Merge tag 'tags/v4.6.0' into merge-4.6.0

CHANGELOG.md

@@ -7,12 +7,60 @@ All notable changes to this project will be documented in this file.
 
 - Support to 4.6.0 Wazuh release.
 
+## Wazuh Puppet v4.5.4
+
+### Added
+
+- Support to 4.5.4 Wazuh release.
+
+## Wazuh Puppet v4.5.3
+
+### Added
+
+- Support to 4.5.3 Wazuh release.
+
+## Wazuh Puppet v4.5.2
+
+### Added
+
+- Support to 4.5.2 Wazuh release.
+
+## Wazuh Puppet v4.5.1
+
+### Added
+
+- Support to 4.5.1 Wazuh release.
+
 ## Wazuh Puppet v4.5.0
 
 ### Added
 
 - Support to 4.5.0 Wazuh release.
 
+## Wazuh Puppet v4.4.5
+
+### Added
+
+- Support to 4.4.5 Wazuh release.
+
+## Wazuh Puppet v4.4.4
+
+### Added
+
+- Support to 4.4.4 Wazuh release.
+
+## Wazuh Puppet v4.4.3
+
+### Added
+
+- Support to 4.4.3 Wazuh release.
+
+## Wazuh Puppet v4.4.2
+
+### Added
+
+- Support to 4.4.2 Wazuh release.
+
 ## Wazuh Puppet v4.4.1
 
 ### Added

VERSION

@@ -1,3 +1,3 @@
 WAZUH-PUPPET_VERSION="v4.6.0"
-REVISION="40600"
+REVISION="40603"
 VERSION=4.6.0

manifests/activeresponse.pp

@@ -17,9 +17,6 @@
   $before_arg                         = undef,
   $content_arg                        = 'wazuh/fragments/_activeresponse.erb'
 ) {
-
-  require wazuh::params_manager
-
   concat::fragment { $active_response_name:
     target  => $target_arg,
     order   => $order_arg,

manifests/agent.pp

@@ -340,7 +340,7 @@
         }
       }'Amazon':{
         $apply_template_os = 'amazon'
-      }'CentOS','Centos','centos','AlmaLinux':{
+      }'CentOS','Centos','centos','AlmaLinux','Rocky':{
         $apply_template_os = 'centos'
       }
       default: { fail('OS not supported') }
@@ -575,8 +575,9 @@
           ${agent_auth_option_manager}  ${agent_auth_option_agent} ${agent_auth_option_password} ${agent_auth_option_address}"
 
         exec { 'agent-auth-linux':
+          path    => ['/usr/bin', '/bin', '/usr/sbin', '/sbin'],
           command => $agent_auth_command,
-          unless  => "/bin/egrep -q '.' ${::wazuh::params_agent::keys_file}",
+          unless  => "egrep -q '.' ${::wazuh::params_agent::keys_file}",
           require => Concat['agent_ossec.conf'],
           before  => Service[$agent_service_name],
           notify  => Service[$agent_service_name],

manifests/dashboard.pp

@@ -113,7 +113,7 @@
   }
 
   unless $use_keystore {
-    file { '/usr/share/wazuh-dashboard/config/opensearch_dashboards.keystore':
+    file { '/etc/wazuh-dashboard/opensearch_dashboards.keystore':
       ensure  => absent,
       require => Package['wazuh-dashboard'],
       before  => Service['wazuh-dashboard'],

manifests/filebeat_oss.pp

@@ -12,7 +12,7 @@
   $filebeat_oss_elastic_password = 'admin',
   $filebeat_oss_version = '7.10.2',
   $wazuh_app_version = '4.6.0_7.10.2',
-  $wazuh_extensions_version = '4.6',
+  $wazuh_extensions_version = 'v4.6.0',
   $wazuh_filebeat_module = 'wazuh-filebeat-0.2.tar.gz',
 
   $filebeat_fileuser = 'root',
@@ -46,10 +46,12 @@
   #  Needed since GitHub can only ETAG and result in changes of the mtime everytime.
   # TODO: Include file into the wazuh/wazuh-puppet project or use file { checksum => '..' } for this instead of the exec construct.
   exec { 'cleanup /etc/filebeat/wazuh-template.json':
-    command => '/bin/rm -f /etc/filebeat/wazuh-template.json',
-    onlyif  => '/bin/test -f /etc/filebeat/wazuh-template.json',
-    unless  => "/bin/curl -s 'https://raw.githubusercontent.com/wazuh/wazuh/${wazuh_extensions_version}/extensions/elasticsearch/7.x/wazuh-template.json' | /bin/cmp -s '/etc/filebeat/wazuh-template.json'",
+    path    => ['/usr/bin', '/bin', '/usr/sbin', '/sbin'],
+    command => 'rm -f /etc/filebeat/wazuh-template.json',
+    onlyif  => 'test -f /etc/filebeat/wazuh-template.json',
+    unless  => "curl -s 'https://raw.githubusercontent.com/wazuh/wazuh/${wazuh_extensions_version}/extensions/elasticsearch/7.x/wazuh-template.json' | cmp -s '/etc/filebeat/wazuh-template.json'",
   }
+
   -> file { '/etc/filebeat/wazuh-template.json':
     owner   => 'root',
     group   => 'root',

