-
Notifications
You must be signed in to change notification settings - Fork 133
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix for Puppet installation on Amazon Linux OS #197
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please have a look at requested changes
manifests/agent.pp
Outdated
} | ||
default: { fail('This ossec module has not been tested on your distribution') } | ||
case $::operatingsystem{ | ||
'Redhat', 'redhat', 'OracleLinux':{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please check if redhat
does actually exist in Puppet as a possible::operatingsystem
. I suspect it may not be neccessary anymore. If doesn't exist please remove it in the Manager also
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @jm404 !
After starting a RHEL7 virtual machine and install Puppet on it, when checking Puppet facts we get:
[root@rhel ~]# puppet facts find operatingsystem
{"name":"operatingsystem","values":{" ...
"dhcp_servers":"{
\"system\"eratingsystem":"RedHat",
"os":"{\"name\"=>\"RedHat\",
\"family\"=>\"RedHat\",
\"release\"=>{\"major\"=>\"7\", ....
Corporation","boardproductname":"VirtualBox","boardserialnumbe[root@rhel ~]#
As you can see the operating system is called RedHat, so the case check would not match it:
case $::operatingsystem{
'Redhat', 'redhat', 'OracleLinux':{
kr,
Rshad
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The puppet facts
output seems to be truncated and bad formatted. Please paste the ::operatingsystem
section without truncating it.
I assume that "dhcp_servers":"{ \"system\"eratingsystem":"RedHat",
refers to the operating system, which in that case, would be RedHat
.
So in our manifests we have:
case $::operatingsystem{
'Redhat', 'redhat', 'OracleLinux':{
So, neither Redhat
nor redhat
will match it, please review it and test the installation on a RedHat host after fixing it.
Best regards,
Jose
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @jm404 !
After the changes made in cfed5f3, I tested the instsallation of a wazuh-manager and a wazuh-agent in RHEL operating system and both installations were done successfully.
My test Operating System characteristics:
[root@rhel ~]# cat /etc/os-release
NAME="Red Hat Enterprise Linux Server"
VERSION="7.7 (Maipo)"
ID="rhel"
ID_LIKE="fedora"
VARIANT="Server"
VARIANT_ID="server"
VERSION_ID="7.7"
PRETTY_NAME="Red Hat Enterprise Linux Server 7.7 (Maipo)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:7.7:GA:server"
HOME_URL="https://www.redhat.com/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 7"
REDHAT_BUGZILLA_PRODUCT_VERSION=7.7
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="7.7"
[root@rhel ~]#
Puppet Facts (puppet 6.11.1)
{
architecture => "x86_64",
family => "RedHat",
hardware => "x86_64",
name => "RedHat",
release => {
full => "7.7",
major => "7",
minor => "7"
},
selinux => {
config_mode => "enforcing",
config_policy => "targeted",
current_mode => "enforcing",
enabled => true,
enforced => true,
policy_version => "31"
}
}
Kr,
Rshad
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please have a look at requested changes.
manifests/agent.pp
Outdated
$apply_template_os = 'centos' | ||
} | ||
default: { fail('This ossec module has not been tested on your distribution') } | ||
case $::operatingsystem{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I prefer the case $::kernel {
block, we use it multiple times in the file instead of just filtering by operatingssystem
which raises few questions like:
- All Windows do have the same
operatingsystem
? (Windows server, Windows 10, etc...) - Is
windows
and notWindows
the proper operatingsystem?
Please review best practices and or other common manifests examples and let me know your conclusions and required changes.
Thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @jm404
I agree with you; Dealing with Windows case by only checking the operating system could produce errors.
To solve such an issue, I added a higher layer of a conditional statement check, which checks the Kernel first, if It's Linux, then it proceeds to run the operating system case condition. If it's Windows then it's directly select the corresponding config.
Find the changes in b1a706f.
Kr,
Rshad
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Hi all!
This PR resolves #168
Kr,
Rshad