Merge pull request #381 from theopolis/feature-build-improvements

Feature build improvements

.gitignore

@@ -22,6 +22,7 @@
 *.app
 
 # Build Artifacts
+.provision
 build/
 
 # Run Artifacts

CMakeLists.txt

@@ -25,6 +25,20 @@ elseif(CENTOS)
   message("-- Building for CentOS")
 endif()
 
+# Make sure deps were built before compiling
+execute_process(
+  COMMAND ${CMAKE_SOURCE_DIR}/tools/provision.sh check ${CMAKE_BINARY_DIR}
+  WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
+  OUTPUT_VARIABLE OSQUERY_DEPS_MESSAGE
+  RESULT_VARIABLE OSQUERY_DEPS_CHECK
+  OUTPUT_STRIP_TRAILING_WHITESPACE
+)
+
+if(OSQUERY_DEPS_CHECK)
+  string(ASCII 27 Esc)
+  message(FATAL_ERROR "${Esc}[31m${OSQUERY_DEPS_MESSAGE}${Esc}[m")
+endif()
+
 if(BUILD_SHARED_LIBS)
   set(USER_COMPILE_FLAGS "-fPIC")
 else()
@@ -44,7 +58,6 @@ FIND_PACKAGE(Gflags REQUIRED)
 FIND_PACKAGE(Thrift 0.9.1 REQUIRED)
 FIND_PACKAGE(Readline REQUIRED)
 FIND_PACKAGE(OpenSSL REQUIRED)
-FIND_PACKAGE(Threads REQUIRED)
 FIND_PACKAGE(Snappy REQUIRED)
 FIND_PACKAGE(RocksDB REQUIRED)
 FIND_PACKAGE(Crypto REQUIRED)

Makefile

@@ -10,25 +10,27 @@ else
 	endif
 endif
 
-all:
-	mkdir -p build/$(BUILD_DIR)
-	$(if $(PLATFORM) == Linux, ln -snf $(BUILD_DIR) build/linux)
+all: .setup
 	cd build/$(BUILD_DIR) && cmake ../.. && make --no-print-directory $(MAKEFLAGS)
 
-debug:
-	mkdir -p build/$(BUILD_DIR)
-	$(if $(PLATFORM) == Linux, ln -snf $(BUILD_DIR) build/linux)
+debug: .setup
 	cd build/$(BUILD_DIR) && cmake -DCMAKE_BUILD_TYPE=Debug ../../ && \
 		make --no-print-directory $(MAKEFLAGS)
 
-deps:
-	./tools/provision.sh
+deps: .setup
+	./tools/provision.sh build build/$(BUILD_DIR)
 
 distclean:
 	rm -rf .sources build/$(BUILD_DIR) doxygen/html doxygen/latex
-	$(if $(PLATFORM) == Linux, rm -rf build/linux)
+ifeq ($(PLATFORM),Linux)
+		rm -rf build/linux
+endif
+
+.setup:
+	mkdir -p build/$(BUILD_DIR)
+ifeq ($(PLATFORM),Linux)
+		ln -snf $(BUILD_DIR) build/linux
+endif
 
 %::
-	mkdir -p build/$(BUILD_DIR)
-	$(if $(PLATFORM) == Linux, ln -snf $(BUILD_DIR) build/linux)
 	cd build/$(BUILD_DIR) && cmake ../.. && make --no-print-directory $@

include/osquery/core.h

@@ -18,7 +18,20 @@ namespace osquery {
  */
 extern const std::string kVersion;
 /// Use a macro for the version literal, set the kVersion symbol in the library.
-#define VERSION "1.0.3"
+#ifndef STR
+#define STR_OF(x) #x
+#define STR(x) STR_OF(x)
+#endif
+#define OSQUERY_VERSION STR(OSQUERY_BUILD_VERSION)
+
+/**
+ * @brief A helpful tool type to report when logging, print help, or debugging.
+ */
+enum osqueryTool {
+  OSQUERY_TOOL_SHELL,
+  OSQUERY_TOOL_DAEMON,
+  OSQUERY_TOOL_TEST,
+};
 
