rbac_control
New in version 4.6.0.
The rbac_control tool allows managing resources from the ThreatLockDown RBAC database and resetting the DB to its default state. For more information about the ThreatLockDown RBAC resources and database, please visit the
How it works section.
Usage
Option name |
Option description |
|---|---|
|
Display the help message. |
|
Change the password for each default user. |
|
Reset the RBAC database to its default state. Ask for confirmation unless the -f/--force flag is used. |
Examples
-h argument:
# /var/ossec/bin/rbac_control -h
usage: rbac_control.py [-h] {change-password,factory-reset} ...
ThreatLockDown RBAC tool: manage resources from the ThreatLockDown RBAC database
Arguments:
{change-password,factory-reset}
change-password Change the password for each default user. Empty values will leave the password unchanged.
factory-reset Reset the RBAC database to its default state. This will completely wipe your custom RBAC information.
optional arguments:
-h, --help show this help message and exit
factory-reset example:
# /var/ossec/bin/rbac_control factory-reset
This action will completely wipe your RBAC configuration and restart it to default values. Type RESET to proceed: RESET
Successfully reset RBAC database
factory-reset example (aborted):
# /var/ossec/bin/rbac_control factory-reset
This action will completely wipe your RBAC configuration and restart it to default values. Type RESET to proceed: aa
RBAC database reset aborted.
change-password example with an insecure password:
# /var/ossec/bin/rbac_control change-password
New password for 'wazuh' (skip):
New password for 'wazuh-wui' (skip):
wazuh: FAILED | Error 5007 - Insecure user password provided
change-password example where the wazuh user password was changed successfully (to skip any of the user, leave the new password blank):
# /var/ossec/bin/rbac_control change-password
New password for 'wazuh' (skip):
New password for 'wazuh-wui' (skip):
wazuh: UPDATED