New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] 4.7.1 - Manager container not creating etc/shared folder in /var/ossec #1167
Comments
When I downloaded the repository again, wazuh launched with the default configurations, then I did a podman compose down and replaced the docker-compose.yml. Everything launches correctly during the second compose but the passwords I changed don't work even if I do it one by one. I apply the passwords in the Indexer container with these command: export INSTALLATION_DIR=/usr/share/wazuh-indexer
CACERT=$INSTALLATION_DIR/certs/root-ca.pem
KEY=$INSTALLATION_DIR/certs/admin-key.pem
CERT=$INSTALLATION_DIR/certs/admin.pem
export JAVA_HOME=/usr/share/wazuh-indexer/jdk bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/opensearch-security/ -nhnv -cacert $CACERT -cert $CERT -key $KEY -p 9200 -icl I can't go any further in my analysis as I have absolutely no idea how containers work exactly. P.S: First problem not resolved, in 1 or 2 days it will no longer work for no reason. |
When providing an external ar.conf to container it work on manager container side. I don't understand why but manager container on compose up do not create the shared folder in /var/ossec/etc/. Now I only have a problem with password. |
Found a solution for password change. The bug report is complete, sometimes wazuh_manager container do not create /var/ossec/etc/shared folder, same for /var/ossec/etc/lists folder apparently. |
Hello,
I have a problem with my Wazuh containers, I scrupulously followed the documentation for the installation I don't understand what is broken.
Additional informations:
OS Info
Podman Engine version
Podman-Compose version
Wazuh Installation Folder
/opt/wazuh (Only docker-compose.yml is modified to mount conf file in containers) /opt/wazuh_conf (All edited config goes here)
(The context works since I was able to use it for 2 days and then nothing)
Let me explain:
I normally clone the repository version 4.7.1 and then I have to edit the docker-compose.yml, I removed the part:
Then I define it by hand by editing the /etc/security/limits.conf file, taking care to add the correct values
No worry is just a replaced value
Then I add the sysctl option
Finally, I copy my configuration, which I've been able to improve over the last 2 days of operation, and then add mount points, still in the docker-compose.yml file.
and I start the containers via compose up -d but I get this error on the containers manager:
Manager containers logs
OSSEC File
Dashboard can't start because manager can't keep up and crash.
Is someone have a solution ? Because re-downloading a new repository and copying the old data works for a while, then after a few restarts the containers manager gives the above error.
If the bug report isn't complete, I'll be happy to test it and provide more information if required.
The text was updated successfully, but these errors were encountered: