From f8eeb62539f7c723a4c52610d52dfd8a983b68d9 Mon Sep 17 00:00:00 2001 From: Nicolas Agustin Guevara Pihen <42900763+Tostti@users.noreply.github.com> Date: Mon, 10 Jul 2023 12:04:40 -0300 Subject: [PATCH] Add optimized building tools (#71) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Álex Ruiz Co-authored-by: Álex Ruiz Co-authored-by: Antonio <34042064+Desvelao@users.noreply.github.com> --- .gitignore | 1 + config/node.options.prod | 9 + dev-tools/build-packages/README.md | 70 +++ .../build-packages/base/generate_base.sh | 217 +++++++++ dev-tools/build-packages/config/default | 7 + .../build-packages/config/wazuh-dashboard | 170 +++++++ .../config/wazuh-dashboard.service | 15 + dev-tools/build-packages/deb/builder.sh | 51 +++ dev-tools/build-packages/deb/debian/changelog | 95 ++++ dev-tools/build-packages/deb/debian/control | 12 + dev-tools/build-packages/deb/debian/copyright | 22 + dev-tools/build-packages/deb/debian/postinst | 53 +++ dev-tools/build-packages/deb/debian/postrm | 82 ++++ dev-tools/build-packages/deb/debian/preinst | 73 +++ dev-tools/build-packages/deb/debian/prerm | 82 ++++ dev-tools/build-packages/deb/debian/rules | 112 +++++ .../deb/docker/amd64/Dockerfile | 16 + dev-tools/build-packages/deb/launcher.sh | 193 ++++++++ dev-tools/build-packages/rpm/builder.sh | 50 ++ .../rpm/docker/x86_64/Dockerfile | 21 + dev-tools/build-packages/rpm/launcher.sh | 195 ++++++++ .../build-packages/rpm/wazuh-dashboard.spec | 426 ++++++++++++++++++ 22 files changed, 1972 insertions(+) create mode 100644 config/node.options.prod create mode 100644 dev-tools/build-packages/README.md create mode 100755 dev-tools/build-packages/base/generate_base.sh create mode 100644 dev-tools/build-packages/config/default create mode 100644 dev-tools/build-packages/config/wazuh-dashboard create mode 100644 dev-tools/build-packages/config/wazuh-dashboard.service create mode 100755 dev-tools/build-packages/deb/builder.sh create mode 100644 dev-tools/build-packages/deb/debian/changelog create mode 100644 dev-tools/build-packages/deb/debian/control create mode 100644 dev-tools/build-packages/deb/debian/copyright create mode 100644 dev-tools/build-packages/deb/debian/postinst create mode 100644 dev-tools/build-packages/deb/debian/postrm create mode 100644 dev-tools/build-packages/deb/debian/preinst create mode 100644 dev-tools/build-packages/deb/debian/prerm create mode 100644 dev-tools/build-packages/deb/debian/rules create mode 100644 dev-tools/build-packages/deb/docker/amd64/Dockerfile create mode 100755 dev-tools/build-packages/deb/launcher.sh create mode 100755 dev-tools/build-packages/rpm/builder.sh create mode 100644 dev-tools/build-packages/rpm/docker/x86_64/Dockerfile create mode 100755 dev-tools/build-packages/rpm/launcher.sh create mode 100644 dev-tools/build-packages/rpm/wazuh-dashboard.spec diff --git a/.gitignore b/.gitignore index 01c2aaeaf9e..1d47024b3af 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,7 @@ .aws-config.json .signing-config.json .ackrc +/dev-tools/build-packages/*/output /.opensearch /.chromium .DS_Store diff --git a/config/node.options.prod b/config/node.options.prod new file mode 100644 index 00000000000..ed533b55915 --- /dev/null +++ b/config/node.options.prod @@ -0,0 +1,9 @@ +## Node command line options +## See `node --help` and `node --v8-options` for available options +## Please note you should specify one option per line + +## max size of old space in megabytes +#--max-old-space-size=4096 + +## Wazuh - do not terminate process on unhandled promise rejection +--unhandled-rejections=warn diff --git a/dev-tools/build-packages/README.md b/dev-tools/build-packages/README.md new file mode 100644 index 00000000000..6c7b534467c --- /dev/null +++ b/dev-tools/build-packages/README.md @@ -0,0 +1,70 @@ +# Package building +This folder contains tools used to create `rpm` and `deb` packages. + +## Requirements + - A system with Docker. + - Internet connection (to download the docker images the first time). + +## Builders + +### Tarball + +To system packages (deb and rpm), a tarball of Wazuh dashboard `.tar.gz` is required. +This tarball contains the [Wazuh plugin][wazuh-plugin], the [Wazuh Security plugin][wazuh-security-plugin], +a set of OpenSearch plugins and the default configuration for the app. + +The `generate_base.sh` script generates a `.tar.gz` file using the following inputs: +- `-a` | `--app`: URL to the zipped Wazuh plugin.* +- `-b` | `--base`: URL to the Wazuh dashboard `.tar.gz`, as generated with `yarn build --skip-os-packages --release`.* +- `-s` | `--security`: URL to the zipped Wazuh Security plugin, as generated with `yarn build`.* +- `-v` | `--version`: the Wazuh version of the package. +- `-r` | `--revision`: [Optional] Set the revision of the build. By default, it is set to 1. +- `-o` | `--output` [Optional] Set the destination path of package. By default, an output folder will be created in the same directory as the script. + +*Note:* use `file://` to indicate a local file. Otherwise, the script will try to download the file from the given URL. + +Example: +```bash +bash generate_base.sh \ + --app https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-4.6.0-1.zip \ + --base file:///home/user/wazuh-dashboard/target/opensearch-dashboards-2.4.1-linux-x64.tar.gz \ + --security file:///home/user/wazuh-security-dashboards-plugin/build/security-dashboards-2.4.1.0.zip \ + --version 4.6.0 +``` + +### DEB + +The `launcher.sh` script generates a `.deb` package based on the previously generated `.tar.gz`. +A Docker container is used to generate the package. It takes the following inputs: +- `-v` | `--version`: the Wazuh version of the package. +- `-p` | `--package`: the location of the `.tar.gz` file. It can be a URL or a PATH, with the format `file://` +- `-r` | `--revision`: [Optional] Set the revision of the build. By default, it is set to 1. +- `-o` | `--output` [Optional] Set the destination path of package. By default, an output folder will be created in the same directory as the script. +- `--dont-build-docker`: [Optional] Locally built Docker image will be used instead of generating a new one. + +Example: +```bash +bash launcher.sh \ + --version 4.6.0 \ + --package file:///home/user/wazuh-dashboard/dev-tools/build-packages/base/output/wazuh-dashboard-4.6.0-1-linux-x64.tar.gz +``` + +### RPM + +The `launcher.sh` script generates a `.rpm` package based on the previously generated `.tar.gz`. +A Docker container is used to generate the package. It takes the following inputs: +- `-v` | `--version`: the Wazuh version of the package. +- `-p` | `--package`: the location of the `.tar.gz` file. It can be a URL or a PATH, with the format `file://` +- `-r` | `--revision`: [Optional] Set the revision of the build. By default, it is set to 1. +- `-o` | `--output` [Optional] Set the destination path of package. By default, an output folder will be created in the same directory as the script. +- `--dont-build-docker`: [Optional] Locally built Docker image will be used instead of generating a new one. + +Example: +```bash +bash launcher.sh \ + --version 4.6.0 \ + --package file:///home/user/wazuh-dashboard/dev-tools/build-packages/base/output/wazuh-dashboard-4.6.0-1-linux-x64.tar.gz +``` + +[wazuh-plugin]: https://github.com/wazuh/wazuh-kibana-app +[wazuh-security-plugin]: https://github.com/wazuh/wazuh-security-dashboards-plugin \ No newline at end of file diff --git a/dev-tools/build-packages/base/generate_base.sh b/dev-tools/build-packages/base/generate_base.sh new file mode 100755 index 00000000000..356e602b833 --- /dev/null +++ b/dev-tools/build-packages/base/generate_base.sh @@ -0,0 +1,217 @@ +#!/bin/bash + +# Wazuh package generator +# Copyright (C) 2022, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. + +set -e + +# Inputs +app="" +base="" +revision="1" +security="" +version="" + +# Paths +current_path="$( cd $(dirname $0) ; pwd -P )" +config_path=$(realpath $current_path/../../../config) + +# Folders +out_dir="${current_path}/output" +tmp_dir="${current_path}/tmp" + +trap ctrl_c INT + +clean() { + exit_code=$1 + echo + echo "Cleaning temporary files..." + echo + # Clean the files + rm -r $tmp_dir + + if [ $exit_code != 0 ]; then + rm $out_dir/*.tar.gz + rmdir $out_dir + fi + + exit ${exit_code} +} + +ctrl_c() { + clean 1 +} + +# ----------------------------------------------------------------------------- + +build() { + # Validate and download files to build the package + valid_url='(https?|ftp|file)://[-[:alnum:]\+&@#/%?