Accepting request 1152799 from home:ateixeira:branches:security:sensor

- Obsolete old system-user-velociraptor package. - Use zst compression for go modules. - Changelog formatting and adding lost entries OBS-URL: https://build.opensuse.org/request/show/1152799 OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=63
2024-02-27 23:25:38 +00:00 · 2024-02-27 23:25:38 +00:00 · b0c8b246d2
commit b0c8b246d2
parent 1565eb03b8
6 changed files with 65 additions and 41 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -21,5 +21,3 @@
 *.xz filter=lfs diff=lfs merge=lfs -text
 *.zip filter=lfs diff=lfs merge=lfs -text
 *.zst filter=lfs diff=lfs merge=lfs -text
-## Specific LFS patterns
-velociraptor-go_modules.tar filter=lfs diff=lfs merge=lfs -text
--- a/2
+++ b/2
@ -18,7 +18,7 @@
    <param name="outfilename">package-lock.json</param>
  </service>
  <service mode="manual" name="go_modules">
-    <param name="compression">tar</param>
+    <param name="compression">zst</param>
    <param name="archive">velociraptor-0*.obscpio</param>
    <param name="vendorname">velociraptor-go_modules</param>
  </service>
--- a/velociraptor-go_modules.tar
+++ b/velociraptor-go_modules.tar
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:398922fb2716302075f2d8f86417bafbec7dcf121a3a9e6f830713c18ce714e4
-size 259306496
--- a/velociraptor-go_modules.tar.zst
+++ b/velociraptor-go_modules.tar.zst
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5c00d92d32e9ec68fabd40fb09aa460a02fb746971c84c65940eeefe12a16d47
+size 29079417
--- a/velociraptor.changes
+++ b/velociraptor.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Feb 27 22:37:09 UTC 2024 - Antonio Teixeira <antonio.teixeira@suse.com>
+
+- Obsolete old system-user-velociraptor package.
+- Use zst compression for go modules.
+
 -------------------------------------------------------------------
 Thu Feb 22 20:11:34 UTC 2024 - doreilly@suse.com

@ -82,15 +88,17 @@ Fri Dec 15 22:35:01 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
  service due to a bug in debbuild preventing Debian builds from succeeding.

 -------------------------------------------------------------------
-Fri Dec 15 19:32:04 UTC 2023 - Jeff Mahoney <jeffm@suse.com> - 0.7.0.4.git4.c1b68a5b
+Fri Dec 15 19:32:04 UTC 2023 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.7.0.4.git4.c1b68a5b:
  * hash: fix nil pointer dereference panic
  * velociraptor: add dummy main function for mage
 - Removed patch:
  * velociraptor-golang-mage-vendoring.diff
+- Rebased patch:
+  * velociraptor-reproducible-timestamp.diff
 - Switched to using go_modules and node_modules source services
-  - Eliminated bespoke vendoring scripts.
+  * Eliminated bespoke vendoring scripts.
 - Pulled sysuser definition into the velociraptor package.

 -------------------------------------------------------------------
@ -99,7 +107,7 @@ Tue Dec  5 13:54:03 UTC 2023 - Darragh O'Reilly <doreilly@suse.com>
 - Remove PrivateTmp and PrivateDevices settings in velociraptor-client.service (SENS-70)

 -------------------------------------------------------------------
-Wed Nov 15 18:17:04 UTC 2023 - jeffm@suse.com - 0.7.0.4.git0.e09a0df8
+Wed Nov 15 18:17:04 UTC 2023 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.7.0.4.git0.e09a0df8:
  * Add additional sanitization to HTML templates on JS side. (#2) (#3077) (CVE-2023-5950)
@ -139,7 +147,7 @@ Fri Nov  3 01:36:35 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
 - Limit server builds to x86_64 until esbuild issue is sorted

 -------------------------------------------------------------------
-Tue Oct 31 20:07:16 UTC 2023 - jeffm@suse.com - 0.7.0~git0.602f673
+Tue Oct 31 20:07:16 UTC 2023 - Jeff Mahoney <jeffm@suse.com>

