Merge branch '4.7.0' into merge-4.7.0-into-4.7.1

wazuh · Nov 2, 2023 · ae23dc6 · ae23dc6
2 parents 9ffe644 + cb1a57b
commit ae23dc6
Show file tree

Hide file tree

Showing 14 changed files with 129 additions and 65 deletions.
diff --git a/aix/SPECS/wazuh-agent-aix.spec b/aix/SPECS/wazuh-agent-aix.spec
@@ -290,9 +290,9 @@ rm -fr %{buildroot}
 %attr(750, root, wazuh) %{_localstatedir}/wodles/*
 
 %changelog
-* Tue Nov 14 2023 support <[email protected]> - 4.7.1
+* Thu Dec 07 2023 support <[email protected]> - 4.7.1
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-7-1.html
-* Wed Nov 08 2023 support <[email protected]> - 4.7.0
+* Tue Nov 21 2023 support <[email protected]> - 4.7.0
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-7-0.html
 * Tue Oct 24 2023 support <[email protected]> - 4.6.0
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-6-0.html

diff --git a/debs/SPECS/wazuh-agent/debian/changelog b/debs/SPECS/wazuh-agent/debian/changelog
@@ -2,20 +2,20 @@ wazuh-agent (4.7.1-RELEASE) stable; urgency=low
 
   * More info: https://documentation.wazuh.com/current/release-notes/release-4-7-1.html
 
- -- Wazuh, Inc <[email protected]>  Tue, 14 Nov 2023 00:00:00 +0000
+ -- Wazuh, Inc <[email protected]>  Thu, 07 Dec 2023 00:00:00 +0000
 
 wazuh-agent (4.7.0-RELEASE) stable; urgency=low
 
   * More info: https://documentation.wazuh.com/current/release-notes/release-4-7-0.html
 
- -- Wazuh, Inc <[email protected]>  Wed, 08 Nov 2023 00:00:00 +0000
+ -- Wazuh, Inc <[email protected]>  Tue, 21 Nov 2023 00:00:00 +0000
 
 wazuh-agent (4.6.0-RELEASE) stable; urgency=low
 
   * More info: https://documentation.wazuh.com/current/release-notes/release-4-6-0.html
 
  -- Wazuh, Inc <[email protected]> Tue, 31 Oct 2023 00:00:00 +0000
- 
+
 wazuh-agent (4.5.4-RELEASE) stable; urgency=low
 
   * More info: https://documentation.wazuh.com/current/release-notes/release-4-5-4.html

diff --git a/debs/SPECS/wazuh-manager/debian/changelog b/debs/SPECS/wazuh-manager/debian/changelog
@@ -2,13 +2,13 @@ wazuh-manager (4.7.1-RELEASE) stable; urgency=low
 
   * More info: https://documentation.wazuh.com/current/release-notes/release-4-7-1.html
 
- -- Wazuh, Inc <[email protected]>  Tue, 14 Nov 2023 00:00:00 +0000
+ -- Wazuh, Inc <[email protected]>  Thu, 07 Dec 2023 00:00:00 +0000
 
 wazuh-manager (4.7.0-RELEASE) stable; urgency=low
 
   * More info: https://documentation.wazuh.com/current/release-notes/release-4-7-0.html
 
- -- Wazuh, Inc <[email protected]>  Wed, 08 Nov 2023 00:00:00 +0000
+ -- Wazuh, Inc <[email protected]>  Tue, 21 Nov 2023 00:00:00 +0000
 
 wazuh-manager (4.6.0-RELEASE) stable; urgency=low
 

diff --git a/macos/generate_wazuh_packages.sh b/macos/generate_wazuh_packages.sh
@@ -1,4 +1,5 @@
 #!/bin/bash
+set -x
 # Program to build and package OSX wazuh-agent
 # Wazuh package generator
 # Copyright (C) 2015, Wazuh Inc.
@@ -31,7 +32,9 @@ KC_PASS=""                            # Password of the keychain.
 NOTARIZE="no"                         # Notarize the package for macOS Catalina.
 DEVELOPER_ID=""                       # Apple Developer ID.
 ALTOOL_PASS=""                        # Temporary Application password for altool.
+TEAM_ID=""                            # Team ID of the Apple Developer ID.
 pkg_name=""
+notarization_path=""
 
