Accepting request 1085591 from home:jeff_mahoney:branches:security:sensor:updates
- Update to version 0.6.7.5~git78.2bef6fc: * bpf: fix path to vmlinux.h - Update to version 0.6.7.5~git77.997aa73: * file_store/test_utils/server_config.go: update test certificate * Update bluemonday dependency. * vql/functions/hash: cache results on Linux * libbpfgo: update to velociraptor-branch-v0.4.8-libbpf-1.2.0 * logscale/backport: don't use networking.GetHttpTransport * vql/tools/logscale: add plugin to post events to LogScale ingestion endpoint * file_store/directory: add ability to report pending size - Change clang dependency to clang16 - Fix velociraptor-golang-mage-vendoring.diff to account for newer 'go mod vendor' honoring build flags. - Fix update-vendoring.sh script to actually run the %setup part of the spec. - Merge client package into server spec and use _multibuild to create client package from same spec file. - Adjust changelog to retain changes for client package. - Fix building in static mode on earlier releases. - Added patch: velociraptor-libbpfgo-only-build-libbpf.patch - Tightening the security of the services a bit: - tmp files are now moved to /var/lib/velociraptor{,-client}/tmp from /tmp - run velociraptor server as user velociraptor instead of root we do not really need root permissions here - introduce /var/lib/velociraptor/filestore to make it easier to split out large file upload - change permissions for the data directory and subdirectories to OBS-URL: https://build.opensuse.org/request/show/1085591 OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=46
This commit is contained in:
parent
bfb6d78d98
commit
3a5ec10ba3
4
_multibuild
Normal file
4
_multibuild
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<multibuild>
|
||||||
|
<package>client</package>
|
||||||
|
</multibuild>
|
||||||
|
|
4
_service
4
_service
@ -5,8 +5,8 @@
|
|||||||
<param name="versionformat">@PARENT_TAG@~git@TAG_OFFSET@.%h</param>
|
<param name="versionformat">@PARENT_TAG@~git@TAG_OFFSET@.%h</param>
|
||||||
<param name="revision">sensor-base-0.6.7</param>
|
<param name="revision">sensor-base-0.6.7</param>
|
||||||
<param name="scm">git</param>
|
<param name="scm">git</param>
|
||||||
<param name="parent-tag">v0.6.7-4</param>
|
<param name="parent-tag">v0.6.7-5</param>
|
||||||
<param name="versionrewrite-pattern">v([0-9\.]*)-(.*)</param>
|
<param name="versionrewrite-pattern">v([0-9\.\-]*)-(.*)</param>
|
||||||
<param name="versionrewrite-replacement">\1.\2</param>
|
<param name="versionrewrite-replacement">\1.\2</param>
|
||||||
<param name="changesgenerate">enable</param>
|
<param name="changesgenerate">enable</param>
|
||||||
<param name="submodules">enable</param>
|
<param name="submodules">enable</param>
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
<servicedata>
|
<servicedata>
|
||||||
<service name="tar_scm">
|
<service name="tar_scm">
|
||||||
<param name="url">https://github.com/jeffmahoney/linux-security-sensor</param>
|
|
||||||
<param name="changesrevision">0e858552af3d6ab57bae796cc3e50ccef36b4aff</param></service><service name="tar_scm">
|
|
||||||
<param name="url">https://github.com/SUSE/linux-security-sensor</param>
|
<param name="url">https://github.com/SUSE/linux-security-sensor</param>
|
||||||
<param name="changesrevision">4a1ed09d50339b902c6446686bd16deedbb23804</param></service></servicedata>
|
<param name="changesrevision">2bef6fce8e26733a13a3bbfeaa8c4828db1a99ba</param></service><service name="tar_scm">
|
||||||
|
<param name="url">https://github.com/jeffmahoney/linux-security-sensor</param>
|
||||||
|
<param name="changesrevision">02020f9752134efd8a6a92ab83a7b55b498e1948</param></service></servicedata>
|
15
sysconfig.velociraptor-kafka-humio-gateway
Normal file
15
sysconfig.velociraptor-kafka-humio-gateway
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
## Path: Security/Monitoring
|
||||||
|
## Description: Velociraptor Kafka-Humio Gateway settings
|
||||||
|
## Type: string
|
||||||
|
## Default: ""
|
||||||
|
## ServiceRestart: velociraptor
|
||||||
|
#
|
||||||
|
# Options for velociraptor
|
||||||
|
#
|
||||||
|
KAFKA_HUMIO_GATEWAY_OPTIONS="--verbose"
|
||||||
|
|
||||||
|
#
|
||||||
|
# Location of configuration file
|
||||||
|
#
|
||||||
|
KAFKA_HUMIO_GATEWAY_CONFIG="/etc/velociraptor-kafka-humio-gateway/transport.yml"
|
||||||
|
|
@ -21,20 +21,23 @@ version=$(rpmspec -q --queryformat="%{VERSION}\n" velociraptor.spec|head -1)
|
|||||||
dir="$(realpath "$(mktemp -d vendoring.XXXXXX)")"
|
dir="$(realpath "$(mktemp -d vendoring.XXXXXX)")"
|
||||||
topdir="$(realpath "$(dirname "$0")")"
|
topdir="$(realpath "$(dirname "$0")")"
|
||||||
|
|
||||||
rpmspec -P velociraptor.spec --define "_sourcedir $PWD" | \
|
# Pull the %prep section out of the spec file and replace the tarball with the obscpio
|
||||||
|
awk '
|
||||||
|
BEGIN { go=1; };
|
||||||
|
/^%build/ { go=0; };
|
||||||
|
{ if (go) print };' < velociraptor.spec > ${dir}/velociraptor.spec
|
||||||
|
|
||||||
|
rpmspec -P ${dir}/velociraptor.spec --define "_sourcedir $PWD" --define "_builddir ${dir}"| \
|
||||||
awk '
|
awk '
|
||||||
BEGIN { go=0; };
|
BEGIN { go=0; };
|
||||||
/^%build/ { go=0; };
|
/^%build/ { go=0; };
|
||||||
{ if (go) print };
|
{ if (go) print };
|
||||||
/^%setup/ { go=1 }' > ${dir}/setup.sh
|
/^%prep/ { go=1 }' | sed -e "/rpmuncompress.*velociraptor-.*.tar.xz/s#.*#cpio -D . -id < $PWD/velociraptor-${version}.obscpio#" > ${dir}/setup.sh
|
||||||
|
|
||||||
echo "Expanding archive..."
