From b0c8b246d2f08e84c5922acf6ab9ee011fc5f4ba165e52722294a83cc40a1d39 Mon Sep 17 00:00:00 2001 From: Antonio Teixeira Date: Tue, 27 Feb 2024 23:25:38 +0000 Subject: [PATCH] Accepting request 1152799 from home:ateixeira:branches:security:sensor - Obsolete old system-user-velociraptor package. - Use zst compression for go modules. - Changelog formatting and adding lost entries OBS-URL: https://build.opensuse.org/request/show/1152799 OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=63 --- .gitattributes | 2 - _service | 2 +- velociraptor-go_modules.tar | 3 -- velociraptor-go_modules.tar.zst | 3 ++ velociraptor.changes | 92 +++++++++++++++++++++------------ velociraptor.spec | 4 +- 6 files changed, 65 insertions(+), 41 deletions(-) delete mode 100644 velociraptor-go_modules.tar create mode 100644 velociraptor-go_modules.tar.zst diff --git a/.gitattributes b/.gitattributes index b7c7636..9b03811 100644 --- a/.gitattributes +++ b/.gitattributes @@ -21,5 +21,3 @@ *.xz filter=lfs diff=lfs merge=lfs -text *.zip filter=lfs diff=lfs merge=lfs -text *.zst filter=lfs diff=lfs merge=lfs -text -## Specific LFS patterns -velociraptor-go_modules.tar filter=lfs diff=lfs merge=lfs -text diff --git a/_service b/_service index b1b32c7..403d54e 100644 --- a/_service +++ b/_service @@ -18,7 +18,7 @@ package-lock.json - tar + zst velociraptor-0*.obscpio velociraptor-go_modules diff --git a/velociraptor-go_modules.tar b/velociraptor-go_modules.tar deleted file mode 100644 index 25d1ee3..0000000 --- a/velociraptor-go_modules.tar +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:398922fb2716302075f2d8f86417bafbec7dcf121a3a9e6f830713c18ce714e4 -size 259306496 diff --git a/velociraptor-go_modules.tar.zst b/velociraptor-go_modules.tar.zst new file mode 100644 index 0000000..212af57 --- /dev/null +++ b/velociraptor-go_modules.tar.zst @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5c00d92d32e9ec68fabd40fb09aa460a02fb746971c84c65940eeefe12a16d47 +size 29079417 diff --git a/velociraptor.changes b/velociraptor.changes index 5e17b98..bed191b 100644 --- a/velociraptor.changes +++ b/velociraptor.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue Feb 27 22:37:09 UTC 2024 - Antonio Teixeira + +- Obsolete old system-user-velociraptor package. +- Use zst compression for go modules. + ------------------------------------------------------------------- Thu Feb 22 20:11:34 UTC 2024 - doreilly@suse.com @@ -82,15 +88,17 @@ Fri Dec 15 22:35:01 UTC 2023 - Jeff Mahoney service due to a bug in debbuild preventing Debian builds from succeeding. ------------------------------------------------------------------- -Fri Dec 15 19:32:04 UTC 2023 - Jeff Mahoney - 0.7.0.4.git4.c1b68a5b +Fri Dec 15 19:32:04 UTC 2023 - Jeff Mahoney - Update to version 0.7.0.4.git4.c1b68a5b: * hash: fix nil pointer dereference panic * velociraptor: add dummy main function for mage - Removed patch: * velociraptor-golang-mage-vendoring.diff +- Rebased patch: + * velociraptor-reproducible-timestamp.diff - Switched to using go_modules and node_modules source services - - Eliminated bespoke vendoring scripts. + * Eliminated bespoke vendoring scripts. - Pulled sysuser definition into the velociraptor package. ------------------------------------------------------------------- @@ -99,7 +107,7 @@ Tue Dec 5 13:54:03 UTC 2023 - Darragh O'Reilly - Remove PrivateTmp and PrivateDevices settings in velociraptor-client.service (SENS-70) ------------------------------------------------------------------- -Wed Nov 15 18:17:04 UTC 2023 - jeffm@suse.com - 0.7.0.4.git0.e09a0df8 +Wed Nov 15 18:17:04 UTC 2023 - Jeff Mahoney - Update to version 0.7.0.4.git0.e09a0df8: * Add additional sanitization to HTML templates on JS side. (#2) (#3077) (CVE-2023-5950) @@ -139,7 +147,7 @@ Fri Nov 3 01:36:35 UTC 2023 - Jeff Mahoney - Limit server builds to x86_64 until esbuild