valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 18:33:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
2,303 Commits 2 Branches 109 Tags 25 MiB
4d0cd46f42
Commit Graph

2303 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Teddy Reed
ad94eaf0b8 [Fix #1367] Disable user-controlled FIFO reads 2015-07-22 10:15:39 -07:00
Teddy Reed
5f4d54741d Merge pull request #1370 from theopolis/fix_1368 
[Fix #1368] Restore autostart post-install scripts
 2015-07-22 09:52:50 -07:00
Teddy Reed
f03ec9ddac [Fix #1368] Restore autostart post-install scripts 2015-07-21 19:09:24 -07:00
Mike Arpaia
ddb76e30e9 Merge pull request #1366 from kost/fix-dup-the-readme 
Remove duplicated "the" in README
 2015-07-21 12:07:31 -07:00
Vlatko Kosturjak
50d2922fb4 Remove duplicated "the" in README 2015-07-21 11:31:47 +02:00
Mike Arpaia
f799bca25c Adding code of conduct 2015-07-20 12:51:10 -07:00
Teddy Reed
ca09fdb9f8 Merge pull request #1365 from theopolis/fix_profile_leaks 
Fix profile platform bug in leaks checking
 2015-07-20 02:37:24 -07:00
Teddy Reed
fc24682816 Fix profile platform bug in leaks checking 2015-07-20 02:06:52 -07:00
Teddy Reed
e8cb919f03 Merge pull request #1364 from theopolis/harden_applications 
[Fix #1357] Use OS X LS API for app listing
 2015-07-20 01:14:07 -07:00
Mike Arpaia
5ccfe886ba Merge pull request #1363 from theopolis/less_rows 
[Fix #1303] Only emit rows when appropriate for processes/users.
 2015-07-19 20:36:26 -07:00
Mike Arpaia
e84713debf Merge pull request #1362 from theopolis/optional_build_shared 
[#1208] Allow BUILD_LINK_SHARED=1 for table-dependencies
 2015-07-19 20:34:59 -07:00
Mike Arpaia
8a760d52db Merge pull request #1361 from theopolis/dot_plist 
[Fix #1355] Allow plist keys with '.'
 2015-07-19 20:34:19 -07:00
Mike Arpaia
74021459c2 Merge pull request #1359 from theopolis/mutable_config_parser 
Allow ConfigParserPlugins to update the ConfigData.
 2015-07-19 20:34:11 -07:00
Mike Arpaia
4d05b54647 Merge pull request #1358 from theopolis/optimize_events 
Optimize event publisher database namespace lookups.
 2015-07-19 20:34:03 -07:00
Mike Arpaia
ebbb481ef7 Merge pull request #1360 from theopolis/fix_1356 
[Fix #1356] Tokenize process environ by '\0' on Linux
 2015-07-19 20:33:15 -07:00
Teddy Reed
dd7990b719 [Fix #1357] Use OS X LS API for app listing 
Attempt to use OS X's LaunchServices to get a list of applications.
Fall back to basic directory traversal of well-known application paths.
 2015-07-19 20:22:48 -07:00
Teddy Reed
5249e74146 [Fix #1303] Only emit rows when appropriate for processes/users. 
When optimizing a table using query constraints an implementation should not add unneeded rows.
A user experience bug exists when selecting with an explicit non-existing pid/uid.
 2015-07-19 20:20:04 -07:00
Teddy Reed
8eaf389010 Optimize event publisher database namespace lookups. 
Previously, event publishers used a canonicalized 'type' name for async callbacks.
This type was used to lookup the publisher plugin in the registry as well as for backing store namespacing.
The type is still used but subscribers, which made heavy used of the lookup, store the value locally.
This prevents unneeded publisher plugin allocation when adding events.
 2015-07-19 17:10:42 -07:00
Teddy Reed
1d7042a52e [#1208] Allow BUILD_LINK_SHARED=1 for table-dependencies 2015-07-19 16:58:43 -07:00
Teddy Reed
95775be1d9 [Fix #1355] Allow plist keys with '.' 
Boost property trees are level delimited using '.' characters.
An Apple property list may contain keys with '.' characters, so the plist conversion must use iterators and raw node appends.
 2015-07-19 16:24:43 -07:00
Teddy Reed
bcdbb40f0c [Fix #1356] Tokenize process environ by '\0' on Linux 2015-07-19 14:34:49 -07:00
Teddy Reed
2109ae85b7 Allow ConfigParserPlugins to update the ConfigData. 
Previously, `ConfigParserPlugin`s could only maintain an internal derived object called `data_`.
Then parts of the code that knew to use the plugin's data would call `getParsedData` and provide the name of the plugin.