|
|
||||||
cpio -D "${dir}" -id < velociraptor-${version}.obscpio
|
|
||||||
|
|
||||||
echo "Running %prep"
|
echo "Running %prep"
|
||||||
|
cd ${dir}
|
||||||
|
sh -e ${dir}/setup.sh
|
||||||
cd "${dir}/velociraptor-${version}"
|
cd "${dir}/velociraptor-${version}"
|
||||||
tar Jxf ${topdir}/vmlinux.h-5.14.21150400.22-150400-default.tar.xz
|
|
||||||
sh ${dir}/setup.sh
|
|
||||||
|
|
||||||
echo "Re-vendoring Go code..."
|
echo "Re-vendoring Go code..."
|
||||||
gopathdir="$(mktemp -d /tmp/gopath.XXXXXXX)"
|
gopathdir="$(mktemp -d /tmp/gopath.XXXXXXX)"
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:7fb845e3c71742cdfd51fd4b7eb0587c9a8ba9894874a5d6353fbf375a733f6d
|
|
||||||
size 127596558
|
|
3
velociraptor-0.6.7.5~git78.2bef6fc.obscpio
Normal file
3
velociraptor-0.6.7.5~git78.2bef6fc.obscpio
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:638b6e6ef4d9146cd59ba9252358f1605b64af59ab902f1b919be6e6fe8c38e4
|
||||||
|
size 130006542
|
File diff suppressed because it is too large
Load Diff
@ -9,7 +9,8 @@ UMask=0027
|
|||||||
MemoryHigh=4G
|
MemoryHigh=4G
|
||||||
MemoryMax=8G
|
MemoryMax=8G
|
||||||
EnvironmentFile=-/etc/sysconfig/velociraptor-client
|
EnvironmentFile=-/etc/sysconfig/velociraptor-client
|
||||||
ExecStart=/usr/bin/velociraptor client --config /etc/velociraptor/client.config $VELOCIRAPTOR_CLIENT_OPTS
|
Environment=TMPDIR=/var/lib/velociraptor-client/tmp
|
||||||
|
ExecStart=/usr/bin/velociraptor-client client --config /etc/velociraptor/client.config $VELOCIRAPTOR_CLIENT_OPTS
|
||||||
|
|
||||||
PrivateTmp=true
|
PrivateTmp=true
|
||||||
PrivateDevices=true
|
PrivateDevices=true
|
||||||
|
@ -1,157 +0,0 @@
|
|||||||
#
|
|
||||||
# spec file for package velociraptor-client
|
|
||||||
#
|
|
||||||
# Copyright (c) 2023 SUSE LLC
|
|
||||||
#
|
|
||||||
# All modifications and additions to the file contributed by third parties
|
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
|
||||||
# upon. The license for this file, and modifications and additions to the
|
|
||||||
# file, is the same license as for the pristine package itself (unless the
|
|
||||||
# license for the pristine package is not an Open Source License, in which
|
|
||||||
# case the license is the MIT License). An "Open Source License" is a
|
|
||||||
# license that conforms to the Open Source Definition (Version 1.9)
|
|
||||||
# published by the Open Source Initiative.
|
|
||||||
|
|
||||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
|
||||||
#
|
|
||||||
|
|
||||||
|
|
||||||
%define projname velociraptor
|
|
||||||
%define vendor_version 0.6.7.4~git41.678ed56
|
|
||||||
%define vmlinux_h_version 5.14.21150400.22-150400-default
|
|
||||||
|
|
||||||
# SLE 15 SP2 / Leap 15.2 or newer gets eBPF
|
|
||||||
# Earlier versions don't have a usable eBPF and the
|
|
||||||
# release doesn't easily build llvm13
|
|
||||||
%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150200
|
|
||||||
%bcond_without bpf
|
|
||||||
%else
|
|
||||||
%bcond_with bpf
|
|
||||||
%endif
|
|
||||||
|
|
||||||
#Compat macro for new _fillupdir macro introduced in Nov 2017
|
|
||||||
%if ! %{defined _fillupdir}
|
|
||||||
%define _fillupdir %{_localstatedir}/adm/fillup-templates
|
|
||||||
%endif
|
|
||||||
|
|
||||||
# SLE12 has _sharedstatedir in an odd place
|
|
||||||
%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
|
|
||||||
%define _sharedstatedir /var/lib
|
|
||||||
%endif
|
|
||||||
|
|
||||||
Name: velociraptor-client
|
|
||||||
Version: 0.6.7.4~git63.4a1ed09d
|
|
||||||
Release: 0
|
|
||||||
Summary: Endpoint visibility and collection tool (endpoint only)
|
|
||||||
Group: System/Monitoring
|
|
||||||
License: AGPL-3.0-only
|
|
||||||
URL: https://github.com/Velocidex/velociraptor
|
|
||||||
Source: %{projname}-%{version}.tar.xz
|
|
||||||
Source1: vendor-golang-%{vendor_version}.tar.xz
|
|
||||||
Source2: %{name}.service
|
|
||||||
Source3: %{name}.config.placeholder
|
|
||||||
Source4: vmlinux.h-%{vmlinux_h_version}.tar.xz
|
|
||||||
Source5: update-vendoring.sh
|
|
||||||
Source6: sysconfig.%{name}
|
|
||||||
Source7: %{projname}.obsinfo
|
|
||||||
Patch1: velociraptor-golang-mage-vendoring.diff
|
|
||||||
Patch2: velociraptor-skip-git-submodule-import-for-OBS-build.patch
|
|
||||||
Patch3: vendor-build-fixes-for-SLE12.patch
|
|
||||||
Patch4: sdjournal-build-fix-for-SLE12.patch
|
|
||||||
Patch5: velociraptor-reproducible-timestamp.diff
|
|
||||||
BuildRequires: fileb0x
|
|
||||||
BuildRequires: golang-packaging
|
|
||||||
BuildRequires: mage
|
|
||||||
BuildRequires: systemd-rpm-macros
|
|
||||||
BuildRequires: golang(API) >= 1.19
|
|
||||||
BuildRequires: pkgconfig(libsystemd)
|
|
||||||
%ifarch x86_64
|
|
||||||
BuildRequires: libtsan0
|
|
||||||
%endif
|
|
||||||
%if %{with bpf}
|
|
||||||
# clang15 causes libbpfo to crash immediately
|
|
||||||
BuildRequires: clang13
|
|
||||||
BuildRequires: libelf-devel
|
|
||||||
BuildRequires: llvm13
|
|
||||||
BuildRequires: zlib-devel-static
|
|
||||||
%endif
|
|
||||||
Conflicts: velociraptor
|
|
||||||
ExclusiveArch: x86_64 ppc64le aarch64 s390x
|
|
||||||
|
|
||||||
%description
|
|
||||||
Velociraptor is a tool for collecting host based state information
|
|
||||||
using The Velociraptor Query Language (VQL) queries.
|
|
||||||
|
|
||||||
To learn more about Velociraptor, read the documentation on:
|
|
||||||
|
|
||||||
https://docs.velociraptor.app/
|
|
||||||
|
|
||||||
This package contains only the endpoint agent. For the full console, please
|
|
||||||
install the 'velociraptor' package.