=~_|!:,.;]*[-[:alnum:]\+&@#/%=~_|]' + echo + echo "Downloading files..." + echo + mkdir -p $tmp_dir + cd $tmp_dir + if [[ $app =~ $valid_url ]]; then + if ! curl --output app.zip --silent --fail "${app}"; then + echo "The given URL or Path to the Wazuh App is not working: ${app}" + clean 1 + fi + else + echo "The given URL or Path to the Wazuh App is not valid: ${app}" + clean 1 + fi + + if [[ $base =~ $valid_url ]]; then + if ! curl --output wazuh-dashboard.tar.gz --silent --fail "${base}"; then + echo "The given URL or Path to the Wazuh Dashboard base is not working: ${base}" + clean 1 + fi + else + echo "The given URL or Path to the Wazuh Dashboard base is not valid: ${base}" + clean 1 + fi + + if [[ $security =~ $valid_url ]]; then + if ! curl --output security.zip --silent --fail "${security}"; then + echo "The given URL or Path to the Wazuh Security Plugin is not working: ${security}" + clean 1 + fi + else + echo "The given URL or Path to the Wazuh Security Plugin is not valid: ${security}" + clean 1 + fi + + tar -zxf wazuh-dashboard.tar.gz + directory_name=$(tar tf wazuh-dashboard.tar.gz | head -1 | sed 's#/.*##' | sort -u) + working_dir="wazuh-dashboard-$version-$revision-linux-x64" + mv $directory_name $working_dir + cd $working_dir + + echo + echo Building the package... + echo + + # Install plugins + bin/opensearch-dashboards-plugin install alertingDashboards + bin/opensearch-dashboards-plugin install customImportMapDashboards + bin/opensearch-dashboards-plugin install ganttChartDashboards + bin/opensearch-dashboards-plugin install indexManagementDashboards + bin/opensearch-dashboards-plugin install notificationsDashboards + bin/opensearch-dashboards-plugin install reportsDashboards + bin/opensearch-dashboards-plugin install file:../security.zip + bin/opensearch-dashboards-plugin install file:../app.zip + + # Enable the default configuration (renaming) + cp $config_path/opensearch_dashboards.prod.yml config/opensearch_dashboards.yml + cp $config_path/node.options.prod config/node.options + + # TODO: investigate to remove this if possible + # Fix ambiguous shebangs (necessary for RPM building) + grep -rnwl './node_modules/' -e '#!/usr/bin/env python$' | xargs -I {} sed -i 's/#!\/usr\/bin\/env python/#!\/usr\/bin\/env python3/g' {} + grep -rnwl './node_modules/' -e '#!/usr/bin/python$' | xargs -I {} sed -i 's/#!\/usr\/bin\/python/#!\/usr\/bin\/python3/g' {} + + # Compress + echo + echo Compressing the package... + echo + cd .. + mkdir -p $out_dir + tar -czvf $out_dir/$working_dir.tar.gz $working_dir + + echo + echo DONE! + echo + clean 0 +} + +# ----------------------------------------------------------------------------- + +help() { + echo + echo "Usage: $0 [OPTIONS]" + echo " -a, --app Set the location of the .zip file containing the Wazuh plugin." + echo " -b, --base Set the location of the .tar.gz file containing the base wazuh-dashboard build." + echo " -s, --security Set the location of the .zip file containing the wazuh-security-dashboards-plugin." + echo " -v, --version Set the version of this build." + echo " -r, --revision [Optional] Set the revision of this build. By default, it is set to 1." + echo " -o, --output [Optional] Set the destination path of package. By default, an output folder will be created." + echo " -h, --help Show this help." + echo + exit $1 +} + +# ----------------------------------------------------------------------------- + +main() { + while [ -n "${1}" ]; do + case "${1}" in + "-h" | "--help") + help 0 + ;; + "-a" | "--app") + if [ -n "$2" ]; then + app="$2" + shift 2 + else + help 1 + fi + ;; + "-s" | "--security") + if [ -n "${2}" ]; then + security="${2}" + shift 2 + else + help 0 + fi + ;; + "-b" | "--base") + if [ -n "${2}" ]; then + base="${2}" + shift 2 + else + help 0 + fi + ;; + "-v" | "--version") + if [ -n "${2}" ]; then + version="${2}" + shift 2 + else + help 0 + fi + ;; + "-r" | "--revision") + if [ -n "${2}" ]; then + revision="${2}" + shift 2 + fi + ;; + "-o" | "--output") + if [ -n "${2}" ]; then + output="${2}" + shift 2 + fi + ;; + *) + + help 1 + ;; + esac + done + + if [ -z "$app" ] | [ -z "$base" ] | [ -z "$security" ] | [ -z "$version" ]; then + help 1 + fi + + build || exit 1 + + exit 0 +} + +main "$@" diff --git a/dev-tools/build-packages/config/default b/dev-tools/build-packages/config/default new file mode 100644 index 00000000000..c4f94fd3681 --- /dev/null +++ b/dev-tools/build-packages/config/default @@ -0,0 +1,7 @@ +user="wazuh-dashboard" +group="wazuh-dashboard" +chroot="/" +chdir="/" +nice="" +KILL_ON_STOP_TIMEOUT=0 + diff --git a/dev-tools/build-packages/config/wazuh-dashboard b/dev-tools/build-packages/config/wazuh-dashboard new file mode 100644 index 00000000000..ae87055c3a9 --- /dev/null +++ b/dev-tools/build-packages/config/wazuh-dashboard @@ -0,0 +1,170 @@ +#!/bin/sh +# chkconfig: 2345 95 20 +# description: Wazuh dashboard +# +# Source function libraries if present. +# (It improves integration with systemd) +# +# Red Hat +if [ -f /etc/rc.d/init.d/functions ]; then + . /etc/rc.d/init.d/functions + +# Debian +elif [ -f /lib/lsb/init-functions ]; then + . /lib/lsb/init-functions + +# SUSE +elif [ -f /etc/rc.status ]; then + . /etc/rc.status + rc_reset +fi + +name=wazuh-dashboard +program=/usr/share/wazuh-dashboard/bin/opensearch-dashboards +args=-c\\\ /etc/wazuh-dashboard/opensearch_dashboards.yml +PID_DIR="/run/wazuh-dashboard" +pidfile="$PID_DIR/$name.pid" + +[ -r /etc/default/$name ] && . /etc/default/$name +[ -r /etc/sysconfig/$name ] && . /etc/sysconfig/$name + +export NODE_OPTIONS + +[ -z "$nice" ] && nice=0 + +trace() { + logger -t "/etc/init.d/wazuh-dashboard" "$@" +} + +emit() { + trace "$@" + echo "$@" +} + +start() { + + + # Setup any environmental stuff beforehand + + # Ensure that the PID_DIR exists (it is cleaned at OS startup time) + if [ -n "$PID_DIR" ] && [ ! -e "$PID_DIR" ]; then + mkdir -p "$PID_DIR" && chown "$user":"$group" "$PID_DIR" + fi + if [ -n "$pidfile" ] && [ ! -e "$pidfile" ]; then + touch "$pidfile" && chown "$user":"$group" "$pidfile" + fi + + + # Run the program! + + chroot --userspec "$user":"$group" "$chroot" sh -c "cd \"$chdir\";exec \"$program\" $args" & + + + + # Generate the pidfile from here. If we instead made the forked process + # generate it there will be a race condition between the pidfile writing + # and a process possibly asking for status. + echo $! > $pidfile + + emit "$name started" + return 0 +} + +stop() { + # Try a few times to kill TERM the program + if status ; then + pid=$(cat "$pidfile") + trace "Killing $name (pid $pid) with SIGTERM" + kill -TERM $pid + # Wait for it to exit. + for i in 1 2 3 4 5 ; do + trace "Waiting $name (pid $pid) to die..." + status || break + sleep 1 + done + if status ; then + if [ "$KILL_ON_STOP_TIMEOUT" -eq 1 ] ; then + trace "Timeout reached. Killing $name (pid $pid) with SIGKILL. This may result in data loss." + kill -KILL $pid + emit "$name killed with SIGKILL." + else + emit "$name stop failed; still running." + fi + else + emit "$name stopped." + fi + fi +} + +status() { + if [ -f "$pidfile" ] ; then + pid=$(cat "$pidfile") + if ps -p $pid > /dev/null 2> /dev/null ; then + # process by this pid is running. + # It may not be our pid, but that's what you get with just pidfiles. + # TODO(sissel): Check if this process seems to be the same as the one we + # expect. It'd be nice to use flock here, but flock uses fork, not exec, + # so it makes it quite awkward to use in this case. + return 0 + else + return 2 # program is dead but pid file exists + fi + else + return 3 # program is not running + fi +} + +force_stop() { + if status ; then + stop + status && kill -KILL $(cat "$pidfile") + fi +} + + +case "$1" in + force-start|start|stop|force-stop|restart) + trace "Attempting '$1' on wazuh-dashboard" + ;; +esac + +case "$1" in + force-start) + PRESTART=no + exec "$0" start + ;; + start) + status + code=$? + if [ $code -eq 0 ]; then + emit "$name is already running" + exit $code + else + start + exit $? + fi + ;; + stop) stop ;; + force-stop) force_stop ;; + status) + status + code=$? + if [ $code -eq 0 ] ; then + emit "$name is running" + else + emit "$name is not running" + fi + exit $code + ;; + restart) + + stop && start + ;; + *) + echo "Usage: $SCRIPTNAME {start|force-start|stop|force-start|force-stop|status|restart}" >&2 + exit 3 + ;; +esac + +exit $? + diff --git a/dev-tools/build-packages/config/wazuh-dashboard.service b/dev-tools/build-packages/config/wazuh-dashboard.service new file mode 100644 index 00000000000..3fd27c5a1ab --- /dev/null +++ b/dev-tools/build-packages/config/wazuh-dashboard.service @@ -0,0 +1,15 @@ +[Unit] +Description=wazuh-dashboard + +[Service] +Type=simple +User=wazuh-dashboard +Group=wazuh-dashboard +EnvironmentFile=-/etc/default/wazuh-dashboard +EnvironmentFile=-/etc/sysconfig/wazuh-dashboard +ExecStart=/usr/share/wazuh-dashboard/bin/opensearch-dashboards "-c /etc/wazuh-dashboard/opensearch_dashboards.yml" +WorkingDirectory=/usr/share/wazuh-dashboard + +[Install] +WantedBy=multi-user.target + diff --git a/dev-tools/build-packages/deb/builder.sh b/dev-tools/build-packages/deb/builder.sh new file mode 100755 index 00000000000..681623489fa --- /dev/null +++ b/dev-tools/build-packages/deb/builder.sh @@ -0,0 +1,51 @@ +#!