Merge pull request #734 from wazuh/merge-4.7.0-into-master

Merge `4.7.0` into `master`
wazuh · Aug 11, 2023 · 4b322b4 · 4b322b4
2 parents 2ed28e1 + 2fd1947
commit 4b322b4
Show file tree

Hide file tree

Showing 7 changed files with 30 additions and 5 deletions.
diff --git a/manifests/activeresponse.pp b/manifests/activeresponse.pp
@@ -17,9 +17,6 @@
   $before_arg                         = undef,
   $content_arg                        = 'wazuh/fragments/_activeresponse.erb'
 ) {
-
-  require wazuh::params_manager
-
   concat::fragment { $active_response_name:
     target  => $target_arg,
     order   => $order_arg,

diff --git a/manifests/agent.pp b/manifests/agent.pp
@@ -340,7 +340,7 @@
         }
       }'Amazon':{
         $apply_template_os = 'amazon'
-      }'CentOS','Centos','centos','AlmaLinux':{
+      }'CentOS','Centos','centos','AlmaLinux','Rocky':{
         $apply_template_os = 'centos'
       }'SLES':{
         $apply_template_os = 'suse'

diff --git a/manifests/manager.pp b/manifests/manager.pp
@@ -198,6 +198,10 @@
       $vulnerability_detector_provider_msu_enabled           = $wazuh::params_manager::vulnerability_detector_provider_msu_enabled,
       $vulnerability_detector_provider_msu_update_interval   = $wazuh::params_manager::vulnerability_detector_provider_msu_update_interval,
 
+      $vulnerability_detector_provider_almalinux                    = $wazuh::params_manager::vulnerability_detector_provider_almalinux,
+      $vulnerability_detector_provider_almalinux_enabled            = $wazuh::params_manager::vulnerability_detector_provider_almalinux_enabled,
+      $vulnerability_detector_provider_almalinux_os                 = $wazuh::params_manager::vulnerability_detector_provider_almalinux_os,
+      $vulnerability_detector_provider_almalinux_update_interval    = $wazuh::params_manager::vulnerability_detector_provider_almalinux_update_interval,
 
       # syslog
       $syslog_output                        = $wazuh::params_manager::syslog_output,

diff --git a/manifests/params_agent.pp b/manifests/params_agent.pp
@@ -463,6 +463,11 @@
                 $ossec_service_provider = 'redhat'
               }
             }
+            'Rocky': {
+              if ( $::operatingsystemrelease =~ /^8.*/ ) {
+                $ossec_service_provider = 'redhat'
+              }
+            }
             default: { fail('This ossec module has not been tested on your distribution') }
           }
         }

diff --git a/manifests/params_manager.pp b/manifests/params_manager.pp
@@ -209,6 +209,13 @@
       $vulnerability_detector_provider_msu_enabled           = 'no'
       $vulnerability_detector_provider_msu_update_interval   = '1h'
 
+      $vulnerability_detector_provider_almalinux                 = 'yes'
+      $vulnerability_detector_provider_almalinux_enabled         = 'no'
+      $vulnerability_detector_provider_almalinux_os              = ['8',
+        '9'
+      ]
+      $vulnerability_detector_provider_almalinux_update_interval = '1h'
+
       $syslog_output                                   = false
       $syslog_output_level                             = 2
       $syslog_output_port                              = 514

diff --git a/manifests/repo.pp b/manifests/repo.pp
@@ -35,7 +35,8 @@
     }
     'Linux', 'RedHat', 'Suse' : {
         case $::os[name] {
-          /^(CentOS|RedHat|OracleLinux|Fedora|Amazon|AlmaLinux|SLES)$/: {
+          /^(CentOS|RedHat|OracleLinux|Fedora|Amazon|AlmaLinux|Rocky|SLES)$/: {
+
             if ( $::operatingsystemrelease =~ /^5.*/ ) {
               $baseurl  = 'https://packages.wazuh.com/4.x/yum/5/'
               $gpgkey   = 'http://packages.wazuh.com/key/GPG-KEY-WAZUH'

diff --git a/templates/fragments/_vulnerability_detector.erb b/templates/fragments/_vulnerability_detector.erb
@@ -66,4 +66,15 @@
     <% if @vulnerability_detector_provider_msu_update_interval %><update_interval><%= @vulnerability_detector_provider_msu_update_interval %></update_interval><% end %>
   </provider>
 <% end %>
+<% if @vulnerability_detector_provider_almalinux %>
+  <provider name="almalinux">
+    <% if @vulnerability_detector_provider_almalinux_enabled %><enabled><%= @vulnerability_detector_provider_almalinux_enabled %></enabled><% end %>
+    <% if !@vulnerability_detector_provider_almalinux_os.empty? %>
+    <% @vulnerability_detector_provider_almalinux_os.each do |os| %>
+    <os><%= os %></os>
+    <% end %>
+    <% end %>
+    <% if @vulnerability_detector_provider_almalinux_update_interval %><update_interval><%= @vulnerability_detector_provider_almalinux_update_interval %></update_interval><% end %>
+  </provider>
+<% end %>
 </vulnerability-detector>