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup -q -a 1 -a 4 -n %{projname}-%{version}
|
|
||||||
%autopatch -p1
|
|
||||||
|
|
||||||
# Set the version to something more specific than <next-tag>-dev
|
|
||||||
sed -ie "s/\(VERSION *= \).*/\1 \"%{version}\"/" constants/constants.go
|
|
||||||
|
|
||||||
%if %{with bpf}
|
|
||||||
mkdir -p third_party/libbpfgo/output
|
|
||||||
|
|
||||||
cp vmlinux.h-%{vmlinux_h_version}/vmlinux-%{_arch}.h \
|
|
||||||
third_party/libbpfgo/output/vmlinux.h
|
|
||||||
%endif
|
|
||||||
|
|
||||||
# These just clutter the GUI and we don't have Windows clients
|
|
||||||
# Note: There are dependencies on these that need to be resolved before
|
|
||||||
# removing them outright.
|
|
||||||
# rm -rf artifacts/definitions/Windows
|
|
||||||
|
|
||||||
%build
|
|
||||||
|
|
||||||
# Reproductible builds need stable timestamps
|
|
||||||
timestamp=$(date -Iseconds --utc --date=@$(grep mtime: %{SOURCE7}|sed -e 's/mtime: //'))
|
|
||||||
git_commit=$(grep commit: %{SOURCE7}|sed -e 's/commit: //g')
|
|
||||||
|
|
||||||
export VELOCIRAPTOR_BUILD_TIME=$timestamp
|
|
||||||
export VELOCIRAPTOR_GIT_HEAD=$git_commit
|
|
||||||
|
|
||||||
PATH=$PATH:/usr/sbin make linux_bare BUILD_LIBBPFGO=%{with bpf}
|
|
||||||
|
|
||||||
%install
|
|
||||||
mkdir -p %buildroot/%{_bindir}
|
|
||||||
mkdir -p %buildroot/%{_sysconfdir}/velociraptor
|
|
||||||
mkdir -p %buildroot/%{_unitdir}
|
|
||||||
mkdir -p %buildroot/%{_sharedstatedir}/velociraptor-client
|
|
||||||
install -m 0755 output/velociraptor-v%{version}-linux-* %buildroot/%{_bindir}/velociraptor
|
|
||||||
install -m 0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.service
|
|
||||||
install -m 0600 %{SOURCE3} %{buildroot}%{_sysconfdir}/velociraptor/client.config
|
|
||||||
install -d -m 755 %{buildroot}%{_fillupdir}
|
|
||||||
install -m 0644 %{SOURCE6} %{buildroot}%{_fillupdir}
|
|
||||||
|
|
||||||
%files
|
|
||||||
%defattr(-, root, root)
|
|
||||||
%license LICENSE
|
|
||||||
%doc README.md
|
|
||||||
%dir %{_sysconfdir}/velociraptor
|
|
||||||
%{_bindir}/velociraptor
|
|
||||||
%config(noreplace) %{_sysconfdir}/velociraptor/client.config
|
|
||||||
%{_unitdir}/%{name}.service
|
|
||||||
%dir %{_sharedstatedir}/velociraptor-client
|
|
||||||
%{_fillupdir}/sysconfig.%{name}
|
|
||||||
|
|
||||||
%pre
|
|
||||||
%service_add_pre %{name}.service
|
|
||||||
|
|
||||||
%post
|
|
||||||
%{fillup_only}
|
|
||||||
%service_add_post %{name}.service
|
|
||||||
|
|
||||||
%preun
|
|
||||||
%service_del_preun %{name}.service
|
|
||||||
|
|
||||||
%postun
|
|
||||||
%service_del_postun %{name}.service
|
|
||||||
|
|
||||||
%changelog
|
|
@ -1,22 +1,19 @@
|
|||||||
From: Jeff Mahoney <jeffm@suse.com>
|
From: Jeff Mahoney <jeffm@suse.com>
|
||||||
Subject: [PATCH] velociraptor: add dummy main function for mage
|
Subject: [PATCH] velociraptor: remove ignore tag to allow vendoring of mage
|
||||||
|
|
||||||
|
The ignore tag in make.go means it won't be properly vendored.
|
||||||
|
|
||||||
Mage won't pull in the full dependencies without there being a real
|
|
||||||
import. This isn't used in the executable, since that's in bin/, but it
|
|
||||||
will be used for 'go mod vendor'
|
|
||||||
---
|
---
|
||||||
dummy.go | 9 +++++++++
|
make.go | 2 --
|
||||||
1 file changed, 9 insertions(+)
|
1 file changed, 2 deletions(-)
|
||||||
|
|
||||||
--- /dev/null
|
diff --git a/make.go b/make.go
|
||||||
+++ b/dummy.go
|
index 28b3e90..8fad8b9 100644
|
||||||
@@ -0,0 +1,9 @@
|
--- a/make.go
|
||||||
+// +build useless
|
+++ b/make.go
|
||||||
+package main
|
@@ -1,5 +1,3 @@
|
||||||
+
|
-// +build ignore
|
||||||
+import (
|
-
|
||||||
+ "github.com/magefile/mage"
|
/*
|
||||||
+)
|
Velociraptor - Dig Deeper
|
||||||
+
|
Copyright (C) 2019-2022 Rapid7 Inc.
|
||||||
+func main() {
|
|
||||||
+}
|
|
||||||
|
24
velociraptor-kafka-humio-gateway.service
Normal file
24
velociraptor-kafka-humio-gateway.service
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Velociraptor Kafka-Humio Gateway Service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
User=velociraptor-kafka
|
||||||
|
Group=velociraptor-kafka
|
||||||
|
UMask=0027
|
||||||
|
User=velociraptor
|
||||||
|
Group=velociraptor
|
||||||
|
EnvironmentFile=-/etc/sysconfig/velociraptor-kafka-humio-gateway
|
||||||
|
ExecStart=/usr/bin/velociraptor-kafka-humio-gateway $KAFKA_HUMIO_GATEWAY_OPTS --config $KAFKA_HUMIO_GATEWAY_CONFIG
|
||||||
|
|
||||||
|
PrivateTmp=true
|
||||||
|
PrivateDevices=true
|
||||||
|
ProtectHostname=true
|
||||||
|
ProtectClock=true
|
||||||
|
ProtectKernelTunables=true
|
||||||
|
ProtectKernelModules=true
|
||||||
|
ProtectControlGroups=true
|
||||||
|
MemoryDenyWriteExecute=true
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
2
velociraptor-kafka.sysusers
Normal file
2
velociraptor-kafka.sysusers
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
u velociraptor-kafka - "User for velociraptor Kafka Humio Gateway" /var/lib/velociraptor-kafka-humio-gateway
|
||||||
|
g velociraptor-kafka - -
|
@ -1,23 +0,0 @@
|
|||||||
From: Jeff Mahoney <jeffm@suse.com>
|
|
||||||
Subject: skip git submodule import for OBS build
|
|
||||||
|
|
||||||
For OBS builds, the git submodule is imported during obs_scm.