 /**
  * @brief Execute a query
@@ -83,7 +96,7 @@ sqlite3* createDB();
  * @param argc the number of elements in argv
  * @param argv the command-line arguments passed to `main()`
  */
-void initOsquery(int argc, char* argv[]);
+void initOsquery(int argc, char* argv[], int tool = OSQUERY_TOOL_TEST);
 
 /**
  * @brief Split a given string based on an optional deliminator.

include/osquery/flags.h

@@ -30,10 +30,11 @@ class Flag {
    */
   static Flag& get(const std::string& name = "",
                    const std::string& value = "",
-                   const std::string& desc = "") {
+                   const std::string& desc = "",
+                   bool shell_only = false) {
     static Flag f;
     if (name != "") {
-      f.add(name, value, desc);
+      f.add(name, value, desc, shell_only);
     }
     return f;
   }
@@ -44,11 +45,17 @@ class Flag {
    * @param name The 'name' or the options switch data.
    * @param value The default value for this flag.
    * @param desc The description printed to the screen during help.
+   * @param shell_only Restrict this flag to the shell.
    */
   void add(const std::string& name,
            const std::string& value,
-           const std::string& desc) {
-    flags_.insert(std::make_pair(name, std::make_pair(value, desc)));
+           const std::string& desc,
+           bool shell_only) {
+    if (!shell_only) {
+      flags_.insert(std::make_pair(name, std::make_pair(value, desc)));
+    } else {
+      shell_flags_.insert(std::make_pair(name, std::make_pair(value, desc)));
+    }
   }
 
  private:
@@ -58,10 +65,24 @@ class Flag {
  public:
   /// The public flags instance, usable when parsing `--help`.
   std::map<std::string, FlagDetail> flags() { return flags_; }
+  /// The public flags instance, usable when parsing `--help` for the shell.
+  std::map<std::string, FlagDetail> shellFlags() { return shell_flags_; }
+  static void print_flags(const std::map<std::string, FlagDetail> flags) {
+    for (const auto& flag : flags) {
+      fprintf(stdout,
+              "  --%s, --%s=VALUE\n    %s (default: %s)\n",
+              flag.first.c_str(),
+              flag.first.c_str(),
+              flag.second.second.c_str(),
+              flag.second.first.c_str());
+    }
+  }
 
  private:
   /// The private simple map of name to value/desc flag data.
   std::map<std::string, FlagDetail> flags_;
+  /// The private simple map of name to value/desc shell-only flag data.
+  std::map<std::string, FlagDetail> shell_flags_;
 };
 }
 
@@ -78,3 +99,10 @@ class Flag {
   namespace flag_##name {                            \
     Flag flag = Flag::get(#name, #value, #desc);     \
   }
+
+/// Wrapper to bypass osquery help output
+#define DEFINE_shell_flag(type, name, value, desc) \
+  DEFINE_##type(name, value, desc); \
+  namespace flag_##name { \
+    Flag flag = Flag::get(#name, #value, #desc, true); \
+  } \

osquery/CMakeLists.txt

@@ -6,55 +6,71 @@ SET(OSQUERY_LIBS
   ssl
 )
 
+SET(OSQUERY_APPLE_LIBS
+  boost_thread-mt
+  boost_system
+  boost_filesystem
+  boost_program_options
+  boost_regex
+  thrift
+  rocksdb
+  gflags
+  glog
+)
+
+SET(OSQUERY_LINUX_LIBS
+  libgflags.a
+  libglog.a
+  librocksdb.a
+  libthrift.a
+  libboost_thread.a
+  libboost_system.a
+  libboost_filesystem.a
+  libboost_program_options.a
+  libboost_regex.a
+  udev
+  blkid
+  rt
+)
+
+SET(OSQUERY_UBUNTU_LIBS
+  libz.a
+  libbz2.a
+  libsnappy.a
+  libunwind.a
+  liblzma.a
+)
+
+SET(OSQUERY_CENTOS_LIBS
+  libz.so
+  libbz2.so
+  libsnappy.so
+  libunwind.so
+  liblzma.so
+  libproc.so
+)
+
 # Check for the explicit path to determine the version of procps
 if(EXISTS "/usr/lib/libprocps.a"
     OR EXISTS "/usr/lib/x86_64-linux-gnu/libprocps.a")
   set(PROCPS TRUE)
 endif()
 
