Issues While Packaging Wazuh for NixOS

Help
1

I’ve been working on packaging the Wazuh agent over the last couple of weeks. It is something I’ve wanted to see done for a bit, and there is already an existing packaging request for it. I’ve been around Nix for a bit now but this is my first foray into this level of complexity so there is probably plenty to be improved.

Package Request: Package request: wazuh-agent · Issue #230623 · NixOS/nixpkgs · GitHub
My Fork: nixpkgs/pkgs/tools/security/wazuh/default.nix at 2faa23610cdcc573ef366ebf556cfd178738b48e · sjdwhiting/nixpkgs · GitHub

I’ve worked through quite a few issues already to get to this point but I’m a stuck on this error which might be more of a cmake problem than a nix one.

[100%] Linking CXX executable ../bin/sysinfo_test_tool
Reaping winning child 0x47f7f0 PID 59268
cd /nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/data_provider/build/testtool && /nix/store/ih9mk4l2rr9sd10rkmyjm38fn2ysypl0-cmake-3.27.7/bin/cmake -E cmake_link_script CMakeFiles/sysinfo_test_tool.dir/link.txt --verbose=
Live child 0x47f7f0 (bin/sysinfo_test_tool) PID 59269
/nix/store/3z013mdl9cvpgvavpj19rbilihz4clvi-binutils-2.40/bin/ld: /nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/libwazuhext.so: undefined reference to `ZSTD_versionNumber'
/nix/store/3z013mdl9cvpgvavpj19rbilihz4clvi-binutils-2.40/bin/ld: /nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/libwazuhext.so: undefined reference to `ZSTD_createDStream'
/nix/store/3z013mdl9cvpgvavpj19rbilihz4clvi-binutils-2.40/bin/ld: /nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/libwazuhext.so: undefined reference to `ZSTD_decompressStream'
/nix/store/3z013mdl9cvpgvavpj19rbilihz4clvi-binutils-2.40/bin/ld: /nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/libwazuhext.so: undefined reference to `ZSTD_isError'
/nix/store/3z013mdl9cvpgvavpj19rbilihz4clvi-binutils-2.40/bin/ld: /nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/libwazuhext.so: undefined reference to `ZSTD_freeDStream'
collect2: error: ld returned 1 exit status
Reaping losing child 0x47f7f0 PID 59269
make[4]: *** [testtool/CMakeFiles/sysinfo_test_tool.dir/build.make:98: bin/sysinfo_test_tool] Error 1
Removing child 0x47f7f0 PID 59269 from chain.
Reaping losing child 0x473ee0 PID 59263
make[3]: *** [CMakeFiles/Makefile2:126: testtool/CMakeFiles/sysinfo_test_tool.dir/all] Error 2
Removing child 0x473ee0 PID 59263 from chain.
Reaping losing child 0x483490 PID 59198
make[2]: *** [Makefile:101: all] Error 2
Removing child 0x483490 PID 59198 from chain.
make[2]: Leaving directory '/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/data_provider/build'
Reaping losing child 0x57cda0 PID 59011
make[1]: *** [Makefile:1673: build_sysinfo] Error 2
Removing child 0x57cda0 PID 59011 from chain.
make[1]: Leaving directory '/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src'
Reaping losing child 0x585500 PID 58977
make: *** [Makefile:813: agent] Error 2
Removing child 0x585500 PID 58977 from chain.
error: builder for '/nix/store/9hsk409fjcqd5cd3pv2w05fsvr8nzx7d-wazuh-agent-4.7.3.drv' failed with exit code 2;
       last 10 log lines:
       > make[2]: *** [Makefile:101: all] Error 2
       > Removing child 0x483490 PID 59198 from chain.
       > make[2]: Leaving directory '/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/data_provider/build'
       > Reaping losing child 0x57cda0 PID 59011
       > make[1]: *** [Makefile:1673: build_sysinfo] Error 2
       > Removing child 0x57cda0 PID 59011 from chain.
       > make[1]: Leaving directory '/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src'
       > Reaping losing child 0x585500 PID 58977
       > make: *** [Makefile:813: agent] Error 2
       > Removing child 0x585500 PID 58977 from chain.
       For full logs, run 'nix-store -l /nix/store/9hsk409fjcqd5cd3pv2w05fsvr8nzx7d-wazuh-agent-4.7.3.drv'.

I’ve tracked it down to this tool: wazuh/src/data_provider/testtool at master · wazuh/wazuh · GitHub

However, I wasn’t able to sort out where zstd is actually being referenced in any of the CMake related files.

This is the link.txt file that is being referenced.

/nix/store/ihhhd1r1a2wb4ndm24rnm83rfnjw5n0z-gcc-wrapper-12.3.0/bin/g++ -g -Wall -Wextra -Wshadow -Wnon-virtual-dtor -Woverloaded-virtual -Wunused -Wcast-align -Wformat=2 -std=c++14 -O3 -s CMakeFiles/sysinfo_test_tool.dir/main.cpp.o -o ../bin/sysinfo_test_tool   -L/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src  -L/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/sqlite  -L/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/cJSON  -L/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/procps  -L/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/bzip2  -L/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/libplist/bin/lib  -L/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/libdb/build_unix  -L/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/pacman/lib/libalpm  -L/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/libarchive/.libs  -L/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/rpm/builddir  -L/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/openssl  -Wl,-rpath,/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src:/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/sqlite:/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/cJSON:/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/procps:/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/bzip2:/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/libplist/bin/lib:/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/libdb/build_unix:/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/pacman/lib/libalpm:/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/libarchive/.libs:/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/rpm/builddir:/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/external/openssl:/nix/store/4kykj1h5c9f2g7kipdazqp21vc4kbxrx-wazuh-agent-4.7.3/src/data_provider/build/lib ../lib/libsysinfo.so -ldl -lpthread -lproc -lwazuhext

So far, this problem seems isolated to this particular sysinfo tool. I went back through the logs and other linking operations executed just fine. The big mystery seems to be where these references to zstd are actually happening. I had naively hoped that just adding zstd to the buildInputs would fix it.

So my actual question is, how do I fix this! If there is any other useful information I can provide, please let me know and I’ll gladly get it. Any and all help is appreciated.

2

What’s weird is that there’s no mention of zstd in the testtool. The error message does indicate the undefined zstd references are coming from libwazuhext.so though but I’m not sure how that gets built

3

Hey @sjdwhiting, update your one command to be like this: OSSEC_LIBS="-lzstd" make TARGET=agent -d SYSINFO_TEST=. That will link zstd so it’s available for the build.

I’ve been trying to get a wazuh agent up and running too. Let me know if you want to collaborate

1 Like
4

@nealfennimore Definitely open to collaboration here and thanks of your help on this!