPORT_PRODUCT_VERSION="9.3"
[root@node-1 scripts]# mount | grep noexec
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime,seclabel)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=000)
cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,seclabel,nsdelegate,memory_recursiveprot)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime,seclabel)
bpf on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700)
selinuxfs on /sys/fs/selinux type selinuxfs (rw,nosuid,noexec,relatime)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime,seclabel)
debugfs on /sys/kernel/debug type debugfs (rw,nosuid,nodev,noexec,relatime,seclabel)
tracefs on /sys/kernel/tracing type tracefs (rw,nosuid,nodev,noexec,relatime,seclabel)
fusectl on /sys/fs/fuse/connections type fusectl (rw,nosuid,nodev,noexec,relatime)
configfs on /sys/kernel/config type configfs (rw,nosuid,nodev,noexec,relatime)
none on /run/credentials/systemd-tmpfiles-setup-dev.service type ramfs (ro,nosuid,nodev,noexec,relatime,seclabel,mode=700)
none on /run/credentials/systemd-tmpfiles-setup.service type ramfs (ro,nosuid,nodev,noexec,relatime,seclabel,mode=700)
/dev/mapper/almalinux_alma9-root on /tmp type xfs (rw,noexec,relatime,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota)
/dev/mapper/almalinux_alma9-root on /var/log type xfs (rw,noexec,relatime,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota)
/dev/mapper/almalinux_alma9-root on /var/tmp type xfs (rw,noexec,relatime,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota)
none on /run/credentials/systemd-sysctl.service type ramfs (ro,nosuid,nodev,noexec,relatime,seclabel,mode=700)
[root@node-1 scripts]# systemctl status wazuh-indexer --no-pager -l
● wazuh-indexer.service - wazuh-indexer
Loaded: loaded (/usr/lib/systemd/system/wazuh-indexer.service; disabled; preset: disabled)
Active: active (running) since Mon 2024-11-25 15:34:30 UTC; 2min 39s ago
Docs: https://documentation.wazuh.com
Main PID: 5641 (java)
Tasks: 81 (limit: 24731)
Memory: 1.3G
CPU: 28.488s
CGroup: /system.slice/wazuh-indexer.service
└─5641 /usr/share/wazuh-indexer/jdk/bin/java -Xshare:auto -Dopensearch.networkaddress.cache.ttl=60 -Dopensearch.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -XX:-OmitStackTraceInFastThrow -XX:+ShowCodeDetailsInExceptionMessages -Dio.netty.noUnsafe=true -Dio.netty.noKeySetOptimization=true -Dio.netty.recycler.maxCapacityPerThread=0 -Dio.netty.allocator.numDirectArenas=0 -Dlog4j.shutdownHookEnabled=false -Dlog4j2.disable.jmx=true -Djava.security.manager=allow -Djava.locale.providers=SPI,COMPAT -Xms1g -Xmx1g -XX:+UseG1GC -XX:G1ReservePercent=25 -XX:InitiatingHeapOccupancyPercent=30 -Djava.io.tmpdir=/var/lib/wazuh-indexer/tmp -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/lib/wazuh-indexer -XX:ErrorFile=/var/log/wazuh-indexer/hs_err_pid%p.log "-Xlog:gc*,gc+age=trace,safepoint:file=/var/log/wazuh-indexer/gc.log:utctime,pid,tags:filecount=32,filesize=64m" -Djava.security.manager=allow -Djava.util.concurrent.ForkJoinPool.common.threadFactory=org.opensearch.secure_sm.SecuredForkJoinWorkerThreadFactory -Dclk.tck=100 -Djdk.attach.allowAttachSelf=true -Djava.security.policy=file:///etc/wazuh-indexer/opensearch-performance-analyzer/opensearch_security.policy --add-opens=jdk.attach/sun.tools.attach=ALL-UNNAMED -XX:MaxDirectMemorySize=536870912 -Dopensearch.path.home=/usr/share/wazuh-indexer -Dopensearch.path.conf=/etc/wazuh-indexer -Dopensearch.distribution.type=rpm -Dopensearch.bundled_jdk=true -cp "/usr/share/wazuh-indexer/lib/*" org.opensearch.bootstrap.OpenSearch -p /run/wazuh-indexer/wazuh-indexer.pid --quiet
Nov 25 15:34:23 node-1 systemd-entrypoint[5641]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/usr/share/wazuh-indexer/lib/opensearch-2.16.0.jar)
Nov 25 15:34:23 node-1 systemd-entrypoint[5641]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch
Nov 25 15:34:23 node-1 systemd-entrypoint[5641]: WARNING: System::setSecurityManager will be removed in a future release
Nov 25 15:34:23 node-1 systemd-entrypoint[5641]: Nov 25, 2024 3:34:23 PM sun.util.locale.provider.LocaleProviderAdapter <clinit>
Nov 25 15:34:23 node-1 systemd-entrypoint[5641]: WARNING: COMPAT locale provider will be removed in a future release
Nov 25 15:34:24 node-1 systemd-entrypoint[5641]: WARNING: A terminally deprecated method in java.lang.System has been called
Nov 25 15:34:24 node-1 systemd-entrypoint[5641]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.Security (file:/usr/share/wazuh-indexer/lib/opensearch-2.16.0.jar)
Nov 25 15:34:24 node-1 systemd-entrypoint[5641]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.Security
Nov 25 15:34:24 node-1 systemd-entrypoint[5641]: WARNING: System::setSecurityManager will be removed in a future release
Nov 25 15:34:30 node-1 systemd[1]: Started wazuh-indexer.