+# Fill in libraries for Apple, Uunbut, Centos
 if(APPLE)
-  list(APPEND OSQUERY_LIBS "boost_thread-mt")
-  list(APPEND OSQUERY_LIBS "boost_system")
-  list(APPEND OSQUERY_LIBS "boost_filesystem")
-  list(APPEND OSQUERY_LIBS "boost_program_options")
-  list(APPEND OSQUERY_LIBS "boost_regex")
-  list(APPEND OSQUERY_LIBS "thrift")
-  list(APPEND OSQUERY_LIBS "rocksdb")
-  list(APPEND OSQUERY_LIBS "gflags")
-  list(APPEND OSQUERY_LIBS "glog")
+  set(OSQUERY_LIBS ${OSQUERY_LIBS} ${OSQUERY_APPLE_LIBS})
 else()
-  list(APPEND OSQUERY_LIBS "libgflags.a")
-  list(APPEND OSQUERY_LIBS "libglog.a")
-  list(APPEND OSQUERY_LIBS "librocksdb.a")
-  if(EXISTS "/etc/debian_version")
-    list(APPEND OSQUERY_LIBS "libz.a")
-    list(APPEND OSQUERY_LIBS "libbz2.a")
-    list(APPEND OSQUERY_LIBS "libsnappy.a")
-    list(APPEND OSQUERY_LIBS "libunwind.a")
-    list(APPEND OSQUERY_LIBS "liblzma.a")
+  set(OSQUERY_LIBS ${OSQUERY_LIBS} ${OSQUERY_LINUX_LIBS})
+  if(UBUNTU)
     if(PROCPS)
-      list(APPEND OSQUERY_LIBS "libprocps.a")
+      list(APPEND OSQUERY_UBUNTU_LIBS "libprocps.a")
     else()
-      list(APPEND OSQUERY_LIBS "libproc.a")
+      list(APPEND OSQUERY_UBUNTU_LIBS "libproc.a")
     endif()
+    set(OSQUERY_LIBS ${OSQUERY_LIBS} ${OSQUERY_UBUNTU_LIBS})
+  elseif(CENTOS)
+    set(OSQUERY_LIBS ${OSQUERY_LIBS} ${OSQUERY_CENTOS_LIBS})
   endif()
-  if(EXISTS "/etc/redhat-release")
-    list(APPEND OSQUERY_LIBS "libz.so")
-    list(APPEND OSQUERY_LIBS "libbz2.so")
-    list(APPEND OSQUERY_LIBS "libsnappy.so")
-    list(APPEND OSQUERY_LIBS "libunwind.so")
-    list(APPEND OSQUERY_LIBS "liblzma.so")
-    list(APPEND OSQUERY_LIBS "libproc.so")
-  endif()
-  list(APPEND OSQUERY_LIBS "libthrift.a")
-  list(APPEND OSQUERY_LIBS "libboost_thread.a")
-  list(APPEND OSQUERY_LIBS "libboost_system.a")
-  list(APPEND OSQUERY_LIBS "libboost_filesystem.a")
-  list(APPEND OSQUERY_LIBS "libboost_program_options.a")
-  list(APPEND OSQUERY_LIBS "libboost_regex.a")
-  list(APPEND OSQUERY_LIBS "udev")
-  list(APPEND OSQUERY_LIBS "blkid")
-  list(APPEND OSQUERY_LIBS "rt")
 endif()
 
 # Fill this in with objects for libosquery
@@ -66,6 +82,16 @@ if(NOT BUILD_SHARED)
   SET(CMAKE_SHARED_LIBRARY_LINK_CXX_FLAGS "")
 endif()
 
