Skip to content

Commit

Permalink
Narrow in on the password file issue in windows
Browse files Browse the repository at this point in the history
Signed-off-by: Peter Nied <[email protected]>
  • Loading branch information
peternied committed Sep 26, 2023
1 parent b70a2c0 commit b94943f
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 17 deletions.
8 changes: 8 additions & 0 deletions tools/install_demo_configuration.bat
Original file line number Diff line number Diff line change
Expand Up @@ -328,6 +328,10 @@ set "INTERNAL_USERS_FILE=%OPENSEARCH_CONF_DIR%opensearch-security\internal_users
echo "what is in the config directory"
dir %OPENSEARCH_CONF_DIR%

echo "what is in the password file"
type "%ADMIN_PASSWORD_FILE%"


if "%initialAdminPassword%" NEQ "" (
set "ADMIN_PASSWORD=!initialAdminPassword!"
) else (
Expand All @@ -339,6 +343,10 @@ if not defined ADMIN_PASSWORD (
exit /b 1
)

echo " ***************************************************"
echo " *** ADMIN PASSWORD SET TO: %ADMIN_PASSWORD% ***"
echo " ***************************************************"

set "HASH_SCRIPT=%OPENSEARCH_PLUGINS_DIR%\opensearch-security\tools\hash.bat"

REM Run the command and capture its output
Expand Down
19 changes: 2 additions & 17 deletions tools/install_demo_configuration.sh
Original file line number Diff line number Diff line change
Expand Up @@ -392,11 +392,6 @@ echo 'plugins.security.system_indices.indices: [".plugins-ml-config", ".plugins-
ADMIN_PASSWORD_FILE="$OPENSEARCH_CONF_DIR/initialAdminPassword.txt"
INTERNAL_USERS_FILE="$OPENSEARCH_CONF_DIR/opensearch-security/internal_users.yml"

echo "Path is $(pwd)"
echo "Checking for password file in: $OPENSEARCH_CONF_DIR/opensearch-security/"
echo "Content of security config dir is: $(ls "$OPENSEARCH_CONF_DIR/opensearch-security/")"
echo "HEAD of password file is: $(head "$ADMIN_PASSWORD_FILE")"

if [[ -n "$initialAdminPassword" ]]; then
ADMIN_PASSWORD="$initialAdminPassword"
elif [[ -f "$ADMIN_PASSWORD_FILE" && -s "$ADMIN_PASSWORD_FILE" ]]; then
Expand All @@ -406,7 +401,9 @@ else
exit 1
fi

echo " ***************************************************"
echo " *** ADMIN PASSWORD SET TO: $ADMIN_PASSWORD ***"
echo " ***************************************************"

$SUDO_CMD chmod +x "$OPENSEARCH_PLUGINS_DIR/opensearch-security/tools/hash.sh"

Expand All @@ -418,28 +415,16 @@ if [ $? -ne 0 ]; then
exit 1
fi

echo "HASHED PASSWORD SET TO: $HASHED_ADMIN_PASSWORD"

# Clear the ADMIN_PASSWORD variable
unset ADMIN_PASSWORD

# Find the line number containing 'admin:' in the internal_users.yml file
ADMIN_HASH_LINE=$(grep -n 'admin:' "$INTERNAL_USERS_FILE" | cut -f1 -d:)

echo "ADMIN TARGET FILE LINE SET TO: $ADMIN_HASH_LINE"

echo "Before CHANGE: $(cat $INTERNAL_USERS_FILE)"

awk -v hashed_admin_password="$HASHED_ADMIN_PASSWORD" '
/^ *hash: *"\$2a\$12\$VcCDgh2NDk07JGN0rjGbM.Ad41qVR\/YFJcgHp0UGns5JDymv..TOG"/ {
sub(/"\$2a\$12\$VcCDgh2NDk07JGN0rjGbM.Ad41qVR\/YFJcgHp0UGns5JDymv..TOG"/, "\"" hashed_admin_password "\"");
}
{ print }
' "$INTERNAL_USERS_FILE" > temp_file && mv temp_file "$INTERNAL_USERS_FILE"


echo "AFTER CHANGE: $(cat $INTERNAL_USERS_FILE)"

#network.host
if $SUDO_CMD grep --quiet -i "^network.host" "$OPENSEARCH_CONF_FILE"; then
: #already present
Expand Down

0 comments on commit b94943f

Please sign in to comment.