issue is sorted ------------------------------------------------------------------- -Tue Oct 31 20:07:16 UTC 2023 - jeffm@suse.com - 0.7.0~git0.602f673 +Tue Oct 31 20:07:16 UTC 2023 - Jeff Mahoney - Update to version sensor-base-0.7.0~git0.602f673: * vql/linux/audit: fix staticcheck checks @@ -653,12 +661,21 @@ Tue Oct 31 20:07:16 UTC 2023 - jeffm@suse.com - 0.7.0~git0.602f673 * Add Provider and ProviderRegex (#2198) * Bugfix: sparse files were not properly detected. (#2200) * Add timestamp_field, hostname_field, and hostname param to splunk_upload (#2187) +- Removed velociraptor-kafka-humio-gateway package. + * kafka-humio-gateway was dropped in favor of the new upstream LogScale plugin ------------------------------------------------------------------- Tue Jul 18 09:31:19 UTC 2023 - Marcus Meissner - require the group / user only in the server build +------------------------------------------------------------------- +Wed May 10 00:49:09 UTC 2023 - jeffm@suse.com + +- Update to version 0.6.7.5~git81.01be570: + * libbpfgo: pull fix for double-free + * logscale: add documentation for plugin + ------------------------------------------------------------------- Tue May 9 14:10:31 UTC 2023 - Marcus Rueckert @@ -671,26 +688,33 @@ Tue May 9 01:25:01 UTC 2023 - Jeff Mahoney - Provide sysuser template for velociraptor user and group. ------------------------------------------------------------------- -Mon Mar 13 20:50:12 UTC 2023 - Jeff Mahoney +Mon May 08 20:21:03 UTC 2023 - Jeff Mahoney -- Test implementation for hash caching. -- Added patches: - * 0001-vql-functions-hash-cache-results-on-Linux.patch +- Update to version 0.6.7.5~git78.2bef6fc: + * bpf: fix path to vmlinux.h ------------------------------------------------------------------- -Mon Mar 13 20:47:05 UTC 2023 - Jeff Mahoney - -- Build client for Debian-based distros using debbuild. - Only build server on SUSE releases. - -------------------------------------------------------------------- -Sat Mar 11 03:11:19 UTC 2023 - Jeff Mahoney +Mon May 08 19:42:58 UTC 2023 - Jeff Mahoney +- Update to version 0.6.7.5~git77.997aa73: + * file_store/test_utils/server_config.go: update test certificate + * Update bluemonday dependency. + * vql/functions/hash: cache results on Linux + * libbpfgo: update to velociraptor-branch-v0.4.8-libbpf-1.2.0 + * logscale/backport: don't use networking.GetHttpTransport + * vql/tools/logscale: add plugin to post events to LogScale ingestion endpoint + * file_store/directory: add ability to report pending size +- Change clang dependency to clang16 +- Fix velociraptor-golang-mage-vendoring.diff to account for newer + 'go mod vendor' honoring build flags. +- Fix update-vendoring.sh script to actually run the %setup part of + the spec. - Merge client package into server spec and use _multibuild to create client package from same spec file. - Adjust changelog to retain changes for client package. - Fix building in static mode on earlier releases. - Added patch: velociraptor-libbpfgo-only-build-libbpf.patch +- Removed patch: velociraptor-skip-git-submodule-import-for-OBS-build.patch ------------------------------------------------------------------- Fri Mar 10 18:54:37 UTC 2023 - Marcus Rueckert @@ -711,7 +735,7 @@ Fri Mar 10 18:54:37 UTC 2023 - Marcus Rueckert /etc/velociraptor/client.config u=rw,go= root:root ------------------------------------------------------------------- -Fri Mar 10 15:36:18 UTC 2023 - jeffm@suse.com - 0.6.7.5~git6.73efb2a +Fri Mar 10 15:36:18 UTC 2023 - Jeff Mahoney - Update to version 0.6.7.5~git6.73efb2a: * libbpfgo: update submodule to require libzstd for newer libelf @@ -725,7 +749,7 @@ Fri Mar 10 15:36:18 UTC 2023 - jeffm@suse.com - 0.6.7.5~git6.73efb2a - Allow velociraptor and velociraptor-client packages to coexist. ------------------------------------------------------------------- -Thu