|
|
||||||
|
|
||||||
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
|
|
||||||
---
|
|
||||||
Makefile | 4 ++--
|
|
||||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
--- a/Makefile
|
|
||||||
+++ b/Makefile
|
|
||||||
@@ -61,8 +61,8 @@ ifeq ($(BUILD_LIBBPFGO), 1)
|
|
||||||
vql/linux/chattrsnoop/chattrsnoop.bpf.o
|
|
||||||
|
|
||||||
$(LIBBPFGO_DIR): always-check
|
|
||||||
- echo "INFO: updating submodule 'libbpfgo'"
|
|
||||||
- $(GIT) submodule update --init --recursive $@
|
|
||||||
+# echo "INFO: updating submodule 'libbpfgo'"
|
|
||||||
+# $(GIT) submodule update --init --recursive $@
|
|
||||||
|
|
||||||
$(LIBBPF_LIB): $(LIBBPFGO_DIR)
|
|
||||||
make -C $(LIBBPFGO_DIR) libbpfgo-full-static
|
|
@ -1,5 +1,65 @@
|
|||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Jan 26 20:06:09 UTC 2023 - jeffm@suse.com
|
Mon May 08 20:21:03 UTC 2023 - jeffm@suse.com
|
||||||
|
|
||||||
|
- Update to version 0.6.7.5~git78.2bef6fc:
|
||||||
|
* bpf: fix path to vmlinux.h
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon May 08 19:42:58 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
|
||||||
|
|
||||||
|
- Update to version 0.6.7.5~git77.997aa73:
|
||||||
|
* file_store/test_utils/server_config.go: update test certificate
|
||||||
|
* Update bluemonday dependency.
|
||||||
|
* vql/functions/hash: cache results on Linux
|
||||||
|
* libbpfgo: update to velociraptor-branch-v0.4.8-libbpf-1.2.0
|
||||||
|
* logscale/backport: don't use networking.GetHttpTransport
|
||||||
|
* vql/tools/logscale: add plugin to post events to LogScale ingestion endpoint
|
||||||
|
* file_store/directory: add ability to report pending size
|
||||||
|
- Change clang dependency to clang16
|
||||||
|
- Fix velociraptor-golang-mage-vendoring.diff to account for newer
|
||||||
|
'go mod vendor' honoring build flags.
|
||||||
|
- Fix update-vendoring.sh script to actually run the %setup part of
|
||||||
|
the spec.
|
||||||
|
- Merge client package into server spec and use _multibuild to create
|
||||||
|
client package from same spec file.
|
||||||
|
- Adjust changelog to retain changes for client package.
|
||||||
|
- Fix building in static mode on earlier releases.
|
||||||
|
- Added patch: velociraptor-libbpfgo-only-build-libbpf.patch
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Mar 10 18:54:37 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
|
||||||
|
|
||||||
|
- Tightening the security of the services a bit:
|
||||||
|
- tmp files are now moved to /var/lib/velociraptor{,-client}/tmp
|
||||||
|
from /tmp
|
||||||
|
- run velociraptor server as user velociraptor instead of root
|
||||||
|
we do not really need root permissions here
|
||||||
|
- introduce /var/lib/velociraptor/filestore to make it easier to
|
||||||
|
split out large file upload
|
||||||
|
- change permissions for the data directory and subdirectories to
|
||||||
|
/var/lib/velociraptor/ u=rwX,go= velociraptor:velociraptor
|
||||||
|
/var/lib/velociraptor-client/ u=rwX,go= root:root
|
||||||
|
- change permissions of config directory to:
|
||||||
|
/etc/velociraptor/ u=rwX,g=rX,o= root:velociraptor
|
||||||
|
/etc/velociraptor/server.config u=rw,g=r,o= root:velociraptor
|
||||||
|
/etc/velociraptor/client.config u=rw,go= root:root
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Mar 10 15:36:18 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
|
||||||
|
|
||||||
|
- Update to version 0.6.7.5~git6.73efb2a:
|
||||||
|
* libbpfgo: update submodule to require libzstd for newer libelf
|
||||||
|
* utils/time.js: fix handling of nanosecond-resolution timestamps
|
||||||
|
* libbpfgo: switch to using regular static builds
|
||||||
|
* Create a new 0.6.7-5 release (#2385)
|
||||||
|
- Verify FILESYSTEM_WRITE permission on copy() function (#2384) (bsc#1207936, CVE-2023-0242)
|
||||||
|
- Also ensure client id is considered unsafe (bsc#1207937, CVE-2023-0290)
|
||||||
|
* github/workflows/linux: do apt-get update to refresh package lists
|
||||||
|
- Remove unnecessary dependency on libtsan0.
|
||||||
|
- Allow velociraptor and velociraptor-client packages to coexist.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Jan 26 20:06:09 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
|
||||||
|
|
||||||
- Update to version 0.6.7.4~git63.4a1ed09d:
|
- Update to version 0.6.7.4~git63.4a1ed09d:
|
||||||
* utils/time.js: fix handling of nanosecond-resolution timestamps
|
* utils/time.js: fix handling of nanosecond-resolution timestamps
|
||||||
@ -12,7 +72,7 @@ Tue Jan 24 20:57:08 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
|
|||||||
- Use obsinfo mtime to produce stable build timestamp (bsc#1207369).
|
- Use obsinfo mtime to produce stable build timestamp (bsc#1207369).