manifests/indexer.pp

@@ -145,7 +145,7 @@
   }
 
   exec { 'Initialize the Opensearch security index in Wazuh indexer':
-    path    => ['/usr/bin', '/bin', '/usr/sbin'],
+    path    => ['/usr/bin', '/bin', '/usr/sbin', '/sbin'],
     command => "/usr/share/wazuh-indexer/bin/indexer-security-init.sh && touch ${indexer_security_init_lockfile}",
     creates => $indexer_security_init_lockfile,
     require => Service['wazuh-indexer'],

manifests/manager.pp

@@ -177,13 +177,11 @@
       $vulnerability_detector_provider_redhat                    = $wazuh::params_manager::vulnerability_detector_provider_redhat,
       $vulnerability_detector_provider_redhat_enabled            = $wazuh::params_manager::vulnerability_detector_provider_redhat_enabled,
       $vulnerability_detector_provider_redhat_os                 = $wazuh::params_manager::vulnerability_detector_provider_redhat_os,
-      $vulnerability_detector_provider_redhat_update_from_year   = $wazuh::params_manager::vulnerability_detector_provider_redhat_update_from_year,
       $vulnerability_detector_provider_redhat_update_interval    = $wazuh::params_manager::vulnerability_detector_provider_redhat_update_interval,
 
       $vulnerability_detector_provider_nvd                       = $wazuh::params_manager::vulnerability_detector_provider_nvd,
       $vulnerability_detector_provider_nvd_enabled               = $wazuh::params_manager::vulnerability_detector_provider_nvd_enabled,
       $vulnerability_detector_provider_nvd_os                    = $wazuh::params_manager::vulnerability_detector_provider_nvd_os,
-      $vulnerability_detector_provider_nvd_update_from_year      = $wazuh::params_manager::vulnerability_detector_provider_nvd_update_from_year,
       $vulnerability_detector_provider_nvd_update_interval       = $wazuh::params_manager::vulnerability_detector_provider_nvd_update_interval,
       #lint:endignore
 
@@ -193,13 +191,22 @@
 
       $vulnerability_detector_provider_alas                   = $wazuh::params_manager::vulnerability_detector_provider_alas,
       $vulnerability_detector_provider_alas_enabled           = $wazuh::params_manager::vulnerability_detector_provider_alas_enabled,
-      $vulnerability_detector_provider_alas_os              = $wazuh::params_manager::vulnerability_detector_provider_alas_os,
+      $vulnerability_detector_provider_alas_os                = $wazuh::params_manager::vulnerability_detector_provider_alas_os,
       $vulnerability_detector_provider_alas_update_interval   = $wazuh::params_manager::vulnerability_detector_provider_alas_update_interval,
 
+      $vulnerability_detector_provider_suse                   = $wazuh::params_manager::vulnerability_detector_provider_suse,
+      $vulnerability_detector_provider_suse_enabled           = $wazuh::params_manager::vulnerability_detector_provider_suse_enabled,
+      $vulnerability_detector_provider_suse_os                = $wazuh::params_manager::vulnerability_detector_provider_suse_os,
+      $vulnerability_detector_provider_suse_update_interval   = $wazuh::params_manager::vulnerability_detector_provider_suse_update_interval,
+
       $vulnerability_detector_provider_msu                   = $wazuh::params_manager::vulnerability_detector_provider_msu,
       $vulnerability_detector_provider_msu_enabled           = $wazuh::params_manager::vulnerability_detector_provider_msu_enabled,
       $vulnerability_detector_provider_msu_update_interval   = $wazuh::params_manager::vulnerability_detector_provider_msu_update_interval,
 
+      $vulnerability_detector_provider_almalinux                    = $wazuh::params_manager::vulnerability_detector_provider_almalinux,
+      $vulnerability_detector_provider_almalinux_enabled            = $wazuh::params_manager::vulnerability_detector_provider_almalinux_enabled,
+      $vulnerability_detector_provider_almalinux_os                 = $wazuh::params_manager::vulnerability_detector_provider_almalinux_os,
+      $vulnerability_detector_provider_almalinux_update_interval    = $wazuh::params_manager::vulnerability_detector_provider_almalinux_update_interval,
 