+# Generate version from git
+execute_process(
+  COMMAND git describe --tags HEAD
+  WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
+  OUTPUT_VARIABLE OSQUERY_BUILD_VERSION
+  OUTPUT_STRIP_TRAILING_WHITESPACE
+)
+
+ADD_DEFINITIONS("-DOSQUERY_BUILD_VERSION=${OSQUERY_BUILD_VERSION}")
+
 MACRO(ADD_OSQUERY_LINK LINK)
   list(APPEND OSQUERY_ADDITIONAL_LINKS ${LINK})
   set(OSQUERY_ADDITIONAL_LINKS ${OSQUERY_ADDITIONAL_LINKS} PARENT_SCOPE)
@@ -95,12 +121,14 @@ MACRO(ADD_OSQUERY_OBJCXX_LIBRARY TARGET)
 ENDMACRO(ADD_OSQUERY_OBJCXX_LIBRARY TARGET)
 
 MACRO(ADD_OSQUERY_TEST TEST_NAME SOURCE)
-  ADD_EXECUTABLE(${TEST_NAME} ${SOURCE})
-  TARGET_LINK_LIBRARIES(${TEST_NAME} osquery_shared)
-  TARGET_LINK_LIBRARIES(${TEST_NAME} gtest)
-  SET(OPTIONAL_FLAGS ${ARGN})
-  SET_OSQUERY_COMPILE(${TEST_NAME} ${OPTIONAL_FLAGS})
-  ADD_TEST(${TEST_NAME} ${TEST_NAME})
+  if(NOT DEFINED ENV{SKIP_TESTS})
+    ADD_EXECUTABLE(${TEST_NAME} ${SOURCE})
+    TARGET_LINK_LIBRARIES(${TEST_NAME} osquery_shared)
+    TARGET_LINK_LIBRARIES(${TEST_NAME} gtest)
+    SET(OPTIONAL_FLAGS ${ARGN})
+    SET_OSQUERY_COMPILE(${TEST_NAME} ${OPTIONAL_FLAGS})
+    ADD_TEST(${TEST_NAME} ${TEST_NAME})
+  endif()
 ENDMACRO(ADD_OSQUERY_TEST)
 
 MACRO(ADD_OSQUERY_EXECUTABLE NAME SOURCE)
@@ -114,6 +142,15 @@ MACRO(TARGET_OSQUERY_LINK_WHOLE TARGET OSQUERY_LIB)
   TARGET_LINK_LIBRARIES(${TARGET} "${OS_WHOLELINK_POST}")
 ENDMACRO(TARGET_OSQUERY_LINK_WHOLE)
 
+# Make sure deps were built before compiling
+execute_process(
+  COMMAND ${CMAKE_SOURCE_DIR}/tools/provision.sh check ${CMAKE_BINARY_DIR}
+  WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
+  OUTPUT_VARIABLE OSQUERY_DEPS_MESSAGE
+  RESULT_VARIABLE OSQUERY_DEPS_CHECK
+  OUTPUT_STRIP_TRAILING_WHITESPACE
+)
+
 # Table generation
 
 file(GLOB TABLE_FILES "tables/specs/x/*.table")
@@ -183,6 +220,7 @@ SET(OSQUERY_LIB_OBJECTS
   ${OSQUERY_SOURCES}
 )
 
+set(CMAKE_MACOSX_RPATH 0)
 if(BUILD_SHARED)
   ADD_LIBRARY(osquery_shared SHARED main/lib.cpp ${OSQUERY_LIB_OBJECTS})
 else()
@@ -191,12 +229,12 @@ else()
 
   ADD_LIBRARY(osquery_shared STATIC main/lib.cpp)
   TARGET_OSQUERY_LINK_WHOLE(osquery_shared osquery_static)
+  INSTALL(TARGETS osquery_static DESTINATION lib)
 endif()
 TARGET_LINK_LIBRARIES(osquery_shared ${OSQUERY_ADDITIONAL_LINKS})
 TARGET_LINK_LIBRARIES(osquery_shared ${OSQUERY_LIBS})
 SET_TARGET_PROPERTIES(osquery_shared PROPERTIES OUTPUT_NAME osquery)
 INSTALL(TARGETS osquery_shared DESTINATION lib)
-INSTALL(TARGETS osquery_static DESTINATION lib)
 INSTALL(DIRECTORY ${CMAKE_SOURCE_DIR}/include/ DESTINATION include)
 
