diff --git a/tools/analysis/analyze.bat b/tools/analysis/analyze.bat deleted file mode 100644 index 02c2d564..00000000 --- a/tools/analysis/analyze.bat +++ /dev/null @@ -1,4 +0,0 @@ -@echo off -REM Copyright (c) Facebook, Inc. and its affiliates. All Rights Reserved -"C:\Program Files\Cppcheck\cppcheck.exe" --quiet -i .\build\ . -"C:\Program Files\Cppcheck\cppcheck.exe" --quiet --project=.\build\windows10\OSQUERY.sln diff --git a/tools/analysis/asan.supp b/tools/analysis/asan.supp deleted file mode 100644 index 5b278268..00000000 --- a/tools/analysis/asan.supp +++ /dev/null @@ -1,2 +0,0 @@ -interceptor_via_fun:google::SetArgv -interceptor_via_lib:gflags diff --git a/tools/analysis/clang-analyze.sh b/tools/analysis/clang-analyze.sh deleted file mode 100755 index f7f14a7b..00000000 --- a/tools/analysis/clang-analyze.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash - -# Copyright (c) 2014, Ruslan Baratov -# All rights reserved. - -declare -a BLACKLIST=( - "logging.cc" - "logging_unittest.cc" - "signalhandler_unittest.cc" - "string_util.cc" - "sysinfo.cc" - ) - -for BL_ITEM in ${BLACKLIST[@]}; do - if [[ "$@" == *"${BL_ITEM}"* ]]; then - clang++ "$@" - exit 0; - fi -done - -for x in "$@"; do - if [ ! "${x}" == "-c" ]; then - continue - fi - - OUTPUT="`mktemp /tmp/clang-analyze.out.XXXXX`" - BINARY="`mktemp /tmp/clang-analyze.bin.XXXXX`" - - # analyze - clang++ --analyze "$@" -o "${BINARY}" 2> "${OUTPUT}" - - RESULT=0 - [ "$?" == 0 ] || RESULT=1 - [ -s "${OUTPUT}" ] && RESULT=1 - - cat "${OUTPUT}"; - rm -f "${OUTPUT}" - rm -f "${BINARY}" - - if [ "${RESULT}" == "1" ]; then - exit 1; - fi -done - -# compile real code -clang++ "$@" diff --git a/tools/analysis/fuzz.py b/tools/analysis/fuzz.py deleted file mode 100755 index 6c64ab3e..00000000 --- a/tools/analysis/fuzz.py +++ /dev/null @@ -1,141 +0,0 @@ -#!/usr/bin/env python3 - -# Copyright (c) 2014-present, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -import ast -import os -import random -import subprocess -import sys -import argparse - - - -# Import the testing utils -sys.path.append(os.path.dirname(os.path.realpath(__file__)) + "/../tests/") -sys.path.append(os.path.dirname(os.path.realpath(__file__)) + "/../codegen/") - -from gentable import \ - table_name, schema, description, examples, attributes, implementation, \ - extended_schema, fuzz_paths, \ - WINDOWS, LINUX, POSIX, DARWIN, FREEBSD, \ - Column, ForeignKey, table as TableState, TableState as _TableState, \ - TEXT, DATE, DATETIME, INTEGER, BIGINT, UNSIGNED_BIGINT, DOUBLE, BLOB -import utils - -def _fuzz_paths(shell, name, paths, query): - cmd = [ - "zzuf", - "-r0.001:0.1", "-s%d:%d" % (args.s, args.s + args.n) - ] - for path in paths: - cmd.append("-I") - cmd.append(path) - cmd.append(shell) - cmd.append("--disable_extensions") - cmd.append(query) - if args.verbose: - print(" ".join(cmd)) - proc = subprocess.Popen( - cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE - ) - - stdout, stderr = proc.communicate() - if args.verbose: - print(stdout) - print(stderr) - if proc.returncode != 0: - print(" ".join(cmd)) - print(stderr) - return proc.returncode - - -def _fuzz_queries(shell, name, paths, examples=[]): - print("Fuzzing file reads for: %s" % (name)) - ret = _fuzz_paths(shell, name, paths, "select count(1) from `%s`" % (name)) - if ret != 0: - return ret - for example in examples: - print("Fuzzing file reads for query: %s" % (example)) - ret = _fuzz_paths(shell, name, paths, example) - if ret != 0: - return ret - return 0 - - -if __name__ == "__main__": - parser = argparse.ArgumentParser(description=( - "Search table specs for opt-in fuzzing options" - )) - parser.add_argument( - "--specs", metavar="PATH", default="./specs", - help="Path to the osquery table specs." - ) - parser.add_argument( - "--table", metavar="TABLE", default="", - help="Restrict to a single table" - ) - parser.add_argument( - "--verbose", action="store_true", default=False, - help="Be verbose." - ) - parser.add_argument( - "-c", action="store_true", default=False, - help="Continue working event if a crash is detected." - ) - parser.add_argument( - "-n", type=int, default=20, - help="Number of seeds" - ) - parser.add_argument( - "-s", type=int, default=-1, - help="Initial seed" - ) - - group = parser.add_argument_group("Run Options:") - group.add_argument( - "--shell", metavar="PATH", default="./build/%s/osquery/osqueryi" % ( - utils.platform()), - help="Path to osqueryi shell (./build//osquery/osqueryi)." - ) - - args = parser.parse_args() - if not os.path.exists(args.shell): - print("Cannot find --shell: %s" % (args.shell)) - exit(1) - if not os.path.exists(args.specs): - print("Cannot find --specs: %s" % (args.specs)) - exit(1) - - if args.s < 0: - args.s = random.randint(0, 65535) - - exit_code = 0 - tables = utils.queries_from_tables(args.specs, args.table) - for table in tables: - table = table.split(".") - if table[0] == "specs": - table.pop(0) - table[-1] += ".table" - - filename = os.path.join(args.specs, *table) - with open(filename, 'rU') as fh: - # Open and parse/execute the specification. - tree = ast.parse(fh.read()) - TableState = _TableState() - exec(compile(tree, "", "exec")) - - # We may later introduce other (simple) types of fuzzing. - if len(TableState.fuzz_paths) > 0: - # The table specification opted-into path-based fuzzing. - ret = _fuzz_queries(args.shell, TableState.table_name, - TableState.fuzz_paths, TableState.examples) - if ret > 0: - exit_code = ret - if not args.c and ret != 0: - break - sys.exit(exit_code) diff --git a/tools/analysis/lsan.supp b/tools/analysis/lsan.supp deleted file mode 100644 index a73e105a..00000000 --- a/tools/analysis/lsan.supp +++ /dev/null @@ -1 +0,0 @@ -leak:apache::thrift::transport::TServerSocket::listen diff --git a/tools/analysis/sanitize_blacklist.txt b/tools/analysis/sanitize_blacklist.txt deleted file mode 100644 index 2fb0b003..00000000 --- a/tools/analysis/sanitize_blacklist.txt +++ /dev/null @@ -1,24 +0,0 @@ -# This function and source blacklist is applied to LLVM's sanitize frameworks. -# Please restrict entries to known-problems in third-party libraries. - -# ASIO 0-lookups -fun:*get_io_service* -src:*asio/impl/* - -# GFlags -fun:*SetArgv* - -# GLog -# This is a confirmed race, but deemed low pri -fun:google::RawLog__SetLastTime - -# Thrift -fun:*TServerSocket* -fun:apache::thrift::transport::TServerSocket::listen -fun:apache::thrift::transport::TServerSocket::notify -fun:apache::thrift::transport::TServerSocket::interrupt -fun:apache::thrift::transport::TServerSocket::interruptChildren -src:*thrift/transport/TServerSocket.cpp - -# RocksDB -fun:*ColumnFamilyOptions* diff --git a/tools/analysis/stress.py b/tools/analysis/stress.py deleted file mode 100755 index 0c8bd557..00000000 --- a/tools/analysis/stress.py +++ /dev/null @@ -1,144 +0,0 @@ -#!