 trap ctrl_c INT
 
@@ -54,44 +57,20 @@ function notarize_pkg() {
     sleep_time="120"
     build_timestamp="$(date +"%m%d%Y%H%M%S")"
     if [ "${NOTARIZE}" = "yes" ]; then
-        if sudo xcrun altool --notarize-app --primary-bundle-id "com.wazuh.agent.${VERSION}.${REVISION}.${build_timestamp}" \
-            --username "${DEVELOPER_ID}" --password "${ALTOOL_PASS}" --file ${DESTINATION}/${pkg_name} > request_info.txt ; then
-            echo "The package ${DESTINATION}/${pkg_name} was successfully upload for notarization."
-            echo "Waiting ${sleep_time}s to get the results"
-            sleep ${sleep_time}
-
-            uuid="$(grep -i requestuuid request_info.txt | cut -d' ' -f 3)"
-
-            # Check notarization status
-            xcrun altool --notarization-info ${uuid} -u "${DEVELOPER_ID}" --password "${ALTOOL_PASS}" > request_result.txt
-            until ! grep -qi "in progress" request_result.txt ; do
-                echo "Package is not notarized yet. Waiting ${sleep_time}s"
-                sleep ${sleep_time}
-                xcrun altool --notarization-info ${uuid} -u "${DEVELOPER_ID}" --password "${ALTOOL_PASS}" > request_result.txt
-            done
-
-            echo "Notarization ticket:"
-            cat request_result.txt
-
-            if grep "Status: success" request_result.txt > /dev/null 2>&1 ; then
-                echo "Package is notarized and ready to go."
-                echo "Adding the ticket to the package."
-                if xcrun stapler staple -v ${DESTINATION}/${pkg_name} ; then
-                    echo "Ticket added. Ready to release the package."
-                    return 0
-                else
-                    echo "Something went wrong while adding the package."
-                    clean_and_exit 1
-                fi
+
+        if sudo xcrun notarytool submit ${1} --apple-id "${DEVELOPER_ID}" --team-id "${TEAM_ID}" --password "${ALTOOL_PASS}" --wait ; then
+            echo "Package is notarized and ready to go."
+            echo "Adding the ticket to the package."
+            if xcrun stapler staple -v "${1}" ; then
+                echo "Ticket added. Ready to release the package."
+                mkdir -p "${DESTINATION}" && cp "${1}" "${DESTINATION}/"
+                return 0
             else
-
-                echo "The package couldn't be notarized."
-                echo "Check notarization ticket for more info."
+                echo "Something went wrong while adding the package."
                 clean_and_exit 1
             fi
-
         else
-            echo "Error while uploading the app to be notarized."
+            echo "Error notarizing the package."
             clean_and_exit 1
         fi
     fi
@@ -153,7 +132,6 @@ function build_package() {
         echo "The wazuh agent package for macOS has been successfully built."
         pkg_name="wazuh-agent-${VERSION}-${REVISION}.${ARCH}.pkg"
         sign_pkg
-        notarize_pkg
         if [[ "${CHECKSUM}" == "yes" ]]; then
             mkdir -p ${CHECKSUMDIR}
             cd ${DESTINATION} && shasum -a512 "${pkg_name}" > "${CHECKSUMDIR}/${pkg_name}.sha512"
@@ -186,8 +164,10 @@ function help() {
     echo "    --keychain-password           [Optional] Password of the keychain."
     echo "    --application-certificate     [Optional] Apple Developer ID certificate name to sign Apps and binaries."
     echo "    --installer-certificate       [Optional] Apple Developer ID certificate name to sign pkg."
-    echo "    --notarize                    [Optional] Notarize the package for its distribution on macOS Catalina ."
+    echo "    --notarize                    [Optional] Notarize the package for its distribution on macOS."
+    echo "    --notarize-path <path>        [Optional] Path of the package to be notarized."
     echo "    --developer-id                [Optional] Your Apple Developer ID."
+    echo "    --team-id                     [Optional] Your Apple Team ID."
     echo "    --altool-password             [Optional] Temporary password to use altool from Xcode."
     echo
     exit "$1"
@@ -368,6 +348,14 @@ function main() {
             NOTARIZE="yes"
             shift 1
             ;;
+        "--notarize-path")
+            if [ -n "$2" ]; then
+                notarization_path="$2"
+                shift 2
+            else
+                help 1
+            fi
+            ;;
         "--developer-id")
             if [ -n "$2" ]; then
                 DEVELOPER_ID="$2"
@@ -376,6 +364,14 @@ function main() {
                 help 1
             fi
             ;;
+        "--team-id")
+            if [ -n "$2" ]; then
+                TEAM_ID="$2"
+                shift 2
+            else
+                help 1
+            fi
+            ;;
         "--altool-password")
             if [ -n "$2" ]; then
                 ALTOOL_PASS="$2"
@@ -410,8 +406,20 @@ function main() {
         AGENT_PKG_FILE="${CURRENT_PATH}/package_files/wazuh-agent-${ARCH}.pkgproj"
         build_package
         "${CURRENT_PATH}/uninstall.sh"
-    else
-        echo "The branch has not been specified. No package will be generated."
+    fi
+    if [ "${NOTARIZE}" = "yes" ]; then
+        if [ "${BUILD}" = "yes" ]; then
+            pkg_name="wazuh-agent-${VERSION}-${REVISION}.${ARCH}.pkg"
+            notarization_path="${DESTINATION}/${pkg_name}"
+        fi
+        if [ -z "${notarization_path}" ]; then
+            echo "The path of the package to be notarized has not been specified."
+            help 1
+        fi
+        notarize_pkg "${notarization_path}"
+    fi
+    if [ "${BUILD}" = "no" ] && [ "${NOTARIZE}" = "no" ]; then
+        echo "The branch has not been specified and notarization has not been selected."
         help 1
     fi
 