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Jan 24 15:07:09 UTC 2023 - jeffm@suse.com
|
Tue Jan 24 15:07:09 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
|
||||||
|
|
||||||
- Update to version 0.6.7.4~git60.8abed37a:
|
- Update to version 0.6.7.4~git60.8abed37a:
|
||||||
* http_comms: create ring buffer temporary file in the same directory
|
* http_comms: create ring buffer temporary file in the same directory
|
||||||
@ -48,6 +108,11 @@ Fri Jan 20 20:18:49 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
|
|||||||
- vendor-build-fixes-for-SLE12.patch
|
- vendor-build-fixes-for-SLE12.patch
|
||||||
- sdjournal-build-fix-for-SLE12.patch
|
- sdjournal-build-fix-for-SLE12.patch
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Jan 20 16:37:17 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
||||||
|
|
||||||
|
- client: add memory limit to systemd unit
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Jan 19 15:17:22 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
|
Thu Jan 19 15:17:22 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
|
||||||
|
|
||||||
@ -77,6 +142,11 @@ Thu Jan 19 01:01:09 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
|
|||||||
- Define ExclusiveArch for x86_64, ppc64le, aarch64, and s390x
|
- Define ExclusiveArch for x86_64, ppc64le, aarch64, and s390x
|
||||||
Neither the client or server builds on ix86.
|
Neither the client or server builds on ix86.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Jan 9 16:01:44 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
|
||||||
|
|
||||||
|
- Added Restart=on-failure to restart the client automatically.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Dec 12 20:03:23 UTC 2022 - Jeff Mahoney <jeffm@suse.com>
|
Mon Dec 12 20:03:23 UTC 2022 - Jeff Mahoney <jeffm@suse.com>
|
||||||
|
|
||||||
@ -1030,7 +1100,12 @@ Thu Jan 27 17:27:42 UTC 2022 - Jeff Mahoney <jeffm@suse.com>
|
|||||||
* Propagate column types from artifact to flow notebook. (#1346)
|
* Propagate column types from artifact to flow notebook. (#1346)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Jan 06 20:14:39 UTC 2022 - Jeff Mahoney <jeffm@suse.com>
|
Thu Jan 6 21:50:43 UTC 2022 - Jeff Mahoney <jeffm@suse.com>
|
||||||
|
|
||||||
|
- client: Remove dependencies on nodejs since we don't use it in client mode.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Jan 6 20:14:39 UTC 2022 - Jeff Mahoney <jeffm@suse.com>
|
||||||
|
|
||||||
- Update to version 0.6.2~git73.dc02b45e:
|
- Update to version 0.6.2~git73.dc02b45e:
|
||||||
* Update PrivateKeys.yaml (#1459)
|
* Update PrivateKeys.yaml (#1459)
|
||||||
@ -1056,6 +1131,8 @@ Thu Dec 16 14:12:05 UTC 2021 - Jeff Mahoney <jeffm@suse.com>
|
|||||||
- Switch to using master branch via service files.
|
- Switch to using master branch via service files.
|
||||||
- Added update-vendoring.sh to update the nodejs and go dependencies
|
- Added update-vendoring.sh to update the nodejs and go dependencies
|
||||||
after version update.
|
after version update.
|
||||||
|
- Now building the client with linux_bare target that disables
|
||||||
|
the GUI for endpoint usage.
|
||||||
- Patch the version string to reflect the package version instead
|
- Patch the version string to reflect the package version instead
|
||||||
of an indistinguishable <next-tag>-dev.
|
of an indistinguishable <next-tag>-dev.
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
name: velociraptor
|
name: velociraptor
|
||||||
version: 0.6.7.4~git63.4a1ed09d
|
version: 0.6.7.5~git78.2bef6fc
|
||||||
mtime: 1674763484
|
mtime: 1683577211
|
||||||
commit: 4a1ed09d50339b902c6446686bd16deedbb23804
|
commit: 2bef6fce8e26733a13a3bbfeaa8c4828db1a99ba
|
||||||
|
@ -3,10 +3,11 @@ Description=Velociraptor Server Service
|
|||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
User=root
|
|
||||||
Group=root
|
|
||||||
UMask=0027
|
UMask=0027
|
||||||
|
User=velociraptor
|
||||||
|
Group=velociraptor
|
||||||
EnvironmentFile=-/etc/sysconfig/velociraptor
|
EnvironmentFile=-/etc/sysconfig/velociraptor
|
||||||
|
Environment=TMPDIR=/var/lib/velociraptor/tmp
|
||||||
ExecStart=/usr/bin/velociraptor frontend --verbose --config /etc/velociraptor/server.config $VELOCIRAPTOR_OPTS
|
ExecStart=/usr/bin/velociraptor frontend --verbose --config /etc/velociraptor/server.config $VELOCIRAPTOR_OPTS
|
||||||
|
|
||||||
PrivateTmp=true
|
PrivateTmp=true
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
#
|
#
|
||||||
# spec file for package velociraptor
|
# spec file
|
||||||
#
|
#
|
||||||
# Copyright (c) 2023 SUSE LLC
|
# Copyright (c) 2023 SUSE LLC
|
||||||
#
|
#
|
||||||
@ -16,8 +16,28 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
|
|
||||||
|
%define flavor @BUILD_FLAVOR@%{nil}
|
||||||
|
|
||||||
|
%if "%{flavor}" == "client"
|
||||||
|
%define build_client 1
|
||||||
|
%define build_server 0
|
||||||
|
%define build_kafka_humio_gateway 0
|
||||||
|
%define name_suffix -client
|
||||||
|
%define make_target linux_bare
|
||||||
|
%define config_perms %attr(0600, root, root)
|
||||||
|
%define state_dir_perms %attr(0700, root, root)
|
||||||
|
%else
|
||||||
|
%define build_kafka_humio_gateway 1
|
||||||
|
%define build_server 1
|
||||||
|
%define build_client 0
|
||||||
|
%define name_suffix %{nil}
|
||||||
|
%define make_target linux
|
||||||
|
%define config_perms %attr(0640, root, velociraptor)
|
||||||
|
%define state_dir_perms %attr(0700, velociraptor, velociraptor)
|
||||||
|
%endif
|
||||||
|
|
||||||
%define projname velociraptor
|
%define projname velociraptor
|
||||||
%define vendor_version 0.6.7.4~git41.678ed56
|
%define vendor_version 0.6.7.5~git77.997aa73
|
||||||
%define vmlinux_h_version 5.14.21150400.22-150400-default
|
%define vmlinux_h_version 5.14.21150400.22-150400-default
|
||||||
|
|
||||||
# SLE 15 SP2 / Leap 15.2 or newer gets eBPF
|
# SLE 15 SP2 / Leap 15.2 or newer gets eBPF
|
