diff --git a/_servicedata b/_servicedata
index 43417eb..eeb8f02 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,4 +1,4 @@
https://github.com/SUSE/linux-security-sensor
- 3426c0acec7d33e39ada1cd2e26f8a33af766197
\ No newline at end of file
+ 675e45f90f6a78190d8428bd0a375e9dfd483589
\ No newline at end of file
diff --git a/velociraptor-0.7.0.4.git74.3426c0a.obscpio b/velociraptor-0.7.0.4.git74.3426c0a.obscpio
deleted file mode 100644
index e924a79..0000000
--- a/velociraptor-0.7.0.4.git74.3426c0a.obscpio
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:944701640da1fae76436c48f33b4987f921f350219f50db04e7c06b8b7e35d67
-size 140184590
diff --git a/velociraptor-0.7.0.4.git97.675e45f9.obscpio b/velociraptor-0.7.0.4.git97.675e45f9.obscpio
new file mode 100644
index 0000000..5ed3ab2
--- /dev/null
+++ b/velociraptor-0.7.0.4.git97.675e45f9.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ff318cdd4df1f01c631c39803eeacd83f0dd02973ba0949d4f44cbd95dcfbefa
+size 140256782
diff --git a/velociraptor-go_modules.tar.gz b/velociraptor-go_modules.tar.gz
index 81d1adf..e648da9 100644
--- a/velociraptor-go_modules.tar.gz
+++ b/velociraptor-go_modules.tar.gz
@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
-oid sha256:203e5f88be8a302210a6b1909bb0406fdf0d8b4bb1889bcd1e4c022f4a6f5ab2
-size 48034468
+oid sha256:fba0d8d319e1efb991ede33aaafc2a147828936458daebc235b227cd7d87cc5a
+size 48458375
diff --git a/velociraptor.changes b/velociraptor.changes
index 2a7cb5f..e4de5f9 100644
--- a/velociraptor.changes
+++ b/velociraptor.changes
@@ -1,3 +1,35 @@
+-------------------------------------------------------------------
+Mon Aug 12 20:47:33 UTC 2024 - Antonio Teixeira
+
+- Move system-user-velociraptor to the client flavor build in order
+ to build it on all architectures.
+
+-------------------------------------------------------------------
+Wed Jul 03 17:01:54 UTC 2024 - antonio.teixeira@suse.com
+
+- Update to version 0.7.0.4.git97.675e45f9:
+ * kafka-humio-gateway: update go version and dependency list
+ * kafka-humio-gateway: specific mTLS cert paths in config.yml
+ * docker-compose: set kafka replication factor and min ISRs
+ * kafka-humio-gateway: add http post retry mechanism
+ * kafka-humio-gateway: add pprof debugging option
+ * kafka-humio-gateway: format with gofmt
+ * kafka-humio-gateway: fix go-staticcheck issues
+ * kafka-humio-gateway: fix sendEvents() never exiting
+ * Kafka.Events.Client: Update to use new artifactset type
+ * docker-compose: add optional Kafka cluser
+ * kafka-humio-gateway: add mTLS support
+ * contrib/kafka-humio-gateway: add new debug option for noisy events
+ * contrib/kafka-humio-gateway: backoff and retry for metadata
+ * kafka-humio-gateway: add sample config file
+ * kafka-humio-gateway: update sarama and dependencies
+ * Add Kafka-Humio Gateway [Depends on PR#10] (#8)
+ * vql/server/kafka: connect sarama logging to velociraptor logging
+ * vql/server/kafka: add exponential backoff (limited to 30s) for metadata retries
+ * vql/server/kafka: set appropriate ClientID
+ * Add a Kafka export plugin
+- Use llvm17 when available
+
-------------------------------------------------------------------
Tue May 28 16:45:51 UTC 2024 - Antonio Teixeira
diff --git a/velociraptor.obsinfo b/velociraptor.obsinfo
index c5f45f3..c5f503c 100644
--- a/velociraptor.obsinfo
+++ b/velociraptor.obsinfo
@@ -1,4 +1,4 @@
name: velociraptor
-version: 0.7.0.4.git74.3426c0a
-mtime: 1712141066
-commit: 3426c0acec7d33e39ada1cd2e26f8a33af766197
+version: 0.7.0.4.git97.675e45f9
+mtime: 1719345654
+commit: 675e45f90f6a78190d8428bd0a375e9dfd483589
diff --git a/velociraptor.spec b/velociraptor.spec
index 45a84f5..0ba6135 100644
--- a/velociraptor.spec
+++ b/velociraptor.spec
@@ -57,7 +57,7 @@
# Older SLE releases and debbuild don't support uppercase VERSION macro
%if "%{_vendor}" == "debbuild" || 0%{?sle_version} < 150000
-%define VERSION %{version}
+%global VERSION %{version}
%endif