diff --git a/rpms/SPECS/wazuh-agent.spec b/rpms/SPECS/wazuh-agent.spec
@@ -599,9 +599,9 @@ rm -fr %{buildroot}
 %attr(750, root, wazuh) %{_localstatedir}/wodles/gcloud/*
 
 %changelog
-* Tue Nov 14 2023 support <[email protected]> - 4.7.1
+* Thu Dec 07 2023 support <[email protected]> - 4.7.1
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-7-1.html
-* Wed Nov 08 2023 support <[email protected]> - 4.7.0
+* Tue Nov 21 2023 support <[email protected]> - 4.7.0
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-7-0.html
 * Tue Oct 24 2023 support <[email protected]> - 4.6.0
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-6-0.html

diff --git a/rpms/SPECS/wazuh-manager.spec b/rpms/SPECS/wazuh-manager.spec
@@ -822,9 +822,9 @@ rm -fr %{buildroot}
 %attr(750, root, wazuh) %{_localstatedir}/wodles/gcloud/*
 
 %changelog
-* Tue Nov 14 2023 support <[email protected]> - 4.7.1
+* Thu Dec 07 2023 support <[email protected]> - 4.7.1
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-7-1.html
-* Wed Nov 08 2023 support <[email protected]> - 4.7.0
+* Tue Nov 21 2023 support <[email protected]> - 4.7.0
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-7-0.html
 * Tue Oct 24 2023 support <[email protected]> - 4.6.0
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-6-0.html

diff --git a/solaris/solaris10/pkginfo b/solaris/solaris10/pkginfo
@@ -5,7 +5,7 @@ ARCH="i386"
 CLASSES="none"
 CATEGORY="system"
 VENDOR="Wazuh, Inc <[email protected]>"
-PSTAMP="14Nov2023"
+PSTAMP="07Dec2023"
 EMAIL="[email protected]"
 ISTATES="S s 1 2 3"
 RSTATES="S s 1 2 3"

diff --git a/stack/dashboard/deb/debian/changelog b/stack/dashboard/deb/debian/changelog
@@ -2,13 +2,13 @@ wazuh-dashboard (4.7.1-RELEASE) stable; urgency=low
 
   * More info: https://documentation.wazuh.com/current/release-notes/release-4-7-1.html
 
- -- Wazuh, Inc <[email protected]>  Tue, 14 Nov 2023 00:00:00 +0000
+ -- Wazuh, Inc <[email protected]>  Thu, 07 Dec 2023 00:00:00 +0000
 
 wazuh-dashboard (4.7.0-RELEASE) stable; urgency=low
 
   * More info: https://documentation.wazuh.com/current/release-notes/release-4-7-0.html
 
- -- Wazuh, Inc <[email protected]>  Wed, 08 Nov 2023 00:00:00 +0000
+ -- Wazuh, Inc <[email protected]>  Tue, 21 Nov 2023 00:00:00 +0000
 
 wazuh-dashboard (4.6.0-RELEASE) stable; urgency=low
 

diff --git a/stack/dashboard/rpm/wazuh-dashboard.spec b/stack/dashboard/rpm/wazuh-dashboard.spec
@@ -408,9 +408,9 @@ rm -fr %{buildroot}
 %attr(640, root, root) "/etc/systemd/system/wazuh-dashboard.service"
 
 %changelog
-* Tue Nov 14 2023 support <[email protected]> - 4.7.1
+* Thu Dec 07 2023 support <[email protected]> - 4.7.1
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-7-1.html
-* Wed Nov 08 2023 support <[email protected]> - 4.7.0
+* Tue Nov 21 2023 support <[email protected]> - 4.7.0
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-7-0.html
 * Tue Oct 24 2023 support <[email protected]> - 4.6.0
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-6-0.html

diff --git a/stack/indexer/deb/debian/changelog b/stack/indexer/deb/debian/changelog
@@ -2,13 +2,13 @@ wazuh-indexer (4.7.1-RELEASE) stable; urgency=low
 
   * More info: https://documentation.wazuh.com/current/release-notes/release-4-7-1.html
 
- -- Wazuh, Inc <[email protected]>  Tue, 14 Nov 2023 00:00:00 +0000
+ -- Wazuh, Inc <[email protected]>  Thu, 07 Dec 2023 00:00:00 +0000
 
 wazuh-indexer (4.7.0-RELEASE) stable; urgency=low
 
   * More info: https://documentation.wazuh.com/current/release-notes/release-4-7-0.html
 
- -- Wazuh, Inc <[email protected]>  Wed, 08 Nov 2023 00:00:00 +0000
+ -- Wazuh, Inc <[email protected]>  Tue, 21 Nov 2023 00:00:00 +0000
 
 wazuh-indexer (4.6.0-RELEASE) stable; urgency=low
 

diff --git a/stack/indexer/rpm/wazuh-indexer.spec b/stack/indexer/rpm/wazuh-indexer.spec
@@ -1444,9 +1444,9 @@ rm -fr %{buildroot}
 
 
 %changelog
-* Tue Nov 14 2023 support <[email protected]> - 4.7.1
+* Thu Dec 07 2023 support <[email protected]> - 4.7.1
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-7-1.html
-* Wed Nov 08 2023 support <[email protected]> - 4.7.0
+* Tue Nov 21 2023 support <[email protected]> - 4.7.0
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-7-0.html
 * Tue Oct 24 2023 support <[email protected]> - 4.6.0
 - More info: https://documentation.wazuh.com/current/release-notes/release-4-6-0.html

diff --git a/unattended_installer/install_functions/checks.sh b/unattended_installer/install_functions/checks.sh
@@ -330,6 +330,8 @@ function checks_ports() {
     used_port=0
     ports=("$@")
 
