Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wazuh agent installation on Solaris 10 is not being able to pick automatically files from last installation #2100

Open
jnasselle opened this issue Feb 15, 2023 · 0 comments
Open

Wazuh agent installation on Solaris 10 is not being able to pick automatically files from last installation #2100

jnasselle opened this issue Feb 15, 2023 · 0 comments
Labels
level/task Subtask issue qa_known Issues that are already known by the QA team solaris type/bug Bug issue

Comments

@jnasselle
Copy link
Member

Wazuh version Install type Action performed Platform
4.4-rc1 Agent Install Solaris

Description

After #2099, it was found that trying to install the agent again was not capable of picking valuable config files (ossec.conf, client.key and that kind of files) from the last installation automatically.

# pkgadd -d wazuh-agent_v4.4.0-sol10-sparc.pkg

The following packages are available:
  1  wazuh-agent     Wazuh - Improved OSSEC agent for Intrusion Detection, File Integrity Monitoring, Policy Monitoring and Rootkits Detection.
                     (sparc) 4.4.0

Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]: 

Processing package instance <wazuh-agent> from </export/home/xcrc/wazuh-agent_v4.4.0-sol10-sparc.pkg>

Wazuh - Improved OSSEC agent for Intrusion Detection, File Integrity Monitoring, Policy Monitoring and Rootkits Detection.(sparc) 4.4.0
Wazuh, Inc <[email protected]>
## Executing checkinstall script.
## Processing package information.
## Processing system information.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.

The following files are already installed on the system and are being
used by another package:
* /var/ossec <attribute change only>
* /var/ossec/etc <attribute change only>
* /var/ossec/etc/shared <attribute change only>
* /var/ossec/queue <attribute change only>
* /var/ossec/queue/alerts <attribute change only>
* /var/ossec/queue/fim <attribute change only>
* /var/ossec/queue/fim/db <attribute change only>
* /var/ossec/queue/logcollector <attribute change only>
* /var/ossec/queue/rids <attribute change only>
* /var/ossec/queue/sockets <attribute change only>
* /var/ossec/queue/syscollector <attribute change only>
* /var/ossec/queue/syscollector/db <attribute change only>

* - conflict with a file which does not belong to any package.

Do you want to install these conflicting files [y,n,?,q] 
        ERROR: Input is required.

Do you want to install these conflicting files [y,n,?,q] y
## Checking for setuid/setgid programs.

This package contains scripts which will be executed with super-user
permission during the process of installing this package.

Do you want to continue with the installation of <wazuh-agent> [y,n,?] y

Installing Wazuh - Improved OSSEC agent for Intrusion Detection, File Integrity Monitoring, Policy Monitoring and Rootkits Detection. as <wazuh-agent>