 - Update to version sensor-base-0.7.0~git0.602f673:
  * vql/linux/audit: fix staticcheck checks
@ -653,12 +661,21 @@ Tue Oct 31 20:07:16 UTC 2023 - jeffm@suse.com - 0.7.0~git0.602f673
  * Add Provider and ProviderRegex (#2198)
  * Bugfix: sparse files were not properly detected. (#2200)
  * Add timestamp_field, hostname_field, and hostname param to splunk_upload (#2187)
+- Removed velociraptor-kafka-humio-gateway package.
+  * kafka-humio-gateway was dropped in favor of the new upstream LogScale plugin

 -------------------------------------------------------------------
 Tue Jul 18 09:31:19 UTC 2023 - Marcus Meissner <meissner@suse.com>

 - require the group / user only in the server build

+-------------------------------------------------------------------
+Wed May 10 00:49:09 UTC 2023 - jeffm@suse.com
+
+- Update to version 0.6.7.5~git81.01be570:
+  * libbpfgo: pull fix for double-free
+  * logscale: add documentation for plugin
+
 -------------------------------------------------------------------
 Tue May  9 14:10:31 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>

@ -671,26 +688,33 @@ Tue May  9 01:25:01 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
 - Provide sysuser template for velociraptor user and group.

 -------------------------------------------------------------------
-Mon Mar 13 20:50:12 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
+Mon May 08 20:21:03 UTC 2023 - Jeff Mahoney <jeffm@suse.com>

- Test implementation for hash caching.
- Added patches:
-  * 0001-vql-functions-hash-cache-results-on-Linux.patch
+- Update to version 0.6.7.5~git78.2bef6fc:
+  * bpf: fix path to vmlinux.h

 -------------------------------------------------------------------
-Mon Mar 13 20:47:05 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
-
- Build client for Debian-based distros using debbuild.
-  Only build server on SUSE releases.
-
-------------------------------------------------------------------
-Sat Mar 11 03:11:19 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
+Mon May 08 19:42:58 UTC 2023 - Jeff Mahoney <jeffm@suse.com>

+- Update to version 0.6.7.5~git77.997aa73:
+  * file_store/test_utils/server_config.go: update test certificate
+  * Update bluemonday dependency.
+  * vql/functions/hash: cache results on Linux
+  * libbpfgo: update to velociraptor-branch-v0.4.8-libbpf-1.2.0
+  * logscale/backport: don't use networking.GetHttpTransport
+  * vql/tools/logscale: add plugin to post events to LogScale ingestion endpoint
+  * file_store/directory: add ability to report pending size
+- Change clang dependency to clang16
+- Fix velociraptor-golang-mage-vendoring.diff to account for newer
+  'go mod vendor' honoring build flags.
+- Fix update-vendoring.sh script to actually run the %setup part of
+  the spec.
 - Merge client package into server spec and use _multibuild to create
  client package from same spec file.
 - Adjust changelog to retain changes for client package.
 - Fix building in static mode on earlier releases.
  - Added patch: velociraptor-libbpfgo-only-build-libbpf.patch
+- Removed patch: velociraptor-skip-git-submodule-import-for-OBS-build.patch

 -------------------------------------------------------------------
 Fri Mar 10 18:54:37 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
@ -711,7 +735,7 @@ Fri Mar 10 18:54:37 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
    /etc/velociraptor/client.config u=rw,go=    root:root

 -------------------------------------------------------------------
-Fri Mar 10 15:36:18 UTC 2023 - jeffm@suse.com - 0.6.7.5~git6.73efb2a
+Fri Mar 10 15:36:18 UTC 2023 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.7.5~git6.73efb2a:
  * libbpfgo: update submodule to require libzstd for newer libelf
@ -725,7 +749,7 @@ Fri Mar 10 15:36:18 UTC 2023 - jeffm@suse.com - 0.6.7.5~git6.73efb2a
 - Allow velociraptor and velociraptor-client packages to coexist.

