pool/velociraptor
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ac85413735
velociraptor/velociraptor-client.service
Jeff Mahoney ac85413735 Accepting request 1133905 from home:jeff_mahoney:branches:security:sensor 
- Temporarily use the NODE_MODULES BEGIN/END form of the node_modules
  service due to a bug in debbuild preventing Debian builds from succeeding.
- Update to version 0.7.0.4.git4.c1b68a5b:
  * hash: fix nil pointer dereference panic
  * velociraptor: add dummy main function for mage
- Removed patch:
  * velociraptor-golang-mage-vendoring.diff
- Switched to using go_modules and node_modules source services
  - Eliminated bespoke vendoring scripts.
- Pulled sysuser definition into the velociraptor package.

- Remove PrivateTmp and PrivateDevices settings in velociraptor-client.service (SENS-70)

- Update to version 0.7.0.4.git0.e09a0df8:
  * Add additional sanitization to HTML templates on JS side. (#2) (#3077) (CVE-2023-5950)
  * vql/linux/sdjournal: Fix open/close lifetimes
  * vql/linux/audit: fix shutdown races
  * vql/linux/audit: fix goroutine lifetimes
  * vql/linux/audit: limit messageQueue to within runService
  * vql/linux/audit: add auditService.Log()
  * vql/linux/audit: pull parts of shutdown into shutdown watcher
  * vql/linux/audit: remove unnecessary error handling for reassembler
  * vql/linux/audit: remove unused waitgroup from main event loop
  * vql/linux/audit: handle top-level cancelation properly
  * vql/linux/audit: make explicit that goroutines in the main errgroup don't return errors
  * vql/linux/audit: make stats reporting separate from debug prints
  * vql/linux/audit: simplify polling in listener
  * vql/linux/audit: tests, check various rule scenarios
  * vql/linux/audit: Add more client failure test cases
  * vql/linux/audit: Fix audit client lifecycle

OBS-URL: https://build.opensuse.org/request/show/1133905
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=55
2023-12-18 18:44:23 +00:00

25 lines
550 B
Desktop File
Raw Blame History

[Unit]
Description=Velociraptor Client Service
[Service]
Type=simple
User=root
Group=root
UMask=0027
MemoryHigh=4G
MemoryMax=8G
EnvironmentFile=-/etc/sysconfig/velociraptor-client
Environment=TMPDIR=/var/lib/velociraptor-client/tmp
ExecStart=/usr/bin/velociraptor-client client --config /etc/velociraptor/client.config $VELOCIRAPTOR_CLIENT_OPTS
ProtectHostname=true
ProtectClock=true
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectControlGroups=true
MemoryDenyWriteExecute=true
Restart=on-failure
[Install]
WantedBy=multi-user.target
Reference in New Issue View Git Blame Copy Permalink