mirror of
https://github.com/valitydev/osquery-1.git
synced 2024-11-07 09:58:54 +00:00
24 lines
949 B
Plaintext
24 lines
949 B
Plaintext
table_name("preferences")
|
|
description("OS X defaults and managed preferences.")
|
|
schema([
|
|
Column("domain", TEXT, "Application ID usually in com.name.product format",
|
|
index=True),
|
|
Column("key", TEXT, "Preference top-level key", index=True),
|
|
Column("subkey", TEXT, "Intemediate key path, includes lists/dicts", index=True),
|
|
Column("value", TEXT, "String value of most CF types"),
|
|
Column("forced", INTEGER, "1 if the value is forced/managed, else 0"),
|
|
Column("username", TEXT, "(optional) read preferences for a specific user",
|
|
additional=True),
|
|
Column("host", TEXT,
|
|
"'current' or 'any' host, where 'current' takes precedence"),
|
|
])
|
|
attributes(user_data=True)
|
|
implementation("system/darwin/preferences@genOSXDefaultPreferences")
|
|
examples([
|
|
"select * from preferences where domain = 'loginwindow'",
|
|
"select preferences.* from users join preferences using (username)",
|
|
])
|
|
fuzz_paths([
|
|
"/Users",
|
|
])
|