/bin/bash + +# Wazuh package builder +# Copyright (C) 2021, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. + +set -e + +# Script parameters to build the package +target="wazuh-dashboard" +architecture=$1 +revision=$2 +version=$3 +directory_base="/usr/share/wazuh-dashboard" + +# Build directories +build_dir=/build +pkg_name="${target}-${version}" +pkg_path="${build_dir}/${target}" +source_dir="${pkg_path}/${pkg_name}" +deb_file="${target}_${version}-${revision}_${architecture}.deb" + +mkdir -p ${source_dir}/debian + +# Including spec file +cp -r /root/build-packages/deb/debian/* ${source_dir}/debian/ + +# Generating directory structure to build the .deb package +cd ${build_dir}/${target} && tar -czf ${pkg_name}.orig.tar.gz "${pkg_name}" + +# Configure the package with the different parameters +sed -i "s:VERSION:${version}:g" ${source_dir}/debian/changelog +sed -i "s:RELEASE:${revision}:g" ${source_dir}/debian/changelog +sed -i "s:export INSTALLATION_DIR=.*:export INSTALLATION_DIR=${directory_base}:g" ${source_dir}/debian/rules + +# Installing build dependencies +cd ${source_dir} +mk-build-deps -ir -t "apt-get -o Debug::pkgProblemResolver=yes -y" + +# Build package +debuild --no-lintian -b -uc -us \ + -eINSTALLATION_DIR="${directory_base}" \ + -eVERSION="${version}" \ + -eREVISION="${revision}" + +cd ${pkg_path} && sha512sum ${deb_file} >/tmp/${deb_file}.sha512 +mv ${pkg_path}/${deb_file} /tmp/ diff --git a/dev-tools/build-packages/deb/debian/changelog b/dev-tools/build-packages/deb/debian/changelog new file mode 100644 index 00000000000..3a5ac0f89eb --- /dev/null +++ b/dev-tools/build-packages/deb/debian/changelog @@ -0,0 +1,95 @@ +wazuh-dashboard (VERSION-RELEASE) unstable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Fri, 05 May 2023 12:31:50 +0000 + +wazuh-dashboard (4.4.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 24 Apr 2023 12:31:50 +0000 + +wazuh-dashboard (4.4.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 17 Apr 2023 12:31:50 +0000 + +wazuh-dashboard (4.4.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 18 Jan 2023 12:31:50 +0000 + +wazuh-dashboard (4.3.10-RELEASE) unstable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 10 Nov 2022 15:00:00 +0000 + +wazuh-dashboard (4.3.9-RELEASE) unstable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 03 Oct 2022 15:00:00 +0000 + +wazuh-dashboard (4.3.8-RELEASE) unstable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 19 Sep 2022 15:00:00 +0000 + +wazuh-dashboard (4.3.7-RELEASE) unstable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 08 Aug 2022 15:00:00 +0000 + +wazuh-dashboard (4.3.6-RELEASE) unstable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 07 Jul 2022 15:00:00 +0000 + +wazuh-dashboard (4.3.5-RELEASE) unstable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 29 Jun 2022 15:00:00 +0000 + +wazuh-dashboard (4.3.4-RELEASE) unstable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 07 Jun 2022 15:41:39 +0000 + +wazuh-dashboard (4.3.3-RELEASE) unstable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 31 May 2022 15:41:39 +0000 + +wazuh-dashboard (4.3.2-RELEASE) unstable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 30 May 2022 15:41:39 +0000 + +wazuh-dashboard (4.3.1-RELEASE) unstable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 18 May 2022 12:14:41 +0000 + +wazuh-dashboard (4.3.0-RELEASE) unstable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 05 May 2022 12:15:57 +0000 + +wazuh-dashboard (4.2.5-1) UNRELEASED; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 15 Nov 2021 16:47:07 +0000 diff --git a/dev-tools/build-packages/deb/debian/control b/dev-tools/build-packages/deb/debian/control new file mode 100644 index 00000000000..5f35b4f6e60 --- /dev/null +++ b/dev-tools/build-packages/deb/debian/control @@ -0,0 +1,12 @@ +Source: wazuh-dashboard +Section: admin +Priority: extra +Maintainer: Wazuh, Inc +Build-Depends: debhelper-compat (= 12) +Standards-Version: 4.5.0 +Homepage: https://www.wazuh.com + +Package: wazuh-dashboard +Architecture: any +Depends: debconf, adduser, curl, tar, libcap2-bin +Description: Wazuh dashboard is a user interface and visualization tool for security-related data. This Wazuh central component enables exploring, visualizing, and analyzing the stored security alerts generated by the Wazuh server. Wazuh dashboard enables inspecting the status and managing the configurations of the Wazuh cluster and agents as well as creating and managing users and roles. In addition, it allows testing the ruleset and making calls to the Wazuh API. Documentation can be found at https://documentation.wazuh.com/current/getting-started/components/wazuh-dashboard.html diff --git a/dev-tools/build-packages/deb/debian/copyright b/dev-tools/build-packages/deb/debian/copyright new file mode 100644 index 00000000000..d2003bbbead --- /dev/null +++ b/dev-tools/build-packages/deb/debian/copyright @@ -0,0 +1,22 @@ +This work was packaged for Debian by: + + Wazuh, Inc on Sat, 04 Dec 2021 14:04:26 +0000 + +It was downloaded from: + + https://www.wazuh.com + +Copyright: + + GNU General Public License version 2. + +License: + + GNU General Public License version 2. + +The Debian packaging is: + + Copyright (C) 2021 Wazuh, Inc + +and is licensed under the GPL version 2, +see "/usr/share/common-licenses/GPL-2". \ No newline at end of file diff --git a/dev-tools/build-packages/deb/debian/postinst b/dev-tools/build-packages/deb/debian/postinst new file mode 100644 index 00000000000..232c1d0316c --- /dev/null +++ b/dev-tools/build-packages/deb/debian/postinst @@ -0,0 +1,53 @@ +#!/bin/sh +# postinst script for wazuh-dashboard +# Copyright (C) 2021, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. + +set -e + +export NAME=wazuh-dashboard +export CONFIG_DIR=/etc/"${NAME}" +export INSTALLATION_DIR=/usr/share/"${NAME}" +export PID_DIR=/run/"${NAME}" + +# Setting Owner and group of own folders +mkdir -p "${PID_DIR}" +chown -R "${NAME}":"${NAME}" "${PID_DIR}" + +case "$1" in +configure) + chmod 750 "${TARGET_DIR}""${CONFIG_DIR}" + chown -R "${NAME}":"${NAME}" "${TARGET_DIR}""${CONFIG_DIR}" + chmod 750 "${TARGET_DIR}""${INSTALLATION_DIR}" + chown -R "${NAME}":"${NAME}" "${TARGET_DIR}""${INSTALLATION_DIR}" + setcap 'cap_net_bind_service=+ep' "${INSTALLATION_DIR}"/node/bin/node + if [ -f "${INSTALLATION_DIR}"/"${NAME}".restart ]; then + rm -f "${INSTALLATION_DIR}"/"${NAME}".restart + if command -v systemctl >/dev/null 2>&1 && systemctl >/dev/null 2>&1; then + systemctl daemon-reload >/dev/null 2>&1 + systemctl restart wazuh-dashboard.service >/dev/null 2>&1 + elif command -v service >/dev/null 2>&1 && service wazuh-dashboard status 2>/dev/null | grep "running" >/dev/null 2>&1; then + service wazuh-dashboard restart >/dev/null 2>&1 + fi + fi + if [ ! -f "${INSTALLATION_DIR}"/config/opensearch_dashboards.keystore ]; then + runuser "${NAME}" --shell="/bin/bash" --command="${INSTALLATION_DIR}/bin/opensearch-dashboards-keystore create" >/dev/null 2>&1 + runuser "${NAME}" --shell="/bin/bash" --command="echo kibanaserver | ${INSTALLATION_DIR}/bin/opensearch-dashboards-keystore add opensearch.username --stdin" >/dev/null 2>&1 + runuser "${NAME}" --shell="/bin/bash" --command="echo kibanaserver | ${INSTALLATION_DIR}/bin/opensearch-dashboards-keystore add opensearch.password --stdin" >/dev/null 2>&1 + fi + ;; + +abort-upgrade | abort-remove | abort-deconfigure) ;; + +*) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; + +esac + +exit 0 diff --git a/dev-tools/build-packages/deb/debian/postrm b/dev-tools/build-packages/deb/debian/postrm new file mode 100644 index 00000000000..a5b88616434 --- /dev/null +++ b/dev-tools/build-packages/deb/debian/postrm @@ -0,0 +1,82 @@ +#!