From c3c8ea3d0235996b5b3c05bf5a0c77d0fadd02e4 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Tue, 3 Oct 2023 12:20:17 -0300 Subject: [PATCH] Changing files permissions --- build-docker-images/wazuh-indexer/config/config.sh | 7 +++++++ .../wazuh-indexer/config/entrypoint.sh | 14 -------------- 2 files changed, 7 insertions(+), 14 deletions(-) diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index 30f5d1f2..4d51efc3 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -144,3 +144,10 @@ find ${TARGET_DIR} -type f -perm 644 -exec chmod 640 {} \; find ${TARGET_DIR} -type f -perm 664 -exec chmod 660 {} \; find ${TARGET_DIR} -type f -perm 755 -exec chmod 750 {} \; find ${TARGET_DIR} -type f -perm 744 -exec chmod 740 {} \; + + +# Fix OpenSearch security plugin permissions +chown ${USER}:${GROUP} ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/internal_users.yml +chown ${USER}:${GROUP} ${TARGET_DIR}${CONFIG_DIR}/opensearch.yml +chmod 0600 ${TARGET_DIR}${CONFIG_DIR}/opensearch.yml +chmod 0600 ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/internal_users.yml \ No newline at end of file diff --git a/build-docker-images/wazuh-indexer/config/entrypoint.sh b/build-docker-images/wazuh-indexer/config/entrypoint.sh index e4ff811e..2acb4aa0 100644 --- a/build-docker-images/wazuh-indexer/config/entrypoint.sh +++ b/build-docker-images/wazuh-indexer/config/entrypoint.sh @@ -13,20 +13,6 @@ export CACERT=$(grep -oP "(?<=plugins.security.ssl.transport.pemtrustedcas_filep export CERT="${OPENSEARCH_PATH_CONF}/certs/admin.pem" export KEY="${OPENSEARCH_PATH_CONF}/certs/admin-key.pem" - -# Fix OpenSearch security plugin permissions - -chmod -R 0700 ${TARGET_DIR}/.cache -chmod 0700 ${TARGET_DIR}/extensions -chmod 0700 ${TARGET_DIR}/logs -chmod 0600 ${TARGET_DIR}/opensearch.yml -find ${TARGET_DIR}/bin -type f -exec chmod 0600 {} \; -find ${TARGET_DIR}/jdk/bin -type f -exec chmod 0600 {} \; -chmod 0600 ${TARGET_DIR}/opensearch-security/internal_users.yml -find ${TARGET_DIR}/performance-analyzer-rca/bin -type f -exec chmod 0600 {} \; -chmod 0600 ${TARGET_DIR}/plugins/opensearch-security/tools/wazuh-certs-tool.sh - - run_as_other_user_if_needed() { if [[ "$(id -u)" == "0" ]]; then # If running as root, drop to specified UID and run command