From cdfaa5ec312c89ede74de6cd44368741e1c93cf3 Mon Sep 17 00:00:00 2001 From: Carlos Bordon Date: Wed, 26 Nov 2025 14:59:05 -0300 Subject: [PATCH 1/4] Removed sslmanager key from the docker manager image --- build-docker-images/wazuh-manager/Dockerfile | 4 ++++ .../config/etc/cont-init.d/0-wazuh-init | 16 +++++----------- 2 files changed, 9 insertions(+), 11 deletions(-) diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index 7bbfdfc7..f3e76d25 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -39,6 +39,10 @@ COPY config/filebeat.yml /etc/filebeat/ RUN chmod go-w /etc/filebeat/filebeat.yml +# Remove wazuh-authd default certs to force generation of new ones at container startup +RUN rm -f /var/ossec/etc/sslmanager.key && \ + rm -f /var/ossec/etc/sslmanager.cert + ADD https://raw.githubusercontent.com/wazuh/wazuh/$FILEBEAT_TEMPLATE_BRANCH/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat RUN chmod go-w /etc/filebeat/wazuh-template.json diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init index 9edb1b00..73fde5f4 100644 --- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init +++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init @@ -6,8 +6,6 @@ source /permanent_data.env WAZUH_INSTALL_PATH=/var/ossec WAZUH_CONFIG_MOUNT=/wazuh-config-mount -AUTO_ENROLLMENT_ENABLED=${AUTO_ENROLLMENT_ENABLED:-true} - ############################################################################## # Aux functions @@ -180,7 +178,7 @@ set_rids_owner() { } ############################################################################## -# Change any ossec user/group to wazuh user/group +# Change any ossec user/group to wazuh user/group ############################################################################## set_correct_permOwner() { @@ -209,14 +207,10 @@ main() { # Remove some files in permanent_data (i.e. .template.db) remove_data_files - # Generate wazuh-authd certs if AUTO_ENROLLMENT_ENABLED is true and does not exist - if [ $AUTO_ENROLLMENT_ENABLED == true ] - then - if [ ! -e ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ] - then - create_ossec_key_cert - fi - fi +if [ ! -e ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ] +then + create_ossec_key_cert +fi # Mount selected files (WAZUH_CONFIG_MOUNT) to container mount_files From 8cf39aa2739c9b4560038b10029309ae3420361d Mon Sep 17 00:00:00 2001 From: Carlos Bordon Date: Wed, 26 Nov 2025 15:18:43 -0300 Subject: [PATCH 2/4] Updated changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0d8708fd..e46d1351 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ All notable changes to this project will be documented in this file. ### Changed +- Removed sslmanager key from the docker manager image. ([#2092](https://github.com/wazuh/wazuh-docker/pull/2092)) - Backport 4.13.0 changes: Modify wazuh-keystore use ([#2036](https://github.com/wazuh/wazuh-docker/pull/2036)) \- (wazuh-keystore) ### Fixed From d242c9e5f657634899755ef8d925e6ff275a2c38 Mon Sep 17 00:00:00 2001 From: Carlos Bordon Date: Wed, 26 Nov 2025 15:40:47 -0300 Subject: [PATCH 3/4] Indentation is added to the 0-wazuh-init file --- .../wazuh-manager/config/etc/cont-init.d/0-wazuh-init | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init index 73fde5f4..08e9006d 100644 --- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init +++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init @@ -207,10 +207,10 @@ main() { # Remove some files in permanent_data (i.e. .template.db) remove_data_files -if [ ! -e ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ] -then - create_ossec_key_cert -fi + if [ ! -e ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ] + then + create_ossec_key_cert + fi # Mount selected files (WAZUH_CONFIG_MOUNT) to container mount_files From 48650df87e5e9081a73b2389fea52bbaa6d271c4 Mon Sep 17 00:00:00 2001 From: Carlos Bordon Date: Thu, 27 Nov 2025 11:16:50 -0300 Subject: [PATCH 4/4] The location of the remove command for the wazuh-authd certificates has been changed. --- build-docker-images/wazuh-manager/Dockerfile | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index f3e76d25..36dae6b0 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -30,7 +30,9 @@ RUN yum install wazuh-manager-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \ -o /tmp/s6-overlay-amd64.tar.gz && \ tar xzf /tmp/s6-overlay-amd64.tar.gz -C / --exclude="./bin" && \ tar xzf /tmp/s6-overlay-amd64.tar.gz -C /usr ./bin && \ - rm /tmp/s6-overlay-amd64.tar.gz + rm /tmp/s6-overlay-amd64.tar.gz && \ + rm -f /var/ossec/etc/sslmanager.key && \ + rm -f /var/ossec/etc/sslmanager.cert COPY config/etc/ /etc/ COPY --chown=root:wazuh config/create_user.py /var/ossec/framework/scripts/create_user.py @@ -39,10 +41,6 @@ COPY config/filebeat.yml /etc/filebeat/ RUN chmod go-w /etc/filebeat/filebeat.yml -# Remove wazuh-authd default certs to force generation of new ones at container startup -RUN rm -f /var/ossec/etc/sslmanager.key && \ - rm -f /var/ossec/etc/sslmanager.cert - ADD https://raw.githubusercontent.com/wazuh/wazuh/$FILEBEAT_TEMPLATE_BRANCH/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat RUN chmod go-w /etc/filebeat/wazuh-template.json