From 721f137e0fe425889cb0b86c6c2829179a7cdcfe Mon Sep 17 00:00:00 2001 From: c-bordon Date: Thu, 18 Jan 2024 16:07:36 -0300 Subject: [PATCH 1/2] Added roll back and exit in case the Wazuh indexer security admin fails --- .../install_functions/indexer.sh | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/unattended_installer/install_functions/indexer.sh b/unattended_installer/install_functions/indexer.sh index 1eeb485a0b..ad0b2b2b36 100644 --- a/unattended_installer/install_functions/indexer.sh +++ b/unattended_installer/install_functions/indexer.sh @@ -123,11 +123,19 @@ function indexer_initialize() { if [ -n "${AIO}" ]; then eval "sudo -u wazuh-indexer JAVA_HOME=/usr/share/wazuh-indexer/jdk/ OPENSEARCH_CONF_DIR=/etc/wazuh-indexer /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /etc/wazuh-indexer/opensearch-security -icl -p 9200 -nhnv -cacert ${indexer_cert_path}/root-ca.pem -cert ${indexer_cert_path}/admin.pem -key ${indexer_cert_path}/admin-key.pem -h 127.0.0.1 ${debug}" - eval "bash /usr/share/wazuh-indexer/bin/indexer-ism-init.sh ${debug}" if [ "${PIPESTATUS[0]}" != 0 ]; then - common_logger -w "The Wazuh indexer cluster ISM policy could not be created." + common_logger -e "The Wazuh indexer cluster security configuration could not be initialized." + installCommon_rollBack + exit 1 else - common_logger "The Wazuh indexer cluster ISM initialized." + eval "bash /usr/share/wazuh-indexer/bin/indexer-ism-init.sh ${debug}" + if [ "${PIPESTATUS[0]}" != 0 ]; then + common_logger -w "The Wazuh indexer cluster ISM policy could not be created." + installCommon_rollBack + exit 1 + else + common_logger "The Wazuh indexer cluster ISM initialized." + fi fi fi @@ -180,12 +188,15 @@ function indexer_startCluster() { eval "sudo -u wazuh-indexer JAVA_HOME=/usr/share/wazuh-indexer/jdk/ OPENSEARCH_CONF_DIR=/etc/wazuh-indexer /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /etc/wazuh-indexer/opensearch-security -icl -p 9200 -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem -h ${wazuh_indexer_ip} ${debug}" if [ "${PIPESTATUS[0]}" != 0 ]; then common_logger -e "The Wazuh indexer cluster security configuration could not be initialized." + installCommon_rollBack exit 1 else common_logger "Wazuh indexer cluster security configuration initialized." eval "bash /usr/share/wazuh-indexer/bin/indexer-ism-init.sh -i ${wazuh_indexer_ip} ${debug}" if [ "${PIPESTATUS[0]}" != 0 ]; then common_logger -w "The Wazuh indexer cluster ISM policy could not be created." + installCommon_rollBack + exit 1 else common_logger "The Wazuh indexer cluster ISM initialized." fi From d16b5737fa6728e67b5887cbba3269a397a22275 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Thu, 18 Jan 2024 16:20:26 -0300 Subject: [PATCH 2/2] Added message for security admin initializated --- unattended_installer/install_functions/indexer.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/unattended_installer/install_functions/indexer.sh b/unattended_installer/install_functions/indexer.sh index ad0b2b2b36..da75373163 100644 --- a/unattended_installer/install_functions/indexer.sh +++ b/unattended_installer/install_functions/indexer.sh @@ -128,6 +128,7 @@ function indexer_initialize() { installCommon_rollBack exit 1 else + common_logger "Wazuh indexer cluster security configuration initialized." eval "bash /usr/share/wazuh-indexer/bin/indexer-ism-init.sh ${debug}" if [ "${PIPESTATUS[0]}" != 0 ]; then common_logger -w "The Wazuh indexer cluster ISM policy could not be created."