/usr/bin/env python3 - -# Copyright (c) 2014-present, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -import sys -import shutil -import time -import argparse -import subprocess -import tempfile -from threading import Thread - -try: - from utils import * -except ImportError: - print("Cannot import osquery testing utils from ./tools/tests") - exit(1) - - -def run_daemon(proc, output): - output[proc.pid] = profile_cmd("", proc=proc) - - -def audit(args): - def _run_procs(start): - procs = [] - for i in range(3): - for j in range(100): - procs.append(subprocess.Popen("sleep %d" % 1, - shell=True, - stderr=subprocess.PIPE, - stdout=subprocess.PIPE)) - if not args["stat"]: - print("Finished launching processes: duration %6.4fs" % ( - time.time() - start)) - for p in procs: - p.communicate() - - proc = None - thread = None - results = {} - if not args["baseline"]: - # Start a daemon, which will modify audit rules - test = args["run"] - if "args" in args: - test += " %s" % (args["args"]) - dbpath = tempfile.mkdtemp() - test += " --database_path=%s" % (dbpath) - proc = subprocess.Popen(test, - shell=True, - stderr=subprocess.PIPE, - stdout=subprocess.PIPE) - if not args["stat"]: - thread = Thread(target=run_daemon, args=(proc, results,)) - thread.start() - time.sleep(1) - - # Run test applications to stress the audting (a fork bomb) - start_time = time.time() - _run_procs(start_time) - end_time = time.time() - - # Clean up - if not args["baseline"]: - proc.kill() - shutil.rmtree(dbpath) - if not args["stat"]: - thread.join() - if proc.pid in results: - print("cpu: %6.2f, memory: %d, util: %6.2f" % ( - results[proc.pid]["cpu_time"], - results[proc.pid]["memory"], - results[proc.pid]["utilization"])) - pass - return end_time - start_time - - -def single(args): - start_time = time.time() - if ARGS.verbose: - proc = subprocess.Popen(args, shell=True) - else: - proc = subprocess.Popen(args, - shell=True, - stderr=subprocess.PIPE, - stdout=subprocess.PIPE) - if ARGS.verbose: - print("PID: %d" % (proc.pid)) - stdout, stderr = proc.communicate() - end_time = time.time() - start_time - if proc.returncode is not 0: - if not ARGS.verbose: - print(stdout) - print(stderr) - print("%s Test failed. (total %6.4fs)" % ( - red("FAILED"), end_time)) - sys.exit(proc.returncode) - return end_time - - -def stress(args): - """Small utility to run unittests several times.""" - times = [] - test = args["run"] if args["run"] is not None else ["make", "test"] - for i in range(args["num"]): - if args["audit"]: - times.append(audit(args)) - else: - times.append(single(test)) - if args["stat"]: - print("%6.4f" % (times[-1])) - else: - print("%s Tests passed (%d/%d) rounds. (average %6.4fs) " % ( - green("PASSED"), i + 1, args["num"], sum(times) / len(times))) - -if __name__ == "__main__": - parser = argparse.ArgumentParser(description="Run tests many times") - parser.add_argument("-n", "--num", type=int, default=50, - help="Number of times to run tests") - parser.add_argument("-A", "--audit", action="store_true", default=False, - help="Perform exec/process auditing stress tests") - parser.add_argument("--baseline", action="store_true", default=False, - help="Run baselines when stressing auditing") - parser.add_argument("--args", default="", - help="Arguments to pass to test binary") - parser.add_argument("--stat", action="store_true", default=False, - help="Only print numerical values") - parser.add_argument("--verbose", action="store_true", default=False, - help="Do not consume stderr/stdout") - parser.add_argument("run", nargs="?", help="Run specific test binary") - ARGS = parser.parse_args() - - # A baseline was requested, first run baselines then normal. - if ARGS.baseline: - print("Running baseline tests...") - stress(vars(ARGS)) - ARGS.baseline = False - print("Finished. Running tests...") - - stress(vars(ARGS)) diff --git a/tools/analysis/system_stress.py b/tools/analysis/system_stress.py deleted file mode 100755 index f5a5edad..00000000 --- a/tools/analysis/system_stress.py +++ /dev/null @@ -1,107 +0,0 @@ -#!/usr/bin/env python3 - -# Copyright (c) 2014-present, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -from multiprocessing import Process, Lock, Value -import subprocess -import argparse - -import socket -import fcntl -import struct -import timeit - - -P = 3298723423324 - - -# See: http://stackoverflow.com/questions/24196932/how-can-i-get-the-ip-address-of-eth0-in-python -def get_ip_address(ifname): - s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) - return socket.inet_ntoa(fcntl.ioctl( - s.fileno(), - 0x8915, # SIOCGIFADDR - struct.pack('256s', ifname[:15]) - )[20:24]) - - -def largest_prime_factor(n): - i = 2 - while i * i <= n: - if n % i: - i += 1 - else: - n //= i - return n - - -def init(e, po, n, j, l, count): - subprocess.call("echo 'hi' > /dev/null", shell=True) - netcat(e, po, "hello") - - l.acquire() - try: - count.value = count.value + 1 - finally: - l.release() - - if j >= n: - largest_prime_factor(P) - return - - procs = [] - for i in range(n): - p = Process(target=init, args=(e, po, n, j + i + 1, l, count)) - p.start() - procs.append(p) - - for p in procs: - p.join() - - -# See: http://stackoverflow.com/questions/1908878/netcat-implementation-in-python -def netcat(hostname, port, content): - s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) - s.connect((hostname, int(port))) - s.sendall(content) - s.shutdown(socket.SHUT_WR) - s.close() - - -def expect(n): - return (2**n) * n - - -def main(args): - e = get_ip_address(args.i) - k = expect(args.n) - print ("Expecting %d (default shell) processes" % k) - - s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) - s.bind((e, args.p)) - - c = Value('i', 0) - l = Lock() - for i in range(args.n): - init(e, args.p, args.n, i, l, c) - print("Executed %d (default shell) processes" % c.value) - return 0 - - -if __name__ == '__main__': - parser = argparse.ArgumentParser( - description=("Place the system under stress." - " This will launch lots of shells and each will connect to a UDP socket.")) - parser.add_argument("-n", type=int, default=4, help="Expotential intensity") - parser.add_argument("-i", required=True, help="Network interface for socket actions") - parser.add_argument("-p", type=int, default=9090, help="Local network UDP port") - args = parser.parse_args() - - start = timeit.default_timer() - main(args) - print("Elapsed: " + str(timeit.default_timer() - start)) - diff --git a/tools/analysis/tsan.supp b/tools/analysis/tsan.supp deleted file mode 100644 index 318e7b54..00000000 --- a/tools/analysis/tsan.supp +++ /dev/null @@ -1,7 +0,0 @@ -race:TServerSocket -race:PthreadThread -signal:signalHandler - -race:sqlite3Parser -race:sqlite3_prepare_v2 -race:shell_exec diff --git a/tools/analysis/valgrind.supp b/tools/analysis/valgrind.supp deleted file mode 100644 index e14954d2..00000000 --- a/tools/analysis/valgrind.supp +++ /dev/null @@ -1,20 +0,0 @@ -{ - - Memcheck:Leak - match-leak-kinds: possible - ... - fun:_ZN3fLS25dont_pass0toDEFINE_stringEPcPKc - ... - fun:__libc_csu_init - fun:(below main) -} -{ - - Memcheck:Leak - match-leak-kinds: possible - ... - fun:_ZN6google12_GLOBAL__N_19FlagValue9ParseFromEPKc - ... - fun:_ZN6google21ParseCommandLineFlagsEPiPPPcb - fun:main -} diff --git a/tools/audit.sh b/tools/audit.sh deleted file mode 100755 index ddf6a9c8..00000000 --- a/tools/audit.sh +++ /dev/null @@ -1,67 +0,0 @@ -#!/usr/bin/env bash - -# Copyright (c) 2014-present, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -set -e - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -source $SCRIPT_DIR/lib.sh - -function check_format() { - # Create a master branch if it does not exist. - if ! git rev-parse --verify master &> /dev/null; then - git fetch origin master &> /dev/null - git branch master FETCH_HEAD &> /dev/null || true - fi - - # Check formatting - make format_check -} - -function check_executable() { - HERE=$(pwd) - cd $SCRIPT_DIR/..; - FILES=$(find osquery -type f -perm -a=x) - if [[ ! -z "$FILES" ]]; then - echo "[!] Some source files are marked executable:" - echo "$FILES" - false - fi - - FILES=$(find include -type f -perm -a=x) - if [[ ! -z "$FILES" ]]; then - echo "[!] Some header files are marked executable:" - echo "$FILES" - false - fi - cd $HERE; -} - -function audit() { - log "Running various code/change audits!" - - echo "" - log "Checking for source files marked executable" - check_executable - - echo "" - log "Running: make format" - check_format - - echo "" - log "Running: make check" - make check - - # Check the docs creation - echo "" - log "Running: make docs" - make docs -} - -audit - -exit 0 diff --git a/tools/benchmark.sh b/tools/benchmark.sh deleted file mode 100755 index c3406aa3..00000000 --- a/tools/benchmark.