Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability Detection E2E: Replace macOS vulnerable packages by npm #5074

Closed
4 tasks done
Tracked by #5183
Rebits opened this issue Mar 5, 2024 · 2 comments
Closed
4 tasks done
Tracked by #5183

Vulnerability Detection E2E: Replace macOS vulnerable packages by npm #5074

Rebits opened this issue Mar 5, 2024 · 2 comments
Assignees
@santipadilla
Labels
level/epic type/bug

Comments

@Rebits
Copy link
Member

Rebits commented Mar 5, 2024
edited by santipadilla
Loading

Description

As outlined in Syscollector unable to gather installed pkg packages on macOS Sonoma, including Homebrew-installed packages, syscollector on macOS fails to correctly detect brew and pkg packages. This directly impacts the end-to-end (E2E) testing of vulnerability detection, rendering validation of the module refactor introduced in version 4.8.0 for macOS endpoints impossible.

To address this issue, it is proposed to replace the current pkg packages used in E2E tests for macOS with npm packages.

Tasks to perform

To accomplish this, the following steps are required:

Validation
@Rebits Rebits assigned Rebits and unassigned Rebits Mar 7, 2024
@vikman90 vikman90 removed this from Release 4.9.0 Mar 7, 2024
@wazuhci wazuhci moved this to Backlog in Release 4.8.0 Mar 7, 2024
@santipadilla santipadilla self-assigned this Mar 11, 2024
@wazuhci wazuhci moved this from Backlog to In progress in Release 4.8.0 Mar 11, 2024
@santipadilla
Copy link
Member

santipadilla commented Mar 11, 2024
edited
Loading

We have used the following environment:

Manager

System information
root@ip-172-31-13-160:/home/qa# cat /etc/*release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=22.04
DISTRIB_CODENAME=jammy
DISTRIB_DESCRIPTION="Ubuntu 22.04 LTS"
PRETTY_NAME="Ubuntu 22.04 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy
Manager version
root@ip-172-31-0-139:/home/qa# /var/ossec/bin/wazuh-control info
WAZUH_VERSION="v4.8.0"
WAZUH_REVISION="40806"
WAZUH_TYPE="server"
Manager status
root@ip-172-31-13-160:/home/qa# systemctl status wazuh-manager -l
● wazuh-manager.service - Wazuh manager
     Loaded: loaded (/lib/systemd/system/wazuh-manager.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2024-03-11 10:17:27 UTC; 36min ago
    Process: 76356 ExecStart=/usr/bin/env /var/ossec/bin/wazuh-control start (code=exited, status=0>
      Tasks: 176 (limit: 9170)
     Memory: 2.0G
        CPU: 3min 40.867s
     CGroup: /system.slice/wazuh-manager.service
             ├─76413 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─76414 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─76417 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─76420 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─76461 /var/ossec/bin/wazuh-authd
             ├─76477 /var/ossec/bin/wazuh-db
             ├─76502 /var/ossec/bin/wazuh-execd
             ├─76520 /var/ossec/bin/wazuh-analysisd
             ├─76581 /var/ossec/bin/wazuh-syscheckd
             ├─76598 /var/ossec/bin/wazuh-remoted
             ├─76632 /var/ossec/bin/wazuh-logcollector
             ├─76655 /var/ossec/bin/wazuh-monitord
             ├─76664 /var/ossec/bin/wazuh-modulesd
             ├─77164 /var/ossec/framework/python/bin/python3 /var/ossec/framework/scripts/wazuh_clu>
             ├─77316 /var/ossec/framework/python/bin/python3 /var/ossec/framework/scripts/wazuh_clu>
             └─77317 /var/ossec/framework/python/bin/python3 /var/ossec/framework/scripts/wazuh_clu>

Mar 11 10:17:22 ip-172-31-13-160 env[76356]: Started wazuh-syscheckd...
Mar 11 10:17:23 ip-172-31-13-160 env[76356]: Started wazuh-remoted...
Mar 11 10:17:24 ip-172-31-13-160 env[76356]: Started wazuh-logcollector...
Mar 11 10:17:24 ip-172-31-13-160 env[76356]: Started wazuh-monitord...
Mar 11 10:17:24 ip-172-31-13-160 env[76662]: 2024/03/11 10:17:24 wazuh-modulesd:router: INFO: Loade>
Mar 11 10:17:24 ip-172-31-13-160 env[76662]: 2024/03/11 10:17:24 wazuh-modulesd:content_manager: IN>
Mar 11 10:17:25 ip-172-31-13-160 env[76356]: Started wazuh-modulesd...
Mar 11 10:17:25 ip-172-31-13-160 env[76356]: Started wazuh-clusterd...
Mar 11 10:17:27 ip-172-31-13-160 env[76356]: Completed.
Mar 11 10:17:27 ip-172-31-13-160 systemd[1]: Started Wazuh manager.

macOS Sonoma Agent

System information
sh-3.2# sw_vers
ProductName:		macOS
ProductVersion:		14.0
BuildVersion:		23A344
Agent version
sh-3.2# /Library/Ossec/bin/wazuh-control info
WAZUH_VERSION="v4.8.0"
WAZUH_REVISION="40806"
WAZUH_TYPE="agent"
Agent status
sh-3.2# sudo /Library/Ossec/bin/wazuh-control status
wazuh-modulesd is running...
wazuh-logcollector is running...
wazuh-syscheckd is running...
wazuh-agentd is running...
wazuh-execd is running...

@santipadilla santipadilla mentioned this issue Mar 12, 2024
Merged
@santipadilla santipadilla linked a pull request Mar 12, 2024 that will close this issue
Implement support for the installation/uninstallation of npm packages #5092
Merged
@santipadilla
Copy link
Member

Moved to On hold due to testing of 4.8.0 - Beta 4

@wazuhci wazuhci moved this from In progress to On hold in Release 4.8.0 Mar 13, 2024
@wazuhci wazuhci moved this from On hold to In progress in Release 4.8.0 Mar 20, 2024
This was referenced Mar 20, 2024
Closed
Closed
Closed
@santipadilla santipadilla removed a link to a pull request Mar 20, 2024
Implement support for the installation/uninstallation of npm packages #5092
Merged
@juliamagan juliamagan mentioned this issue Apr 4, 2024
Merged
@wazuhci wazuhci moved this from In progress to Pending review in Release 4.8.0 Apr 4, 2024
@Rebits Rebits added level/epic and removed level/task Task issue labels Apr 5, 2024
@wazuhci wazuhci moved this from Pending review to Done in Release 4.8.0 Apr 5, 2024
@juliamagan juliamagan linked a pull request Apr 5, 2024 that will close this issue
Improvements for Vulnerability Detector E2E testing #5179
Merged
@juliamagan juliamagan mentioned this issue Apr 5, 2024
Closed
11 tasks
@juliamagan juliamagan removed a link to a pull request Apr 5, 2024
Improvements for Vulnerability Detector E2E testing #5179
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@santipadilla santipadilla

Labels
level/epic type/bug
Projects
No open projects
Release 4.8.0
Status: Done
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Rebits @juliamagan @santipadilla