+    checks_firewall "${ports[@]}"
+
     if command -v lsof > /dev/null; then
         port_command="lsof -sTCP:LISTEN  -i:"
     else
@@ -376,3 +378,57 @@ function checks_available_port() {
         done
     fi
 }
+
+function checks_firewall(){
+    ports_list=("$@")
+    f_ports=""
+    f_message="The system has firewall enabled. Please ensure that traffic is allowed on "
+    firewalld_installed=0
+    ufw_installed=0
+
+
+    # Record of the ports that must be exposed according to the installation
+    if [ -n "${AIO}" ]; then
+        f_message+="these ports: 1515, 1514, ${http_port}"
+    elif [ -n "${dashboard}" ]; then
+        f_message+="this port: ${http_port}"
+    else
+        f_message+="these ports:"
+        for port in "${ports_list[@]}"; do
+            f_message+=" ${port},"
+        done
+
+        # Deletes last comma
+        f_message="${f_message%,}"
+    fi
+
+    # Check if the firewall is installed
+    if [ "${sys_type}" == "yum" ]; then
+        if yum list installed 2>/dev/null | grep -q -E ^"firewalld"\\.;then
+            firewalld_installed=1
+        fi
+        if yum list installed 2>/dev/null | grep -q -E ^"ufw"\\.;then
+            ufw_installed=1
+        fi
+    elif [ "${sys_type}" == "apt-get" ]; then
+        if apt list --installed 2>/dev/null | grep -q -E ^"firewalld"\/; then
+            firewalld_installed=1
+        fi
+        if apt list --installed 2>/dev/null | grep -q -E ^"ufw"\/; then
+            ufw_installed=1
+        fi
+    fi
+
+    # Check if the firewall is running
+    if [ "${firewalld_installed}" == "1" ]; then
+        if firewall-cmd --state 2>/dev/null | grep -q -w "running"; then
+            common_logger -w "${f_message/firewall/Firewalld}."
+        fi
+    fi
+    if [ "${ufw_installed}" == "1" ]; then
+        if ufw status 2>/dev/null | grep -q -w "active"; then
+            common_logger -w "${f_message/firewall/UFW}."
+        fi
+    fi
+
+}
diff --git a/wazuhapp/kibana/Docker/build.sh b/wazuhapp/kibana/Docker/build.sh
@@ -16,8 +16,8 @@ checksum_dir="/var/local/checksum"
 git_clone_tmp_dir="/tmp/wazuh-app"
 
 # Repositories URLs
-wazuh_app_clone_repo_url="https://github.com/wazuh/wazuh-kibana-app.git"
-wazuh_app_raw_repo_url="https://raw.githubusercontent.com/wazuh/wazuh-kibana-app"
+wazuh_app_clone_repo_url="https://github.com/wazuh/wazuh-dashboard-plugins.git"
+wazuh_app_raw_repo_url="https://raw.githubusercontent.com/wazuh/wazuh-dashboard-plugins"
 kibana_app_repo_url="https://github.com/elastic/kibana.git"
 kibana_app_raw_repo_url="https://raw.githubusercontent.com/elastic/kibana"
 wazuh_app_package_json_url="${wazuh_app_raw_repo_url}/${wazuh_branch}/plugins/main/package.json"
@@ -47,7 +47,7 @@ change_node_version () {
 
 
 prepare_env() {
-    echo "Downloading package.json from wazuh-kibana app repository"
+    echo "Downloading package.json from wazuh-dashboard-plugins repository"
     if ! curl $wazuh_app_package_json_url -o "/tmp/package.json" ; then
         echo "Error downloading package.json from GitHub."
         exit 1
@@ -105,7 +105,7 @@ install_dependencies () {
 
 download_wazuh_app_sources() {
     if ! git clone $wazuh_app_clone_repo_url --branch ${wazuh_branch} --depth=1 ${git_clone_tmp_dir} ; then
-        echo "Error downloading the source code from wazuh-kibana-app GitHub repository."
+        echo "Error downloading the source code from wazuh-dashboard-plugins GitHub repository."
         exit 1
     fi