       # syslog
       $syslog_output                        = $wazuh::params_manager::syslog_output,

manifests/params_agent.pp

@@ -335,7 +335,7 @@
                 }
               }
             }
-            /^(wheezy|stretch|buster|bullseye|sid|precise|trusty|vivid|wily|xenial|bionic|focal|groovy|jammy)$/: {
+            /^(wheezy|stretch|buster|bullseye|bookworm|sid|precise|trusty|vivid|wily|xenial|bionic|focal|groovy|jammy)$/: {
               $server_service = 'wazuh-manager'
               $server_package = 'wazuh-manager'
               $wodle_openscap_content = undef
@@ -463,6 +463,11 @@
                 $ossec_service_provider = 'redhat'
               }
             }
+            'Rocky': {
+              if ( $::operatingsystemrelease =~ /^8.*/ ) {
+                $ossec_service_provider = 'redhat'
+              }
+            }
             default: { fail('This ossec module has not been tested on your distribution') }
           }
         }

manifests/params_manager.pp

@@ -170,30 +170,28 @@
       $vulnerability_detector_provider_canonical_enabled         = 'no'
       $vulnerability_detector_provider_canonical_os              = ['trusty',
         'xenial',
-        'bionic'
+        'bionic',
+        'focal',
+        'jammy'
       ]
       $vulnerability_detector_provider_canonical_update_interval = '1h'
 
 
       $vulnerability_detector_provider_debian                 = 'yes'
       $vulnerability_detector_provider_debian_enabled         = 'no'
-      $vulnerability_detector_provider_debian_os              = ['wheezy',
-        'stretch',
-        'jessie',
-        'buster'
+      $vulnerability_detector_provider_debian_os              = ['buster',
+        'bullseye'
       ]
       $vulnerability_detector_provider_debian_update_interval = '1h'
       $vulnerability_detector_provider_redhat                    = 'yes'
       $vulnerability_detector_provider_redhat_enabled            = 'no'
-      $vulnerability_detector_provider_redhat_os                 = ['5','6','7','8']
-      $vulnerability_detector_provider_redhat_update_from_year   = '2010'
+      $vulnerability_detector_provider_redhat_os                 = ['5','6','7','8','9']
       $vulnerability_detector_provider_redhat_update_interval    = '1h'      # syslog
 
 
       $vulnerability_detector_provider_nvd                    = 'yes'
       $vulnerability_detector_provider_nvd_enabled            = 'no'
       $vulnerability_detector_provider_nvd_os                 = []
-      $vulnerability_detector_provider_nvd_update_from_year   = '2010'
       $vulnerability_detector_provider_nvd_update_interval    = '1h'
 
       $vulnerability_detector_provider_arch                   = 'yes'
@@ -207,10 +205,28 @@
       ]
       $vulnerability_detector_provider_alas_update_interval   = '1h'
 
+      $vulnerability_detector_provider_suse                   = 'yes'
+      $vulnerability_detector_provider_suse_enabled           = 'no'
+      $vulnerability_detector_provider_suse_os              = ['11-server',
+        '11-desktop',
+        '12-server',
+        '12-desktop',
+        '15-server',
+        '15-desktop'
+      ]
+      $vulnerability_detector_provider_suse_update_interval   = '1h'
+
       $vulnerability_detector_provider_msu                   = 'yes'
       $vulnerability_detector_provider_msu_enabled           = 'no'
       $vulnerability_detector_provider_msu_update_interval   = '1h'
 
+      $vulnerability_detector_provider_almalinux                 = 'yes'
+      $vulnerability_detector_provider_almalinux_enabled         = 'no'
+      $vulnerability_detector_provider_almalinux_os              = ['8',
+        '9'
+      ]
+      $vulnerability_detector_provider_almalinux_update_interval = '1h'
+
       $syslog_output                                   = false
       $syslog_output_level                             = 2
       $syslog_output_port                              = 514
@@ -444,7 +460,7 @@
                 }
               }
             }
-            /^(wheezy|stretch|buster|bullseye|sid|precise|trusty|vivid|wily|xenial|bionic|focal|groovy|jammy)$/: {
+            /^(wheezy|stretch|buster|bullseye|bookworm|sid|precise|trusty|vivid|wily|xenial|bionic|focal|groovy|jammy)$/: {
               $server_service = 'wazuh-manager'
               $server_package = 'wazuh-manager'
               $wodle_openscap_content = undef