Parser plugins can now request a mutable version of the `ConfigData` using `::mutableConfigData`.
This requires a lock on the `ConfigDataInstance` and must be provided to their mutable accessor.

Acess to a mutable config enables parsers to make modifications to internal config structures like options and the query schedule.
 2015-07-18 15:08:51 -07:00
Teddy Reed
6bfe03f6e9 Merge pull request #1354 from theopolis/more_install 
Install additional configs for HB/packages
 2015-07-17 16:22:19 -07:00
Teddy Reed
a713d09f0e Install additional configs for HB/packages 2015-07-17 16:07:22 -07:00
Teddy Reed
47512f2529 Merge pull request #1352 from theopolis/tls_refresh 
Add optional TLS config plugin refresh
 2015-07-17 15:14:25 -07:00
Javier Marcos
df38683f84 Merge pull request #1353 from javuto/query_packs_files 
Query packs files
 2015-07-17 15:11:28 -07:00
Teddy Reed
6104aaebfe Add optional TLS config plugin refresh 2015-07-17 14:59:08 -07:00
Javier Marcos
36e550db0b Query packs files 2015-07-17 14:42:05 -07:00
Teddy Reed
c36fbda274 Merge pull request #1349 from theopolis/centos_version 
[Fix #1319] CentOS version reporting and file read error
 2015-07-17 09:07:29 -07:00
Michael O'Farrell
62f96b37eb Merge pull request #1351 from theopolis/kernel_packaging 
[Fix #1339] Add kernel-build to packages when used
 2015-07-16 15:41:05 -07:00
Teddy Reed
270b4da540 [Fix #1339] Add kernel-build to packages when used 2015-07-16 15:23:29 -07:00
Michael O'Farrell
395f825321 Merge pull request #1350 from achmiel/doc_urls 
Fixed URLs and some typos in the documentation
 2015-07-16 15:16:26 -07:00
Artur Chmiel
c0be6b5ba1 Fixed URLs and some typos in the documentation 2015-07-16 23:17:22 +02:00
Teddy Reed
f06820f578 [Fix #1319] CentOS version reporting and file read error 
1. Redhat-based distributions were not reporting their version correct.
2. The file read API assumed stat would return an accurate file size.
This has been replaced with an attempt to seek to the end of the file.
 2015-07-16 14:16:51 -07:00
Javier Marcos
0ff02d8146 Merge pull request #1348 from javuto/tables_only_final_releases 
Fix tables JSON file name
 2015-07-16 13:53:36 -07:00
Javier Marcos
7241becda1 Fix tables JSON file name 2015-07-16 13:38:31 -07:00
Javier Marcos
7172c36d6f Merge pull request #1347 from javuto/table_docs_with_package 
Generation of table docs with packages and docs targets
 2015-07-16 12:39:43 -07:00
Javier Marcos
84e0c77a98 Generation of table docs with packages and docs targets 2015-07-16 12:23:44 -07:00
Teddy Reed
4cb6e37f1d Merge pull request #1338 from theopolis/join_bug 
Fix broken JOIN predicate passing
 2015-07-16 11:45:33 -07:00
Teddy Reed
deecef81c5 Fix broken JOIN predicate passing 2015-07-16 11:29:56 -07:00
Mike Arpaia
9eeb224ce7 clang-format authorizations files 2015-07-16 11:09:16 -07:00
Mike Arpaia
664c1e1ed3 Merge pull request #1346 from javuto/populating_table_fields 
Adding column description to all the missing table fields
 2015-07-15 23:37:05 -07:00
Javier Marcos
25f0de07a5 Adding description to all the missing table fields 2015-07-15 23:23:42 -07:00
Mike Arpaia
333f0c5799 Merge pull request #1345 from achmiel/fix_symlinks 
Updated the readFile function to correctly handle symbolic links
 2015-07-15 23:21:35 -07:00
Artur Chmiel
ac9a320218 Updated the readFile function to correctly handle symbolic links 2015-07-16 07:55:12 +02:00
Mike Arpaia
485a7f78fb Merge pull request #1318 from tburgin/master 
Added authdb table
 2015-07-15 21:51:53 -07:00
Mike Arpaia
c61c0775b4 Merge pull request #1342 from theopolis/osqueryctl_install 
[Fix #1341] Add osqueryctl to make install target
 2015-07-15 21:45:03 -07:00
Javier Marcos
01fabf910d Merge pull request #1343 from javuto/generate_tables_output 
Adding support to generate documentation to external files
 2015-07-15 17:10:27 -07:00
Javier Marcos
ba69bf8efa Adding support to generate documentation to external files 2015-07-15 13:18:41 -07:00
Teddy Reed
5f6577deb2 [Fix #1341] Add osqueryctl to make install target 2015-07-15 11:32:55 -07:00