 -------------------------------------------------------------------
-Thu Jan 26 20:06:09 UTC 2023 - jeffm@suse.com - 0.6.7.4~git63.4a1ed09d
+Thu Jan 26 20:06:09 UTC 2023 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.7.4~git63.4a1ed09d:
  * utils/time.js: fix handling of nanosecond-resolution timestamps
@ -738,7 +762,7 @@ Tue Jan 24 20:57:08 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
 - Use obsinfo mtime to produce stable build timestamp (bsc#1207369).

 -------------------------------------------------------------------
-Tue Jan 24 15:07:09 UTC 2023 - jeffm@suse.com - 0.6.7.4~git60.8abed37a:
+Tue Jan 24 15:07:09 UTC 2023 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.7.4~git60.8abed37a:
  * http_comms: create ring buffer temporary file in the same directory
@ -791,7 +815,7 @@ Thu Jan 19 14:36:42 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
 - Added support for setting command line options via sysconfig

 -------------------------------------------------------------------
-Thu Jan 19 05:00:55 UTC 2023 - Jeff Mahoney <jeffm@suse.com> - 0.6.7.4~git53.0e85855
+Thu Jan 19 05:00:55 UTC 2023 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.7.4~git53.0e85855:
  * sdjournal: work around missing _SYSTEMD_UNIT fields
@ -814,7 +838,7 @@ Mon Jan  9 16:01:44 UTC 2023 - Jeff Mahoney <jeffm@suse.com>
 - Added Restart=on-failure to restart the client automatically.

 -------------------------------------------------------------------
-Mon Dec 12 20:03:23 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.7.4~git51.a588d6e4
+Mon Dec 12 20:03:23 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.7.4~git51.a588d6e4:
  * magefile.go: use current architecture for Linux builds
@ -822,7 +846,7 @@ Mon Dec 12 20:03:23 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.7.4~git51.a58
  * bpf: bpf expects s390 instead of s390x

 -------------------------------------------------------------------
-Wed Dec 07 04:21:36 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.7.4~git46.5d88d80:
+Wed Dec 07 04:21:36 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.7.4~git46.5d88d80:
  * contrib/kafka-humio-gateway: add new debug option for noisy events
@ -832,7 +856,7 @@ Wed Dec 07 04:21:36 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.7.4~git46.5d8
  * vql/server/kafka: set appropriate ClientID

 -------------------------------------------------------------------
-Wed Dec 07 02:49:56 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.7.4~git41.678ed56:
+Wed Dec 07 02:49:56 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.7.4~git41.678ed56:
  * rpm: introduce rpm vql plugin
@ -880,7 +904,7 @@ Wed Dec 07 02:49:56 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.7.4~git41.678
  * Bugfix: When org is not specified this JS code raised (#2315) (#2316)

 -------------------------------------------------------------------
-Tue Dec 06 21:53:43 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.7.3~git41.fa6afa7:
+Tue Dec 06 21:53:43 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.7.3~git41.fa6afa7:
  * rpm: introduce rpm vql plugin
@ -1231,7 +1255,7 @@ Tue Dec 06 21:53:43 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.7.3~git41.fa6
  * Update FilenameSearch.yaml (#1741)

 -------------------------------------------------------------------
-Fri Nov 11 21:12:02 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4.2~git86.b5931f7
+Fri Nov 11 21:12:02 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.4.2~git86.b5931f7:
  * cleanup: go mod tidy
@ -1240,7 +1264,7 @@ Fri Nov 11 21:12:02 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4.2~git86.b59
 - Only attempt to copy vmlinux.h if /sys/kernel/btf/vmlinux doesn't exist

 -------------------------------------------------------------------
-Fri Nov 11 20:13:00 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4.2~git84.1b38fda
+Fri Nov 11 20:13:00 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.4.2~git84.1b38fda:
  * Clean up libbpfgo mess
@ -1257,7 +1281,7 @@ Fri Nov 11 20:13:00 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4.2~git84.1b3
  * SSHLogin: require _TRANSPORT != 'kernel' from watch_journal()

 -------------------------------------------------------------------
-Fri Nov 11 20:08:20 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4.2~git67.85b608e
+Fri Nov 11 20:08:20 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.4.2~git67.85b608e:
  * clients/host-info.js: add MAC addresses to client dashboard
@ -1287,13 +1311,13 @@ Fri Nov 11 20:08:20 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4.2~git67.85b
  * shell-viewer: default to Bash on non-Windows clients