## Executing preinstall script.
## Installing part 1 of 1.
/etc/init.d/wazuh-agent
/etc/rc2.d/S97wazuh-agent <symbolic link>
/etc/rc3.d/S97wazuh-agent <symbolic link>
/var/ossec/active-response/bin/default-firewall-drop
/var/ossec/active-response/bin/disable-account
/var/ossec/active-response/bin/firewall-drop
/var/ossec/active-response/bin/firewalld-drop
/var/ossec/active-response/bin/host-deny
/var/ossec/active-response/bin/ip-customblock
/var/ossec/active-response/bin/ipfw
/var/ossec/active-response/bin/kaspersky
/var/ossec/active-response/bin/kaspersky.py
/var/ossec/active-response/bin/npf
/var/ossec/active-response/bin/pf
/var/ossec/active-response/bin/restart-wazuh
/var/ossec/active-response/bin/restart.sh
/var/ossec/active-response/bin/route-null
/var/ossec/active-response/bin/wazuh-slack
/var/ossec/agentless/main.exp
/var/ossec/agentless/register_host.sh
/var/ossec/agentless/ssh.exp
/var/ossec/agentless/ssh_asa-fwsmconfig_diff
/var/ossec/agentless/ssh_foundry_diff
/var/ossec/agentless/ssh_generic_diff
/var/ossec/agentless/ssh_integrity_check_bsd
/var/ossec/agentless/ssh_integrity_check_linux
/var/ossec/agentless/ssh_nopass.exp
/var/ossec/agentless/ssh_pixconfig_diff
/var/ossec/agentless/sshlogin.exp
/var/ossec/agentless/su.exp
/var/ossec/bin/agent-auth
/var/ossec/bin/manage_agents
/var/ossec/bin/wazuh-agentd
/var/ossec/bin/wazuh-control
/var/ossec/bin/wazuh-execd
/var/ossec/bin/wazuh-logcollector
/var/ossec/bin/wazuh-modulesd
/var/ossec/bin/wazuh-syscheckd
/var/ossec/etc/TIMEZONE
/var/ossec/etc/client.keys
/var/ossec/etc/internal_options.conf
/var/ossec/etc/local_internal_options.conf
/var/ossec/etc/ossec.conf
/var/ossec/etc/shared/cis_apache2224_rcl.txt
/var/ossec/etc/shared/cis_debian_linux_rcl.txt
/var/ossec/etc/shared/cis_mysql5-6_community_rcl.txt
/var/ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt
/var/ossec/etc/shared/cis_rhel5_linux_rcl.txt
/var/ossec/etc/shared/cis_rhel6_linux_rcl.txt
/var/ossec/etc/shared/cis_rhel7_linux_rcl.txt
/var/ossec/etc/shared/cis_rhel_linux_rcl.txt
/var/ossec/etc/shared/cis_sles11_linux_rcl.txt
/var/ossec/etc/shared/cis_sles12_linux_rcl.txt
/var/ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt
/var/ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt
/var/ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt
/var/ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt
/var/ossec/etc/shared/rootkit_files.txt
/var/ossec/etc/shared/rootkit_trojans.txt
/var/ossec/etc/shared/system_audit_rcl.txt
/var/ossec/etc/shared/system_audit_ssh.txt
/var/ossec/etc/shared/win_applications_rcl.txt
/var/ossec/etc/shared/win_audit_rcl.txt
/var/ossec/etc/shared/win_malware_rcl.txt
/var/ossec/etc/wpk_root.pem
/var/ossec/lib/libdbsync.so
/var/ossec/lib/libgcc_s.so.1
/var/ossec/lib/librsync.so
/var/ossec/lib/libstdc++.so.6
/var/ossec/lib/libsyscollector.so
/var/ossec/lib/libsysinfo.so
/var/ossec/lib/libwazuhext.so
/var/ossec/lib/libwazuhshared.so
/var/ossec/logs/active-responses.log
/var/ossec/logs/ossec.json
/var/ossec/logs/ossec.log
/var/ossec/queue/syscollector/norm_config.json
/var/ossec/ruleset/sca/sca_unix_audit.yml
/var/ossec/wodles/__init__.py
/var/ossec/wodles/aws/aws-s3
/var/ossec/wodles/azure/azure-logs
/var/ossec/wodles/azure/orm.py
/var/ossec/wodles/docker/DockerListener
/var/ossec/wodles/gcloud/buckets/access_logs.py
/var/ossec/wodles/gcloud/buckets/bucket.py
/var/ossec/wodles/gcloud/exceptions.py
/var/ossec/wodles/gcloud/gcloud
/var/ossec/wodles/gcloud/integration.py
/var/ossec/wodles/gcloud/pubsub/subscriber.py
/var/ossec/wodles/gcloud/tools.py
/var/ossec/wodles/utils.py
[ verifying class <none> ]
## Executing postinstall script.

Installation of <wazuh-agent> was successful.
@jnasselle jnasselle mentioned this issue Feb 16, 2023
Closed
2 tasks
@okynos okynos moved this from Triage to Known Issue in Release 4.4.0 Feb 16, 2023
@vikman90 vikman90 added level/task Subtask issue type/bug Bug issue labels Jun 14, 2023
@rauldpm rauldpm added the qa_known Issues that are already known by the QA team label Oct 2, 2023
@rauldpm rauldpm mentioned this issue Oct 2, 2023
Closed
2 tasks
@damarisg damarisg mentioned this issue Oct 3, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
level/task Subtask issue qa_known Issues that are already known by the QA team solaris type/bug Bug issue
Projects
No open projects
Release 4.4.0
Status: Known Issue
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jnasselle @vikman90 @rauldpm