Merge pull request #2989 from wazuh/bug/1369-incorrect-password-chang…

…e-in-filebeatyml Updated Password Tool to add default user and password to the filebeat.yml when changing passwords.
wazuh · Jun 18, 2024 · f4b2431 · f4b2431
2 parents e2b69f1 + c6f3ca0
commit f4b2431
Showing 1 changed file with 11 additions and 8 deletions.
diff --git a/unattended_installer/passwords_tool/passwordsFunctions.sh b/unattended_installer/passwords_tool/passwordsFunctions.sh
@@ -47,15 +47,18 @@ function passwords_changePassword() {
 
     if [ "${nuser}" == "admin" ] || [ -n "${changeall}" ]; then
         if [ -n "${filebeat_installed}" ]; then
-            if filebeat keystore list | grep -q password ; then
-                eval "(echo ${adminpass} | filebeat keystore add password --force --stdin)" "${debug}"
-            else
-                wazuhold=$(grep "password:" /etc/filebeat/filebeat.yml )
-                ra="  password: "
-                wazuhold="${wazuhold//$ra}"
-                conf="$(awk '{sub("password: .*", "password: '"${adminpass}"'")}1' /etc/filebeat/filebeat.yml)"
-                echo "${conf}" > /etc/filebeat/filebeat.yml
+            file_username=$(grep "username:" /etc/filebeat/filebeat.yml | awk '{print $2}')
+            file_password=$(grep "password:" /etc/filebeat/filebeat.yml | awk '{print $2}')
+            if [ "$file_username" != "\${username}" ] || [ "$file_password" != "\${password}" ]; then
+                common_logger -w "The user and password configured in the filebeat.yml file will be updated and stored in Filebeat Keystore."
             fi
+            eval "echo ${adminpass} | filebeat keystore add password --force --stdin ${debug}"
+            conf="$(awk '{sub("password: .*", "password: ${password}")}1' /etc/filebeat/filebeat.yml)"
+            echo "${conf}" > /etc/filebeat/filebeat.yml
+            eval "echo admin | filebeat keystore add username --force --stdin ${debug}"
+            conf="$(awk '{sub("username: .*", "username: ${username}")}1' /etc/filebeat/filebeat.yml)"
+            echo "${conf}" > /etc/filebeat/filebeat.yml
+            common_logger "Updated username and password in Filebeat Keystore. Also updated filebeat.yml file to use the Filebeat Keystore username and password."
             passwords_restartService "filebeat"
             eval "/var/ossec/bin/wazuh-keystore -f indexer -k password -v ${adminpass}"
             passwords_restartService "wazuh-manager"