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/usr/bin/env bash - -# Copyright (c) 2014-present, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -set -e - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -source $SCRIPT_DIR/lib.sh - -# Run the build function without the tests -build false - -# NODE_LABELS is defined in the Jenkins environment, and provides a wasy for -# us to detect what type of box we are running on. (ie. osx10, centos6). -OUTDIR="$SCRIPT_DIR/../build/benchmarks" -NODE=$(echo $NODE_LABELS | awk '{print $NF}') -mkdir -p $OUTDIR - -REPETITIONS=5 - -export BENCHMARK_TO_FILE="--benchmark_format=csv \ - --benchmark_repetitions=$REPETITIONS :>$OUTDIR/$NODE-benchmark.csv" -make run-benchmark/fast - -export BENCHMARK_TO_FILE="--benchmark_format=csv \ - --benchmark_repetitions=$REPETITIONS :>$OUTDIR/$NODE-kernel-benchmark.csv" -make run-kernel-benchmark/fast - -strip $(find $SCRIPT_DIR/../build -name "osqueryi" | xargs) -strip $(find $SCRIPT_DIR/../build -name "osqueryd" | xargs) -wc -c $(find $SCRIPT_DIR/../build -name "osqueryi" | xargs) \ - | head -n 1 \ - | awk '{print "\"EXECUTABLE_osqueryi_size\","$1",,,,,\""$2"\""}' \ - >>$OUTDIR/$NODE-benchmark.csv -wc -c $(find $SCRIPT_DIR/../build -name "osqueryd" | xargs) \ - | head -n 1 \ - | awk '{print "\"EXECUTABLE_osqueryd_size\","$1",,,,,\""$2"\""}' \ - >>$OUTDIR/$NODE-benchmark.csv - -exit 0 diff --git a/tools/deployment/make_linux_package.sh b/tools/deployment/make_linux_package.sh deleted file mode 100755 index 91f1c036..00000000 --- a/tools/deployment/make_linux_package.sh +++ /dev/null @@ -1,364 +0,0 @@ -#!/usr/bin/env bash - -# Copyright (c) 2014-present, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -set -e - -# Defaults: -# Set OSQUERY_BUILD_VERSION or add -v VERSION -# Set BUILD_DIR or add -b DIR -# Set FPM if installed outside of path - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -SOURCE_DIR="$SCRIPT_DIR/../.." -BUILD_DIR=${BUILD_DIR:="$SOURCE_DIR/build/linux"} -FPM=${FPM:="fpm"} -INSTALL_SOURCE=0 - -source "$SOURCE_DIR/tools/lib.sh" - -# Default version -VERSION=`(cd $SOURCE_DIR; git describe --tags HEAD) || echo 'unknown-version'` -PACKAGE_VERSION=${OSQUERY_BUILD_VERSION:="$VERSION"} - -DESCRIPTION="osquery is an operating system instrumentation toolchain." -PACKAGE_NAME="osquery" -PACKAGE_ARCH="x86_64" -PACKAGE_VENDOR="osquery" -PACKAGE_LICENSE="Apache 2.0 or GPL 2.0" - -PACKAGE_TYPE="" -PACKAGE_ITERATION_DEFAULT="1.linux" -PACKAGE_ITERATION_ARCH="1.arch" - -PACKAGE_DEB_DEPENDENCIES="libc6 (>=2.12), zlib1g" -PACKAGE_RPM_DEPENDENCIES="glibc >= 2.12, zlib" -PACKAGE_TGZ_DEPENDENCIES="zlib" -PACKAGE_TAR_DEPENDENCIES="none" - -# Config files -INITD_SRC="$SCRIPT_DIR/osqueryd.initd" -INITD_DST="/etc/init.d/osqueryd" -SYSTEMD_SERVICE_SRC="$SCRIPT_DIR/osqueryd.service" -SYSTEMD_SERVICE_DST="/usr/lib/systemd/system/osqueryd.service" -SYSTEMD_SYSCONFIG_SRC="$SCRIPT_DIR/osqueryd.sysconfig" -SYSTEMD_SYSCONFIG_DST="/etc/sysconfig/osqueryd" -SYSTEMD_SYSCONFIG_DST_DEB="/etc/default/osqueryd" -CTL_SRC="$SCRIPT_DIR/osqueryctl" -PACKS_SRC="$SOURCE_DIR/packs" -PACKS_DST="/usr/share/osquery/packs/" -LENSES_LICENSE="${SOURCE_DIR}/libraries/cmake/source/augeas/src/COPYING" -LENSES_SRC="${SOURCE_DIR}/libraries/cmake/source/augeas/src/lenses" -LENSES_DST="/usr/share/osquery/lenses/" -OSQUERY_POSTINSTALL=${OSQUERY_POSTINSTALL:-"$SCRIPT_DIR/linux_postinstall.sh"} -OSQUERY_PREUNINSTALL=${OSQUERY_PREUNINSTALL:-""} -OSQUERY_CONFIG_SRC=${OSQUERY_CONFIG_SRC:-""} -OSQUERY_TLS_CERT_CHAIN_SRC=${OSQUERY_TLS_CERT_CHAIN_SRC:-""} -OSQUERY_TLS_CERT_CHAIN_BUILTIN_SRC="${SCRIPT_DIR}/certs.pem" -OSQUERY_TLS_CERT_CHAIN_BUILTIN_DST="/usr/share/osquery/certs/certs.pem" -OSQUERY_EXAMPLE_CONFIG_SRC="$SCRIPT_DIR/osquery.example.conf" -OSQUERY_EXAMPLE_CONFIG_DST="/usr/share/osquery/osquery.example.conf" -OSQUERY_LOG_DIR="/var/log/osquery/" -OSQUERY_VAR_DIR="/var/osquery" -OSQUERY_ETC_DIR="/etc/osquery" - -function usage() { - fatal "Usage: $0 -t deb|rpm|pacman|tar - [-b|--build] /path/to/build/dir - [-d|--dependencies] DEPENDENCY_LIST string - [-i|--iteration] REVISION - [-u|--preuninst] /path/to/pre-uninstall - [-p|--postinst] /path/to/post-install - [-c|--config] /path/to/embedded.config - [-v|--version] OSQUERY_BUILD_VERSION override - - This will generate an Linux package with: - (1) An example config /usr/share/osquery/osquery.example.conf - (2) An init.d script /etc/init.d/osqueryd - (3) A systemd service file /usr/lib/systemd/system/osqueryd.service and - a sysconfig file /etc/{default|sysconfig}/osqueryd as appropriate - (4) A default TLS certificate bundle (provided by cURL) - (5) The osquery toolset /usr/bin/osquery*" -} - -function check_parsed_args() { - if [[ -z $PACKAGE_TYPE ]]; then - usage - fi - - if [[ ! -d $BUILD_DIR ]]; then - log "Cannot find build dir [-b|--build]: $BUILD_DIR" - usage - fi - - if [ ! -z "$OSQUERY_CONFIG_SRC" ] && [ ! -f "$OSQUERY_CONFIG_SRC" ]; then - log "$OSQUERY_CONFIG_SRC is not a file." - usage - fi - - if ! command -v $FPM > /dev/null; then - fatal "Cannot find fpm script (is fpm installed?)" - fi -} - -function parse_args() { - while [ "$1" != "" ]; do - case $1 in - -t | --type ) shift - PACKAGE_TYPE=$1 - ;; - -i | --iteration ) shift - PACKAGE_ITERATION=$1 - ;; - -d | --dependencies ) shift - PACKAGE_DEPENDENCIES="${@}" - ;; - -u | --preuninst) shift - OSQUERY_PREUNINSTALL=$1 - ;; - -p | --postinst ) shift - OSQUERY_POSTINSTALL=$1 - ;; - -c | --config ) shift - OSQUERY_CONFIG_SRC=$1 - ;; - -b | --build ) shift - BUILD_DIR=$1 - ;; - -v | --version ) shift - PACKAGE_VERSION=$1 - ;; - -s | --source ) INSTALL_SOURCE=1 - ;; - -h | --help ) usage - ;; - esac - shift - done - - check_parsed_args - - if [[ -z $PACKAGE_ITERATION ]]; then - if [[ $PACKAGE_TYPE == "pacman" ]]; then - PACKAGE_ITERATION=$PACKAGE_ITERATION_ARCH - else - PACKAGE_ITERATION=$PACKAGE_ITERATION_DEFAULT - fi - fi - - if [[ -z $PACKAGE_DEPENDENCIES ]]; then - if [[ $PACKAGE_TYPE == "deb" ]]; then - PACKAGE_DEPENDENCIES=$PACKAGE_DEB_DEPENDENCIES - elif [[ $PACKAGE_TYPE == "rpm" ]]; then - PACKAGE_DEPENDENCIES=$PACKAGE_RPM_DEPENDENCIES - elif [[ $PACKAGE_TYPE == "pacman" ]]; then - PACKAGE_DEPENDENCIES=$PACKAGE_TGZ_DEPENDENCIES - else - PACKAGE_DEPENDENCIES=$PACKAGE_TAR_DEPENDENCIES - fi - fi - - if [[ $PACKAGE_VERSION == *"-"* ]]; then - DESCRIPTION="$DESCRIPTION (unstable/latest version)" - fi -} - -function get_pkg_suffix() { - if [[ $PACKAGE_TYPE == "deb" ]]; then - # stay compliant with Debian package naming convention - echo "_${PACKAGE_VERSION}_${PACKAGE_ITERATION}.amd64.${PACKAGE_TYPE}" - elif [[ $PACKAGE_TYPE == "rpm" ]]; then - V=`echo ${PACKAGE_VERSION}|tr '-' '_'` - echo "-${V}-${PACKAGE_ITERATION}.${PACKAGE_ARCH}.