manifests/repo.pp

@@ -16,7 +16,7 @@
         server => 'pgp.mit.edu'
       }
       case $::lsbdistcodename {
-        /(jessie|wheezy|stretch|buster|bullseye|sid|precise|trusty|vivid|wily|xenial|yakketi|bionic|focal|groovy|jammy)/: {
+        /(jessie|wheezy|stretch|buster|bullseye|bookworm|sid|precise|trusty|vivid|wily|xenial|yakketi|bionic|focal|groovy|jammy)/: {
 
           apt::source { 'wazuh':
             ensure   => present,
@@ -35,7 +35,7 @@
     }
     'Linux', 'RedHat' : {
         case $::os[name] {
-          /^(CentOS|RedHat|OracleLinux|Fedora|Amazon|AlmaLinux)$/: {
+          /^(CentOS|RedHat|OracleLinux|Fedora|Amazon|AlmaLinux|Rocky)$/: {
             if ( $::operatingsystemrelease =~ /^5.*/ ) {
               $baseurl  = 'https://packages.wazuh.com/4.x/yum/5/'
               $gpgkey   = 'http://packages.wazuh.com/key/GPG-KEY-WAZUH'

templates/fragments/_vulnerability_detector.erb

@@ -29,7 +29,6 @@
 <% if @vulnerability_detector_provider_redhat %>
   <provider name="redhat">
     <% if @vulnerability_detector_provider_redhat_enabled %><enabled><%= @vulnerability_detector_provider_redhat_enabled %></enabled><% end %>
-    <% if @vulnerability_detector_provider_redhat_update_from_year %><update_from_year><%= @vulnerability_detector_provider_redhat_update_from_year %></update_from_year><% end %>
     <% if @vulnerability_detector_provider_redhat_update_interval %><update_interval><%= @vulnerability_detector_provider_redhat_update_interval %></update_interval><% end %>
     <% if !@vulnerability_detector_provider_redhat_os.empty? %>
     <% @vulnerability_detector_provider_redhat_os.each do |os| %>
@@ -41,9 +40,8 @@
 <% if @vulnerability_detector_provider_nvd %>
   <provider name="nvd">
     <% if @vulnerability_detector_provider_nvd_enabled %><enabled><%= @vulnerability_detector_provider_nvd_enabled %></enabled><% end %>
-    <% if @vulnerability_detector_provider_nvd_update_from_year %><update_from_year><%= @vulnerability_detector_provider_nvd_update_from_year %></update_from_year><% end %>
     <% if @vulnerability_detector_provider_nvd_update_interval %><update_interval><%= @vulnerability_detector_provider_nvd_update_interval %></update_interval><% end %>
-  </provider>   
+  </provider>
 <% end %>
 <% if @vulnerability_detector_provider_arch %>
   <provider name="arch">
@@ -62,11 +60,32 @@
     <% end %>
     </provider>
 <% end %>
+<% if @vulnerability_detector_provider_suse %>
+  <provider name="suse">
+    <% if @vulnerability_detector_provider_suse_enabled %><enabled><%= @vulnerability_detector_provider_suse_enabled %></enabled><% end %>
+    <% if @vulnerability_detector_provider_suse_update_interval %><update_interval><%= @vulnerability_detector_provider_suse_update_interval %></update_interval><% end %>
+    <% if !@vulnerability_detector_provider_suse_os.empty? %>
+    <% @vulnerability_detector_provider_suse_os.each do |os| %>
+    <os><%= os %></os>
+    <% end %>
+    <% end %>
+    </provider>
+<% end %>
 <% if @vulnerability_detector_provider_msu %>
   <provider name="msu">
     <% if @vulnerability_detector_provider_msu_enabled %><enabled><%= @vulnerability_detector_provider_msu_enabled %></enabled><% end %>
     <% if @vulnerability_detector_provider_msu_update_interval %><update_interval><%= @vulnerability_detector_provider_msu_update_interval %></update_interval><% end %>
   </provider>
 <% end %>
+<% if @vulnerability_detector_provider_almalinux %>
+  <provider name="almalinux">
+    <% if @vulnerability_detector_provider_almalinux_enabled %><enabled><%= @vulnerability_detector_provider_almalinux_enabled %></enabled><% end %>
+    <% if !@vulnerability_detector_provider_almalinux_os.empty? %>
+    <% @vulnerability_detector_provider_almalinux_os.each do |os| %>
+    <os><%= os %></os>
+    <% end %>
+    <% end %>
+    <% if @vulnerability_detector_provider_almalinux_update_interval %><update_interval><%= @vulnerability_detector_provider_almalinux_update_interval %></update_interval><% end %>
+  </provider>
+<% end %>
 </vulnerability-detector>
-