 -------------------------------------------------------------------
-Thu Nov 10 15:22:27 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4.2~git70.b7df8172
+Thu Nov 10 15:22:27 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.4.2~git70.b7df8172:
  * file_store: handle watching artifacts with named sources

 -------------------------------------------------------------------
-Thu Sep 29 14:16:05 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4.2~git68.5226b23b
+Thu Sep 29 14:16:05 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.4.2~git68.5226b23b:
  * api/authenticators/basic: fix logoff endpoint
@ -1310,13 +1334,13 @@ Fri Aug 19 21:07:15 UTC 2022 - Jeff Mahoney <jeffm@suse.com>
 - Fixed update-vendoring script to use an independent go module cache.

 -------------------------------------------------------------------
-Fri Aug 19 01:59:35 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4.2~git59.5ebb49db
+Fri Aug 19 01:59:35 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.4.2~git59.5ebb49db:
  * api/authenticators: fix handling of missing oauthstate cookie for OAUTH2

 -------------------------------------------------------------------
-Thu Aug 11 19:40:21 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4.2~git57.fcb11adf
+Thu Aug 11 19:40:21 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.4.2~git57.fcb11adf:
  * kafka-humio-gateway: add sample config file
@ -1332,7 +1356,7 @@ Fri Jul 15 02:24:03 UTC 2022 - Jeff Mahoney <jeffm@suse.com>
 - Add vmlinux.h from 5.18.9-2-default to provide type information (x86_64 only)

 -------------------------------------------------------------------
-Fri Jul 15 00:00:39 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4.2~git56.47b4adb4
+Fri Jul 15 00:00:39 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.4.2~git56.47b4adb4:
  * Updating the NewFiles and ProcessStatuses Artifacts
@ -1355,7 +1379,7 @@ Fri Jul 15 00:00:39 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4.2~git56.47b
  * shell-viewer: default to Bash on non-Windows clients

 -------------------------------------------------------------------
-Thu May 12 20:15:26 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4.2~git16.e1b7fc0
+Thu May 12 20:15:26 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to upstream 0.6.4.2~git16.e1b7fc0:
  * Rebase on 0.6.4-2
@ -1379,7 +1403,7 @@ Thu May 12 20:15:26 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4.2~git16.e1b
 - Revendored dependencies.

 -------------------------------------------------------------------
-Thu May 12 17:54:31 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4~git31.4298eab0:
+Thu May 12 17:54:31 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.4~git31.4298eab0:
  * Elastic.Events.Client: Update to use new artifactset type
@ -1388,7 +1412,7 @@ Thu May 12 17:54:31 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4~git31.4298e
  * api: add type and description fields to v1/GetArtifacts endpoint

 -------------------------------------------------------------------
-Thu May 12 13:30:42 UTC 2022 - Jeff Mahoney <jeffm@suse.com> - 0.6.4~git26.4407b9b7
+Thu May 12 13:30:42 UTC 2022 - Jeff Mahoney <jeffm@suse.com>

 - Update to version 0.6.4~git26.4407b9b7:
  * Add artifact for chattrsnoop plugin
--- a/velociraptor.spec
+++ b/velociraptor.spec
@ -77,7 +77,7 @@ Group:          System/Monitoring
 License:        AGPL-3.0-only
 URL:            https://github.com/Velocidex/velociraptor
 Source:         %{projname}-%{version}.tar.gz
-Source1:        velociraptor-go_modules.tar
+Source1:        velociraptor-go_modules.tar.zst
 Source2:        vmlinux.h-%{vmlinux_h_version}.tar.xz
 Source3:        velociraptor.service
 Source4:        velociraptor-server.config.placeholder
@ -1037,6 +1037,8 @@ BuildRequires:  zlib-devel
 BuildRequires:  sysuser-tools
 Requires:       group(velociraptor)
 Requires:       user(velociraptor)
+Provides:       system-user-velociraptor = 1.0.1
+Obsoletes:      system-user-velociraptor < 1.0.1
 %{?sysusers_requires}
 %endif