/bin/sh +# postinst script for wazuh-dashboard +# Copyright (C) 2021, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. + +set -e + +export NAME=wazuh-dashboard +export CONFIG_DIR=/etc/"${NAME}" +export INSTALLATION_DIR=/usr/share/"${NAME}" +export PID_DIR=/run/${NAME} + +# +# This script is executed in the post-removal phase +# +# On Debian, +# $1=remove : indicates a removal +# $1=purge : indicates an upgrade + +# source the default env file +if [ -f "/etc/default/${NAME}" ]; then + . "/etc/default/${NAME}" +fi + +REMOVE_DIRS=false +REMOVE_CONFIG_DIRECTORY=false +REMOVE_USER_AND_GROUP=false + +case "$1" in +remove) + REMOVE_DIRS=true + ;; + +purge) + REMOVE_DIRS=true + REMOVE_CONFIG_DIRECTORY=true + REMOVE_USER_AND_GROUP=true + ;; +failed-upgrade | abort-install | upgrade | abort-upgrade | disappear) ;; + +*) + + echo "post remove script called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +if [ "$REMOVE_DIRS" = "true" ]; then + + if [ -d ${PID_DIR} ]; then + echo -n "Deleting PID directory..." + rm -rf ${PID_DIR} >/dev/null 2>&1 + echo " OK" + fi + + if [ -d "${INSTALLATION_DIR}" ]; then + echo -n "Deleting installation directory..." + rm -rf "${INSTALLATION_DIR}" + echo " OK" + fi + + # Delete the config directory if we are purging + if [ "$REMOVE_CONFIG_DIRECTORY" = "true" ]; then + rm -rf "${CONFIG_DIR}" + echo " OK" + fi + +fi + +if [ "$REMOVE_USER_AND_GROUP" = "true" ]; then + if id "${NAME}" >/dev/null 2>&1; then + userdel "${NAME}" + fi + + if getent group "${NAME}" >/dev/null 2>&1; then + groupdel "${NAME}" + fi +fi diff --git a/dev-tools/build-packages/deb/debian/preinst b/dev-tools/build-packages/deb/debian/preinst new file mode 100644 index 00000000000..1d955fd8dc1 --- /dev/null +++ b/dev-tools/build-packages/deb/debian/preinst @@ -0,0 +1,73 @@ +#!/bin/sh +# postinst script for wazuh-dashboard +# Copyright (C) 2021, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. + +set -e + +# +# This script is executed in the pre-installation phase +# +# On Debian, +# $1=install : indicates an new install +# $1=upgrade : indicates an upgrade + +# configuration variables +export NAME=wazuh-dashboard +export CONFIG_DIR=/etc/"${NAME}" +export INSTALLATION_DIR=/usr/share/"${NAME}" + +case "$1" in +# Debian #################################################### +install) + # environment configuration + mkdir -p "${CONFIG_DIR}" + mkdir -p "${INSTALLATION_DIR}" + + # Create wazuh-dashboard group if not existing + if ! getent group "${NAME}" >/dev/null 2>&1; then + echo -n "Creating ${NAME} group..." + addgroup --quiet --system "${NAME}" + echo " OK" + fi + # Create wazuh-dashboard user if not existing + if ! id "${NAME}" >/dev/null 2>&1; then + echo -n "Creating ${NAME} user..." + adduser --quiet \ + --system \ + --no-create-home \ + --home /nonexistent \ + --ingroup "${NAME}" \ + --disabled-password \ + --shell /bin/false \ + "${NAME}" + echo " OK" + fi + + ;; +upgrade) + # Stop the services to upgrade the package + if command -v systemctl >/dev/null 2>&1 && systemctl >/dev/null 2>&1 && systemctl is-active --quiet "${NAME}" >/dev/null 2>&1; then + systemctl stop "${NAME}".service >/dev/null 2>&1 + touch "${INSTALLATION_DIR}"/"${NAME}".restart + # Check for SysV + elif command -v service >/dev/null 2>&1 && service "${NAME}" status 2>/dev/null | grep "running" >/dev/null 2>&1; then + service "${NAME}" stop >/dev/null 2>&1 + touch "${INSTALLATION_DIR}"/"${NAME}".restart + fi + ;; +abort-deconfigure | abort-upgrade | abort-remove) ;; + +*) + echo "preinst called with unknown argument \`$1'" >&2 + exit 1 + + ;; + +esac + +exit 0 diff --git a/dev-tools/build-packages/deb/debian/prerm b/dev-tools/build-packages/deb/debian/prerm new file mode 100644 index 00000000000..eef54075a11 --- /dev/null +++ b/dev-tools/build-packages/deb/debian/prerm @@ -0,0 +1,82 @@ +#!/bin/sh +# postinst script for wazuh-dashboard +# Copyright (C) 2021, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. + +set -e + +export NAME=wazuh-dashboard +export CONFIG_DIR=/etc/"${NAME}" +export INSTALLATION_DIR=/usr/share/"${NAME}" + +# +# This script is executed in the pre-remove phase +# +# On Debian, +# $1=remove : indicates a removal +# $1=upgrade : indicates an upgrade + +# source the default env file +if [ -f "/etc/default/${NAME}" ]; then + . "/etc/default/${NAME}" +fi + +STOP_REQUIRED=false +REMOVE_SERVICE=false + +case "$1" in + +# Debian #################################################### +remove) + STOP_REQUIRED=true + REMOVE_SERVICE=true + ;; +upgrade | deconfigure | failed-upgrade) ;; + +*) + echo "prerm called with unknown argument \`$1'" >&2 + exit 1 + ;; + +esac + +# Stops the service +if [ "$STOP_REQUIRED" = "true" ]; then + echo -n "Stopping wazuh-dashboard service..." + if command -v systemctl >/dev/null; then + systemctl --no-reload stop "${NAME}".service + + elif [ -x /etc/init.d/"${NAME}" ]; then + if command -v invoke-rc.d >/dev/null; then + invoke-rc.d "${NAME}" stop + else + /etc/init.d/"${NAME}" stop + fi + + # older suse linux distributions do not ship with systemd + # but do not have an /etc/init.d/ directory + # this tries to start the wazuh-dashboard service on these + # as well without failing this script + elif [ -x /etc/rc.d/init.d/"${NAME}" ]; then + /etc/rc.d/init.d/"${NAME}" stop + fi + echo " OK" +fi + +if [ "$REMOVE_SERVICE" = "true" ]; then + if command -v systemctl >/dev/null; then + systemctl disable "${NAME}".service >/dev/null 2>&1 || true + fi + + if command -v chkconfig >/dev/null; then + chkconfig --del "${NAME}" 2>/dev/null || true + fi + + if command -v update-rc.d >/dev/null; then + update-rc.d "${NAME}" remove >/dev/null || true + fi +fi diff --git a/dev-tools/build-packages/deb/debian/rules b/dev-tools/build-packages/deb/debian/rules new file mode 100644 index 00000000000..98638dab560 --- /dev/null +++ b/dev-tools/build-packages/deb/debian/rules @@ -0,0 +1,112 @@ +#!/usr/bin/make -f +# -*- makefile -*- +# Sample debian/rules that uses debhelper. +# +# This file was originally written by Joey Hess and Craig Small. +# As a special exception, when this file is copied by dh-make into a +# dh-make output file, you may use that output file without restriction. +# This special exception was added by Craig Small in version 0.37 of dh-make. +# +# Modified to make a template file for a multi-binary package with separated +# build-arch and build-indep targets by Bill Allombert 2001 +# +# Modified by Wazuh +# Copyright (C) 2021, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. + +# Uncomment this to turn on verbose mode. +export DH_VERBOSE=1 + +# This has to be exported to make some magic below work. +export DH_OPTIONS + +export TARGET_DIR=${CURDIR}/debian/wazuh-dashboard +export NAME=wazuh-dashboard +export CONFIG_DIR=/etc/$(NAME) +export INSTALLATION_DIR=$(INSTALLATION_DIR) +export USER=$(NAME) +export GROUP=$(NAME) +export DASHBOARD_FILE=wazuh-dashboard.tar.gz + +# ----------------------------------------------------------------------------- + +%: + dh $@ + +# ----------------------------------------------------------------------------- + +override_dh_shlibdeps: + +# ----------------------------------------------------------------------------- + +override_dh_auto_configure: + +# ----------------------------------------------------------------------------- + +override_dh_auto_install: + +# ----------------------------------------------------------------------------- + +override_dh_install: + cp /opt/$(DASHBOARD_FILE) ./ + + groupadd $(GROUP) + useradd -g $(GROUP) $(USER) + + tar -xf $(DASHBOARD_FILE) + + mkdir -p $(TARGET_DIR)$(CONFIG_DIR) + mkdir -p $(TARGET_DIR)$(INSTALLATION_DIR) + mkdir -p $(TARGET_DIR)/etc/systemd/system + mkdir -p $(TARGET_DIR)/etc/default + + cp wazuh-dashboard-base/config/node.options $(TARGET_DIR)$(CONFIG_DIR) + cp wazuh-dashboard-base/config/opensearch_dashboards.yml $(TARGET_DIR)$(CONFIG_DIR) + mv wazuh-dashboard-base/* $(TARGET_DIR)$(INSTALLATION_DIR) + + mkdir -p $(TARGET_DIR)$(INSTALLATION_DIR)/config + + cp $(TARGET_DIR)$(INSTALLATION_DIR)/wazuh-dashboard.service $(TARGET_DIR)/etc/systemd/system/wazuh-dashboard.service + cp $(TARGET_DIR)$(INSTALLATION_DIR)/wazuh-dashboard $(TARGET_DIR)/etc/systemd/system/$(NAME) + cp $(TARGET_DIR)$(INSTALLATION_DIR)/default $(TARGET_DIR)/etc/default/$(NAME) + + rm -rf $(TARGET_DIR)$(INSTALLATION_DIR)/etc + + chown -R $(USER):$(GROUP) $(TARGET_DIR)$(INSTALLATION_DIR) + chown -R $(USER):$(GROUP) $(TARGET_DIR)$(CONFIG_DIR) + + find $(TARGET_DIR)$(INSTALLATION_DIR)/plugins/wazuh/ -exec chown $(USER):$(GROUP) {} \; + +# ----------------------------------------------------------------------------- + +override_dh_fixperms: + chmod 750 $(TARGET_DIR)$(CONFIG_DIR) + chown -R $(USER):$(GROUP) $(TARGET_DIR)$(CONFIG_DIR) + chmod 750 $(TARGET_DIR)$(INSTALLATION_DIR) + chown -R $(USER):$(GROUP) $(TARGET_DIR)$(INSTALLATION_DIR) + chown root:root $(TARGET_DIR)/etc/systemd/system/wazuh-dashboard.service + chown root:root $(TARGET_DIR)/etc/systemd/system/"$(NAME)" + chown $(USER):$(GROUP) $(TARGET_DIR)/etc/default/"$(NAME)" + chown $(USER):$(GROUP) $(TARGET_DIR)$(INSTALLATION_DIR)/VERSION + chmod 440 $(TARGET_DIR)$(INSTALLATION_DIR)/VERSION + chmod 750 $(TARGET_DIR)/etc/systemd/system/wazuh-dashboard + chmod 750 $(TARGET_DIR)/etc/default/wazuh-dashboard + chmod 640 "$(TARGET_DIR)$(CONFIG_DIR)"/node.options + chmod 640 $(TARGET_DIR)/etc/systemd/system/wazuh-dashboard.service + find "$(TARGET_DIR)$(INSTALLATION_DIR)" -type d -exec chmod 750 {} \; + find "$(TARGET_DIR)$(INSTALLATION_DIR)" -type f -perm 644 -exec chmod 640 {} \; + find "$(TARGET_DIR)$(INSTALLATION_DIR)" -type f -perm 755 -exec chmod 750 {} \; + find "$(TARGET_DIR)$(INSTALLATION_DIR)" -type f -perm 744 -exec chmod 740 {} \; + +# ----------------------------------------------------------------------------- + +override_dh_strip: + dh_strip --no-automatic-dbgsym -XlibGLESv2.so -XlibEGL.so + +# ----------------------------------------------------------------------------- + +.PHONY: override_dh_strip override_dh_auto_clean override_dh_auto_build override_dh_auto_configure diff --git a/dev-tools/build-packages/deb/docker/amd64/Dockerfile b/dev-tools/build-packages/deb/docker/amd64/Dockerfile new file mode 100644 index 00000000000..f3ca3b98111 --- /dev/null +++ b/dev-tools/build-packages/deb/docker/amd64/Dockerfile @@ -0,0 +1,16 @@ +FROM debian:10 + +ENV DEBIAN_FRONTEND noninteractive + +# Installing necessary packages +RUN apt-get update && apt-get install -y --allow-change-held-packages apt-utils && \ + apt-get install -y --allow-change-held-packages \ + curl sudo wget expect gnupg build-essential \ + devscripts equivs selinux-basics procps gawk + +# Add the script to build the Debian package +ADD builder.sh /usr/local/bin/builder +RUN chmod +x /usr/local/bin/builder + +# Set the entrypoint +ENTRYPOINT ["/usr/local/bin/builder"] \ No newline at end of file diff --git a/dev-tools/build-packages/deb/launcher.sh b/dev-tools/build-packages/deb/launcher.sh new file mode 100755 index 00000000000..8e75a5e25a7 --- /dev/null +++ b/dev-tools/build-packages/deb/launcher.sh @@ -0,0 +1,193 @@ +#!/bin/bash + +# Wazuh package generator +# Copyright (C) 2021, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. + +# Inputs +package="" +version="" +revision="1" +architecture="amd64" +build_base="yes" +build_docker="yes" + +# Constants +deb_amd64_builder="deb_dashboard_builder_amd64" +deb_builder_dockerfile="${current_path}/docker" + +# Paths +current_path="$( cd $(dirname $0) ; pwd -P )" +config_path=$(realpath $current_path/../config) + +# Folders +out_dir="${current_path}/output" +tmp_dir="${current_path}/tmp" + +trap ctrl_c INT + +clean() { + exit_code=$1 + echo + echo "Cleaning temporary files..." + echo + # Clean the files + rm -r $tmp_dir + rm $current_path/docker/amd64/*.sh + if [ $exit_code != 0 ]; then + rm $out_dir/* + rmdir $out_dir + fi + + exit ${exit_code} +} + +ctrl_c() { + clean 1 +} + +build_deb() { + container_name="$1" + dockerfile_path="$2" + + # Validate and download files to build the package + valid_url='(https?|ftp|file)://[-[:alnum:]\+&@#/%?=~_|!:,.;]*[-[:alnum:]\+&@#/%=~_|]' + + echo + echo "Downloading files..." + echo + + mkdir -p $tmp_dir + cd $tmp_dir + + if [[ $package =~ $valid_url ]]; then + if ! curl --output wazuh-dashboard.tar.gz --silent --fail "${package}"; then + echo "The given URL or Path to the Wazuh Dashboard package is not working: ${package}" + clean 1 + fi + else + echo "The given URL or Path to the Wazuh Dashboard package is not valid: ${package}" + clean 1 + fi + + echo + echo Building the package... + echo + + # Prepare the package + directory_name=$(tar tf wazuh-dashboard.tar.gz | head -1 | sed 's#/.*##' | sort -u) + tar -zxf wazuh-dashboard.tar.gz + rm wazuh-dashboard.tar.gz + mv $directory_name wazuh-dashboard-base + cp $config_path/* wazuh-dashboard-base + echo ${version} >wazuh-dashboard-base/VERSION + tar -czf ./wazuh-dashboard.tar.gz wazuh-dashboard-base + + # Copy the necessary files + cp ${current_path}/builder.sh ${dockerfile_path} + + # Build the Docker image + if [[ ${build_docker} == "yes" ]]; then + docker build -t ${container_name} ${dockerfile_path} || return 1 + fi + + # Build the Debian package with a Docker container + mkdir -p $out_dir + volumes="-v ${out_dir}/:/tmp:Z -v ${tmp_dir}/wazuh-dashboard.tar.gz:/opt/wazuh-dashboard.tar.gz" + docker run -t --rm ${volumes} \ + -v ${current_path}/../..:/root:Z \ + ${container_name} ${architecture} \ + ${revision} ${version} || return 1 + + echo "Package $(ls -Art ${out_dir} | tail -n 1) added to ${out_dir}." + + echo + echo DONE! + echo + + return 0 +} + +build() { + build_name="${deb_amd64_builder}" + file_path="../${deb_builder_dockerfile}/${architecture}" + build_deb ${build_name} ${file_path} || return 1 + return 0 +} + +help() { + echo + echo "Usage: $0 [OPTIONS]" + echo + echo " -v, --version Wazuh version" + echo " -p, --package Set the location of the .tar.gz file containing the Wazuh Dashboard package." + echo " -r, --revision [Optional] Package revision. By default: 1." + echo " -o, --output [Optional] Set the destination path of package. By default, an output folder will be created." + echo " --dont-build-docker [Optional] Locally built Docker image will be used instead of generating a new one." + echo " -h, --help Show this help." + echo + exit $1 +} + +main() { + while [ -n "${1}" ]; do + case "${1}" in + "-h" | "--help") + help 0 + ;; + "-p" | "--package") + if [ -n "${2}" ]; then + package="${2}" + shift 2 + else + help 1 + fi + ;; + "-v" | "--version") + if [ -n "${2}" ]; then + version="${2}" + shift 2 + else + help 1 + fi + ;; + "-r" | "--revision") + if [ -n "${2}" ]; then + revision="${2}" + shift 2 + else + help 1 + fi + ;; + "--dont-build-docker") + build_docker="no" + shift 1 + ;; + "-o" | "--output") + if [ -n "${2}" ]; then + out_dir="${2}" + shift 2 + else + help 1 + fi + ;; + *) + help 1 + ;; + esac + done + + if [ -z "$package" ] | [ -z "$version" ]; then + help 1 + fi + + build || clean 1 + + clean 0 +} + +main "$@" diff --git a/dev-tools/build-packages/rpm/builder.sh b/dev-tools/build-packages/rpm/builder.sh new file mode 100755 index 00000000000..f71f9476d03 --- /dev/null +++ b/dev-tools/build-packages/rpm/builder.sh @@ -0,0 +1,50 @@ +#!/bin/bash + +# Wazuh package builder +# Copyright (C) 2021, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. + +set -e + +# Script parameters to build the package +target="wazuh-dashboard" +architecture=$1 +revision=$2 +version=$3 +directory_base="/usr/share/wazuh-dashboard" + +# Build directories +build_dir=/build +rpm_build_dir=${build_dir}/rpmbuild +pkg_name=${target}-${version} +pkg_path="${rpm_build_dir}/RPMS/${architecture}" +file_name="${target}-${version}-${revision}" +rpm_file="${file_name}.${architecture}.rpm" + +mkdir -p ${rpm_build_dir}/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} + +# Prepare the sources directory to build the source tar.gz +mkdir ${build_dir}/${pkg_name} + +# Including spec file +cp /root/build-packages/rpm/${target}.spec ${rpm_build_dir}/SPECS/${pkg_name}.spec + +# Generating source tar.gz +cd ${build_dir} && tar czf "${rpm_build_dir}/SOURCES/${pkg_name}.tar.gz" "${pkg_name}" + +# Building RPM +/usr/bin/rpmbuild -v \ + --define "_topdir ${rpm_build_dir}" \ + --define "_version ${version}" \ + --define "_release ${revision}" \ + --define "_localstatedir ${directory_base}" \ + --target ${architecture} \ + -ba ${rpm_build_dir}/SPECS/${pkg_name}.spec + +cd ${pkg_path} && sha512sum ${rpm_file} >/tmp/${rpm_file}.sha512 + +find ${pkg_path}/ -maxdepth 3 -type f -name "${file_name}*" -exec mv {} /tmp/ \; diff --git a/dev-tools/build-packages/rpm/docker/x86_64/Dockerfile b/dev-tools/build-packages/rpm/docker/x86_64/Dockerfile new file mode 100644 index 00000000000..eb6493d1587 --- /dev/null +++ b/dev-tools/build-packages/rpm/docker/x86_64/Dockerfile @@ -0,0 +1,21 @@ +FROM rockylinux:8.5 + +# Install all the necessary tools to build the packages +RUN yum clean all && yum update -y +RUN yum install -y openssh-clients sudo gnupg \ + yum-utils epel-release redhat-rpm-config rpm-devel \ + zlib zlib-devel rpm-build autoconf automake \ + glibc-devel libtool perl + +#RUN yum install -y --nobest https://repo.ius.io/ius-release-el7.rpm + +RUN yum update -y && yum install -y python3 + +RUN ln -fs /usr/bin/python3.6 /usr/bin/python + +# Add the scripts to build the RPM package +ADD builder.sh /usr/local/bin/builder +RUN chmod +x /usr/local/bin/builder + +# Set the entrypoint +ENTRYPOINT ["/usr/local/bin/builder"] diff --git a/dev-tools/build-packages/rpm/launcher.sh b/dev-tools/build-packages/rpm/launcher.sh new file mode 100755 index 00000000000..f5555e4bd5a --- /dev/null +++ b/dev-tools/build-packages/rpm/launcher.sh @@ -0,0 +1,195 @@ +#!