This commit bumps the third-party SQLite to the 3.14.0 pre-release (18:59).
With 3.14.0 the LIKE and EQUALS constraint operators may be mixed within a
query. Previously these would fail to produce a valid set.
As part of the support, each virtual table should choose to bypass rowid-based
deduplication using the new "WITHOUT ROWID" create table epilog. This will
be appended to the schema if the table defines a PRIMARY KEY using index=True.
Thus begins our need to include local (modified) brew formulas.
This commit adds a new provision library method: local_brew. Use this function
within provision scripts to install packages that are not appropriate for
homebrew-core.
With a removeService method, combined with the abstracted thread start in
the Dispatcher API, services auto-remove when finished.
This will un-break the kernel communication tests. These tests only stop
when all their producer threads/services have ended.
This also promotes the OS X kernel build to 10.11.
Table options includes a change to the Registry::call API for TablePlugins.
When requesting route information or the 'columns' action, a new 'op' key is included.
Integrated process abstraction code into more locations
Defined new macros for abstracting across various platforms
Added GLOG_NO_ABBREVIATED_SEVERITIES for glog to support Windows
Fixed some minor CMake issues involving thrift
Updated gflags package; reflecting change in provision script
Preparing CMake config files for WIN32 support
This adds a new optimization feature that allows expensive tables to cache
their results between JOINs. Consider JOINing a list of open sockets, for each
process, then requesting to hash each process path. This query may hash
the same path multiple times.
Within-query caching allows the hash table to respond with the previous
result of the hash request as long as the requested computation was the result
of a single query. Subsequent queries will perform subsequent hashing.
This commit adds logger plugin implementations for the Amazon
Kinesis (https://aws.amazon.com/kinesis/) and Kinesis
Firehose (https://aws.amazon.com/kinesis/firehose/) services. To support
these plugins there are a number of utility classes and functions for
AWS authentication, configuration and API integration. The logger plugin
implementations take advantage of the BufferedLogForwarder base class
for reliable buffering and batch sending of logs. In their current
implementations, the logger plugins only support sending of result logs
to these AWS services.
There seems to have been a regression in package building.
The ./tools/lib.sh script now overloads the SCRIPT_DIR variable,
which is also used in the package build scripts.
This changes the file-local variable in ./tools/lib.sh.
* Committing changes related to our experimentation with a "pure" Win64 build
* Placates CMake such that a Visual Studio 14 x64 solution is generated!
* Updated changes to fix the issue of GFlags not being found.
* Added cases to handle Win64 specific CMake options such as include/link
directories and compiler options
* Comment change in CMakeList.txt
* Changed wording of get_platform error message. Adding Powershell
provisioning script.
* Finalized provision powershell script
* Added a deployment XML file for insuring C++ support exists for VS2015
* Added admin check and resolved some potential PATH issues.
* Fixed some potential bugs in VS2015 automated install
* Adding a wrapper for provision.ps1 so people don't need to know obscure
powershell syntax
* Fixing a bug with third-party archive extraction
* Ignoring the updating of pip for now...
* Fix invocation of choco.exe
* Resolved pip install issues
* Removed some debugging residue
* Changing get_platform.py from tabs to spaces
* Added distro detection for ubuntu and darwin
* Using 4 spaces
* Added a newline after powershell invocation
* Added OS detection for freebsd and fedora
* Fixed bug with freebsd
* Adding arguments parsing to prepare for modularizing platform detection
* Removing bash platform detection logic and forwarding the task to
get_platform.py
* Removing get_platform support in provision.sh since it doesn't appear to
be used anywhere now
* Fixed some comment/spacing issues. Made a few efficiency changes
* A few bug fixes, revereted back to WIN32 variable for now
* Added Facebook copyright information.
* Fixed boost and rocksdb library paths
* Added support for installing our custom chocolatey packages
* Fixed path to ignore the symlink
* Force environment variable propagation
* Forgot to add new line after make-win64-dev-env.bat
* Added error handling for choco install failures
* Handles download and python/pip errors
* When chocolatey is not detected, refreshenv.bat is not found in the PATH.
Hardcode the PATH as per chocolatey install instructions
* Takes care of updating git submodules in third-party\
* Fixes a bug in which Linux provisioning fails because of unset FAMILY
env var.
When I added the flag file switch it was aimed at `/var/osquery`, but the package is built such that everything exists in `/private/var/osquery`. This simply makes this more consistent.
1. Update boost to 1.60 from 1.55 on Linux platforms
2. Add asio (1.11.0) to the deps set
3. Update snappy to 1.1.3 on Linux platforms
4. Update cpp-netlib to 0.12.0-rc1 from 0.11 on Linux platforms
- OS X and brew also include 0.12.0-rc1 as a devel option
5. Update libapt to 1.2.6 from 0.8.6 on Ubuntu/Debian
- This adds lzma as a dependent link
2. Introduce a SQLite-based database plugin
3. Refactor database usage to include local 'fast-calls'
4. Introduce an 'ephemeral' database plugin for testing (like a mock)
[Added] python packages which are not installable via pip on lucid
[Moved] installing latest bison and openssl right before thrift building for lucid
[Fixed] package bison installation for not lucid
[Added] OpenSSL dependency for lucid
[Changed] prefix to /usr/local
[Fixed] wrong file for checking if dependency is intalled
1. Table implementations (spec files) can mark the table as 'cachable'.
2. Cached results depend on the shortest/quickest interval of scheduled
queries that act on results of the table.
3. The table API generator blocks caching on index/additional/required
table column options.
If the option of remembering known Wi-Fi networks is enabled on a system,
they are persisted to disk as a preferences property list file.
This table is populated by parsing that file.
There was a bug in the `osquery::Schedule` container object such that,
when the iteration through the schedule occured, pack objects were being
passed by value (copied) instead of passed by reference. Thus, the
discovery query would be executed, the object's cache would be updated,
and then the object would go out of scope and be destructed, thus
leaving the original object without ever having ran the discovery query.
This caused discovery queries to thrash. Bad times.
I added a new test so that we don't regress here as well as const'd a
few functions that should have been const in `osquery::Pack`.