${PACKAGE_TYPE}" - elif [[ $PACKAGE_TYPE == "pacman" ]]; then - echo "-${PACKAGE_VERSION}-${PACKAGE_ITERATION}-${PACKAGE_ARCH}.pkg.tar.xz" - else - echo "-${PACKAGE_VERSION}_${PACKAGE_ITERATION}_${PACKAGE_ARCH}.tar.gz" - fi -} - -function main() { - parse_args $@ - - WORKING_DIR=$BUILD_DIR/_packaging - INSTALL_PREFIX=$WORKING_DIR/prefix - DEBUG_PREFIX=$WORKING_DIR/debug - - platform OS - distro $OS DISTRO - - OUTPUT_PKG_PATH=`readlink --canonicalize "$BUILD_DIR"`/$PACKAGE_NAME$(get_pkg_suffix) - - rm -rf $WORKING_DIR - rm -f $OUTPUT_PKG_PATH - mkdir -p $INSTALL_PREFIX - - log "copying osquery binaries to $INSTALL_PREFIX" - BINARY_INSTALL_DIR="$INSTALL_PREFIX/usr/bin/" - mkdir -p $BINARY_INSTALL_DIR - cp "$BUILD_DIR/osquery/osqueryd" $BINARY_INSTALL_DIR - ln -s osqueryd $BINARY_INSTALL_DIR/osqueryi - strip --strip-debug $BINARY_INSTALL_DIR/* - cp "$CTL_SRC" $BINARY_INSTALL_DIR - - # Create the prefix log dir and copy source configs - log "copying osquery configurations to $INSTALL_PREFIX" - mkdir -p $INSTALL_PREFIX/$OSQUERY_VAR_DIR - mkdir -p $INSTALL_PREFIX/$OSQUERY_LOG_DIR - mkdir -p $INSTALL_PREFIX/$OSQUERY_ETC_DIR - mkdir -p $INSTALL_PREFIX/$PACKS_DST - mkdir -p $INSTALL_PREFIX/$LENSES_DST - mkdir -p `dirname $INSTALL_PREFIX$OSQUERY_EXAMPLE_CONFIG_DST` - cp $OSQUERY_EXAMPLE_CONFIG_SRC $INSTALL_PREFIX$OSQUERY_EXAMPLE_CONFIG_DST - cp $PACKS_SRC/* $INSTALL_PREFIX/$PACKS_DST - cp $LENSES_LICENSE $INSTALL_PREFIX/$LENSES_DST - cp $LENSES_SRC/*.aug $INSTALL_PREFIX/$LENSES_DST - - if [[ ! -z $OSQUERY_CONFIG_SRC ]] && [[ -f $OSQUERY_CONFIG_SRC ]]; then - log "copying optional config into $INSTALL_PREFIX$OSQUERY_ETC_DIR" - cp $OSQUERY_CONFIG_SRC $INSTALL_PREFIX/$OSQUERY_ETC_DIR/osquery.conf - fi - - if [[ ! -z $OSQUERY_TLS_CERT_CHAIN_SRC ]] && [[ -f $OSQUERY_TLS_CERT_CHAIN_SRC ]]; then - log "copying optional tls server certs file into $INSTALL_PREFIX$OSQUERY_ETC_DIR" - cp $OSQUERY_TLS_CERT_CHAIN_SRC $INSTALL_PREFIX/$OSQUERY_ETC_DIR/tls-server-certs.pem - fi - - if [[ ! -z $OSQUERY_TLS_CERT_CHAIN_BUILTIN_SRC ]] && [[ -f $OSQUERY_TLS_CERT_CHAIN_BUILTIN_SRC ]]; then - log "copying built-in tls server certs file into $INSTALL_PREFIX$OSQUERY_TLS_CERT_CHAIN_BUILTIN_DST" - mkdir -p `dirname $INSTALL_PREFIX/$OSQUERY_TLS_CERT_CHAIN_BUILTIN_DST` - cp $OSQUERY_TLS_CERT_CHAIN_BUILTIN_SRC $INSTALL_PREFIX/$OSQUERY_TLS_CERT_CHAIN_BUILTIN_DST - fi - - if [[ $PACKAGE_TYPE = "deb" ]]; then - #Change config path to Ubuntu default - SYSTEMD_SYSCONFIG_DST=$SYSTEMD_SYSCONFIG_DST_DEB - fi - - log "copying osquery init scripts into $INSTALL_PREFIX" - mkdir -p `dirname $INSTALL_PREFIX$INITD_DST` - mkdir -p `dirname $INSTALL_PREFIX$SYSTEMD_SERVICE_DST` - mkdir -p `dirname $INSTALL_PREFIX$SYSTEMD_SYSCONFIG_DST` - cp $INITD_SRC $INSTALL_PREFIX$INITD_DST - cp $SYSTEMD_SERVICE_SRC $INSTALL_PREFIX$SYSTEMD_SERVICE_DST - cp $SYSTEMD_SYSCONFIG_SRC $INSTALL_PREFIX$SYSTEMD_SYSCONFIG_DST - - if [[ $PACKAGE_TYPE = "deb" ]]; then - #Change config path in service unit - sed -i 's/sysconfig/default/g' $INSTALL_PREFIX$SYSTEMD_SERVICE_DST - #Change config path in initd script - sed -i 's/sysconfig/default/g' $INSTALL_PREFIX$INITD_DST - fi - - log "creating $PACKAGE_TYPE package" - IFS=',' read -a deps <<< "$PACKAGE_DEPENDENCIES" - PACKAGE_DEPENDENCIES= - for element in "${deps[@]}" - do - element=`echo $element | sed 's/ *$//'` - PACKAGE_DEPENDENCIES="$PACKAGE_DEPENDENCIES -d \"$element\"" - done - - POSTINST_CMD="" - if [[ ! -z $OSQUERY_POSTINSTALL ]] && [[ -f $OSQUERY_POSTINSTALL ]]; then - POSTINST_CMD="--after-install $OSQUERY_POSTINSTALL" - fi - - PREUNINST_CMD="" - if [[ ! -z $OSQUERY_PREUNINSTALL ]] && [[ -f $OSQUERY_PREUNINSTALL ]]; then - PREUNINST_CMD="--before-remove $OSQUERY_PREUNINSTALL" - fi - - # Change directory modes - find $INSTALL_PREFIX/ -type d | xargs chmod 755 - - EPILOG="--url https://osquery.io \ - -m osquery@osquery.io \ - --vendor \"$PACKAGE_VENDOR\" \ - --license \"$PACKAGE_LICENSE\" \ - --description \"$DESCRIPTION\"" - - CMD="$FPM -s dir -t $PACKAGE_TYPE \ - -n $PACKAGE_NAME -v $PACKAGE_VERSION \ - --iteration $PACKAGE_ITERATION \ - -a $PACKAGE_ARCH \ - --log error \ - --config-files $INITD_DST \ - --config-files $SYSTEMD_SYSCONFIG_DST \ - $PREUNINST_CMD \ - $POSTINST_CMD \ - $PACKAGE_DEPENDENCIES \ - -p $OUTPUT_PKG_PATH \ - $EPILOG \"$INSTALL_PREFIX/=/\"" - eval "$CMD" - log "package created at $OUTPUT_PKG_PATH" - - # Generate debug packages for Linux or CentOS - BUILD_DEBUG_PKG=false - if [[ $PACKAGE_TYPE = "deb" ]]; then - BUILD_DEBUG_PKG=true - PACKAGE_DEBUG_NAME="$PACKAGE_NAME-dbg" - PACKAGE_DEBUG_DEPENDENCIES="osquery (= $PACKAGE_VERSION-$PACKAGE_ITERATION)" - - # Debian only needs the non-stripped binaries. - BINARY_DEBUG_DIR=$DEBUG_PREFIX/usr/lib/debug/usr/bin - mkdir -p $BINARY_DEBUG_DIR - cp "$BUILD_DIR/osquery/osqueryd" $BINARY_DEBUG_DIR - strip --only-keep-debug "$BINARY_DEBUG_DIR/osqueryd" - ln -s osqueryd $BINARY_DEBUG_DIR/osqueryi - elif [[ $PACKAGE_TYPE = "rpm" ]]; then - BUILD_DEBUG_PKG=true - PACKAGE_DEBUG_NAME="$PACKAGE_NAME-debuginfo" - PACKAGE_DEBUG_DEPENDENCIES="osquery = $PACKAGE_VERSION" - - # Create Build-ID links for executables and Dwarfs. - BUILD_ID=`readelf -n "$BUILD_DIR/osquery/osqueryd" | grep "Build ID" | awk '{print $3}'` - if [[ ! "$BUILD_ID" = "" ]]; then - BUILDLINK_DEBUG_DIR=$DEBUG_PREFIX/usr/lib/debug/.build-id/${BUILD_ID:0:2} - mkdir -p $BUILDLINK_DEBUG_DIR - ln -sf ../../../../bin/osqueryd $BUILDLINK_DEBUG_DIR/${BUILD_ID:2} - ln -sf ../../bin/osqueryd.debug $BUILDLINK_DEBUG_DIR/${BUILD_ID:2}.debug - fi - - # Install the non-stripped binaries. - BINARY_DEBUG_DIR=$DEBUG_PREFIX/usr/lib/debug/usr/bin/ - mkdir -p $BINARY_DEBUG_DIR - cp "$BUILD_DIR/osquery/osqueryd" "$BINARY_DEBUG_DIR/osqueryd.debug" - strip --only-keep-debug "$BINARY_DEBUG_DIR/osqueryd.debug" - ln -s osqueryd "$BINARY_DEBUG_DIR/osqueryi.debug" - - # Finally install the source. - if [[ $INSTALL_SOURCE == "1" ]]; then - SOURCE_DEBUG_DIR=$DEBUG_PREFIX/usr/src/debug/osquery-$PACKAGE_VERSION - BUILD_DIR=`readlink --canonicalize "$BUILD_DIR"` - SOURCE_DIR=`readlink --canonicalize "$SOURCE_DIR"` - for file in `"$SCRIPT_DIR/getfiles.py" --build "$BUILD_DIR/" --base "$SOURCE_DIR/"` - do - mkdir -p `dirname "$SOURCE_DEBUG_DIR/$file"` - cp "$file" "$SOURCE_DEBUG_DIR/$file" - done - fi - fi - - PACKAGE_DEBUG_DEPENDENCIES=`echo "$PACKAGE_DEBUG_DEPENDENCIES"|tr '-' '_'` - OUTPUT_DEBUG_PKG_PATH=`readlink --canonicalize "$BUILD_DIR"`/$PACKAGE_DEBUG_NAME$(get_pkg_suffix) - if [[ "$BUILD_DEBUG_PKG" = "true" ]]; then - rm -f $OUTPUT_DEBUG_PKG_PATH - CMD="$FPM -s dir -t $PACKAGE_TYPE \ - -n $PACKAGE_DEBUG_NAME -v $PACKAGE_VERSION \ - -a $PACKAGE_ARCH \ - --iteration $PACKAGE_ITERATION \ - --log error \ - -d \"$PACKAGE_DEBUG_DEPENDENCIES\" \ - -p $OUTPUT_DEBUG_PKG_PATH \ - $EPILOG \"$DEBUG_PREFIX/=/\"" - eval "$CMD" - log "debug created at $OUTPUT_DEBUG_PKG_PATH" - fi -} - -main $@ diff --git a/tools/deployment/make_osx_package.sh b/tools/deployment/make_osx_package.sh deleted file mode 100755 index cc77c207..00000000 --- a/tools/deployment/make_osx_package.sh +++ /dev/null @@ -1,278 +0,0 @@ -#!/usr/bin/env bash - -# Copyright (c) 2014-present, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -set -e - -# Defaults: -# Set OSQUERY_BUILD_VERSION or add -v VERSION -# Set BUILD_DIR or add -b DIR - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -SOURCE_DIR="$SCRIPT_DIR/../.." -BUILD_DIR=${BUILD_DIR:="$SOURCE_DIR/build"} - -source "$SOURCE_DIR/tools/lib.sh" - -# Binary identifiers -VERSION=`(cd $SOURCE_DIR; git describe --tags HEAD) || echo 'unknown-version'` -APP_VERSION=${OSQUERY_BUILD_VERSION:="$VERSION"} - -APP_IDENTIFIER="com.facebook.osquery" -LD_IDENTIFIER="com.facebook.osqueryd" -LD_INSTALL="/Library/LaunchDaemons/$LD_IDENTIFIER.plist" -SIGNING_IDENTITY="" -SIGNING_IDENTITY_COMMAND="" -KEYCHAIN_IDENTITY="" -KEYCHAIN_IDENTITY_COMMAND="" -AUTOSTART=false -CLEAN=false - -# Config files -LAUNCHD_SRC="$SCRIPT_DIR/$LD_IDENTIFIER.plist" -LAUNCHD_DST="/private/var/osquery/$LD_IDENTIFIER.plist" -NEWSYSLOG_SRC="$SCRIPT_DIR/$LD_IDENTIFIER.conf" -NEWSYSLOG_DST="/private/var/osquery/$LD_IDENTIFIER.conf" -PACKS_SRC="$SOURCE_DIR/packs" -PACKS_DST="/private/var/osquery/packs/" -LENSES_LICENSE="libs/fb/augeas/augeas/1.9.0/COPYING" -LENSES_SRC="libs/fb/augeas/augeas/1.9.0/share/augeas/lenses/dist" -LENSES_DST="/private/var/osquery/lenses/" -OSQUERY_EXAMPLE_CONFIG_SRC="$SCRIPT_DIR/osquery.example.conf" -OSQUERY_EXAMPLE_CONFIG_DST="/private/var/osquery/osquery.example.conf" -OSQUERY_CONFIG_SRC="" -OSQUERY_CONFIG_DST="/private/var/osquery/osquery.conf" -OSQUERY_DB_LOCATION="/private/var/osquery/osquery.db/" -OSQUERY_LOG_DIR="/private/var/log/osquery/" -OSQUERY_TLS_CERT_CHAIN_BUILTIN_SRC="${SCRIPT_DIR}/certs.pem" -OSQUERY_TLS_CERT_CHAIN_BUILTIN_DST="/private/var/osquery/certs/certs.pem" -TLS_CERT_CHAIN_DST="/private/var/osquery/tls-server-certs.pem" -FLAGFILE_DST="/private/var/osquery/osquery.flags" -OSQUERY_PKG_INCLUDE_DIRS=() -OSQUERYCTL_PATH="$SCRIPT_DIR/osqueryctl" - -SCRIPT_PREFIX_TEXT="#!