 ADD_EXECUTABLE(shell main/shell.cpp)
@@ -217,10 +255,7 @@ if(NOT APPLE)
   SET(CPACK_PACKAGE_NAME "osquery")
   SET(CPACK_PACKAGE_VENDOR "facebook")
 
-  SET(CPACK_PACKAGE_VERSION "0.0.1")
-  SET(CPACK_PACKAGE_VERSION_MAJOR 0)
-  SET(CPACK_PACKAGE_VERSION_MINOR 0)
-  SET(CPACK_PACKAGE_VERSION_PATCH 1)
+  SET(CPACK_PACKAGE_VERSION "${OSQUERY_BUILD_VERSION}")
 
   SET(CPACK_SOURCE_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}")
   SET(CPACK_PACKAGE_DESCRIPTION_SUMMARY "osquery is an operating system instrumentation toolchain.")

osquery/core/init_osquery.cpp

@@ -9,6 +9,8 @@
 
 namespace osquery {
 
+#define __GFLAGS_NAMESPACE google
+
 const std::string kDescription =
     "your operating system as a high-performance "
     "relational database";
@@ -24,27 +26,28 @@ static const char* basename(const char* filename) {
   return sep ? sep + 1 : filename;
 }
 
-void initOsquery(int argc, char* argv[]) {
+void initOsquery(int argc, char* argv[], int tool) {
   std::string binary(basename(argv[0]));
   std::string first_arg = (argc > 1) ? std::string(argv[1]) : "";
 
-  if (binary == "osqueryd" && (first_arg == "--help" || first_arg == "-h")) {
+  if ((first_arg == "--help" || first_arg == "-h" || first_arg == "-help") &&
+      tool != OSQUERY_TOOL_TEST) {
     // Parse help options before gflags. Only display osquery-related options.
-    fprintf(stdout, "osquery " VERSION ", %s\n", kDescription.c_str());
+    fprintf(stdout, "osquery " OSQUERY_VERSION ", %s\n", kDescription.c_str());
     fprintf(stdout, "%s: [OPTION]...\n\n", binary.c_str());
     fprintf(stdout,
             "The following options control the osquery "
             "daemon and shell.\n\n");
 
-    auto flags = Flag::get().flags();
-    for (auto& flag : flags) {
+    Flag::print_flags(Flag::get().flags());
+
+    if (tool == OSQUERY_TOOL_SHELL) {
+      // Print shell flags.
       fprintf(stdout,
-              "  --%s, --%s=VALUE\n    %s (default: %s)\n",
-              flag.first.c_str(),
-              flag.first.c_str(),
-              flag.second.second.c_str(),
-              flag.second.first.c_str());
+              "\n\nThe following options control the osquery shell.\n\n");
+      Flag::print_flags(Flag::get().shellFlags());
     }
+
     fprintf(stdout, "\n%s\n", kEpilog.c_str());
 
     ::exit(0);
@@ -55,8 +58,11 @@ void initOsquery(int argc, char* argv[]) {
   FLAGS_stop_logging_if_full_disk = true;
   FLAGS_max_log_size = 1024; // max size for individual log file is 1GB
 
+  // Set version string from CMake build
+  __GFLAGS_NAMESPACE::SetVersionString(OSQUERY_VERSION);
+
   // Let gflags parse the non-help options/flags.
-  google::ParseCommandLineNonHelpFlags(&argc, &argv, false);
+  __GFLAGS_NAMESPACE::ParseCommandLineFlags(&argc, &argv, false);
 
   if (isWritable(FLAGS_osquery_log_dir.c_str()).ok()) {
     FLAGS_log_dir = FLAGS_osquery_log_dir;

osquery/devtools/shell.cpp

@@ -4095,42 +4095,42 @@ static char *cmdline_option_value(int argc, char **argv, int i) {
 namespace osquery {
 
