Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Wazuh dashboard 4.9.0 fails in AL2 #223

Closed
davidcr01 opened this issue Jun 27, 2024 · 3 comments · Fixed by #226
Closed

[BUG] Wazuh dashboard 4.9.0 fails in AL2 #223

davidcr01 opened this issue Jun 27, 2024 · 3 comments · Fixed by #226
Assignees
@lucianogorza
Labels
level/task Task issue type/bug Bug issue

Comments

@davidcr01
Copy link

davidcr01 commented Jun 27, 2024
edited
Loading

Describe the bug

Installing the Wazuh dashboard 4.9.0 (alpha1, pre-release) the service fails after some seconds being up.

[root@ip-172-31-33-210 ~]# systemctl status wazuh-dashboard
● wazuh-dashboard.service - wazuh-dashboard
   Loaded: loaded (/etc/systemd/system/wazuh-dashboard.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2024-06-27 09:50:21 UTC; 15s ago
 Main PID: 20908 (node)
   CGroup: /system.slice/wazuh-dashboard.service
           └─20908 /usr/share/wazuh-dashboard/node/fallback/bin/node /usr/share/wazuh-dashboard/src/cli/dist -c /e...

Jun 27 09:50:21 ip-172-31-33-210.ec2.internal systemd[1]: Started wazuh-dashboard.

[root@ip-172-31-33-210 ~]# systemctl status wazuh-dashboard
● wazuh-dashboard.service - wazuh-dashboard
   Loaded: loaded (/etc/systemd/system/wazuh-dashboard.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Thu 2024-06-27 09:50:36 UTC; 753ms ago
  Process: 20908 ExecStart=/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/opensearch_dashboards.yml (code=exited, status=1/FAILURE)
 Main PID: 20908 (code=exited, status=1/FAILURE)

Jun 27 09:50:21 ip-172-31-33-210.ec2.internal systemd[1]: Started wazuh-dashboard.
Jun 27 09:50:36 ip-172-31-33-210.ec2.internal systemd[1]: wazuh-dashboard.service: main process exited, code=ex...URE
Jun 27 09:50:36 ip-172-31-33-210.ec2.internal systemd[1]: Unit wazuh-dashboard.service entered failed state.
Jun 27 09:50:36 ip-172-31-33-210.ec2.internal systemd[1]: wazuh-dashboard.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
[root@ip-172-31-33-210 ~]# 
[root@ip-172-31-33-210 ~]# journalctl -u wazuh-dashboard
-- Logs begin at Thu 2024-06-27 09:12:16 UTC, end at Thu 2024-06-27 10:00:55 UTC. --
Jun 27 09:18:39 ip-172-31-33-210.ec2.internal systemd[1]: Started wazuh-dashboard.
Jun 27 09:18:44 ip-172-31-33-210.ec2.internal systemd[1]: wazuh-dashboard.service: main process exited, code=exited, 
Jun 27 09:18:44 ip-172-31-33-210.ec2.internal systemd[1]: Unit wazuh-dashboard.service entered failed state.
Jun 27 09:18:44 ip-172-31-33-210.ec2.internal systemd[1]: wazuh-dashboard.service failed.
Jun 27 09:19:06 ip-172-31-33-210.ec2.internal systemd[1]: Started wazuh-dashboard.
Jun 27 09:19:12 ip-172-31-33-210.ec2.internal systemd[1]: wazuh-dashboard.service: main process exited, code=exited, 
Jun 27 09:19:12 ip-172-31-33-210.ec2.internal systemd[1]: Unit wazuh-dashboard.service entered failed state.
Jun 27 09:19:12 ip-172-31-33-210.ec2.internal systemd[1]: wazuh-dashboard.service failed.
Jun 27 09:22:51 ip-172-31-33-210.ec2.internal systemd[1]: Started wazuh-dashboard.
Jun 27 09:23:00 ip-172-31-33-210.ec2.internal systemd[1]: wazuh-dashboard.service: main process exited, code=exited, 
Jun 27 09:23:00 ip-172-31-33-210.ec2.internal systemd[1]: Unit wazuh-dashboard.service entered failed state.
Jun 27 09:23:00 ip-172-31-33-210.ec2.internal systemd[1]: wazuh-dashboard.service failed.
Jun 27 09:50:21 ip-172-31-33-210.ec2.internal systemd[1]: Started wazuh-dashboard.
Jun 27 09:50:36 ip-172-31-33-210.ec2.internal systemd[1]: wazuh-dashboard.service: main process exited, code=exited, 
Jun 27 09:50:36 ip-172-31-33-210.ec2.internal systemd[1]: Unit wazuh-dashboard.service entered failed state.
Jun 27 09:50:36 ip-172-31-33-210.ec2.internal systemd[1]: wazuh-dashboard.service failed.
lines 1-17/17 (END)

To Reproduce
Steps to reproduce the behavior:

On a AmazonLinux 2 machine:

  1. Generate the certificates (specify 127.0.0.1) as the IP address: https://documentation-dev.wazuh.com/v4.9.0-alpha1/installation-guide/wazuh-indexer/step-by-step.html#certificates-creation
  2. Installs the Wazuh dashboard using the step-by-step installation. Make sure you replace the repository to packages-dev.wazuh.com/pre-release
  3. Wait around 10 seconds. Check the Wazuh dashboard status with systemctl status wazuh-dashboard

Expected behavior
The Wazuh dashboard service should be running.