/usr/bin/env bash - -set -e -" - -POSTINSTALL_UNLOAD_TEXT=" -if launchctl list | grep -qcm1 $LD_IDENTIFIER; then - launchctl unload $LD_INSTALL -fi -" - -POSTINSTALL_AUTOSTART_TEXT=" -cp $LAUNCHD_DST $LD_INSTALL -touch $FLAGFILE_DST -launchctl load $LD_INSTALL -" - -POSTINSTALL_CLEAN_TEXT=" -rm -rf $OSQUERY_DB_LOCATION -" - -function usage() { - fatal "Usage: $0 - [-b|--build] /path/to/build/dir - [-c|--config] PATH embed an osqueryd config. - [-l|--launchd] PATH override the default launchd plist. - [-t|--cert-chain] PATH to embed a certificate chain file for TLS server validation - [-o|--output] PATH override the output path. - [-a|--autostart] start the daemon when the package is installed - [-x|--clean] force the daemon to start fresh, removing any results previously stored in the database - - This will generate an macOS package with: - (1) An example config /var/osquery/osquery.example.config - (2) An optional config /var/osquery/osquery.config if [-c] is used - (3) A LaunchDaemon plist /var/osquery/com.facebook.osqueryd.plist - (4) A default TLS certificate bundle (provided by cURL) - (5) The osquery toolset /usr/local/bin/osquery* - - To enable osqueryd to run at boot using Launchd, pass the -a flag. - If the LaunchDaemon was previously installed a newer version of this package - will reload (unload/load) the daemon." -} - -function check_parsed_args() { - if [[ ! -d $BUILD_DIR ]]; then - fatal "Cannot find build dir [-b|--builddir]: $BUILD_DIR" - fi - - if [[ ! -z $OSQUERY_CONFIG_SRC ]]; then - log "using $OSQUERY_CONFIG_SRC as the config source" - fi - - log "using $LAUNCHD_SRC as the launchd source" - - if [[ ! -z "$OSQUERY_CONFIG_SRC" ]] && [[ ! -f $OSQUERY_CONFIG_SRC ]]; then - log "The config [-c] $OSQUERY_CONFIG_SRC is not a file" - usage - fi -} - -function parse_args() { - while [ "$1" != "" ]; do - case $1 in - -b | --build ) shift - BUILD_DIR=$1 - ;; - -v | --version ) shift - APP_VERSION=$1 - ;; - -c | --config ) shift - OSQUERY_CONFIG_SRC=$1 - ;; - -l | --launchd ) shift - LAUNCHD_SRC=$1 - ;; - -t | --cert-chain ) shift - TLS_CERT_CHAIN_SRC=$1 - ;; - -i | --include-dir ) shift - OSQUERY_PKG_INCLUDE_DIRS[${#OSQUERY_PKG_INCLUDE_DIRS}]=$1 - ;; - -o | --output ) shift - OUTPUT_PKG_PATH=$1 - ;; - -s | --sign ) shift - SIGNING_IDENTITY=$1 - SIGNING_IDENTITY_COMMAND="--sign "$1 - ;; - -k | --keychain ) shift - KEYCHAIN_IDENTITY=$1 - KEYCHAIN_IDENTITY_COMMAND="--keychain "$1 - ;; - -a | --autostart ) AUTOSTART=true - ;; - -x | --clean ) CLEAN=true - ;; - -h | --help ) usage - ;; - * ) usage - esac - shift - done - - check_parsed_args -} - -function main() { - parse_args $@ - - WORKING_DIR=$BUILD_DIR/_packaging - INSTALL_PREFIX="$WORKING_DIR/prefix" - DEBUG_PREFIX="$WORKING_DIR/debug" - SCRIPT_ROOT="$WORKING_DIR/scripts" - PREINSTALL="$SCRIPT_ROOT/preinstall" - POSTINSTALL="$SCRIPT_ROOT/postinstall" - - platform OS - if [[ ! "$OS" = "darwin" ]]; then - fatal "This script must be run on macOS" - fi - - OUTPUT_PKG_PATH="$BUILD_DIR/osquery-$APP_VERSION.pkg" - OUTPUT_DEBUG_PKG_PATH="$BUILD_DIR/osquery-debug-$APP_VERSION.pkg" - - rm -rf $WORKING_DIR - rm -f $OUTPUT_PKG_PATH - mkdir -p $INSTALL_PREFIX - mkdir -p $SCRIPT_ROOT - - # We don't need the preinstall for anything so let's skip it until we do - # echo "$SCRIPT_PREFIX_TEXT" > $PREINSTALL - # chmod +x $PREINSTALL - - log "copying osquery binaries into $INSTALL_PREFIX" - BINARY_INSTALL_DIR="$INSTALL_PREFIX/usr/local/bin/" - mkdir -p $BINARY_INSTALL_DIR - cp "$BUILD_DIR/osquery/osqueryd" $BINARY_INSTALL_DIR - ln -s osqueryd $BINARY_INSTALL_DIR/osqueryi - strip $BINARY_INSTALL_DIR/* - cp "$OSQUERYCTL_PATH" $BINARY_INSTALL_DIR - - if [[ ! "$SIGNING_IDENTITY" = "" ]]; then - log "signing release binaries" - codesign -s $SIGNING_IDENTITY --keychain \"$KEYCHAIN_IDENTITY\" $BINARY_INSTALL_DIR/osqueryd - fi - - BINARY_DEBUG_DIR="$DEBUG_PREFIX/private/var/osquery/debug" - mkdir -p "$BINARY_DEBUG_DIR" - cp "$BUILD_DIR/osquery/osqueryd" $BINARY_DEBUG_DIR/osqueryd.debug - ln -s osqueryd.debug $BINARY_DEBUG_DIR/osqueryi.debug - - # Create the prefix log dir and copy source configs. - mkdir -p $INSTALL_PREFIX/$OSQUERY_LOG_DIR - mkdir -p `dirname $INSTALL_PREFIX$OSQUERY_CONFIG_DST` - if [[ "$OSQUERY_CONFIG_SRC" != "" ]]; then - cp $OSQUERY_CONFIG_SRC $INSTALL_PREFIX$OSQUERY_CONFIG_DST - fi - - # Move configurations into the packaging root. - log "copying osquery configurations" - mkdir -p `dirname $INSTALL_PREFIX$LAUNCHD_DST` - mkdir -p $INSTALL_PREFIX$PACKS_DST - mkdir -p $INSTALL_PREFIX$LENSES_DST - cp $LAUNCHD_SRC $INSTALL_PREFIX$LAUNCHD_DST - cp $NEWSYSLOG_SRC $INSTALL_PREFIX$NEWSYSLOG_DST - cp $OSQUERY_EXAMPLE_CONFIG_SRC $INSTALL_PREFIX$OSQUERY_EXAMPLE_CONFIG_DST - cp $PACKS_SRC/* $INSTALL_PREFIX$PACKS_DST - cp $BUILD_DIR/$LENSES_LICENSE $INSTALL_PREFIX/$LENSES_DST - cp $BUILD_DIR/$LENSES_SRC/*.aug $INSTALL_PREFIX$LENSES_DST - if [[ "$TLS_CERT_CHAIN_SRC" != "" && -f "$TLS_CERT_CHAIN_SRC" ]]; then - cp $TLS_CERT_CHAIN_SRC $INSTALL_PREFIX$TLS_CERT_CHAIN_DST - fi - - if [[ $OSQUERY_TLS_CERT_CHAIN_BUILTIN_SRC != "" ]] && [[ -f $OSQUERY_TLS_CERT_CHAIN_BUILTIN_SRC ]]; then - mkdir -p `dirname $INSTALL_PREFIX/$OSQUERY_TLS_CERT_CHAIN_BUILTIN_DST` - cp $OSQUERY_TLS_CERT_CHAIN_BUILTIN_SRC $INSTALL_PREFIX/$OSQUERY_TLS_CERT_CHAIN_BUILTIN_DST - fi - - # Move/install pre/post install scripts within the packaging root. - log "finalizing preinstall and postinstall scripts" - if [ $AUTOSTART == true ] || [ $CLEAN == true ]; then - echo "$SCRIPT_PREFIX_TEXT" > $POSTINSTALL - chmod +x $POSTINSTALL - if [ $CLEAN == true ]; then - echo "$POSTINSTALL_CLEAN_TEXT" >> $POSTINSTALL - fi - if [ $AUTOSTART == true ]; then - echo "$POSTINSTALL_UNLOAD_TEXT" >> $POSTINSTALL - echo "$POSTINSTALL_AUTOSTART_TEXT" >> $POSTINSTALL - fi - fi - - # Copy extra files to the install prefix so that they get packaged too. - # NOTE: Files will be overwritten. - for include_dir in ${OSQUERY_PKG_INCLUDE_DIRS[*]}; do - log "adding $include_dir in the package prefix to be included in the package" - cp -fR $include_dir/* $INSTALL_PREFIX/ - done - if [[ ! "$SIGNING_IDENTITY" = "" ]]; then - log "creating signed release package" - else - log "creating package" - fi - pkgbuild --root $INSTALL_PREFIX \ - --scripts $SCRIPT_ROOT \ - --identifier $APP_IDENTIFIER \ - --version $APP_VERSION \ - $SIGNING_IDENTITY_COMMAND \ - $KEYCHAIN_IDENTITY_COMMAND \ - $OUTPUT_PKG_PATH 2>&1 1>/dev/null - log "package created at $OUTPUT_PKG_PATH" - - log "creating debug package" - pkgbuild --root $DEBUG_PREFIX \ - --identifier $APP_IDENTIFIER.debug \ - --version $APP_VERSION \ - $OUTPUT_DEBUG_PKG_PATH 2>&1 1>/dev/null - log "package created at $OUTPUT_DEBUG_PKG_PATH" -} - -main $@ diff --git a/tools/generate_xcode_project.sh b/tools/generate_xcode_project.sh deleted file mode 100755 index b7fdd3ee..00000000 --- a/tools/generate_xcode_project.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash -# Copyright (c) Facebook, Inc. and its affiliates. All Rights Reserved - -set -e - -BUILD_DIR=$1 -CMAKE_COMMAND="$2 -G Xcode" - -echo "Cleaning build directory: $BUILD_DIR" -rm -rf ${BUILD_DIR} -mkdir -p ${BUILD_DIR} - -echo "Generating xcode project using cmake: $CMAKE_COMMAND" -cd ${BUILD_DIR} -eval ${CMAKE_COMMAND} diff --git a/tools/get_platform.py b/tools/get_platform.py deleted file mode 100644 index 834f2584..00000000 --- a/tools/get_platform.py +++ /dev/null @@ -1,221 +0,0 @@ -#!