[root@node-1 scripts]# curl -sku admin:admin https://localhost:9200
{
"name" : "node-1",
"cluster_name" : "wazuh-cluster",
"cluster_uuid" : "LPWidYpFS4uM5fNvKZ1X0w",
"version" : {
"number" : "7.10.2",
"build_type" : "rpm",
"build_hash" : "c99647645cd8e8871653c65d6c451a32711ded50",
"build_date" : "2024-11-11T11:37:51.521499Z",
"build_snapshot" : false,
"lucene_version" : "9.11.1",
"minimum_wire_compatibility_version" : "7.10.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "The OpenSearch Project: https://opensearch.org/"
}
|
AlexRuiz7
pushed a commit
that referenced
this pull request
Feb 4, 2025
#533) * Update packaging scripts to avoid failures when /var/log is noexec Moved tmp dir creation from postinst to preinst Update .restart tmp file to be stored in the new tmp dir * Update OPENASEARCH_TMPDIR pointing to new tmp directory's path
AlexRuiz7
added a commit
that referenced
this pull request
Feb 4, 2025
#533) (#671) * Update packaging scripts to avoid failures when /var/log is noexec Moved tmp dir creation from postinst to preinst Update .restart tmp file to be stored in the new tmp dir * Update OPENASEARCH_TMPDIR pointing to new tmp directory's path Co-authored-by: Kevin Ledesma <[email protected]>
AlexRuiz7
pushed a commit
that referenced
this pull request
Feb 4, 2025
#533) * Update packaging scripts to avoid failures when /var/log is noexec Moved tmp dir creation from postinst to preinst Update .restart tmp file to be stored in the new tmp dir * Update OPENASEARCH_TMPDIR pointing to new tmp directory's path
3 tasks
AlexRuiz7
added a commit
that referenced
this pull request
Feb 4, 2025
#533) (#672) * Update packaging scripts to avoid failures when /var/log is noexec Moved tmp dir creation from postinst to preinst Update .restart tmp file to be stored in the new tmp dir * Update OPENASEARCH_TMPDIR pointing to new tmp directory's path Co-authored-by: Kevin Ledesma <[email protected]>
AlexRuiz7
pushed a commit
that referenced
this pull request
Feb 4, 2025
#533) * Update packaging scripts to avoid failures when /var/log is noexec Moved tmp dir creation from postinst to preinst Update .restart tmp file to be stored in the new tmp dir * Update OPENASEARCH_TMPDIR pointing to new tmp directory's path
3 tasks
AlexRuiz7
added a commit
that referenced
this pull request
Feb 4, 2025
#533) (#673) * Update packaging scripts to avoid failures when /var/log is noexec Moved tmp dir creation from postinst to preinst Update .restart tmp file to be stored in the new tmp dir * Update OPENASEARCH_TMPDIR pointing to new tmp directory's path Co-authored-by: Kevin Ledesma <[email protected]>
AlexRuiz7
added a commit
that referenced
this pull request
Feb 4, 2025
* Merge 4.10.0 into 4.10.1 (#470) * Upgrade integrations to the last version (#447) * Upgrade third-party integrations to latest product versions (#368) * Upgrade third-party integrations to latest product versions * Improve comtability matrix * Change versions in /integrations/.env Signed-off-by: Malena Casas <[email protected]> * Fix Splunk integrations (#362) * Add table with the version of the integrations * Update CHANGELOG.md Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Malena Casas <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> * Merge 4.9.1 into 4.10.0 (#454) * Prepare 4.9.1-rc2 (#436) * Update docker/README.md (#438) * Support new stage 4.9.1-rc3 (#443) * Update operational--integrations_maintenance_request.md (#449) Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Álex Ruiz <[email protected]> * Fix Github Actions build process dependency errors (#457) * Switch from latest to 22.04 runner * Remove non-existant packages from workflow provisioner * Remove freeglut3 from provision.sh * Update calendarTime and scan_date fields type (#458) * Merge 4.9.1 into 4.10.0 (#469) * Support for v4.9.1-alpha4 (#461) * Prepare final release notes for 4.9.1 --------- Signed-off-by: Malena Casas <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Co-authored-by: Malena Casas <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> Co-authored-by: Fede Galland <[email protected]> Co-authored-by: Kevin Ledesma <[email protected]> * Fix release date for 4.10.0 in RPM spec file Signed-off-by: Álex Ruiz <[email protected]> * Merge 4.10.0 into 4.10.1 (#511) * Upgrade