diff --git a/Vagrantfile b/Vagrantfile index 80f6724a..2e6b85c8 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -54,6 +54,9 @@ targets = { "archlinux" => { "box" => "archlinux/archlinux" }, + "fedora33" => { + "box" => "fedora/33-cloud-base" + }, "suse11" => { "box" => "elastic/sles-11-x86_64" }, diff --git a/libraries/cmake/source/librpm/CMakeLists.txt b/libraries/cmake/source/librpm/CMakeLists.txt index b2cd08a7..a3b07f27 100644 --- a/libraries/cmake/source/librpm/CMakeLists.txt +++ b/libraries/cmake/source/librpm/CMakeLists.txt @@ -10,6 +10,7 @@ function(librpmMain) set(rpm_library_srcs "${library_root}/lib/backend/bdb_ro.c" + "${library_root}/lib/backend/sqlite.c" "${library_root}/lib/backend/dbi.c" "${library_root}/lib/backend/dummydb.c" "${library_root}/lib/backend/dbiset.c" @@ -161,6 +162,7 @@ function(librpmMain) endif() target_link_libraries(thirdparty_librpm PUBLIC + thirdparty_sqlite thirdparty_openssl thirdparty_zlib thirdparty_libmagic diff --git a/libraries/cmake/source/librpm/README.md b/libraries/cmake/source/librpm/README.md index dbd93c3c..90070725 100644 --- a/libraries/cmake/source/librpm/README.md +++ b/libraries/cmake/source/librpm/README.md @@ -36,7 +36,7 @@ export LDFLAGS="${CFLAGS} -L$OPENSSL_LINK -L$LIBMAGIC_LINK -L$POPT_LINK" export CC=clang ./autogen.sh -./configure --enable-static --with-crypto=openssl --without-archive --enable-bdb --enable-bdb-ro --without-lua --disable-plugins --disable-openmp +./configure --enable-static --with-crypto=openssl --without-archive --enable-bdb --enable-bdb-ro --enable_sqlite --without-lua --disable-plugins --disable-openmp ``` Then copy diff --git a/libraries/cmake/source/librpm/config/config.h b/libraries/cmake/source/librpm/config/config.h index 38aed55d..cc4a7b09 100644 --- a/libraries/cmake/source/librpm/config/config.h +++ b/libraries/cmake/source/librpm/config/config.h @@ -407,7 +407,7 @@ /* #undef WITH_SELINUX */ /* Define if SQLITE is available */ -/* #undef WITH_SQLITE */ +#define WITH_SQLITE 1 /* Enable large inode numbers on Mac OS X 10.5. */ #ifndef _DARWIN_USE_64_BIT_INODE diff --git a/osquery/tables/system/tests/linux/rpm_packages_tests.cpp b/osquery/tables/system/tests/linux/rpm_packages_tests.cpp index 7774095e..1ea42157 100644 --- a/osquery/tables/system/tests/linux/rpm_packages_tests.cpp +++ b/osquery/tables/system/tests/linux/rpm_packages_tests.cpp @@ -158,5 +158,43 @@ TEST_F(RpmTests, test_bdb_packages) { EXPECT_EQ(expected, packages); }; +TEST_F(RpmTests, test_sqlite_packages) { + auto dropper = DropPrivileges::get(); + if (isUserAdmin()) { + ASSERT_TRUE(dropper->dropTo("nobody")); + } + + auto sqlite_config = getTestConfigDirectory() / "rpm" / "rpm-sqlite"; + sqlite_config = boost::filesystem::absolute(sqlite_config); + this->setConfig(sqlite_config.string()); + + std::vector packages; + auto getPackage = [&packages](struct PackageDetails& pd) { + packages.push_back(pd); + }; + + ASSERT_TRUE(queryRpmDb(getPackage).ok()); + + std::vector expected = { + {"deltarpm", "3.6.2", "b94aeacccb128594c1c385a19a36b7237fd7bd55"}, + {"python3-rpm", "4.16.0", "cb4fd19975ffb22a6c67fa1ced0dd98cf039e2c3"}, + {"rpm", "4.16.0", "f1b7a4ad5d2497a44039ba20a2e83e7e60d52472"}, + {"rpm-build-libs", "4.16.0", "0e964be137e7489228e91d16d16ade7a38474bce"}, + {"rpm-libs", "4.16.0", "4eb167bef01b1c0684f870ef791ec4de3db96ca2"}, + {"rpm-plugin-selinux", + "4.16.0", + "2118e44fbdbdcd7bbf8306630bf03c289a6401cc"}, + {"rpm-plugin-systemd-inhibit", + "4.16.0", + "74890e714d68b144750b5529617361b4a4f64430"}, + {"rpm-sign-libs", "4.16.0", "01c6d988e05b320c9620e66b8bda57b8dd1749fe"}, + {"systemd-rpm-macros", + "246.6", + "50805b7fdfeef333d918a0da76c636e7ef182e36"}, + }; + + EXPECT_EQ(expected, packages); +}; + } // namespace tables } // namespace osquery diff --git a/tools/tests/configs/rpm/rpm-sqlite/rpmdb.sqlite b/tools/tests/configs/rpm/rpm-sqlite/rpmdb.sqlite new file mode 100644 index 00000000..de7d3fa4 Binary files /dev/null and b/tools/tests/configs/rpm/rpm-sqlite/rpmdb.sqlite differ diff --git a/tools/tests/configs/rpm/rpm-sqlite/rpmdb.sqlite-shm b/tools/tests/configs/rpm/rpm-sqlite/rpmdb.sqlite-shm new file mode 100644 index 00000000..b4288bb9 Binary files /dev/null and b/tools/tests/configs/rpm/rpm-sqlite/rpmdb.sqlite-shm differ diff --git a/tools/tests/configs/rpm/rpm-sqlite/rpmdb.sqlite-wal b/tools/tests/configs/rpm/rpm-sqlite/rpmdb.sqlite-wal new file mode 100644 index 00000000..e69de29b