||||||
@ -39,10 +59,14 @@
|
|||||||
%define _sharedstatedir /var/lib
|
%define _sharedstatedir /var/lib
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
Name: velociraptor
|
Name: velociraptor%{name_suffix}
|
||||||
Version: 0.6.7.4~git63.4a1ed09d
|
Version: 0.6.7.5~git78.2bef6fc
|
||||||
Release: 0
|
Release: 0
|
||||||
|
%if %{build_server}
|
||||||
Summary: Endpoint visibility and collection tool
|
Summary: Endpoint visibility and collection tool
|
||||||
|
%else
|
||||||
|
Summary: Endpoint visibility and collection tool (endpoint only)
|
||||||
|
%endif
|
||||||
Group: System/Monitoring
|
Group: System/Monitoring
|
||||||
License: AGPL-3.0-only
|
License: AGPL-3.0-only
|
||||||
URL: https://github.com/Velocidex/velociraptor
|
URL: https://github.com/Velocidex/velociraptor
|
||||||
@ -50,41 +74,50 @@ Source: %{projname}-%{version}.tar.xz
|
|||||||
Source1: vendor-golang-%{vendor_version}.tar.xz
|
Source1: vendor-golang-%{vendor_version}.tar.xz
|
||||||
Source2: vendor-golang-kafka-humio-gateway-%{vendor_version}.tar.xz
|
Source2: vendor-golang-kafka-humio-gateway-%{vendor_version}.tar.xz
|
||||||
Source3: vendor-nodejs-%{vendor_version}.tar.xz
|
Source3: vendor-nodejs-%{vendor_version}.tar.xz
|
||||||
Source4: %{name}.service
|
Source4: vmlinux.h-%{vmlinux_h_version}.tar.xz
|
||||||
Source5: %{name}-server.config.placeholder
|
Source5: velociraptor.service
|
||||||
Source6: %{name}-client.service
|
Source6: velociraptor-server.config.placeholder
|
||||||
Source7: %{name}-client.config.placeholder
|
Source7: velociraptor-client.service
|
||||||
Source8: vmlinux.h-%{vmlinux_h_version}.tar.xz
|
Source8: velociraptor-client.config.placeholder
|
||||||
Source9: update-vendoring.sh
|
Source9: update-vendoring.sh
|
||||||
Source10: sysconfig.%{name}
|
Source10: sysconfig.velociraptor
|
||||||
Source11: sysconfig.%{name}-client
|
Source11: sysconfig.velociraptor-client
|
||||||
Source12: %{projname}.obsinfo
|
Source12: %{projname}.obsinfo
|
||||||
|
Source13: velociraptor-kafka.sysusers
|
||||||
|
Source14: velociraptor-kafka-humio-gateway.service
|
||||||
|
Source15: sysconfig.velociraptor-kafka-humio-gateway
|
||||||
Patch1: velociraptor-golang-mage-vendoring.diff
|
Patch1: velociraptor-golang-mage-vendoring.diff
|
||||||
Patch2: velociraptor-skip-git-submodule-import-for-OBS-build.patch
|
Patch2: vendor-build-fixes-for-SLE12.patch
|
||||||
Patch3: vendor-build-fixes-for-SLE12.patch
|
Patch3: sdjournal-build-fix-for-SLE12.patch
|
||||||
Patch4: sdjournal-build-fix-for-SLE12.patch
|
Patch4: velociraptor-reproducible-timestamp.diff
|
||||||
Patch5: velociraptor-reproducible-timestamp.diff
|
|
||||||
BuildRequires: fileb0x
|
BuildRequires: fileb0x
|
||||||
BuildRequires: golang-packaging
|
BuildRequires: golang-packaging
|
||||||
BuildRequires: mage
|
BuildRequires: mage
|
||||||
BuildRequires: systemd-rpm-macros
|
BuildRequires: systemd-rpm-macros
|
||||||
BuildRequires: golang(API) >= 1.18
|
BuildRequires: golang(API) >= 1.18
|
||||||
BuildRequires: pkgconfig(libsystemd)
|
BuildRequires: pkgconfig(libsystemd)
|
||||||
%ifarch x86_64
|
%if %{build_server}
|
||||||
BuildRequires: libtsan0
|
|
||||||
%endif
|
|
||||||
BuildRequires: nodejs >= 16
|
BuildRequires: nodejs >= 16
|
||||||
BuildRequires: npm >= 16
|
BuildRequires: npm >= 16
|
||||||
%if %{with bpf}
|
|
||||||
# clang15 causes libbpfo to crash immediately
|
|
||||||
BuildRequires: clang13
|
|
||||||
BuildRequires: libelf-devel
|
|
||||||
BuildRequires: llvm13
|
|
||||||
BuildRequires: zlib-devel-static
|
|
||||||
%endif
|
%endif
|
||||||
Conflicts: velociraptor-client
|
%if %{with bpf}
|
||||||
|
# clang15 causes libbpfgo to crash immediately
|
||||||
|
BuildRequires: clang16
|
||||||
|
BuildRequires: libelf-devel
|
||||||
|
BuildRequires: libzstd-devel
|
||||||
|
BuildRequires: libzstd-devel
|
||||||
|
BuildRequires: llvm16
|
||||||
|
BuildRequires: zlib-devel
|
||||||
|
%endif
|
||||||
|
Requires: group(velociraptor)
|
||||||
|
Requires: user(velociraptor)
|
||||||
ExclusiveArch: x86_64 ppc64le aarch64 s390x
|
ExclusiveArch: x86_64 ppc64le aarch64 s390x
|
||||||
|
%if %{build_kafka_humio_gateway}
|
||||||
|
BuildRequires: sysuser-tools
|
||||||
|
%{?sysusers_requires}
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%if %{build_server}
|
||||||
%description
|
%description
|
||||||
Velociraptor is a tool for collecting host based state information
|
Velociraptor is a tool for collecting host based state information
|
||||||
using The Velociraptor Query Language (VQL) queries.
|
using The Velociraptor Query Language (VQL) queries.
|
||||||
@ -93,19 +126,37 @@ To learn more about Velociraptor, read the documentation on:
|
|||||||
|
|
||||||
https://docs.velociraptor.app/
|
https://docs.velociraptor.app/
|
||||||
|
|
||||||
This package contains the endpoint agent and full console GUI.
|
This package contains the velociraptor server and full console GUI.
|
||||||
For just the endpoint agent, please install the 'velociraptor-client' package.
|
For just the endpoint agent, please install the 'velociraptor-client' package.
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%if %{build_kafka_humio_gateway}
|
||||||
%package kafka-humio-gateway
|
%package kafka-humio-gateway
|
||||||
Summary: Gateway between Kafka and Humio for Velociraptor Artifacts
|
Summary: Gateway between Kafka and Humio for Velociraptor Artifacts
|
||||||
Version: 0.6.7.4~git63.4a1ed09d
|
Version: 0.6.7.5~git78.2bef6fc
|
||||||
|
Requires: group(velociraptor-kafka)
|
||||||
|
Requires: user(velociraptor-kafka)
|
||||||
|
|
||||||
%description kafka-humio-gateway
|
%description kafka-humio-gateway
|
||||||
This tool is used to consume events generated by the Kafka Velociraptor plugin
|
This tool is used to consume events generated by the Kafka Velociraptor plugin
|
||||||
and post them to a Humio cluster.
|
and post them to a Humio cluster.