/bin/bash + +# Wazuh package generator +# Copyright (C) 2021, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. + +# Inputs +package="" +version="" +revision="1" +architecture="x86_64" +build_base="yes" +build_docker="yes" + +# Constants +rpm_x86_builder="rpm_dashboard_builder_x86" +rpm_builder_dockerfile="${current_path}/docker" + +# Paths +current_path="$( cd $(dirname $0) ; pwd -P )" +config_path=$(realpath $current_path/../config) + +# Folders +out_dir="${current_path}/output" +tmp_dir="${current_path}/tmp" + +trap ctrl_c INT + +clean() { + exit_code=$1 + echo + echo "Cleaning temporary files..." + echo + # Clean the files + rm -r $tmp_dir + rm $current_path/docker/x86_64/*.sh + + if [ $exit_code != 0 ]; then + rm $out_dir/* + rmdir $out_dir + fi + + exit ${exit_code} +} + +ctrl_c() { + clean 1 +} + +build_rpm() { + container_name="$1" + dockerfile_path="$2" + + # Validate and download files to build the package + valid_url='(https?|ftp|file)://[-[:alnum:]\+&@#/%?=~_|!:,.;]*[-[:alnum:]\+&@#/%=~_|]' + + echo + echo "Downloading files..." + echo + + mkdir -p $tmp_dir + cd $tmp_dir + + if [[ $package =~ $valid_url ]]; then + if ! curl --output wazuh-dashboard.tar.gz --silent --fail "${package}"; then + echo "The given URL or Path to the Wazuh Dashboard package is not working: ${package}" + clean 1 + fi + else + echo "The given URL or Path to the Wazuh Dashboard package is not valid: ${package}" + clean 1 + fi + + echo + echo Building the package... + echo + + # Prepare the package + directory_name=$(tar tf wazuh-dashboard.tar.gz | head -1 | sed 's#/.*##' | sort -u) + tar -zxf wazuh-dashboard.tar.gz + rm wazuh-dashboard.tar.gz + mv $directory_name wazuh-dashboard-base + mkdir -p wazuh-dashboard-base/etc/services + cp $config_path/* wazuh-dashboard-base/etc/services + echo ${version} >wazuh-dashboard-base/VERSION + tar -czf ./wazuh-dashboard.tar.gz wazuh-dashboard-base + + # Copy the necessary files + cp ${current_path}/builder.sh ${dockerfile_path} + + # Build the Docker image + if [[ ${build_docker} == "yes" ]]; then + docker build -t ${container_name} ${dockerfile_path} || return 1 + fi + + # Build the RPM package with a Docker container + mkdir -p $out_dir + volumes="-v ${out_dir}/:/tmp:Z -v ${tmp_dir}/wazuh-dashboard.tar.gz:/opt/wazuh-dashboard.tar.gz" + docker run -t --rm ${volumes} \ + -v ${current_path}/../..:/root:Z \ + ${container_name} ${architecture} \ + ${revision} ${version} || return 1 + + echo "Package $(ls -Art ${out_dir} | tail -n 1) added to ${out_dir}." + + echo + echo DONE! + echo + + return 0 +} + +build() { + build_name="${rpm_x86_builder}" + file_path="../${rpm_builder_dockerfile}/${architecture}" + build_rpm ${build_name} ${file_path} || return 1 + return 0 +} + +help() { + echo + echo "Usage: $0 [OPTIONS]" + echo + echo " -v, --version Wazuh version" + echo " -p, --package Set the location of the .tar.gz file containing the Wazuh Dashboard package." + echo " -r, --revision [Optional] Package revision. By default: 1." + echo " -o, --output [Optional] Set the destination path of package. By default, an output folder will be created." + echo " --dont-build-docker [Optional] Locally built Docker image will be used instead of generating a new one." + echo " -h, --help Show this help." + echo + exit $1 +} + +main() { + while [ -n "${1}" ]; do + case "${1}" in + "-h" | "--help") + help 0 + ;; + "-p" | "--package") + if [ -n "${2}" ]; then + package="${2}" + shift 2 + else + help 1 + fi + ;; + "-v" | "--version") + if [ -n "${2}" ]; then + version="${2}" + shift 2 + else + help 1 + fi + ;; + "-r" | "--revision") + if [ -n "${2}" ]; then + revision="${2}" + shift 2 + else + help 1 + fi + ;; + "--dont-build-docker") + build_docker="no" + shift 1 + ;; + "-o" | "--output") + if [ -n "${2}" ]; then + outdir="${2}" + shift 2 + else + help 1 + fi + ;; + *) + help 1 + ;; + esac + done + + if [ -z "$package" ] | [ -z "$version" ]; then + help 1 + fi + + build || clean 1 + + clean 0 +} + +main "$@" diff --git a/dev-tools/build-packages/rpm/wazuh-dashboard.spec b/dev-tools/build-packages/rpm/wazuh-dashboard.spec new file mode 100644 index 00000000000..2c70fbfb3eb --- /dev/null +++ b/dev-tools/build-packages/rpm/wazuh-dashboard.spec @@ -0,0 +1,426 @@ +# Wazuh dashboard SPEC +# Copyright (C) 2021, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. +Summary: Wazuh dashboard is a user interface and visualization tool for security-related data. Documentation can be found at https://documentation.wazuh.com/current/getting-started/components/wazuh-dashboard.html +Name: wazuh-dashboard +Version: %{_version} +Release: %{_release} +License: GPL +Group: System Environment/Daemons +Source0: %{name}-%{version}.tar.gz +URL: https://www.wazuh.com/ +buildroot: %{_tmppath}/%{name}-%{version}-%{release}-wazuh-dashboard-%(%{__id_u} -n) +Vendor: Wazuh, Inc +Packager: Wazuh, Inc +Requires(pre): /usr/sbin/groupadd /usr/sbin/useradd +Requires(preun): /sbin/service +Requires(postun): /sbin/service +AutoReqProv: no +Requires: libcap +ExclusiveOS: linux + +# ----------------------------------------------------------------------------- + +%global USER %{name} +%global GROUP %{name} +%global CONFIG_DIR /etc/%{name} +%global PID_DIR /run/%{name} +%global INSTALL_DIR /usr/share/%{name} +%global DASHBOARD_FILE wazuh-dashboard.tar.gz +%define _source_payload w9.gzdio +%define _binary_payload w9.gzdio + +# ----------------------------------------------------------------------------- + + +%description +Wazuh dashboard is a user interface and visualization tool for security-related data. This Wazuh central component enables exploring, visualizing, and analyzing the stored security alerts generated by the Wazuh server. Wazuh dashboard enables inspecting the status and managing the configurations of the Wazuh cluster and agents as well as creating and managing users and roles. In addition, it allows testing the ruleset and making calls to the Wazuh API. Documentation can be found at https://documentation.wazuh.com/current/getting-started/components/wazuh-dashboard.html + +# ----------------------------------------------------------------------------- + +%prep + +cp /opt/%{DASHBOARD_FILE} ./ + +groupadd %{GROUP} +useradd -g %{GROUP} %{USER} + +# ----------------------------------------------------------------------------- + +%build + +tar -xf %{DASHBOARD_FILE} + +# ----------------------------------------------------------------------------- + +%install + +mkdir -p %{buildroot}%{CONFIG_DIR} +mkdir -p %{buildroot}%{INSTALL_DIR} +mkdir -p %{buildroot}/etc/systemd/system +mkdir -p %{buildroot}%{_initrddir} +mkdir -p %{buildroot}/etc/default + +cp wazuh-dashboard-base/config/node.options %{buildroot}%{CONFIG_DIR} +cp wazuh-dashboard-base/config/opensearch_dashboards.yml %{buildroot}%{CONFIG_DIR} +cp wazuh-dashboard-base/VERSION %{buildroot}%{INSTALL_DIR} + +mv wazuh-dashboard-base/* %{buildroot}%{INSTALL_DIR} + +# Set custom welcome styles + +mkdir -p %{buildroot}%{INSTALL_DIR}/config + +cp %{buildroot}%{INSTALL_DIR}/etc/services/wazuh-dashboard.service %{buildroot}/etc/systemd/system/wazuh-dashboard.service +cp %{buildroot}%{INSTALL_DIR}/etc/services/default %{buildroot}/etc/default/wazuh-dashboard + +chmod 640 %{buildroot}/etc/systemd/system/wazuh-dashboard.service +chmod 640 %{buildroot}/etc/default/wazuh-dashboard + +rm -rf %{buildroot}%{INSTALL_DIR}/etc/ + +find %{buildroot}%{INSTALL_DIR} -exec chown %{USER}:%{GROUP} {} \; +find %{buildroot}%{CONFIG_DIR} -exec chown %{USER}:%{GROUP} {} \; + +chown root:root %{buildroot}/etc/systemd/system/wazuh-dashboard.service + +find %{buildroot}%{INSTALL_DIR}/plugins/wazuh/ -exec chown %{USER}:%{GROUP} {} \; +find %{buildroot}%{INSTALL_DIR}/plugins/wazuh/ -type f -perm 644 -exec chmod 640 {} \; +find %{buildroot}%{INSTALL_DIR}/plugins/wazuh/ -type f -perm 755 -exec chmod 750 {} \; +find %{buildroot}%{INSTALL_DIR}/plugins/wazuh/ -type d -exec chmod 750 {} \; +find %{buildroot}%{INSTALL_DIR}/plugins/wazuh/ -type f -perm 744 -exec chmod 740 {} \; + +# ----------------------------------------------------------------------------- + +%pre +# Create the wazuh-dashboard group if it doesn't exists +if [ $1 = 1 ]; then + if command -v getent > /dev/null 2>&1 && ! getent group %{GROUP} > /dev/null 2>&1; then + groupadd -r %{GROUP} + elif ! getent group %{GROUP} > /dev/null 2>&1; then + groupadd -r %{GROUP} + fi + # Create the wazuh-dashboard user if it doesn't exists + if ! getent passwd %{USER} > /dev/null 2>&1; then + useradd -g %{GROUP} -G %{USER} -d %{INSTALL_DIR}/ -r -s /sbin/nologin wazuh-dashboard + fi +fi +# Stop the services to upgrade the package +if [ $1 = 2 ]; then + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-dashboard > /dev/null 2>&1; then + systemctl stop wazuh-dashboard.service > /dev/null 2>&1 + touch %{INSTALL_DIR}/wazuh-dashboard.restart + # Check for SysV + elif command -v service > /dev/null 2>&1 && service