From 75e00a02c862c5a57fb4627e1cbdfafe483ccae9 Mon Sep 17 00:00:00 2001 From: DFolchA Date: Tue, 18 Jul 2023 11:17:09 +0200 Subject: [PATCH 1/2] Add rocky linux 9 SCA files --- debs/SPECS/wazuh-manager/debian/rules | 3 +++ rpms/SPECS/wazuh-agent.spec | 7 ++++++- rpms/SPECS/wazuh-manager.spec | 7 ++++++- 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/debs/SPECS/wazuh-manager/debian/rules b/debs/SPECS/wazuh-manager/debian/rules index e0dddd9ec4..a387f56bfb 100644 --- a/debs/SPECS/wazuh-manager/debian/rules +++ b/debs/SPECS/wazuh-manager/debian/rules @@ -152,6 +152,7 @@ override_dh_install: mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/22/04 mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/windows mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sunos/5/11 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rocky/9 cp -r ruleset/sca/* ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca @@ -205,6 +206,8 @@ override_dh_install: cp etc/templates/config/ubuntu/20/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/20/04 cp etc/templates/config/ubuntu/22/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/22/04 + cp etc/templates/config/rocky/9/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rocky/9 + override_dh_fixperms: dh_fixperms # Fix Python permissions diff --git a/rpms/SPECS/wazuh-agent.spec b/rpms/SPECS/wazuh-agent.spec index 4b5d5b9900..881f4eedb3 100644 --- a/rpms/SPECS/wazuh-agent.spec +++ b/rpms/SPECS/wazuh-agent.spec @@ -109,8 +109,9 @@ mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rh mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/{11,12,15} mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/{11,12} mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/fedora/{29,30,31,32,33,34} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rocky/{9} -cp -r ruleset/sca/{generic,centos,rhel,sles,amazon} ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp +cp -r ruleset/sca/{generic,centos,rhel,sles,amazon,rocky} ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp cp etc/templates/config/generic/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic @@ -147,6 +148,8 @@ cp etc/templates/config/fedora/32/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/t cp etc/templates/config/fedora/33/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/fedora/33 cp etc/templates/config/fedora/34/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/fedora/34 +cp etc/templates/config/rocky/9/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rocky/9 + # Add configuration scripts mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/ cp gen_ossec.sh ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/ @@ -599,6 +602,8 @@ rm -fr %{buildroot} %attr(640, root, wazuh) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amazon/* %dir %attr(750, wazuh, wazuh) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/fedora %attr(640, root, wazuh) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/fedora/* +%dir %attr(750, wazuh, wazuh) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rocky +%attr(640, root, wazuh) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rocky/* %dir %attr(1770, root, wazuh) %{_localstatedir}/tmp %dir %attr(750, root, wazuh) %{_localstatedir}/var %dir %attr(770, root, wazuh) %{_localstatedir}/var/incoming diff --git a/rpms/SPECS/wazuh-manager.spec b/rpms/SPECS/wazuh-manager.spec index 4ab8e784cc..d97111c158 100644 --- a/rpms/SPECS/wazuh-manager.spec +++ b/rpms/SPECS/wazuh-manager.spec @@ -124,8 +124,9 @@ mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/su mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sunos mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/windows mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/fedora/{29,30,31,32,33,34} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rocky/{9} -cp -r ruleset/sca/{applications,generic,mongodb,nginx,oracledb,centos,darwin,debian,rhel,sles,sunos,windows,amazon,ubuntu} ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp +cp -r ruleset/sca/{applications,generic,mongodb,nginx,oracledb,centos,darwin,debian,rhel,sles,sunos,windows,amazon,ubuntu,rocky} ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp cp etc/templates/config/generic/{sca.files,sca.manager.files} ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic @@ -162,6 +163,8 @@ cp etc/templates/config/fedora/32/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/t cp etc/templates/config/fedora/33/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/fedora/33 cp etc/templates/config/fedora/34/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/fedora/34 +cp etc/templates/config/rocky/9/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rocky/9 + # Add SUSE initscript sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/ossec-hids-suse.init cp -rp src/init/templates/ossec-hids-suse.init ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/src/init/ @@ -819,6 +822,8 @@ rm -fr %{buildroot} %attr(640, root, wazuh) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/fedora/* %dir %attr(750, wazuh, wazuh) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/windows %attr(640, root, wazuh) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/windows/* +%dir %attr(750, wazuh, wazuh) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rocky +%attr(640, root, wazuh) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rocky/* %dir %attr(750, root, wazuh) %{_localstatedir}/var %dir %attr(770, root, wazuh) %{_localstatedir}/var/db %attr(660, root, wazuh) %{_localstatedir}/var/db/mitre.db From 024ef9aa25515811635fc53e3b4c3a43a6962b06 Mon Sep 17 00:00:00 2001 From: DFolchA Date: Wed, 19 Jul 2023 10:18:58 +0200 Subject: [PATCH 2/2] Add Alma and Rocky linux to system check --- rpms/SPECS/wazuh-agent.spec | 28 ++++++++++++++++++++++------ rpms/SPECS/wazuh-manager.spec | 28 +++++++++++++++++++++++----- 2 files changed, 45 insertions(+), 11 deletions(-) diff --git a/rpms/SPECS/wazuh-agent.spec b/rpms/SPECS/wazuh-agent.spec index 881f4eedb3..19958f5315 100644 --- a/rpms/SPECS/wazuh-agent.spec +++ b/rpms/SPECS/wazuh-agent.spec @@ -109,10 +109,9 @@ mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rh mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/{11,12,15} mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/{11,12} mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/fedora/{29,30,31,32,33,34} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rocky/{9} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rocky/{8,9} cp -r ruleset/sca/{generic,centos,rhel,sles,amazon,rocky} ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp - cp etc/templates/config/generic/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic cp etc/templates/config/amzn/1/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/1 @@ -277,9 +276,23 @@ rm -rf %{_localstatedir}/packages_files # Remove unnecessary files from shared directory rm -f %{_localstatedir}/etc/shared/*.rpmnew +#AlmaLinux +if [ -r "/etc/almalinux-release" ]; then + DIST_NAME=almalinux + DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/almalinux-release` +#Rocky +elif [ -r "/etc/rocky-release" ]; then + DIST_NAME=rocky + DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/rocky-release` # CentOS -if [ -r "/etc/centos-release" ]; then - DIST_NAME="centos" +elif [ -r "/etc/centos-release" ]; then + if grep -q "AlmaLinux" /etc/centos-release; then + DIST_NAME=almalinux + elif grep -q "Rocky" /etc/centos-release; then + DIST_NAME=almalinux + else + DIST_NAME="centos" + fi DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/centos-release` # Fedora elif [ -r "/etc/fedora-release" ]; then @@ -287,7 +300,11 @@ elif [ -r "/etc/fedora-release" ]; then DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/fedora-release` # RedHat elif [ -r "/etc/redhat-release" ]; then - if grep -q "CentOS" /etc/redhat-release; then + if grep -q "AlmaLinux" /etc/redhat-release; then + DIST_NAME=almalinux + elif grep -q "Rocky" /etc/redhat-release; then + DIST_NAME=almalinux + elif grep -q "CentOS" /etc/redhat-release; then DIST_NAME="centos" else DIST_NAME="rhel" @@ -326,7 +343,6 @@ SCA_BASE_DIR="%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp" mkdir -p %{_localstatedir}/ruleset/sca SCA_TMP_DIR="${SCA_BASE_DIR}/${SCA_DIR}" - # Install the configuration files needed for this hosts if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" diff --git a/rpms/SPECS/wazuh-manager.spec b/rpms/SPECS/wazuh-manager.spec index d97111c158..70e785bb37 100644 --- a/rpms/SPECS/wazuh-manager.spec +++ b/rpms/SPECS/wazuh-manager.spec @@ -124,7 +124,7 @@ mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/su mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sunos mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/windows mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/fedora/{29,30,31,32,33,34} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rocky/{9} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rocky/{8,9} cp -r ruleset/sca/{applications,generic,mongodb,nginx,oracledb,centos,darwin,debian,rhel,sles,sunos,windows,amazon,ubuntu,rocky} ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp @@ -319,7 +319,7 @@ if [ $1 = 1 ]; then %{_localstatedir}/packages_files/manager_installation_scripts/add_localfiles.sh %{_localstatedir} >> %{_localstatedir}/etc/ossec.conf fi - # We create this fix for the operating system that decraped the SySV. For now, this fix is for suse/openSUSE + # We create this fix for the operating system that deprecated SySV. For now, this fix is for suse/openSUSE sles="" if [ -f /etc/SuSE-release ]; then sles="suse" @@ -354,9 +354,23 @@ fi rm -f %{_localstatedir}/etc/shared/ar.conf >/dev/null 2>&1 rm -f %{_localstatedir}/etc/shared/merged.mg >/dev/null 2>&1 +#AlmaLinux +if [ -r "/etc/almalinux-release" ]; then + DIST_NAME=almalinux + DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/almalinux-release` +#Rocky +elif [ -r "/etc/rocky-release" ]; then + DIST_NAME=rocky + DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/rocky-release` # CentOS -if [ -r "/etc/centos-release" ]; then - DIST_NAME="centos" +elif [ -r "/etc/centos-release" ]; then + if grep -q "AlmaLinux" /etc/centos-release; then + DIST_NAME=almalinux + elif grep -q "Rocky" /etc/centos-release; then + DIST_NAME=almalinux + else + DIST_NAME="centos" + fi DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/centos-release` # Fedora elif [ -r "/etc/fedora-release" ]; then @@ -364,7 +378,11 @@ elif [ -r "/etc/fedora-release" ]; then DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/fedora-release` # RedHat elif [ -r "/etc/redhat-release" ]; then - if grep -q "CentOS" /etc/redhat-release; then + if grep -q "AlmaLinux" /etc/redhat-release; then + DIST_NAME=almalinux + elif grep -q "Rocky" /etc/redhat-release; then + DIST_NAME=almalinux + elif grep -q "CentOS" /etc/redhat-release; then DIST_NAME="centos" else DIST_NAME="rhel"