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%if %{build_client}
|
||||||
|
%description
|
||||||
|
Velociraptor is a tool for collecting host based state information
|
||||||
|
using The Velociraptor Query Language (VQL) queries.
|
||||||
|
|
||||||
|
To learn more about Velociraptor, read the documentation on:
|
||||||
|
|
||||||
|
https://docs.velociraptor.app/
|
||||||
|
|
||||||
|
This package contains only the endpoint agent. For the full server and GUI
|
||||||
|
console, please install the 'velociraptor' package.
|
||||||
|
%endif
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -a 1 -a 2 -a 3 -a 8 -n %{projname}-%{version}
|
%setup -q -a 1 -a 2 -a 3 -a 4 -n %{projname}-%{version}
|
||||||
%autopatch -p1
|
%autopatch -p1
|
||||||
|
|
||||||
# Set the version to something more specific than <next-tag>-dev
|
# Set the version to something more specific than <next-tag>-dev
|
||||||
@ -132,67 +183,108 @@ git_commit=$(grep commit: %{SOURCE12}|sed -e 's/commit: //g')
|
|||||||
export VELOCIRAPTOR_BUILD_TIME=$timestamp
|
export VELOCIRAPTOR_BUILD_TIME=$timestamp
|
||||||
export VELOCIRAPTOR_GIT_HEAD=$git_commit
|
export VELOCIRAPTOR_GIT_HEAD=$git_commit
|
||||||
|
|
||||||
|
%if %{build_server}
|
||||||
(cd gui/velociraptor ; npm run build)
|
(cd gui/velociraptor ; npm run build)
|
||||||
PATH=$PATH:/usr/sbin make linux BUILD_LIBBPFGO=%{with bpf}
|
%endif
|
||||||
|
|
||||||
|
make %{make_target} BUILD_LIBBPFGO=%{with bpf} GIT=echo
|
||||||
|
|
||||||
|
%if %{build_kafka_humio_gateway}
|
||||||
(cd contrib/kafka-humio-gateway; go build -o %{name}-kafka-humio-gateway)
|
(cd contrib/kafka-humio-gateway; go build -o %{name}-kafka-humio-gateway)
|
||||||
|
%sysusers_generate_pre %{SOURCE13} user
|
||||||
|
%endif
|
||||||
|
|
||||||
%install
|
%install
|
||||||
mkdir -p %buildroot/%{_bindir}
|
install -D -d -m 0750 %buildroot/%{_sysconfdir}/velociraptor
|
||||||
mkdir -p %buildroot/%{_sysconfdir}/velociraptor
|
install -D -d -m 0700 %buildroot/%{_sharedstatedir}/%{name}/data
|
||||||
mkdir -p %buildroot/%{_unitdir}
|
install -D -d -m 0700 %buildroot/%{_sharedstatedir}/%{name}/logs
|
||||||
mkdir -p %buildroot/%{_sharedstatedir}/velociraptor/data
|
install -D -d -m 0700 %buildroot/%{_sharedstatedir}/%{name}/tmp
|
||||||
mkdir -p %buildroot/%{_sharedstatedir}/velociraptor/logs
|
|
||||||
mkdir -p %buildroot/%{_sharedstatedir}/velociraptor-client
|
%if %{build_server}
|
||||||
mkdir -p %buildroot/%{_datadir}/%{name}-kafka-humio-gateway
|
service_file_source=%{SOURCE5}
|
||||||
install -m 0755 output/velociraptor-v%{version}-linux-* %buildroot/%{_bindir}/velociraptor
|
config_file_source=%{SOURCE6}
|
||||||
install -m 0755 contrib/kafka-humio-gateway/%{name}-kafka-humio-gateway %buildroot/%{_bindir}
|
sysconfig_file_source=%{SOURCE10}
|
||||||
install -m 0644 contrib/kafka-humio-gateway/sample-config.yml %buildroot/%{_datadir}/%{name}-kafka-humio-gateway/sample-config.yml
|
config_file=server.config
|
||||||
install -m 0644 %{SOURCE4} %{buildroot}%{_unitdir}/%{name}.service
|
%else
|
||||||
install -m 0600 %{SOURCE5} %{buildroot}%{_sysconfdir}/velociraptor/server.config
|
service_file_source=%{SOURCE7}
|
||||||
install -m 0644 %{SOURCE6} %{buildroot}%{_unitdir}/%{name}-client.service
|
config_file_source=%{SOURCE8}
|
||||||
install -m 0600 %{SOURCE7} %{buildroot}%{_sysconfdir}/velociraptor/client.config
|
sysconfig_file_source=%{SOURCE11}
|
||||||
install -d -m 755 %{buildroot}%{_fillupdir}
|
config_file=client.config
|
||||||
install -m 0644 %{SOURCE10} %{buildroot}%{_fillupdir}
|
%endif
|
||||||
install -m 0644 %{SOURCE11} %{buildroot}%{_fillupdir}
|
|
||||||
|
install -D -m 0644 "$service_file_source" %{buildroot}%{_unitdir}/%{name}.service
|
||||||
|
install -D -m 0644 "$sysconfig_file_source" %{buildroot}%{_fillupdir}/sysconfig.%{name}
|
||||||
|
install -D -m 0640 "$config_file_source" "%{buildroot}%{_sysconfdir}/velociraptor/$config_file"
|
||||||
|
install -D -m 0755 output/velociraptor-v%{version}-linux-* %buildroot/%{_bindir}/%{name}
|
||||||
|
|
||||||
|
%if %{build_kafka_humio_gateway}
|
||||||
|
install -D -m 0644 %{SOURCE14} %{buildroot}%{_unitdir}/
|
||||||
|
install -D -m 0644 %{SOURCE15} %{buildroot}%{_fillupdir}/
|
||||||
|
install -D -m 0755 contrib/kafka-humio-gateway/velociraptor-kafka-humio-gateway %buildroot/%{_bindir}
|
||||||
|
install -D -m 0644 contrib/kafka-humio-gateway/sample-config.yml \
|
||||||
|
%buildroot/%{_datadir}/velociraptor-kafka-humio-gateway/sample-config.yml
|
||||||
|
install -D -m 0644 %{SOURCE10} %{buildroot}%{_sysusersdir}/velociraptor-kafka.conf
|
||||||
|
install -D -d -m 0750 %{buildroot}%{_sysconfdir}/velociraptor-kafka-humio-gateway
|
||||||
|
install -D -m 0640 contrib/kafka-humio-gateway/sample-config.yml \
|
||||||
|
%buildroot/%{_sysconfdir}/velociraptor-kafka-humio-gateway/transport.yml
|
||||||
|
%endif
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%defattr(-, root, root)
|
%defattr(-, root, root)
|
||||||
%license LICENSE
|
%license LICENSE
|
||||||
%doc README.md
|
%doc README.md
|
||||||
%dir %{_sysconfdir}/velociraptor
|
%{_bindir}/%{name}
|
||||||
%{_bindir}/velociraptor
|
|
||||||
%config(noreplace) %{_sysconfdir}/velociraptor/server.config
|
|
||||||
%config(noreplace) %{_sysconfdir}/velociraptor/client.config
|
|
||||||
%{_unitdir}/%{name}.service
|
%{_unitdir}/%{name}.service
|
||||||
%{_unitdir}/%{name}-client.service
|
|
||||||
%dir %{_sharedstatedir}/velociraptor
|
|
||||||
%dir %{_sharedstatedir}/velociraptor/data
|
|
||||||
%dir %{_sharedstatedir}/velociraptor/logs
|
|
||||||
%dir %{_sharedstatedir}/velociraptor-client
|
|
||||||
%{_fillupdir}/sysconfig.%{name}
|
%{_fillupdir}/sysconfig.%{name}
|
||||||
%{_fillupdir}/sysconfig.%{name}-client
|
|
||||||
|
|
||||||
|
%dir %attr(-, root, velociraptor) %{_sysconfdir}/velociraptor
|
||||||
|
|
||||||
|
%config(noreplace) %{config_perms} %{_sysconfdir}/velociraptor/*.config
|
||||||
|
%dir %{state_dir_perms} %{_sharedstatedir}/%{name}
|
||||||
|
%dir %{state_dir_perms} %{_sharedstatedir}/%{name}/data
|
||||||
|
%dir %{state_dir_perms} %{_sharedstatedir}/%{name}/logs
|
||||||
|
%dir %{state_dir_perms} %{_sharedstatedir}/%{name}/tmp
|
||||||
|
|
||||||
|
%pre
|
||||||
|
%service_add_pre %{name}.service
|
||||||
|
|
||||||
|
%post
|
||||||
|
%{fillup_only}
|
||||||
|
%service_add_post %{name}.service
|
||||||
|
|
||||||
|
%preun
|
||||||
|
%service_del_preun %{name}.service
|
||||||
|
|
||||||
|
%postun
|
||||||
|
%service_del_postun %{name}.service
|
||||||
|
|
||||||
|
%if %{build_kafka_humio_gateway}
|
||||||
%files kafka-humio-gateway
|
%files kafka-humio-gateway
|
||||||
%defattr(-, root, root)
|
%defattr(-, root, root)
|
||||||
%license LICENSE
|
%license LICENSE
|
||||||
%doc contrib/kafka-humio-gateway/README.md
|
%doc contrib/kafka-humio-gateway/README.md
|
||||||
%{_bindir}/%{name}-kafka-humio-gateway
|
%{_bindir}/velociraptor-kafka-humio-gateway
|
||||||
%dir %{_datadir}/%{name}-kafka-humio-gateway
|
%dir %{_datadir}/velociraptor-kafka-humio-gateway
|
||||||
%{_datadir}/%{name}-kafka-humio-gateway/sample-config.yml
|
%{_datadir}/velociraptor-kafka-humio-gateway/sample-config.yml
|
||||||
|
%{_sysusersdir}/velociraptor-kafka.conf
|
||||||
|
%{_unitdir}/velociraptor-kafka-humio-gateway.service
|
||||||
|
%{_fillupdir}/sysconfig.velociraptor-kafka-humio-gateway
|
||||||
|
%dir %attr(750, root, velociraptor-kafka) %{_sysconfdir}/velociraptor-kafka-humio-gateway
|
||||||
|
%config(noreplace) %attr(0640, root, velociraptor-kafka) %{_sysconfdir}/velociraptor-kafka-humio-gateway/transport.yml
|
||||||
|
|
||||||
%pre
|
%pre kafka-humio-gateway -f user.pre
|
||||||
%service_add_pre %{name}.service %{name}-client.service
|
%service_add_pre velociraptor-kafka-humio-gateway.service
|
||||||
|
|
||||||
%post
|
%post kafka-humio-gateway
|
||||||
%{fillup_only}
|
%{fillup_only -s kafka-humio-gateway}
|
||||||
%{fillup_only -s client}
|
%service_add_post velociraptor-kafka-humio-gateway.service
|
||||||
%service_add_post %{name}.service %{name}-client.service
|
|
||||||
|
|
||||||
%preun
|
%preun kafka-humio-gateway
|
||||||
%service_del_preun %{name}.service %{name}-client.service
|
%service_del_preun velociraptor-kafka-humio-gateway.service
|
||||||
|
|
||||||
%postun
|
%postun kafka-humio-gateway
|
||||||
%service_del_postun %{name}.service %{name}-client.service
|
%service_del_postun velociraptor-kafka-humio-gateway.service
|
||||||
|
|
||||||
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:d0e93278e02bdcba1d6f81dc318ae07131c1f8492dc5db7340ddd8f3841d31f4
|
|
||||||
size 27825180
|
|
BIN
vendor-golang-0.6.7.5~git77.997aa73.tar.xz
(Stored with Git LFS)
Normal file
BIN
vendor-golang-0.6.7.5~git77.997aa73.tar.xz
(Stored with Git LFS)
Normal file
Binary file not shown.
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:73c425c59d06d58c64c5f0f45e4211f9d9f51e8e1e688e070ccf53a8eb9bbc6f
|
|
||||||
size 454256
|
|
BIN
vendor-golang-kafka-humio-gateway-0.6.7.5~git77.997aa73.tar.xz
(Stored with Git LFS)
Normal file
BIN
vendor-golang-kafka-humio-gateway-0.6.7.5~git77.997aa73.tar.xz
(Stored with Git LFS)
Normal file
Binary file not shown.
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:e8734e871d5df2ccfd120ab591ed195fcb2b111ee7cc41378e5c29b68c3e83cb
|
|
||||||
size 37872364
|
|
BIN
vendor-nodejs-0.6.7.5~git77.997aa73.tar.xz
(Stored with Git LFS)
Normal file
BIN
vendor-nodejs-0.6.7.5~git77.997aa73.tar.xz
(Stored with Git LFS)
Normal file
Binary file not shown.
Loading…
Reference in New Issue
Block a user