Wazuh indexer DEB package set HOME as nonexistent

[rauldpm]

Description

• A difference has been found in the wazuh-indexer user configuration between RPM and DEB systems
• In DEB, the user creation is specified as:

useradd --system \
--no-create-home \
--home-dir /nonexistent \
--gid $(GROUP) \
--shell /sbin/nologin \
--comment "$(USER) user" \
$(USER)

• In RPM, the user creation is specified as:

useradd --system \
--no-create-home \
--home-dir %{INSTALL_DIR} \
--gid %{GROUP} \
--shell /sbin/nologin \
--comment "%{USER} user" \
%{USER} > /dev/null 2>&1

• This means that in RPM systems, the wazuh-indexer user has the home set to /usr/share/wazuh-indexer, while in DEB it is set to nonexistent
• It is necessary to investigate the cause of this and the impact it may have since different behaviors are obtained when using the wazuh-indexer user

[root@centos7 vagrant]# runuser -l wazuh-indexer "ls /proc"
This account is currently not available.
[root@centos7 vagrant]# grep wazuh-indexer /etc/passwd
wazuh-indexer:x:997:994:wazuh-indexer user:/usr/share/wazuh-indexer:/sbin/nologin

root@ubuntu20stack:/home/vagrant# runuser -l wazuh-indexer "ls /proc"
runuser: warning: cannot change directory to /nonexistent: No such file or directory
root@ubuntu20stack:/home/vagrant# grep wazuh-indexer /etc/passwd
wazuh-indexer:x:113:123::/nonexistent:/bin/false
root@ubuntu20stack:/home/vagrant# mkdir /nonexistent
root@ubuntu20stack:/home/vagrant# chown wazuh-indexer:wazuh-indexer /nonexistent/
root@ubuntu20stack:/home/vagrant# runuser -l wazuh-indexer "ls /proc"
root@ubuntu20stack:/home/vagrant#

Tasks

• Determine the cause that HOME is not established in DEB systems
• Apply the necessary changes to set or unset HOME on both RPM and DEB

Validation

• Both DEB and RPM set or do not set the HOME for the wazuh-indexer user