/usr/bin/env python3 - -# Copyright (c) 2014-present, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -import os -import re -import sys -import argparse -import platform -import subprocess - -ORACLE_RELEASE = "/etc/oracle-release" -SYSTEM_RELEASE = "/etc/system-release" -LSB_RELEASE = "/etc/lsb-release" -OS_RELEASE = "/etc/os-release" -DEBIAN_VERSION = "/etc/debian_version" -GENTOO_RELEASE = "/etc/gentoo-release" -SUSE_RELEASE = "/etc/SuSE-release" - -def _platform(): - osType, _, _, _, _, _ = platform.uname() - - if osType == "Windows": - return ("windows", "windows") - elif osType == "Linux": - if os.path.exists(ORACLE_RELEASE): - return ("redhat", "oracle") - - if os.path.exists(SYSTEM_RELEASE): - with open(SYSTEM_RELEASE, "r") as fd: - fileContents = fd.read() - - if fileContents.find("CentOS") != -1: - return ("redhat", "centos") - - if fileContents.find("Scientific Linux") != -1: - return ("redhat", "scientific") - - if fileContents.find("Red Hat Enterprise") != -1: - return ("redhat", "rhel") - - if fileContents.find("Amazon Linux") != -1: - return ("redhat", "amazon") - - if fileContents.find("Fedora") != -1: - return ("redhat", "fedora") - - if os.path.exists(LSB_RELEASE): - with open(LSB_RELEASE, "r") as fd: - fileContents = fd.read() - - if fileContents.find("DISTRIB_ID=Ubuntu") != -1: - return ("debian", "ubuntu") - - if fileContents.find("DISTRIB_ID=ManjaroLinux") != -1: - return ("arch", "manjaro") - - if os.path.exists(OS_RELEASE): - with open(OS_RELEASE, "r") as fd: - fileContents = fd.read() - - if fileContents.find("ID=arch") != -1: - return ("arch", "arch") - - if fileContents.find("ID=nixos") != -1: - return ("nixos", "nixos") - - if os.path.exists(DEBIAN_VERSION): - return ("debian", "debian") - - if os.path.exists(GENTOO_RELEASE): - return ("gentoo", "gentoo") - - if os.path.exists(SUSE_RELEASE): - return ("suse", "suse") - else: - return (None, osType.lower()) - -def _distro(osType): - def getRedhatDistroVersion(pattern): - with open(SYSTEM_RELEASE, "r") as fd: - contents = fd.read() - - result = re.findall(pattern, contents) - if result and len(result) == 1: - return result[0].replace("release ", osType) - return None - - def commandOutput(cmd): - try: - output = subprocess.check_output(cmd) - return output - except subprocess.CalledProcessError: - return None - except OSError: - return None - except WindowsError: - return None - - _, _, osVersion, _, _, _ = platform.uname() - - if osType == "oracle": - result = getRedhatDistroVersion(r'release [5-7]') - if result is not None: - return result - elif osType in ["centos", "scientific", "rhel"]: - result = getRedhatDistroVersion(r'release [6-7]') - if result is not None: - return result - elif osType == "amazon": - result = getRedhatDistroVersion(r'release 20[12][0-9]\.[0-9][0-9]') - if result is not None: - return result - elif osType == "ubuntu": - with open(LSB_RELEASE, "r") as fd: - contents = fd.read() - results = re.findall(r'DISTRIB_CODENAME=(.*)', contents) - if len(results) == 1: - return results[0] - elif osType == "darwin": - rawResult = commandOutput(["sw_vers", "-productVersion"]) - if rawResult is not None: - results = re.findall(r'[0-9]+\.[0-9]+', rawResult) - if len(results) == 1: - return results[0] - elif osType == "fedora": - with open(SYSTEM_RELEASE, "r") as fd: - contents = fd.read() - results = contents.split() - if len(results) > 2: - return results[2] - elif osType == "arch": - with open("/etc/arch-release", "r") as fd: - contents = fd.read() - results = contents.split() - if len(results) > 2: - return results[2] - elif osType == "manjaro": - with open(LSB_RELEASE, "r") as fd: - contents = fd.read() - results = re.findall(r'DISTRIB_CODENAME=(.*)', contents) - if len(results) == 1: - return results[0] - elif osType == "debian": - result = commandOutput(["lsb_release", "-cs"]) - if result is not None: - return result - elif osType == "freebsd": - rawResult = commandOutput(["uname", "-r"]) - results = rawResult.split("-") - if len(results) > 0: - return results[0] - elif osType == "gentoo": - with open(GENTOO_RELEASE, "r") as fd: - contents = fd.read() - results = contents.split() - if len(results) > 0: - return results[len(results) -1] - elif osType == "suse": - with open(SUSE_RELEASE, "r") as fd: - contents = fd.read() - results = re.findall(r'VERSION = (.*)', contents) - if len(results) == 1: - return results[0] - elif osType == "nixos": - with open(OS_RELEASE, "r") as fd: - contents = fd.read() - results = re.findall(r'VERSION_ID=\"(.*)\"', contents) - if len(results) == 1: - return results[0] - elif osType == "windows": - return "windows%s" % osVersion - - return "unknown_version" - -def platformAction(): - family, osType = _platform() - print(osType) - -def distroAction(): - family, osType = _platform() - print(_distro(osType)) - -def familyAction(): - family, osType = _platform() - if family: - print(family) - -def defaultAction(): - family, osType = _platform() - distro = _distro(osType) - print("%s;%s" % (osType, distro)) - -if __name__ == "__main__": - parser = argparse.ArgumentParser(description="Platform detection script for osquery") - parser.add_argument("--platform", action="store_true", help="Outputs the detected platform") - parser.add_argument("--distro", action="store_true", help="Outputs the detected distribution") - parser.add_argument("--family", action="store_true", help="Outputs the detected family") - - args = parser.parse_args() - - if args.platform and \ - not args.distro and \ - not args.family: - platformAction() - elif not args.platform and \ - args.distro and \ - not args.family: - distroAction() - elif not args.platform and \ - not args.distro and \ - args.family: - familyAction() - else: - defaultAction() - - sys.exit(0) diff --git a/tools/hooks/pre-commit.py b/tools/hooks/pre-commit.py deleted file mode 100755 index df087606..00000000 --- a/tools/hooks/pre-commit.py +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/env python3 -# Copyright (c) Facebook, Inc. and its affiliates. All Rights Reserved - -import os -import subprocess - -def main(): - print("clang format check"); - if os.name == "posix": - my_env = os.environ.copy() - my_env["PATH"] = "/urs/local/osquery/bin/" + os.pathsep + my_env["PATH"] - cmd = ["python", "tools/formatting/git-clang-format.py", "--diff", "--commit", "master", "--style=file"] - p = subprocess.Popen(" ".join(cmd), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True, env=my_env) - out, err = p.communicate() - - if not (out.startswith("no modified files to format") or - out.startswith("clang-format did not modify any files")): - print("clang format failed") - print("please run make format_master or apply diff:") - print(out) - exit(1) - -if __name__ == "__main__": - main() diff --git a/tools/lib.sh b/tools/lib.sh deleted file mode 100644 index f604c83c..00000000 --- a/tools/lib.sh +++ /dev/null @@ -1,183 +0,0 @@ -#!