From d69f5c0c5dec34da72b07665a9206c268bc0f53c Mon Sep 17 00:00:00 2001
From: Victor Carlos Erenu <victor.erenu@wazuh.com>
Date: Tue, 25 Nov 2025 01:22:11 +0700
Subject: [PATCH] Add new path for Wazun indexer and new function for
 permanent_data exception

---
 build-docker-images/wazuh-indexer/config/config.sh    |  8 ++++----
 .../wazuh-manager/config/etc/cont-init.d/0-wazuh-init | 11 ++++++++++-
 2 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh
index 1761b016..033c52dd 100644
--- a/build-docker-images/wazuh-indexer/config/config.sh
+++ b/build-docker-images/wazuh-indexer/config/config.sh
@@ -73,10 +73,10 @@ mkdir -p ${TARGET_DIR}/usr/lib/sysctl.d
 mkdir -p ${TARGET_DIR}/usr/lib/systemd/system
 mkdir -p ${TARGET_DIR}${CONFIG_DIR}/certs
 # Copy Wazuh's config files for the security plugin
-cp -pr /roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
-cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
-cp -pr /action_groups.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
-cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
+cp -pr /roles_mapping.yml ${TARGET_DIR}${CONFIG_DIR}/opensearch-security/
+cp -pr /roles.yml ${TARGET_DIR}${CONFIG_DIR}/opensearch-security/
+cp -pr /action_groups.yml ${TARGET_DIR}${CONFIG_DIR}/opensearch-security/
+cp -pr /internal_users.yml ${TARGET_DIR}${CONFIG_DIR}/opensearch-security/
 cp -pr /opensearch.yml ${TARGET_DIR}${CONFIG_DIR}
 # Copy Wazuh indexer's certificates
 cp -pr /wazuh-certificates/demo.indexer.pem ${TARGET_DIR}${CONFIG_DIR}/certs/indexer.pem
diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init
index ca125b1b..ec2903b5 100644
--- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init
+++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init
@@ -70,8 +70,17 @@ apply_exclusion_data() {
         mkdir -p ${DIR}
       fi
 
+      safe_cp() {
+          if cp -p "$1" "$2" 2>/dev/null; then
+              return 0
+          else
+              echo "Warning: Could not copy $1 (may be read-only)"
+              return 0
+          fi
+      }
+
       print "Updating ${exclusion_file}"
-      exec_cmd "cp -p ${WAZUH_INSTALL_PATH}/data_tmp/exclusion/${exclusion_file} ${exclusion_file}"
+      exec_cmd "safe_cp ${WAZUH_INSTALL_PATH}/data_tmp/exclusion/${exclusion_file} ${exclusion_file}"
     fi
   done
 }