 /// Define flags used by the shell. They are parsed by the drop-in shell.
-DEFINE_osquery_flag(bool, bail, false, "stop after hitting an error");
-DEFINE_osquery_flag(bool, batch, false, "force batch I/O");
-DEFINE_osquery_flag(bool, column, false, "set output mode to 'column'");
-DEFINE_osquery_flag(string, cmd, "", "run \"COMMAND\" before reading stdin");
-DEFINE_osquery_flag(bool, csv, false, "set output mode to 'csv'");
-DEFINE_osquery_flag(bool, echo, false, "print commands before execution");
-DEFINE_osquery_flag(string, init, "", "read/process named file");
-DEFINE_osquery_flag(bool, header, true, "turn headers on or off");
-DEFINE_osquery_flag(bool, html, false, "set output mode to HTML");
-DEFINE_osquery_flag(bool, interactive, false, "force interactive I/O");
-DEFINE_osquery_flag(bool, line, false, "set output mode to 'line'");
-DEFINE_osquery_flag(bool, list, false, "set output mode to 'list'");
-DEFINE_osquery_flag(int64, mmap, 0, "default mmap size set to N");
-DEFINE_osquery_flag(string,
+DEFINE_shell_flag(bool, bail, false, "stop after hitting an error");
+DEFINE_shell_flag(bool, batch, false, "force batch I/O");
+DEFINE_shell_flag(bool, column, false, "set output mode to 'column'");
+DEFINE_shell_flag(string, cmd, "", "run \"COMMAND\" before reading stdin");
+DEFINE_shell_flag(bool, csv, false, "set output mode to 'csv'");
+DEFINE_shell_flag(bool, echo, false, "print commands before execution");
+DEFINE_shell_flag(string, init, "", "read/process named file");
+DEFINE_shell_flag(bool, header, true, "turn headers on or off");
+DEFINE_shell_flag(bool, html, false, "set output mode to HTML");
+DEFINE_shell_flag(bool, interactive, false, "force interactive I/O");
+DEFINE_shell_flag(bool, line, false, "set output mode to 'line'");
+DEFINE_shell_flag(bool, list, false, "set output mode to 'list'");
+DEFINE_shell_flag(int64, mmap, 0, "default mmap size set to N");
+DEFINE_shell_flag(string,
                     nullvalue,
                     "",
                     "set text string for NULL values. Default ''");
-DEFINE_osquery_flag(string,
+DEFINE_shell_flag(string,
                     separator,
                     "|",
                     "set output field separator. Default: '|'");
-DEFINE_osquery_flag(bool,
+DEFINE_shell_flag(bool,
                     stats,
                     false,
                     "print memory stats before each finalize");
-DEFINE_osquery_flag(string, vfs, "", "use NAME as the default VFS");
+DEFINE_shell_flag(string, vfs, "", "use NAME as the default VFS");
 
 /// Optional flags enabled at compile time.
 #if defined(SQLITE_ENABLE_MEMSYS3) || defined(SQLITE_ENABLE_MEMSYS5)
-DEFINE_osquery_flag(int64, heap, 0, "Size of heap for memsys3 or memsys5");
+DEFINE_shell_flag(int64, heap, 0, "Size of heap for memsys3 or memsys5");
 #endif
 #ifdef SQLITE_ENABLE_MULTIPLEX
-DEFINE_osquery_flag(bool, multiplex, false, "enable the multiplexor VFS");
+DEFINE_shell_flag(bool, multiplex, false, "enable the multiplexor VFS");
 #endif
 #ifdef SQLITE_ENABLE_VFSTRACE
-DEFINE_osquery_flag(bool, vfstrace, false, "enable tracing of all VFS calls");
+DEFINE_shell_flag(bool, vfstrace, false, "enable tracing of all VFS calls");
 #endif
 
 int launchIntoShell(int argc, char **argv) {

osquery/main/daemon.cpp

@@ -13,7 +13,7 @@
 #include "osquery/scheduler.h"
 
 int main(int argc, char* argv[]) {
-  osquery::initOsquery(argc, argv);
+  osquery::initOsquery(argc, argv, osquery::OSQUERY_TOOL_DAEMON);
 
   try {
     osquery::DBHandle::getInstance();
@@ -34,12 +34,12 @@ int main(int argc, char* argv[]) {
     LOG(INFO) << "  - " << it.first;
   }
 
-  LOG(INFO) << "Event Types:";
+  LOG(INFO) << "Event Publishers:";
   for (const auto& it : REGISTERED_EVENTPUBLISHERS) {
     LOG(INFO) << "  - " << it.first;
   }
 
