Search Criteria
Package Details: wazuh-agent 4.12.0-1
Package Actions
| Git Clone URL: | https://aur.archlinux.org/wazuh-agent.git (read-only, click to copy) |
|---|---|
| Package Base: | wazuh-agent |
| Description: | Wazuh Agent actively protects Arch Linux systems with advanced threat prevention, detection, and response capabilities. |
| Upstream URL: | https://wazuh.com/ |
| Keywords: | siem |
| Licenses: | GPL2 |
| Submitter: | madara125 |
| Maintainer: | madara125 (MrHacker) |
| Last Packager: | MrHacker |
| Votes: | 7 |
| Popularity: | 1.01 |
| First Submitted: | 2023-11-18 04:14 (UTC) |
| Last Updated: | 2025-05-07 17:06 (UTC) |
Dependencies (8)
- brotli (brotli-gitAUR)
- curl (curl-gitAUR, curl-c-aresAUR)
- inetutils (inetutils-gitAUR)
- nodejs (nodejs-gitAUR, python-nodejs-wheelAUR, nodejs-lts-hydrogenAUR, nodejs-lts-iron, nodejs-lts-jod)
- perl (perl-gitAUR)
- python (python37AUR, python311AUR, python310AUR)
- sudo (fake-sudoAUR, polkit-fakesudoAUR, sudo-gitAUR, doas-sudo-shimAUR, doas-sudo-shim-minimalAUR, sudo-hgAUR, fudo-gitAUR, sudo-selinuxAUR, sudo-rs-symlinkAUR)
- lsb-release (optional)
Latest Comments
1 2 Next › Last »
MrHacker commented on 2025-04-08 14:53 (UTC)
Hi @z3nt,
Thank you for your valuable observations. I'm analyzing the points you mentioned and will definitely implement your suggested changes in the next update. You're right about the --system parameter in the useradd command. I'll add it to prevent the wazuh user from appearing as a regular user in the UI with UID 1001. Regarding the issue with backup=() for /var/ossec/etc/ossec.conf, I'll check why the .pacsave file isn't being created during uninstallation when you've modified the file. I'll also review the runtime dependencies. I agree that several like gcc and cmake could probably be removed, as they're more appropriate as build dependencies. Sorry for the delay in responding. I've been busy with other projects and just updated the package after receiving the notification that it was outdated. I appreciate your patience and assure you that I'll incorporate your corrections in the next update.
Regards.
z3ntu commented on 2025-04-08 14:19 (UTC)
@MrHacker: Would be nice if you could read the comments from the last months and improve the package.
tbroyer commented on 2025-03-20 11:01 (UTC)
Already reported before but why so many dependencies?
The RPM only depends on groupadd/useradd/groupdel/userdel for the preinst and postuninst sccripts: https://github.com/wazuh/wazuh-agent/blob/246c2d85b81cf84f232744330f5cff5ec272a7b2/packages/rpms/SPECS/wazuh_agent.spec#L25-L26
Similarly for the Debian package: https://github.com/wazuh/wazuh-agent/blob/246c2d85b81cf84f232744330f5cff5ec272a7b2/packages/debs/SPECS/wazuh-agent/debian/control#L11
z3ntu commented on 2025-02-26 10:20 (UTC)
One more request on top of my using
--systemwithuseraddinwazuh-agent.install: Why are so many packages listed as runtime dependency, like gcc and cmake? I'm pretty sure most of them can be removed?awptechnologies commented on 2024-11-08 19:45 (UTC)
Running sudo chown -R wazuh:wazuh /var/ossec fixed it for me as well agent will start now.
z3ntu commented on 2024-11-08 11:26 (UTC)
Shouldn't the useradd command be using
--systemparameter so e.g. the wazuh user doesn't get UID 1001 and show up in various places in the UI as a regular user?Also I'm currently checking but it seems the
backup=()at least for/var/ossec/etc/ossec.confdoesn't seem to work, no .pacsave is created on package removal even though the file was modified by me.awptechnologies commented on 2024-09-17 03:49 (UTC)
This fixed it for me as well. sudo chown -R wazuh:wazuh /var/ossec
publicarray commented on 2024-09-06 09:49 (UTC) (edited on 2024-09-06 09:51 (UTC) by publicarray)
Regarding the
Error reading XML file 'etc/ossec.conf': (line 0).errorThis is a permission issue. The files are owned by root rather than wazuh
sudo chown -R wazuh:wazuh /var/ossecFixed the issue for meMrHacker commented on 2024-07-09 14:29 (UTC)
@agrasso Fixed, thanks for your feedback
agrasso commented on 2024-07-09 13:39 (UTC)
MrHacker's GPG key seems to have been revoked a few days ago.
1 2 Next › Last »