/usr/bin/env bash - -# Copyright (c) 2014-present, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -LIB_SCRIPT_DIR=$(dirname "${BASH_SOURCE[0]}") - -# For OS X, define the distro that builds the kernel extension. -DARWIN_KERNEL_VERSION="10.11" - -function platform() { - local __out=$1 - FAMILY=$(python "$LIB_SCRIPT_DIR/get_platform.py" --family) - eval $__out=$(python "$LIB_SCRIPT_DIR/get_platform.py" --platform) -} - -function _platform() { - platform PLATFORM - echo $PLATFORM -} - -function distro() { - local __out=$2 - eval $__out=$(python "$LIB_SCRIPT_DIR/get_platform.py" --distro) -} - -function _distro() { - distro $1 DISTRO - echo $DISTRO -} - -function threads() { - local __out=$1 - platform OS - if [[ $FAMILY = "redhat" ]] || [[ $FAMILY = "debian" ]] || [[ $FAMILY = "suse" ]]; then - eval $__out=`cat /proc/cpuinfo | grep processor | wc -l` - elif [[ $OS = "darwin" ]]; then - eval $__out=`sysctl hw.ncpu | awk '{print $2}'` - elif [[ $OS = "freebsd" ]]; then - eval $__out=`sysctl -n kern.smp.cpus` - else - eval $__out=`nproc` - fi -} - -function log() { - echo "[+] $1" -} - -function fatal() { - echo "[!] $1" - exit 1 -} - -function set_cxx() { - export CXX=$1 - export CMAKE_CXX_COMPILER=$1 -} - -function add_cxx_flag() { - export CXXFLAGS="$CXXFLAGS $1" - export CMAKE_CXX_FLAGS="$CMAKE_CXX_FLAGS $1" -} - -function set_cc() { - export CC=$1 - export CMAKE_C_COMPILER=$1 -} - -function do_sudo() { - if [[ "$OSQUERY_NOSUDO" = "True" ]]; then - $@ - else - ARGS="$@" - log "requesting sudo: $ARGS" - sudo $@ - fi -} - -function contains_element() { - local e - for e in "${@:2}"; do [[ "$e" == "$1" ]] && return 0; done - return 1 -} - -function in_ec2() { - if [[ -d /home/ec2-user ]]; then - return 0 - else - return 1 - fi -} - -function build_target() { - threads THREADS - - # Clean previous build artifacts. - $MAKE distclean - - # Build osquery. - if [[ -z "$RUN_TARGET" ]]; then - $MAKE -j$THREADS - else - $MAKE $RUN_TARGET -j$THREADS - fi -} - -function test_target() { - if [[ "$RUN_TARGET" = "debug" ]]; then - $MAKE test_debug - else - $MAKE test - fi -} - -function check_deterministic() { - # Expect the project to have been built. - ALIAS=$DISTRO - if [[ "$OS" = "darwin" ]]; then - ALIAS=darwin - fi - DAEMON=build/$ALIAS/osquery/osqueryd - strip $DAEMON - RUN1=$(shasum -a 256 $DAEMON) - - # Build again. - $MAKE distclean - build_target - - strip $DAEMON - RUN2=$(shasum -a 256 $DAEMON) - echo "Initial build: $RUN1" - echo " Second build: $RUN2" - if [[ "$RUN1" = "$RUN2" ]]; then - exit 0 - fi - - # The build is not deterministic. - exit 1 -} - -function initialize() { - DISTRO=$1 - - # Remove any previously-cached variables - rm build/$DISTRO/CMakeCache.txt >/dev/null 2>&1 || true -} - -function build() { - platform PLATFORM - distro $PLATFORM DISTRO - - MAKE=make - if [[ "$PLATFORM" = "freebsd" ]]; then - MAKE=gmake - fi - - RUN_TESTS=$1 - - cd $LIB_SCRIPT_DIR/../ - - # Run build host provisions and install library dependencies. - if [[ ! -z $RUN_BUILD_DEPS ]]; then - $MAKE deps - else - initialize $DISTRO - fi - - # Build osquery. - build_target - - if [[ ! -z "$RUN_DETERMINISTIC" ]]; then - check_deterministic - fi - - if [[ $RUN_TESTS = true ]]; then - # Run code unit and integration tests. - test_target - fi -} diff --git a/tools/provision/darwin.sh b/tools/provision/darwin.sh deleted file mode 100755 index 7cdf52ef..00000000 --- a/tools/provision/darwin.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/usr/bin/env bash - -# Copyright (c) 2014-present, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -DARWIN_SETUP="\ -if [[ ! -f /var/.osquery_build ]]; then \ -touch /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress; \ -PROD=\$(softwareupdate -l | grep \"\\*.*Command Line\" | \ - tail -n 1 | awk -F\"*\" '{print \$2}' | sed -e 's/^ *//' | tr -d '\n' \ -); \ -softwareupdate -i \"\$PROD\" --verbose; \ -sudo touch /var/.osquery_build; \ -fi; \ -" - -function vagrant_setup() { - sudo bash -c "$DARWIN_SETUP" -} - -function distro_main() { - GEM=`which gem` - do_sudo $GEM install --no-ri --no-rdoc -n /usr/local/bin fpm -} - -[ "$0" = "$BASH_SOURCE" ] && vagrant_setup || true diff --git a/tools/release/build_release.sh b/tools/release/build_release.sh deleted file mode 100755 index 96f76394..00000000 --- a/tools/release/build_release.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash - -# Copyright (c) 2015, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -set -e - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" - -DARWIN_BOX="macos10.13" -LINUX_BOX="ubuntu16.04" - -function usage() { - echo "${BASH_SOURCE[0]} VERSION PATH_TO_OSQUERY" -} - -function main() { - if [[ $# < 2 ]]; then - usage - exit 1 - fi - - CURRENT_DIR=$(pwd) - VERSION=$1 - OSQUERY=$2 - - PACKAGES_CMD="cd /build; make packages;" - BUILD_CMD="\ - sudo install -d -o vagrant /build; cd /build; \ - git clone https://github.com/facebook/osquery . || true; \ - git checkout master && git pull; \ - git checkout $VERSION; \ - make sysprep; SKIP_TESTS=1 make -j 4; \ - " - - cd $OSQUERY - echo "[!] Please make sure you run:" - echo " vagrant destroy $LINUX_BOX" - echo " vagrant destroy $DARWIN_BOX" - echo "" - echo "[+] Checking out version $VERSION" - - PKG_DIR="build/$VERSION" - mkdir -p $PKG_DIR - - if [[ ! -f "$PKG_DIR/osquery-${VERSION}_1.linux_x86_64.tar.gz" ]]; then - echo "[+] Vagrant up $LINUX_BOX" - OSQUERY_BUILD_CPUS=4 vagrant up $LINUX_BOX - echo "[+] Building linux packages..." - vagrant ssh $LINUX_BOX -c "$BUILD_CMD" - echo "[+] Running package build command for linux..." - vagrant ssh $LINUX_BOX -c "$PACKAGES_CMD" - echo "[+] Copying linux packages to $PKG_DIR" - vagrant scp "$LINUX_BOX:/build/build/linux/osquery*$VERSION*" ./$PKG_DIR - vagrant halt $LINUX_BOX - fi - - if [[ ! -f "$PKG_DIR/osquery-${VERSION}-1.darwin.i386.rpm" ]]; then - echo "[+] Vagrant up $DARWIN_BOX" - OSQUERY_BUILD_CPUS=4 vagrant up $DARWIN_BOX - echo "[+] Running initial softwareupdate check..." - vagrant ssh $DARWIN_BOX -c "/vagrant/tools/provision/darwin.sh" - echo "[+] Running build command for macOS..." - vagrant ssh $DARWIN_BOX -c "$BUILD_CMD" - echo "[+] Running package build command for macOS..." - vagrant ssh $DARWIN_BOX -c "$PACKAGES_CMD" - echo "[+] Copying macOS packages to $PKG_DIR" - vagrant scp "$DARWIN_BOX:/build/build/darwin/osquery*$VERSION*" ./$PKG_DIR - vagrant halt $DARWIN_BOX - fi - - echo "[+] Packages copied to $OSQUERY ./$PKG_DIR" - echo "[+] Finished" - cd $CURRENT_DIR -} - -main $@ diff --git a/tools/release/commit_schema.sh b/tools/release/commit_schema.sh deleted file mode 100755 index ca3facc7..00000000 --- a/tools/release/commit_schema.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash - -# Copyright (c) 2015, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -set -e - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" - -function usage() { - echo "${BASH_SOURCE[0]} VERSION PATH_TO_SITE" -} - -function main() { - if [[ $# < 2 ]]; then - usage - exit 1 - fi - - VERSION=$1 - SITE=$2 - - (cd $SITE/schema; git add .) - echo "[+] Will commit the following schema files: " - FILES=$(cd $SITE; git --no-pager diff --name-only HEAD) - if [[ $FILES = "" ]]; then - echo "[-] No files to commit" && exit 1 - fi - - echo $FILES - echo - - read -p "Are you sure? [y/N]: " -r - if [[ ! $REPLY =~ ^[Yy]$ ]]; then - [[ "$0" = "$BASH_SOURCE" ]] && exit 1 - fi - - (cd $SITE; git commit -m "Adding schema $VERSION") - read -p "Push to master? [y/N]: " -r - if [[ ! $REPLY =~ ^[Yy]$ ]]; then - [[ "$0" = "$BASH_SOURCE" ]] && exit 1 - fi - - (cd $SITE; git push) - echo "[+] Finished" -} - -main $@ diff --git a/tools/release/new_release.sh b/tools/release/new_release.sh deleted file mode 100755 index c112f4e6..00000000 --- a/tools/release/new_release.sh +++ /dev/null @@ -1,142 +0,0 @@ -#!