Commit Graph

5 Commits

Author SHA1 Message Date
Maximilian Bosch
fbc009f266 osquery: 3.2.8 -> 3.2.9 (#43690)
Latest bugfix release with the following notable changes:

* Memory leak resolve for dispatcher
  (06d4865445)

* Fix include path on status.h
  (5bd4984f2a)

Additionally the patch had to be rebased onto the 3.2.9 branch as it
added XCode support including some CLang flags (namely `-fno-limit-debug-info`)
which are unsupported on GCC.
(see bccc28dd98)
2018-07-18 22:23:20 +02:00
Maximilian Bosch
a6d2cd5458
osquery: 3.2.2 -> 3.2.8
The 3.2.2 build fails ATM on Hydra: https://hydra.nixos.org/build/75998362

Bumping to 3.2.8 and rebasing `osquery/CMakeLists.txt` with `misc.patch`
fixes the issue. Additionally the NixOS test remains functional.
2018-06-18 16:50:31 +02:00
Maximilian Bosch
3cd2707e37
osquery: 2.5.2 -> 3.2.2
The package was originally broken as reported in #38940 and
facebook/osquery#4257. The latest version (3.x) contains several
important fixes for GCC 7, so now we can compile without a much less
complicated patches.

The following changes were needed to fix the derivation:

* Upgrade `osquery/third-party` to the latest rev to be compliant with
  osquery 3.

* Keep using an override for the AWS SDK (for a lower closure size and
  less compile time), but make the `ec2` API available.

* Added the dependencies `fpm`, `zstd`, `rdkafka`, `rapidjson` to the
  build. `linenoise-ng` is obsolete as it's directly bundled with
  `osquery/third-party`.

* Fixed the linking issue with `gflags` as recommended in the mailing
  list: https://groups.google.com/d/msg/nix-devel/l1blj-mWxtI/J3CwPATBCAAJ

* Dropped the obsolete dependencies `cpp-netlib`, `lz4`, `apt` and
  `devicemapper` (thanks @Infinisil).

* Override `OSQUERY_PLATFORM` to provide `nixos:version`
  for sandbox and non-NixOS based builds. The `platform-nixos.patch`
  file is now obsolete (thanks @flokli).

The patch was rebased against the 3.x branch of `osquery` and contains
mostly old changes. Additionally several testing targets were skipped as
they broke the build.

The functionality has been testing using the following command:

```
mkdir /tmp/osq.log/
./result/bin/osqueryd --pidfile /tmp/osq.pid \
  --database_path /tmp/test.db --logger_path /tmp/osq.log
```

With the daemon running the database can be queried easily using
`./result/bin/osqueryi`.

Fixes ticket #38940
See ticket #36453

Further reference can be gathered from the affected Hydra logs for
the master branch: https://hydra.nixos.org/job/nixos/trunk-combined/nixpkgs.osquery.x86_64-linux
2018-04-24 07:13:49 +02:00
Charles Strahan
232c34b8f4
osquery: use packaged sqlite and gtest/gmock 2017-07-24 21:48:08 -04:00
Charles Strahan
53426f6cb9
osquery: init at 2.5.2 2017-07-24 21:47:32 -04:00