Dashboards Version
4.9.0-alpha1.

Host/Environment (please complete the following information):

  • OS: Amazon Linux 2

Note

This behavior was not reproduced in the CentOS 8 and Amazon Linux 2023 systems.

Additional context

Note

I also installed the rest of Wazuh central components before the Wazuh dashboard.
@rauldpm rauldpm added type/bug Bug issue level/task Task issue labels Jun 27, 2024
@rauldpm
Copy link
Member

rauldpm commented Jun 27, 2024
edited
Loading

Note: This may not be related to the error reported by @davidcr01

Vagrant box: bento/amazonlinux-2

Following the issue steps, I got a permission error when using the 443 port

Jun 27 13:17:31 amazonlinux2 opensearch-dashboards[9820]: {"type":"log","@timestamp":"2024-06-27T13:17:31Z","tags":["fatal","root"],"pid":9820,"message":"Error: listen EACCES: permission denied 0.0.0.0:443\n
at Server.setupListenHandle [as _listen2] (net.js:1314:21)\n    at listenInCluster (net.js:1379:12)\n    at doListen (net.js:1516:7)\n    at processTicksAndRejections (internal/process/task_queues.js:83:21) {\n
 code: 'EACCES',\n  errno: -13,\n  syscall: 'listen',\n  address: '0.0.0.0',\n  port: 443\n}"}
Jun 27 13:17:32 amazonlinux2 opensearch-dashboards[9820]: FATAL  Error: listen EACCES: permission denied 0.0.0.0:443

I followed the Step-by-Step guide, this is the Wazuh dashboard YAML configuration:

[root@amazonlinux2 vagrant]# cat /etc/wazuh-dashboard/opensearch_dashboards.yml 
server.host: 0.0.0.0
server.port: 443
opensearch.hosts: https://127.0.0.1:9200
opensearch.ssl.verificationMode: certificate
opensearch.requestHeadersAllowlist: ["securitytenant","Authorization"]
opensearch_security.multitenancy.enabled: false
opensearch_security.readonly_mode.roles: ["kibana_read_only"]
server.ssl.enabled: true
server.ssl.key: "/etc/wazuh-dashboard/certs/dashboard-key.pem"
server.ssl.certificate: "/etc/wazuh-dashboard/certs/dashboard.pem"
opensearch.ssl.certificateAuthorities: ["/etc/wazuh-dashboard/certs/root-ca.pem"]
uiSettings.overrides.defaultRoute: /app/wz-home

opensearchDashboards.branding:
  useExpandedHeader: false

After applying the following commands the Wazuh dashboard started as expected and the WUI was accessible

# setcap 'cap_net_bind_service=+ep' /usr/share/wazuh-dashboard/node/bin/node
# setcap 'cap_net_bind_service=+ep' /usr/share/wazuh-dashboard/node/fallback/bin/node

Related:

Apparently, the Wazuh dashboard is missing a setcap command to the fallback node

@rauldpm rauldpm mentioned this issue Jun 27, 2024
Closed
1 task
@davidcr01
Copy link
Author

Update Report

After running the following commands, the Wazuh dashboard service does not fail:

setcap 'cap_net_bind_service=+ep' /usr/share/wazuh-dashboard/node/bin/node
setcap 'cap_net_bind_service=+ep' /usr/share/wazuh-dashboard/node/fallback/bin/node

@lucianogorza lucianogorza self-assigned this Jun 27, 2024
@lucianogorza
Copy link
Member

Add fallback support in the repository in files:

  • dev-tools/build-packages/deb/debian/postinst
  • dev-tools/build-packages/rpm/wazuh-dashboard.spec

@lucianogorza lucianogorza mentioned this issue Jun 27, 2024
Merged
7 tasks
@lucianogorza lucianogorza linked a pull request Jun 27, 2024 that will close this issue
Add setcap for node fallback #226
Merged
7 tasks
@Tostti Tostti closed this as completed Jul 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lucianogorza lucianogorza

Labels
level/task Task issue type/bug Bug issue
Projects
Release 4.9.0
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add setcap for node fallback wazuh/wazuh-dashboard
4 participants
@rauldpm @Tostti @davidcr01 @lucianogorza