integrations to the last version (#447) * Upgrade third-party integrations to latest product versions (#368) * Upgrade third-party integrations to latest product versions * Improve comtability matrix * Change versions in /integrations/.env Signed-off-by: Malena Casas <[email protected]> * Fix Splunk integrations (#362) * Add table with the version of the integrations * Update CHANGELOG.md Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Malena Casas <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> * Merge 4.9.1 into 4.10.0 (#454) * Prepare 4.9.1-rc2 (#436) * Update docker/README.md (#438) * Support new stage 4.9.1-rc3 (#443) * Update operational--integrations_maintenance_request.md (#449) Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Álex Ruiz <[email protected]> * Fix Github Actions build process dependency errors (#457) * Switch from latest to 22.04 runner * Remove non-existant packages from workflow provisioner * Remove freeglut3 from provision.sh * Update calendarTime and scan_date fields type (#458) * Merge 4.9.1 into 4.10.0 (#469) * Support for v4.9.1-alpha4 (#461) * Prepare final release notes for 4.9.1 * Fix release date for 4.10.0 in RPM spec file (#471) * Preserve status of wazuh-indexer on upgrade (#498) * Update pre and post inst scripts for deb and rpm to store and restore service status * Update prerm script to avoid stopping the service on upgrade * Remove extra spaces and update rpm restart command * Merge 4.9.2 into 4.10.0 (#510) * Support for v4.9.1-alpha4 (#461) * Prepare final release notes for 4.9.1 * Support new version 4.9.2 (#494) * Support new version 4.9.2 * Add estimated release date for 4.9.2 * Fix estimates release date for 4.9.2 * Fix 4.9.1 release notes title --------- Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Malena Casas <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Co-authored-by: Malena Casas <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> Co-authored-by: Fede Galland <[email protected]> Co-authored-by: Kevin Ledesma <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> * Merge 4.10.0 into 4.10.1 (#596) * Upgrade integrations to the last version (#447) * Upgrade third-party integrations to latest product versions (#368) * Upgrade third-party integrations to latest product versions * Improve comtability matrix * Change versions in /integrations/.env Signed-off-by: Malena Casas <[email protected]> * Fix Splunk integrations (#362) * Add table with the version of the integrations * Update CHANGELOG.md Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Malena Casas <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> * Merge 4.9.1 into 4.10.0 (#454) * Prepare 4.9.1-rc2 (#436) * Update docker/README.md (#438) * Support new stage 4.9.1-rc3 (#443) * Update operational--integrations_maintenance_request.md (#449) Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Álex Ruiz <[email protected]> * Fix Github Actions build process dependency errors (#457) * Switch from latest to 22.04 runner * Remove non-existant packages from workflow provisioner * Remove freeglut3 from provision.sh * Update calendarTime and scan_date fields type (#458) * Merge 4.9.1 into 4.10.0 (#469) * Support for v4.9.1-alpha4 (#461) * Prepare final release notes for 4.9.1 * Fix release date for 4.10.0 in RPM spec file (#471) * Preserve status of wazuh-indexer on upgrade (#498) * Update pre and post inst scripts for deb and rpm to store and restore service status * Update prerm script to avoid stopping the service on upgrade * Remove extra spaces and update rpm restart command * Merge 4.9.2 into 4.10.0 (#510) * Support for v4.9.1-alpha4 (#461) * Prepare final release notes for 4.9.1 * Support new version 4.9.2 (#494) * Support new version 4.9.2 * Add estimated release date for 4.9.2 * Fix estimates release date for 4.9.2 * Fix 4.9.1 release notes title --------- Signed-off-by: Álex Ruiz <[email protected]> * Update Changelog and release date (#595) --------- Signed-off-by: Malena Casas <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Co-authored-by: Malena Casas <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> Co-authored-by: Fede Galland <[email protected]> Co-authored-by: Kevin Ledesma <[email protected]> * Support new Wazuh version 4.11.0 (#616) * Merge 4.10.1 into 4.11.0 (#634) * Upgrade integrations to the last version (#447) * Upgrade third-party integrations to latest product versions (#368) * Upgrade third-party integrations to latest product versions * Improve compatibility matrix * Change versions in /integrations/.env Signed-off-by: Malena Casas <[email protected]> * Fix Splunk integrations (#362) * Add table with the version of the integrations * Update CHANGELOG.md Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Malena Casas <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> * Merge 4.9.1 into 4.10.0 (#454) * Prepare 4.9.1-rc2 (#436) * Update docker/README.md (#438) * Support new stage 4.9.1-rc3 (#443) * Update operational--integrations_maintenance_request.md (#449) Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Álex Ruiz <[email protected]> * Fix GitHub Actions build process dependency errors (#457) * Switch from latest to 22.04 runner * Remove nonexistent packages from workflow provisioner * Remove freeglut3 from provision.sh * Update calendarTime and scan_date fields type (#458) * Merge 4.9.1 into 4.10.0 (#469) * Support for v4.9.1-alpha4 (#461) * Prepare final release notes for 4.9.1 * Fix release date for 4.10.0 in RPM spec file (#471) * Preserve status of wazuh-indexer on upgrade (#498) * Update pre- and post-inst scripts for deb and rpm to store and restore service status * Update prerm script to avoid stopping the service on upgrade * Remove extra spaces and update rpm restart command * Merge 4.9.2 into 4.10.0 (#510) * Support for v4.9.1-alpha4 (#461) * Prepare final release notes for 4.9.1 * Support new version 4.9.2 (#494) * Support new version 4.9.2 * Add estimated release date for 4.9.2 * Fix estimates release date for 4.9.2 * Fix 4.9.1 release notes title --------- Signed-off-by: Álex Ruiz <[email protected]> * Update Changelog and release date (#595) * Support new Wazuh version 4.10.1 (#615) * Support new stage RC3 for 4.10.0 (#629) (#633) * Clear Changelog * Remove new line in VERSION --------- Signed-off-by: Malena Casas <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Co-authored-by: Malena Casas <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> Co-authored-by: Fede Galland <[email protected]> Co-authored-by: Kevin Ledesma <[email protected]> * Merge 4.10.2 into 4.11.0 (#646) * Upgrade integrations to the last version (#447) * Upgrade third-party integrations to latest product versions (#368) * Upgrade third-party integrations to latest product versions * Improve comtability matrix * Change versions in /integrations/.env Signed-off-by: Malena Casas <[email protected]> * Fix Splunk integrations (#362) * Add table with the version of the integrations * Update CHANGELOG.md Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Malena Casas <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> * Merge 4.9.1 into 4.10.0 (#454) * Prepare 4.9.1-rc2 (#436) * Update docker/README.md (#438) * Support new stage 4.9.1-rc3 (#443) * Update operational--integrations_maintenance_request.md (#449) Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Álex Ruiz <[email protected]> * Fix Github Actions build process dependency errors (#457) * Switch from latest to 22.04 runner * Remove non-existant packages from workflow provisioner * Remove freeglut3 from provision.sh * Update calendarTime and scan_date fields type (#458) * Merge 4.9.1 into 4.10.0 (#469) * Support for v4.9.1-alpha4 (#461) * Prepare final release notes for 4.9.1 * Fix release date for 4.10.0 in RPM spec file (#471) * Preserve status of wazuh-indexer on upgrade (#498) * Update pre and post inst scripts for deb and rpm to store and restore service status * Update prerm script to avoid stopping the service on upgrade * Remove extra spaces and update rpm restart command * Merge 4.9.2 into 4.10.0 (#510) * Support for v4.9.1-alpha4 (#461) * Prepare final release notes for 4.9.1 * Support new version 4.9.2 (#494) * Support new version 4.9.2 * Add estimated release date for 4.9.2 * Fix estimates release date for 4.9.2 * Fix 4.9.1 release notes title --------- Signed-off-by: Álex Ruiz <[email protected]> * Update Changelog and release date (#595) * Support new Wazuh version 4.10.1 (#615) * Support new stage RC3 for 4.10.0 (#629) (#633) * Fix Changelog (#640) * Fix Changelog * Update CHANGELOG.md Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Álex Ruiz <[email protected]> * Fix release date for 4.10.1 (#643) (#645) --------- Signed-off-by: Malena Casas <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Co-authored-by: Malena Casas <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> Co-authored-by: Fede Galland <[email protected]> Co-authored-by: Kevin Ledesma <[email protected]> * Merge 4.10.2 into 4.11.0 (#668) * Upgrade integrations to the last version (#447) * Upgrade third-party integrations to latest product versions (#368) * Upgrade third-party integrations to latest product versions * Improve comtability matrix * Change versions in /integrations/.env Signed-off-by: Malena Casas <[email protected]> * Fix Splunk integrations (#362) * Add table with the version of the integrations * Update CHANGELOG.md Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Malena Casas <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> * Merge 4.9.1 into 4.10.0 (#454) * Prepare 4.9.1-rc2 (#436) * Update docker/README.md (#438) * Support new stage 4.9.1-rc3 (#443) * Update operational--integrations_maintenance_request.md (#449) Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Álex Ruiz <[email protected]> * Fix Github Actions build process dependency errors (#457) * Switch from latest to 22.04 runner * Remove non-existant packages from workflow provisioner * Remove freeglut3 from provision.sh * Update calendarTime and scan_date fields type (#458) * Merge 4.9.1 into 4.10.0 (#469) * Support for v4.9.1-alpha4 (#461) * Prepare final release notes for 4.9.1 * Fix release date for 4.10.0 in RPM spec file (#471) * Preserve status of wazuh-indexer on upgrade (#498) * Update pre and post inst scripts for deb and rpm to store and restore service status * Update prerm script to avoid stopping the service on upgrade * Remove extra spaces and update rpm restart command * Merge 4.9.2 into 4.10.0 (#510) * Support for v4.9.1-alpha4 (#461) * Prepare final release notes for 4.9.1 * Support new version 4.9.2 (#494) * Support new version 4.9.2 * Add estimated release date for 4.9.2 * Fix estimates release date for 4.9.2 * Fix 4.9.1 release notes title --------- Signed-off-by: Álex Ruiz <[email protected]> * Update Changelog and release date (#595) * Support new Wazuh version 4.10.1 (#615) * Support new stage RC3 for 4.10.0 (#629) (#633) * Fix Changelog (#640) * Fix Changelog * Update CHANGELOG.md Signed-off-by: Álex Ruiz <[email protected]> --------- Signed-off-by: Álex Ruiz <[email protected]> * Fix release date for 4.10.1 (#643) (#645) * Support new Wazuh version 4.10.2 (#649) * Remove dangling file for ASL integration (#665) (#666) --------- Signed-off-by: Malena Casas <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Co-authored-by: Malena Casas <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> Co-authored-by: Fede Galland <[email protected]> Co-authored-by: Kevin Ledesma <[email protected]> * Remove references to 4.10.2 (#669) * Fix startup errors on STIG compliant systems due to noexec filesystems (#533) (#672) * Update packaging scripts to avoid failures when /var/log is noexec Moved tmp dir creation from postinst to preinst Update .restart tmp file to be stored in the new tmp dir * Update OPENASEARCH_TMPDIR pointing to new tmp directory's path Co-authored-by: Kevin Ledesma <[email protected]> --------- Signed-off-by: Malena Casas <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Co-authored-by: Malena Casas <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> Co-authored-by: Fede Galland <[email protected]> Co-authored-by: Kevin Ledesma <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
To avoid errors when starting
wazuh-indexeron STIG compliant systems, where the/var/logdirectory is noexec, we have moved the temporary directory to/var/lib, which (almost every case) is not set to noexec. Additionally, the.restartfile, which indicates when the system should be restarted after an upgrade, has been relocated to the new../tmpdirectory (previously located in/tmp).The creation of the
../tmpdirectory has been moved from thepostinststep to thepreinststep for consistency.Related Issues
Resolves #501
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.