-  LOG(INFO) << "Event Modules:";
+  LOG(INFO) << "Event Subscribers:";
   for (const auto& it : REGISTERED_EVENTSUBSCRIBERS) {
     LOG(INFO) << "  - " << it.first;
   }

osquery/main/lib.cpp

@@ -6,5 +6,5 @@
 
 namespace osquery {
 
-const std::string kVersion = VERSION;
+const std::string kVersion = OSQUERY_VERSION;
 }

osquery/main/shell.cpp

@@ -6,14 +6,14 @@
 #include "osquery/events.h"
 
 int main(int argc, char *argv[]) {
-  osquery::initOsquery(argc, argv);
+  osquery::FLAGS_db_path = "/tmp/rocksdb-osquery-shell";
+  osquery::initOsquery(argc, argv, osquery::OSQUERY_TOOL_SHELL);
 
   // Start a thread for each appropriate event type
   osquery::registries::faucet(REGISTERED_EVENTPUBLISHERS,
                               REGISTERED_EVENTSUBSCRIBERS);
   osquery::EventFactory::delay();
 
-  osquery::FLAGS_db_path = "/tmp/rocksdb-osquery-shell";
   int retcode = osquery::launchIntoShell(argc, argv);
 
   // End any event type threads.

osquery/tables/system/darwin/launchd.cpp

@@ -132,7 +132,7 @@ QueryData genLaunchd() {
     if (s.ok()) {
       results.push_back(parseLaunchdItem(path, tree));
     } else {
-      LOG(WARNING) << "Error parsing " << path << ": " << s.toString();
+      VLOG(1) << "Error parsing " << path << ": " << s.toString();
     }
   }
   return results;

tools/make_osx_package.sh

@@ -8,7 +8,6 @@ export PATH="$PATH:/usr/local/bin"
 source $SCRIPT_DIR/lib.sh
 
 APP_IDENTIFIER="com.facebook.osqueryd"
-APP_VERSION="0.0.2"
 OUTPUT_PKG_PATH="$SCRIPT_DIR/../osqueryd.pkg"
 LAUNCHD_PATH="$SCRIPT_DIR/$APP_IDENTIFIER.plist"
 LAUNCHD_INSTALL_PATH="/Library/LaunchDaemons/$APP_IDENTIFIER.plist"
@@ -16,6 +15,7 @@ OSQUERY_LOG_DIR="/var/log/osquery/"
 OSQUERY_CONFIG_PATH_DEST="/var/osquery/osquery.conf"
 OSQUERY_CONFIG_PATH_SOURCE=""
 
+APP_VERSION=`git describe --tags HEAD`
 
 BREW_PACKAGES=(rocksdb boost gflags glog thrift)
 BREW_PREFIX=`brew --prefix`

tools/provision.sh

@@ -232,6 +232,33 @@ function package() {
   fi
 }
 
+function check() {
+  platform OS
+
+  if [[ $OS = "darwin" ]]; then
+    HASH=`shasum $0 | awk '{print $1}'`
+  else
+    HASH=`sha1sum $0 | awk '{print $1}'`
+  fi
+
+  if [[ ! "$1" = "check" ]]; then
+    echo $HASH > "$2/.provision"
+    return
+  fi
+
+  if [[ "$#" < 2 ]]; then
+    echo "Usage: $0 check BUILD_PATH"
+    exit 1
+  fi
+
+  CHECKPOINT=`cat $2/.provision 2>&1 &`
+  if [[ ! $HASH = $CHECKPOINT ]]; then
+    echo "Requested dependencies have changed, run: sudo make deps"
+    exit 1
+  fi
+  exit 0
+}
+
 function main() {
   platform OS
 
@@ -379,8 +406,6 @@ function main() {
     package libunwind-devel
     package libudev-devel
 
-    # One day, CentOS packages will be updated and installing from yum will not fuck things up
-    # Until that day comes, leave these lines commented and keep installing from source
     # package libtool.x86_64
     # package boost.x86_64
 
@@ -417,4 +442,5 @@ function main() {
   git submodule update
 }
 
+check $1 $2
 main