From eaa17e407fc93519c8b29a56481863b8e9c2165c Mon Sep 17 00:00:00 2001 From: redteampanda-ng <31235211+redteampanda-ng@users.noreply.github.com> Date: Tue, 9 Apr 2024 10:55:45 +0200 Subject: [PATCH 1/6] chore: add password reset section --- admin/index.rst | 3 ++- admin/password.rst | 23 +++++++++++++++++++++++ 2 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 admin/password.rst diff --git a/admin/index.rst b/admin/index.rst index 2dd7923..93f9f43 100644 --- a/admin/index.rst +++ b/admin/index.rst @@ -11,4 +11,5 @@ continuing. :caption: Contents updates - upgrade \ No newline at end of file + upgrade + password \ No newline at end of file diff --git a/admin/password.rst b/admin/password.rst new file mode 100644 index 0000000..f9c856d --- /dev/null +++ b/admin/password.rst @@ -0,0 +1,23 @@ +Password Reset +============== + +This chapter incluse console commands to reset the +password for the admin user on both the Security Center +Frontend and Backend + +Security Center Frontend +------------------------ + +In case you lost access to the ``admin`` user of your Security +Center, you have to reset the password via console. To reset the +password for the ``admin`` user on the **Security Center Frontend**, +run the following command: + +.. code-block:: bash + + nextron@asc-front:~$ sudo + +Security Center Backend +----------------------- + +placeholder \ No newline at end of file From c4b666bceda8ec3012ff5799dfa36f0784ddff89 Mon Sep 17 00:00:00 2001 From: redteampanda-ng <31235211+redteampanda-ng@users.noreply.github.com> Date: Tue, 9 Apr 2024 10:58:19 +0200 Subject: [PATCH 2/6] chore: add Master ASGARD to list --- setup/components.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/setup/components.rst b/setup/components.rst index c256778..39f7c6f 100644 --- a/setup/components.rst +++ b/setup/components.rst @@ -27,6 +27,8 @@ focuses on the ``ASGARD Security Center (All-in-one)``): * ASGARD Gatekeeper * ASGARD Lobby +- Master ASGARD + - ASGARD Analysis Cockpit; alternatively: * Elasticsearch Cluster Node for ASGARD Analysis Cockpit From 80cc9d5ca0bf65fa83e4aafe364f2d5d19bbaf65 Mon Sep 17 00:00:00 2001 From: redteampanda-ng <31235211+redteampanda-ng@users.noreply.github.com> Date: Wed, 10 Apr 2024 09:13:30 +0200 Subject: [PATCH 3/6] chore: placeholder --- admin/password.rst | 24 ++++++------------------ 1 file changed, 6 insertions(+), 18 deletions(-) diff --git a/admin/password.rst b/admin/password.rst index f9c856d..8ccf169 100644 --- a/admin/password.rst +++ b/admin/password.rst @@ -1,23 +1,11 @@ Password Reset ============== -This chapter incluse console commands to reset the -password for the admin user on both the Security Center -Frontend and Backend +Since the password for the admin user is stored only on the Backend, +you have to reset the password via console. To reset the password for +the ``admin`` user on the **Security Center Backend**, run the following +command: -Security Center Frontend ------------------------- +.. code-block:: console -In case you lost access to the ``admin`` user of your Security -Center, you have to reset the password via console. To reset the -password for the ``admin`` user on the **Security Center Frontend**, -run the following command: - -.. code-block:: bash - - nextron@asc-front:~$ sudo - -Security Center Backend ------------------------ - -placeholder \ No newline at end of file + nextron@asc-back:~$ sudo \ No newline at end of file From 43eaccb52d0d1441996564ef1ad26d75f6b9d7e1 Mon Sep 17 00:00:00 2001 From: redteampanda-ng <31235211+redteampanda-ng@users.noreply.github.com> Date: Wed, 10 Apr 2024 10:20:31 +0200 Subject: [PATCH 4/6] chore: add password-reset command --- admin/password.rst | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/admin/password.rst b/admin/password.rst index 8ccf169..89f44e1 100644 --- a/admin/password.rst +++ b/admin/password.rst @@ -4,8 +4,12 @@ Password Reset Since the password for the admin user is stored only on the Backend, you have to reset the password via console. To reset the password for the ``admin`` user on the **Security Center Backend**, run the following -command: +command via console: .. code-block:: console - nextron@asc-back:~$ sudo \ No newline at end of file + nextron@sc-back:~$ sudo asgard-security-center-backend set-password + {"LEVEL":"Info","MESSAGE":"LDAP disabled","MODULE":"LDAP","TIME":"2024-04-10T08:17:42Z"} + Please enter password for user `admin`: + Please re-enter password for user `admin`: + Apr 10 08:17:49 sc-back THOR_UTIL: Info: SET_PASSWORD: password successfully updated \ No newline at end of file From 398b4219b3ab35e603a1f3ef27f44f2adba6f563 Mon Sep 17 00:00:00 2001 From: redteampanda-ng <31235211+redteampanda-ng@users.noreply.github.com> Date: Wed, 10 Apr 2024 10:37:05 +0200 Subject: [PATCH 5/6] fix: wrong message in set-password command --- admin/password.rst | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/admin/password.rst b/admin/password.rst index 89f44e1..59d5916 100644 --- a/admin/password.rst +++ b/admin/password.rst @@ -9,7 +9,6 @@ command via console: .. code-block:: console nextron@sc-back:~$ sudo asgard-security-center-backend set-password - {"LEVEL":"Info","MESSAGE":"LDAP disabled","MODULE":"LDAP","TIME":"2024-04-10T08:17:42Z"} Please enter password for user `admin`: Please re-enter password for user `admin`: - Apr 10 08:17:49 sc-back THOR_UTIL: Info: SET_PASSWORD: password successfully updated \ No newline at end of file + nextron@sc-back:~$ \ No newline at end of file From bc06b557b9a975036748ebcff1d83f4a828c87b3 Mon Sep 17 00:00:00 2001 From: redteampanda-ng <31235211+redteampanda-ng@users.noreply.github.com> Date: Mon, 6 May 2024 10:41:34 +0200 Subject: [PATCH 6/6] chore: add ASC#001 --- issues/issue_1.rst | 54 ++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 47 insertions(+), 7 deletions(-) diff --git a/issues/issue_1.rst b/issues/issue_1.rst index e53d53e..028bdba 100644 --- a/issues/issue_1.rst +++ b/issues/issue_1.rst @@ -1,5 +1,5 @@ -ABN#001: Placeholder -==================== +ASC#001: Backend is down after Upgrade to v2 +============================================ .. list-table:: :header-rows: 1 @@ -7,12 +7,52 @@ ABN#001: Placeholder * - Introduced Version - Fixed Version - * - x - - y + * - 2.x + - N/A -Placeholder Text. +There is currently a rare issue where the backend is not starting +after upgrading to v2. This is due to insufficient permissions for +the MySQL Trigger. -ABN#001: Workaround +If you upgraded your Security Center to version 2 and everything +seems to be working fine, you can ignore this advisory. + +We are currently working on a more robust upgrade process to prevent +this from happening in the future. + +ASC#001: Workaround ------------------- -Placeholder Text. \ No newline at end of file +After a successful upgrade to version 2 ("Upgrade finished" message can be +seen, see :ref:`admin/upgrade:performing the upgrade`), you might encounter +the following error message in ``/var/log/asgard-security-center-backend/server.log``: + +.. code-block:: json + + { + "level": "FATAL", + "time": "2024-04-03T18:49:16+02:00", + "message": "failed to init database schema", + "error": "Error 1142 (42000): TRIGGER command denied to user 'securitycenter-model'@'localhost' for table `asgard-security-center-backend`.`assets`" + } + +To fix this problem, run the following commands on your backend. + +Drop the MySQL trigger (no data will be lost): + +.. code-block:: console + + nextron@backend:~$ sudo mysql asgard-security-center-backend -e "DROP TRIGGER IF EXISTS assets_updated_fields;" + +Restart the backend service. This will recreate the trigger with the correct permissions +automatically: + +.. code-block:: console + + nextron@backend:~$ sudo systemctl restart asgard-security-center-backend.service + +Check if the service is running: + +.. code-block:: console + + nextron@backend:~$ sudo systemctl status asgard-security-center-backend.service \ No newline at end of file