Jan 26 20:06:09 UTC 2023 - jeffm@suse.com - 0.6.7.4~git63.4a1ed09d +Thu Jan 26 20:06:09 UTC 2023 - Jeff Mahoney - Update to version 0.6.7.4~git63.4a1ed09d: * utils/time.js: fix handling of nanosecond-resolution timestamps @@ -738,7 +762,7 @@ Tue Jan 24 20:57:08 UTC 2023 - Jeff Mahoney - Use obsinfo mtime to produce stable build timestamp (bsc#1207369). ------------------------------------------------------------------- -Tue Jan 24 15:07:09 UTC 2023 - jeffm@suse.com - 0.6.7.4~git60.8abed37a: +Tue Jan 24 15:07:09 UTC 2023 - Jeff Mahoney - Update to version 0.6.7.4~git60.8abed37a: * http_comms: create ring buffer temporary file in the same directory @@ -791,7 +815,7 @@ Thu Jan 19 14:36:42 UTC 2023 - Jeff Mahoney - Added support for setting command line options via sysconfig ------------------------------------------------------------------- -Thu Jan 19 05:00:55 UTC 2023 - Jeff Mahoney - 0.6.7.4~git53.0e85855 +Thu Jan 19 05:00:55 UTC 2023 - Jeff Mahoney - Update to version 0.6.7.4~git53.0e85855: * sdjournal: work around missing _SYSTEMD_UNIT fields @@ -814,7 +838,7 @@ Mon Jan 9 16:01:44 UTC 2023 - Jeff Mahoney - Added Restart=on-failure to restart the client automatically. ------------------------------------------------------------------- -Mon Dec 12 20:03:23 UTC 2022 - Jeff Mahoney - 0.6.7.4~git51.a588d6e4 +Mon Dec 12 20:03:23 UTC 2022 - Jeff Mahoney - Update to version 0.6.7.4~git51.a588d6e4: * magefile.go: use current architecture for Linux builds @@ -822,7 +846,7 @@ Mon Dec 12 20:03:23 UTC 2022 - Jeff Mahoney - 0.6.7.4~git51.a58 * bpf: bpf expects s390 instead of s390x ------------------------------------------------------------------- -Wed Dec 07 04:21:36 UTC 2022 - Jeff Mahoney - 0.6.7.4~git46.5d88d80: +Wed Dec 07 04:21:36 UTC 2022 - Jeff Mahoney - Update to version 0.6.7.4~git46.5d88d80: * contrib/kafka-humio-gateway: add new debug option for noisy events @@ -832,7 +856,7 @@ Wed Dec 07 04:21:36 UTC 2022 - Jeff Mahoney - 0.6.7.4~git46.5d8 * vql/server/kafka: set appropriate ClientID ------------------------------------------------------------------- -Wed Dec 07 02:49:56 UTC 2022 - Jeff Mahoney - 0.6.7.4~git41.678ed56: +Wed Dec 07 02:49:56 UTC 2022 - Jeff Mahoney - Update to version 0.6.7.4~git41.678ed56: * rpm: introduce rpm vql plugin @@ -880,7 +904,7 @@ Wed Dec 07 02:49:56 UTC 2022 - Jeff Mahoney - 0.6.7.4~git41.678 * Bugfix: When org is not specified this JS code raised (#2315) (#2316) ------------------------------------------------------------------- -Tue Dec 06 21:53:43 UTC 2022 - Jeff Mahoney - 0.6.7.3~git41.fa6afa7: +Tue Dec 06 21:53:43 UTC 2022 - Jeff Mahoney - Update to version 0.6.7.3~git41.fa6afa7: * rpm: introduce rpm vql plugin @@ -1231,7 +1255,7 @@ Tue Dec 06 21:53:43 UTC 2022 - Jeff Mahoney - 0.6.7.3~git41.fa6 * Update FilenameSearch.yaml (#1741) ------------------------------------------------------------------- -Fri Nov 11 21:12:02 UTC 2022 - Jeff Mahoney - 0.6.4.2~git86.b5931f7 +Fri Nov 11 21:12:02 UTC 2022 - Jeff Mahoney - Update to version 0.6.4.2~git86.b5931f7: * cleanup: go mod tidy @@ -1240,7 +1264,7 @@ Fri Nov 11 21:12:02 UTC 2022 - Jeff Mahoney - 0.6.4.2~git86.b59 - Only attempt to copy vmlinux.h if /sys/kernel/btf/vmlinux doesn't exist ------------------------------------------------------------------- -Fri Nov 11 20:13:00 UTC 2022 - Jeff Mahoney - 0.6.4.2~git84.1b38fda +Fri Nov 11 20:13:00 UTC 2022 - Jeff Mahoney - Update to version 0.6.4.2~git84.1b38fda: * Clean up libbpfgo mess @@ -1257,7 +1281,7 @@ Fri Nov 11 20:13:00 UTC 2022 - Jeff Mahoney - 0.6.4.2~git84.1b3 * SSHLogin: require _TRANSPORT != 'kernel' from watch_journal() ------------------------------------------------------------------- -Fri Nov 11 20:08:20 UTC 2022 - Jeff Mahoney - 0.6.4.2~git67.85b608e +Fri Nov 11 20:08:20 UTC 2022 - Jeff Mahoney - Update to version 0.6.4.2~git67.85b608e: * clients/host-info.js: add MAC addresses to client dashboard @@ -1287,13 +1311,13 @@ Fri Nov 11 20:08:20 UTC 2022 - Jeff Mahoney - 0.6.4.2~git67.85b * shell-viewer: default to Bash on non-Windows clients ------------------------------------------------------------------- -Thu Nov 10 15:22:27 UTC 2022 - Jeff Mahoney - 0.6.4.2~git70.b7df8172 +Thu Nov 10 15:22:27 UTC 2022 - Jeff Mahoney - Update to version 0.6.4.2~git70.b7df8172: * file_store: handle watching artifacts with named sources ------------------------------------------------------------------- -Thu Sep 29 14:16:05 UTC 2022 - Jeff Mahoney - 0.6.4.2~git68.5226b23b +Thu Sep 29 14:16:05 UTC 2022 - Jeff Mahoney - Update to version 0.6.4.2~git68.5226b23b: * api/authenticators/basic: fix logoff endpoint @@ -1310,13 +1334,13 @@ Fri Aug 19 21:07:15 UTC 2022 - Jeff Mahoney - Fixed update-vendoring script to use an independent go module cache. ------------------------------------------------------------------- -Fri Aug 19 01:59:35 UTC 2022 - Jeff Mahoney - 0.6.4.2~git59.5ebb49db +Fri Aug 19 01:59:35 UTC 2022 - Jeff Mahoney - Update to version 0.6.4.2~git59.5ebb49db: * api/authenticators: fix handling of missing oauthstate cookie for OAUTH2 ------------------------------------------------------------------- -Thu Aug 11 19:40:21 UTC 2022 - Jeff Mahoney - 0.6.4.2~git57.fcb11adf +Thu Aug 11 19:40:21 UTC 2022 - Jeff Mahoney - Update to version 0.6.4.2~git57.fcb11adf: * kafka-humio-gateway: add sample config file @@ -1332,7 +1356,7 @@ Fri Jul 15 02:24:03 UTC 2022 - Jeff Mahoney - Add vmlinux.h from 5.18.9-2-default to provide type information (x86_64 only) ------------------------------------------------------------------- -Fri Jul 15 00:00:39 UTC 2022 - Jeff Mahoney - 0.6.4.2~git56.47b4adb4 +Fri Jul 15 00:00:39 UTC 2022 - Jeff Mahoney - Update to version 0.6.4.2~git56.47b4adb4: * Updating the NewFiles and ProcessStatuses Artifacts @@ -1355,7 +1379,7 @@ Fri Jul 15 00:00:39 UTC 2022 - Jeff Mahoney - 0.6.4.2~git56.47b * shell-viewer: default to Bash on non-Windows clients ------------------------------------------------------------------- -Thu May 12 20:15:26 UTC 2022 - Jeff Mahoney - 0.6.4.2~git16.e1b7fc0 +Thu May 12 20:15:26 UTC 2022 - Jeff Mahoney - Update to upstream 0.6.4.2~git16.e1b7fc0: * Rebase on 0.6.4-2 @@ -1379,7 +1403,7 @@ Thu May 12 20:15:26 UTC 2022 - Jeff Mahoney - 0.6.4.2~git16.e1b - Revendored dependencies. ------------------------------------------------------------------- -Thu May 12 17:54:31 UTC 2022 - Jeff Mahoney - 0.6.4~git31.4298eab0: +Thu May 12 17:54:31 UTC 2022 - Jeff Mahoney - Update to version 0.6.4~git31.4298eab0: * Elastic.Events.Client: Update to use new artifactset type @@ -1388,7 +1412,7 @@ Thu May 12 17:54:31 UTC 2022 - Jeff Mahoney - 0.6.4~git31.4298e * api: add type and description fields to v1/GetArtifacts endpoint ------------------------------------------------------------------- -Thu May 12 13:30:42 UTC 2022 - Jeff Mahoney - 0.6.4~git26.4407b9b7 +Thu May 12 13:30:42 UTC 2022 - Jeff Mahoney - Update to version 0.6.4~git26.4407b9b7: * Add artifact for chattrsnoop plugin diff --git a/velociraptor.spec b/velociraptor.spec index c2921bf..48da178 100644 --- a/velociraptor.spec +++ b/velociraptor.spec @@ -77,7 +77,7 @@ Group: System/Monitoring License: AGPL-3.0-only URL: https://github.com/Velocidex/velociraptor Source: %{projname}-%{version}.tar.gz -Source1: velociraptor-go_modules.tar +Source1: velociraptor-go_modules.tar.zst Source2: vmlinux.h-%{vmlinux_h_version}.tar.xz Source3: velociraptor.service Source4: velociraptor-server.config.placeholder @@ -1037,6 +1037,8 @@ BuildRequires: zlib-devel BuildRequires: sysuser-tools Requires: group(velociraptor) Requires: user(velociraptor) +Provides: system-user-velociraptor = 1.0.1 +Obsoletes: system-user-velociraptor < 1.0.1 %{?sysusers_requires} %endif