wazuh-dashboard status 2>/dev/null | grep "is running" > /dev/null 2>&1; then + service wazuh-dashboard stop > /dev/null 2>&1 + touch %{INSTALL_DIR}/wazuh-dashboard.restart + fi +fi + +# ----------------------------------------------------------------------------- + +%post +setcap 'cap_net_bind_service=+ep' %{INSTALL_DIR}/node/bin/node + +if [ ! -f %{INSTALLATION_DIR}/config/opensearch_dashboards.keystore ]; then + runuser %{USER} --shell="/bin/bash" --command="%{INSTALL_DIR}/bin/opensearch-dashboards-keystore create" > /dev/null 2>&1 + runuser %{USER} --shell="/bin/bash" --command="echo kibanaserver | %{INSTALL_DIR}/bin/opensearch-dashboards-keystore add opensearch.username --stdin" > /dev/null 2>&1 + runuser %{USER} --shell="/bin/bash" --command="echo kibanaserver | %{INSTALL_DIR}/bin/opensearch-dashboards-keystore add opensearch.password --stdin" > /dev/null 2>&1 +fi + +# ----------------------------------------------------------------------------- + +%preun +if [ $1 = 0 ];then # Remove + echo -n "Stopping wazuh-dashboard service..." + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then + systemctl stop wazuh-dashboard.service > /dev/null 2>&1 + # Check for SysV + elif command -v service > /dev/null 2>&1; then + service wazuh-dashboard stop > /dev/null 2>&1 + fi +fi + +# ----------------------------------------------------------------------------- + +%postun +if [ $1 = 0 ];then + # If the package is been uninstalled + # Remove the wazuh-dashboard user if it exists + if getent passwd %{USER} > /dev/null 2>&1; then + userdel %{USER} >/dev/null 2>&1 + fi + # Remove the wazuh-dashboard group if it exists + if command -v getent > /dev/null 2>&1 && getent group %{GROUP} > /dev/null 2>&1; then + groupdel %{GROUP} >/dev/null 2>&1 + elif getent group %{GROUP} > /dev/null 2>&1; then + groupdel %{GROUP} >/dev/null 2>&1 + fi + + # Remove /etc/wazuh-dashboard and /usr/share/wazuh-dashboard dirs + rm -rf %{INSTALL_DIR} + if [ -d %{PID_DIR} ]; then + rm -rf %{PID_DIR} + fi +fi + +# ----------------------------------------------------------------------------- + +# posttrans code is the last thing executed in a install/upgrade +%posttrans +if [ ! -d %{PID_DIR} ]; then + mkdir -p %{PID_DIR} + chown %{USER}:%{GROUP} %{PID_DIR} +fi + +if [ -f %{INSTALL_DIR}/wazuh-dashboard.restart ]; then + rm -f %{INSTALL_DIR}/wazuh-dashboard.restart + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then + systemctl restart wazuh-dashboard.service > /dev/null 2>&1 + # Check for SysV + elif command -v service > /dev/null 2>&1; then + service wazuh-dashboard restart > /dev/null 2>&1 + fi + +fi + + +# ----------------------------------------------------------------------------- + +%clean +rm -fr %{buildroot} + +# ----------------------------------------------------------------------------- + +%files +%defattr(-,%{USER},%{GROUP}) +%dir %attr(750, %{USER}, %{GROUP}) %{CONFIG_DIR} + +%attr(0750, %{USER}, %{GROUP}) "/etc/default/wazuh-dashboard" +%config(noreplace) %attr(0640, %{USER}, %{GROUP}) "%{CONFIG_DIR}/opensearch_dashboards.yml" +%config(noreplace) %attr(0640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/config/opensearch_dashboards.yml" +%config(noreplace) %attr(0640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/config/node.options" + +%attr(440, %{USER}, %{GROUP}) %{INSTALL_DIR}/VERSION +%dir %attr(750, %{USER}, %{GROUP}) %{INSTALL_DIR} +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/core" +%attr(-, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/core/*" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/remove" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/list" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/lib" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/downloaders" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/__fixtures__" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/__fixtures__/replies" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_keystore" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_keystore/utils" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env/root" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env/harden" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/bundles_route" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/bundles_route/__fixtures__" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/bundles_route/__fixtures__/plugin" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/bundles_route/__fixtures__/plugin/foo" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/plugins" +%attr(-, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/plugins/* +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli/serve" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli/serve/integration_tests" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli/serve/integration_tests/__fixtures__" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli/serve/integration_tests/__fixtures__/reload_logging_config" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/utils" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/logging" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/logging/rotate" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/core" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/i18n" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/i18n/localization" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/warnings" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/http" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/config" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/keystore" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/ui" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/ui/ui_render" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/ui/ui_render/bootstrap" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/ui/apm" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/docs" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/node_modules" +%attr(-, %{USER}, %{GROUP}) "%{INSTALL_DIR}/node_modules/*" +%attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/node_modules/.yarn-integrity" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/node" +%attr(-, %{USER}, %{GROUP}) "%{INSTALL_DIR}/node/*" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/data" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/plugins" +%attr(-, %{USER}, %{GROUP}) "%{INSTALL_DIR}/plugins/*" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/bin" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/remove/settings.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/remove/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/remove/remove.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/dev.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/list/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/list/list.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/lib/logger.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/lib/errors.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/lib/log_warnings.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/opensearch_dashboards.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/downloaders/file.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/downloaders/http.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/zip.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/download.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/install.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/settings.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/rename.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/__fixtures__/replies/invalid_name.zip" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/__fixtures__/replies/test_plugin_different_version.zip" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/__fixtures__/replies/banana.jpg" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/__fixtures__/replies/test_plugin_no_opensearch_dashboards.zip" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/__fixtures__/replies/test_plugin.zip" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/__fixtures__/replies/corrupt.zip" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/__fixtures__/replies/test_plugin_many.zip" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/cleanup.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/pack.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/install/progress.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/cli.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_plugin/dist.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_keystore/cli_keystore.