rbac_control

New in version 4.6.0.

The rbac_control tool allows managing resources from the ThreatLockDown RBAC database and resetting the DB to its default state. For more information about the ThreatLockDown RBAC resources and database, please visit the How it works section.

Usage

Option name

Option description

-h, --help

Display the help message.

change-password

Change the password for each default user.

factory-reset

Reset the RBAC database to its default state. Ask for confirmation unless the -f/--force flag is used.

Examples

-h argument:

# /var/ossec/bin/rbac_control -h
usage: rbac_control.py [-h] {change-password,factory-reset} ...

ThreatLockDown RBAC tool: manage resources from the ThreatLockDown RBAC database

Arguments:
  {change-password,factory-reset}
    change-password     Change the password for each default user. Empty values will leave the password unchanged.
    factory-reset       Reset the RBAC database to its default state. This will completely wipe your custom RBAC information.

optional arguments:
  -h, --help            show this help message and exit

factory-reset example:

# /var/ossec/bin/rbac_control factory-reset
This action will completely wipe your RBAC configuration and restart it to default values. Type RESET to proceed: RESET
    Successfully reset RBAC database

factory-reset example (aborted):

# /var/ossec/bin/rbac_control factory-reset
This action will completely wipe your RBAC configuration and restart it to default values. Type RESET to proceed: aa
    RBAC database reset aborted.

change-password example with an insecure password:

# /var/ossec/bin/rbac_control change-password
New password for 'wazuh' (skip):
New password for 'wazuh-wui' (skip):
    wazuh: FAILED | Error 5007 - Insecure user password provided

change-password example where the wazuh user password was changed successfully (to skip any of the user, leave the new password blank):

# /var/ossec/bin/rbac_control change-password
New password for 'wazuh' (skip):
New password for 'wazuh-wui' (skip):
    wazuh: UPDATED