#Compat macro for new _fillupdir macro introduced in Nov 2017
@@ -71,7 +71,7 @@
%endif
Name: velociraptor%{name_suffix}
-Version: 0.7.0.4.git74.3426c0a
+Version: 0.7.0.4.git97.675e45f9
Release: 0
%if %{build_server}
Summary: Endpoint visibility and collection tool
@@ -128,7 +128,11 @@ BuildRequires: npm >= 18
%endif
%if %{with bpf}
%if 0%{?suse_version}
-%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150300
+%if 0%{?suse_version} > 1500 || 0%{?sle_version} == 150600
+BuildRequires: clang17
+BuildRequires: llvm17
+%else
+%if 0%{?sle_version} >= 150300
BuildRequires: clang16
BuildRequires: llvm16
%if 0%{?sle_version} > 150400
@@ -138,6 +142,7 @@ BuildRequires: llvm16-libclang13
BuildRequires: clang13
BuildRequires: llvm13
%endif
+%endif
BuildRequires: libelf-devel
BuildRequires: libzstd-devel
BuildRequires: zlib-devel
@@ -158,16 +163,20 @@ BuildRequires: zlib-devel
%endif
%endif
%if %{build_server}
-BuildRequires: sysuser-tools
+BuildRequires: group(velociraptor)
Requires: group(velociraptor)
Requires: user(velociraptor)
Obsoletes: velociraptor-kafka-humio-gateway < %{version}
+%else
+%if 0%{?suse_version}
+BuildRequires: sysuser-tools
%{?sysusers_requires}
%endif
+%endif
%if 0%{?suse_version}
-# SLE12 doesn't support sysusers and releases lower than SP4 don't build the server flavor which includes the system-user-velociraptor package.
-%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150400
+# SLE12 doesn't support sysusers
+%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
Requires(pre): pwdutils
%define pre_create_group 1
%else
@@ -214,20 +223,7 @@ https://docs.velociraptor.app/
This package contains the velociraptor server and full console GUI.
For just the endpoint agent, please install the 'velociraptor-client' package.
-%package -n system-user-velociraptor
-Summary: System user and group 'velociraptor'
-Version: 1.0.0
-License: Apache-2.0
-Group: System/Monitoring
-Provides: group(velociraptor)
-Provides: user(velociraptor)
-BuildArch: noarch
-
-%description -n system-user-velociraptor
-This package provides a shared system user for all velociraptor components
-
%endif
-
%if %{build_client}
%description
Velociraptor is a tool for collecting host based state information
@@ -239,6 +235,20 @@ https://docs.velociraptor.app/
This package contains only the endpoint agent. For the full server and GUI
console, please install the 'velociraptor' package.
+
+%if 0%{?suse_version}
+%package -n system-user-velociraptor
+Summary: System user and group 'velociraptor'
+Version: 1.0.0
+License: Apache-2.0
+Group: System/Monitoring
+Provides: group(velociraptor)
+Provides: user(velociraptor)
+BuildArch: noarch
+
+%description -n system-user-velociraptor
+This package provides a shared system user for all velociraptor components
+%endif
%endif
%prep
@@ -286,8 +296,11 @@ export VELOCIRAPTOR_GIT_HEAD=$git_commit
%if %{build_server}
(cd gui/velociraptor ; npm run build)
+%else
+%if 0%{?suse_version}
%sysusers_generate_pre %{SOURCE10} velociraptor-user
%endif
+%endif
%if 0%{?suse_version}
LLVM_STRIP=llvm-strip
@@ -311,8 +324,10 @@ config_file_source=%{SOURCE4}
sysconfig_file_source=%{SOURCE7}
config_file=server.config
-install -D -m 0644 %{SOURCE10} %{buildroot}%{_sysusersdir}/system-user-velociraptor.conf
%else
+%if 0%{?suse_version}
+install -D -m 0644 %{SOURCE10} %{buildroot}%{_sysusersdir}/system-user-velociraptor.conf
+%endif
service_file_source=%{SOURCE5}
config_file_source=%{SOURCE6}
sysconfig_file_source=%{SOURCE8}
@@ -351,13 +366,15 @@ install -D -m 0755 output/velociraptor-v%{VERSION}-linux-* %buildroot/%{_bindir}
%dir %attr(%{state_dir_perms}) %{_sharedstatedir}/%{name}/logs
%dir %attr(%{state_dir_perms}) %{_sharedstatedir}/%{name}/tmp
-%if %{build_server}
+%if %{build_client}
+%if 0%{?suse_version}
%files -n system-user-velociraptor
%defattr(-, root, root)
%{_sysusersdir}/system-user-velociraptor.conf
%pre -n system-user-velociraptor -f velociraptor-user.pre
%endif
+%endif
%if 0%{?suse_version}
%pre