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_keystore/add.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_keystore/create.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_keystore/utils/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_keystore/utils/prompt.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_keystore/dev.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_keystore/get_keystore.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_keystore/remove.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_keystore/dist.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli_keystore/list.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/apm.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env/root/force.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env/root/is_root.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env/root/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env/polyfill.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env/node_version_validator.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env/harden/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env/harden/child_process.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env/harden/lodash_template.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env/no_transpilation.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env/exit_on_warning.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/setup_node_env/dist.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/np_ui_plugin_public_dirs.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/optimize_mixin.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/bundles_route/proxy_bundles_route.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/bundles_route/file_hash.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/bundles_route/file_hash_cache.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/bundles_route/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/bundles_route/__fixtures__/plugin/foo/plugin.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/bundles_route/__fixtures__/outside_output.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/bundles_route/bundles_route.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/optimize/bundles_route/dynamic_asset_response.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli/command.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli/help.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli/cli.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli/serve/serve.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli/serve/read_keystore.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli/serve/integration_tests/__fixtures__/invalid_config.yml" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli/serve/integration_tests/__fixtures__/reload_logging_config/opensearch_dashboards_log_file.test.yml" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli/serve/integration_tests/__fixtures__/reload_logging_config/opensearch_dashboards_log_console.test.yml" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli/serve/integration_tests/__fixtures__/reload_logging_config/opensearch_dashboards.test.yml" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/cli/dist.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/utils/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/utils/unset.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/utils/version.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/utils/artifact_type.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/utils/deep_clone_with_buffers.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/logging/rotate/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/logging/rotate/log_rotator.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/logging/apply_filters_to_keys.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/logging/log_format.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/logging/log_reporter.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/logging/log_format_json.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/logging/log_with_metadata.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/logging/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/logging/configuration.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/logging/log_interceptor.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/logging/log_format_string.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/core/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/i18n/localization/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/i18n/localization/telemetry_localization_collector.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/i18n/localization/file_integrity.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/i18n/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/i18n/get_translations_path.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/i18n/constants.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/osd_server.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/warnings/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/http/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/http/register_hapi_plugins.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/http/setup_base_path_provider.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/config/override.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/config/complete.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/config/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/config/schema.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/config/config.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/keystore/keystore.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/keystore/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/server/keystore/errors.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/ui/ui_mixin.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/ui/ui_render/ui_render_mixin.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/ui/ui_render/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/ui/ui_render/bootstrap/osd_bundles_loader_source.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/ui/ui_render/bootstrap/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/ui/ui_render/bootstrap/template.js.hbs" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/ui/ui_render/bootstrap/app_bootstrap.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/ui/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/legacy/ui/apm/index.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/docs/docs_repo.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/src/docs/cli.js" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/package.json" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/LICENSE.txt" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/NOTICE.txt" +%attr(640, %{USER}, %{GROUP}) "%{INSTALL_DIR}/README.txt" +%attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/bin/opensearch-dashboards" +%attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/bin/opensearch-dashboards-plugin" +%attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/bin/opensearch-dashboards-keystore" +%dir %attr(750, %{USER}, %{GROUP}) "%{INSTALL_DIR}/config" +%attr(640, %{USER}, %{GROUP}) "%{CONFIG_DIR}/node.options" +%attr(640, root, root) "/etc/systemd/system/wazuh-dashboard.service" + +%changelog +* Fri May 05 2023 support - %{version} +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Apr 24 2023 support - 4.4.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Apr 17 2023 support - 4.4.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jan 18 2023 support - 4.4.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Nov 10 2022 support - 4.3.10 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Oct 03 2022 support - 4.3.9 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Sep 19 2022 support - 4.3.8 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Aug 08 2022 support - 4.3.7 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Jul 07 2022 support - 4.3.6 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jun 29 2022 support - 4.3.5 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jun 07 2022 support - 4.3.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue May 31 2022 support - 4.3.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon May 30 2022 support - 4.3.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed May 18 2022 support - 4.3.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu May 05 2022 support - 4.3.0 +- More info: https://documentation.wazuh.com/current/release-notes/