/bin/bash - -# Copyright (c) 2015, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -set -e - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" - -URL=https://osquery-packages.s3.amazonaws.com - -function usage() { - echo "${BASH_SOURCE[0]} VERSION PATH_TO_OSQUERY PATH_TO_SITE" -} - -function main() { - if [[ $# < 3 ]]; then - usage - exit 1 - fi - - VERSION=$1 - OSQUERY=$2 - SITE=$3 - - echo "[+] Checking out version $VERSION" - (cd $OSQUERY; git checkout $VERSION) - - echo "[+] Writing new table API" - GENJSON="$SCRIPT_DIR/../codegen/genwebsitejson.py" - /usr/local/osquery/bin/python "$GENJSON" --specs "$OSQUERY/specs" > "$SITE/src/data/osquery_schema_versions/$VERSION.json" - - echo "[+] Writing new version metadata" - GENMETADATA="$SCRIPT_DIR/../codegen/genwebsitemetadata.py" - /usr/local/osquery/bin/python "$GENMETADATA" --file "$SITE/src/data/osquery_metadata.json" --version "$VERSION" - - printf "[+] Downloading and hashing packages...\n" - PACKAGE="$URL/linux/osquery-${VERSION}_1.linux_x86_64.tar.gz" - echo "[+] Downloading $PACKAGE" - LINUX=$(curl $PACKAGE | shasum -a 256 | awk '{print $1}') - - PACKAGE="$URL/deb/osquery_${VERSION}_1.linux.amd64.deb" - echo "[+] Downloading $PACKAGE" - DEB=$(curl $PACKAGE | shasum -a 256 | awk '{print $1}') - - PACKAGE="$URL/rpm/osquery-$VERSION-1.linux.x86_64.rpm" - echo "[+] Downloading $PACKAGE" - RPM=$(curl $PACKAGE | shasum -a 256 | awk '{print $1}') - - PACKAGE="$URL/darwin/osquery-$VERSION.pkg" - echo "[+] Downloading $PACKAGE" - DARWIN=$(curl $PACKAGE | shasum -a 256 | awk '{print $1}') - - PACKAGE="$URL/windows/osquery-$VERSION.msi" - echo "[+] Downloading $PACKAGE" - WINDOWS=$(curl $PACKAGE | shasum -a 256 | awk '{print $1}') - - PACKAGE="$URL/darwin/osquery-debug-$VERSION.pkg" - echo "[+] Downloading $PACKAGE" - DEBUG_DARWIN=$(curl $PACKAGE | shasum -a 256 | awk '{print $1}') - - PACKAGE="$URL/rpm/osquery-debuginfo-$VERSION-1.linux.x86_64.rpm" - echo "[+] Downloading $PACKAGE" - DEBUG_RPM=$(curl $PACKAGE | shasum -a 256 | awk '{print $1}') - - PACKAGE="$URL/deb/osquery-dbg_${VERSION}_1.linux.amd64.deb" - echo "[+] Downloading $PACKAGE" - DEBUG_DEB=$(curl $PACKAGE | shasum -a 256 | awk '{print $1}') - - PACKAGES="$SITE/src/data/osquery_package_versions/${VERSION}.json" - rm -f "${PACKAGES}" - cat << EOF >> ${PACKAGES} -{ - "version": "$VERSION", - "url": "https://pkg.osquery.io", - "downloads": { - "official": [ - { - "type": "macOS", - "package": "osquery-$VERSION.pkg", - "content": "$DARWIN", - "platform": "darwin" - }, - { - "type": "Linux", - "package": "osquery-$VERSION_1.linux_x86_64.tar.gz", - "content": "$LINUX", - "platform": "linux" - }, - { - "type": "RPM", - "package": "osquery-$VERSION-1.linux.x86_64.rpm", - "content": "$RPM", - "platform": "rpm" - }, - { - "type": "Debian", - "package": "osquery_$VERSION_1.linux.amd64.deb", - "content": "$DEB", - "platform": "deb" - }, - { - "type": "Windows", - "package": "osquery-$VERSION.msi", - "content": "$WINDOWS", - "platform": "windows" - } - ], - "debug": [ - { - "type": "macOS", - "package": "osquery-debug-$VERSION.pkg", - "content": "$DEBUG_DARWIN", - "platform": "darwin" - }, - { - "type": "RPM", - "package": "osquery-debuginfo-$VERSION-1.linux.x86_64.rpm", - "content": "$DEBUG_RPM", - "platform": "rpm" - }, - { - "type": "Debian", - "package": "osquery-dbg_2.10.2_1.linux.amd64.deb", - "content": "$DEBUG_DEB", - "platform": "deb" - } - ] - } -} -EOF - echo "[+] Hashes written to $PACKAGES" - - - - echo "[+] Finished" -} - -main $@ diff --git a/tools/release/sign_release.sh b/tools/release/sign_release.sh deleted file mode 100755 index 20585b4c..00000000 --- a/tools/release/sign_release.sh +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/bash - -# Copyright (c) 2015, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -set -e - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" - -function usage() { - echo "${BASH_SOURCE[0]} VERSION PATH_TO_OSQUERY SIGN_HOST SIGN_USER SIGN_IDENT" - echo " SIGN_HOST/SIGN_USER: hostname and user for signing machine" - echo " SIGN_IDENT: SSH identity for signing machine" -} - -function main() { - if [[ $# < 5 ]]; then - usage - exit 1 - fi - - VERSION=$1 - OSQUERY=$2 - HOST=$3 - USER=$4 - IDENT=$5 - - PKGS=$OSQUERY/build/$VERSION - if [[ ! -d "$PKGS" ]]; then - echo "Cannot find $PKGS directory?" - usage - exit 1 - fi - - echo "[+] Copying packages from $PKGS to signing host $HOST" - scp -i $IDENT -r $PKGS "$USER@$HOST": - SSH="ssh -t -i $IDENT $USER@$HOST" - - $SSH "mv ./$VERSION/osquery-$VERSION-1.arch-x86_64.pkg.tar.xz ./local_packages/arch" - $SSH "mv ./$VERSION/osquery-$VERSION.pkg ./local_packages/darwin" - $SSH "mv ./$VERSION/osquery-debug-$VERSION.pkg ./local_packages/darwin" - $SSH "mv ./$VERSION/osquery-$VERSION-1.darwin.i386.rpm ./local_packages/darwin" - $SSH "mv ./$VERSION/osquery-debug-$VERSION-1.darwin.i386.rpm ./local_packages/darwin" - $SSH "mv ./$VERSION/osquery-${VERSION}_1.linux_x86_64.tar.gz ./local_packages/linux" - $SSH "cp ./$VERSION/osquery-$VERSION-1.linux.x86_64.rpm ./local_packages/rpm" - $SSH "cp ./$VERSION/osquery-debuginfo-$VERSION-1.linux.x86_64.rpm ./local_packages/rpm" - $SSH "cp ./$VERSION/osquery-$VERSION-1.linux.x86_64.rpm ./local_packages/centos6" - $SSH "cp ./$VERSION/osquery-debuginfo-$VERSION-1.linux.x86_64.rpm ./local_packages/centos6" - $SSH "cp ./$VERSION/osquery-$VERSION-1.linux.x86_64.rpm ./local_packages/centos7" - $SSH "cp ./$VERSION/osquery-debuginfo-$VERSION-1.linux.x86_64.rpm ./local_packages/centos7" - $SSH "cp ./$VERSION/osquery_${VERSION}_1.linux.amd64.deb ./local_packages/precise" - $SSH "cp ./$VERSION/osquery-dbg_${VERSION}_1.linux.amd64.deb ./local_packages/precise" - $SSH "cp ./$VERSION/osquery_${VERSION}_1.linux.amd64.deb ./local_packages/trusty" - $SSH "cp ./$VERSION/osquery-dbg_${VERSION}_1.linux.amd64.deb ./local_packages/trusty" - $SSH "cp ./$VERSION/osquery_${VERSION}_1.linux.amd64.deb ./local_packages/xenial" - $SSH "cp ./$VERSION/osquery-dbg_${VERSION}_1.linux.amd64.deb ./local_packages/xenial" - $SSH "cp ./$VERSION/osquery_${VERSION}_1.linux.amd64.deb ./local_packages/deb" - $SSH "cp ./$VERSION/osquery-dbg_${VERSION}_1.linux.amd64.deb ./local_packages/deb" - - echo "[!] Now run: ./package_publisher please" - $SSH "bash --login" - - echo "[+] Packages signed" -} - -main $@ diff --git a/tools/sync.sh b/tools/sync.sh deleted file mode 100755 index eba31ef2..00000000 --- a/tools/sync.sh +++ /dev/null @@ -1,54 +0,0 @@ -#!/usr/bin/env bash - -# Copyright (c) 2014-present, Facebook, Inc. -# All rights reserved. -# -# This source code is licensed in accordance with the terms specified in -# the LICENSE file found in the root directory of this source tree. - -set -e - -if [ "$#" -ne 2 ]; then - echo "Usage: $0 BUILD_DIR LIBRARY_PATH" - exit 1 -fi - -SOURCE=$(pwd) -BUILD_DIR=$1 -SYNC_DIR="$BUILD_DIR/sync" -VERSION=`git describe --tags HEAD --always` - -if [ -f "$BUILD_DIR/generated" ]; then - echo "Error: $BUILD_DIR/generated not found." - echo "Run 'make sdk' first" - exit 1 -fi - -mkdir -p "$SYNC_DIR" -rm -rf "$SYNC_DIR/osquery*" -mkdir -p "$SYNC_DIR/osquery/generated" - -export LIBRARY_PATH=$2:$LIBRARY_PATH - -# merge the headers with the implementation files -cp -R include/osquery "$SYNC_DIR" -find ./osquery | grep "\.h" | grep -v tests/ | grep -v tables/ | xargs -i cp --parents {} "$SYNC_DIR" -cp $BUILD_DIR/generated/utils_amalgamation.cpp "$SYNC_DIR/osquery/generated/" - -# delete all of the old CMake files -find "$SYNC_DIR" -type f -name "CMakeLists.txt" -exec rm -f {} \; - -# make the targets file -mkdir -p "$SYNC_DIR/code-analysis" -(cd "$SYNC_DIR/code-analysis" && SDK=True cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON $SOURCE) -python tools/codegen/gentargets.py \ - -v $VERSION --sdk $VERSION \ - -i "$SYNC_DIR/code-analysis/compile_commands.json" \ - -o $SYNC_DIR/osquery \ - -s osquery - -cp osquery.thrift "$SYNC_DIR/osquery/extensions" - -# wrap it up in a tarball -(cd "$SYNC_DIR" && tar -zcf osquery-sync-$VERSION.tar.gz osquery) -echo "Generated $SYNC_DIR/osquery-sync-$VERSION.tar.gz"