diff --git a/velociraptor-client.changes b/velociraptor-client.changes index 0a138aa..102693a 100644 --- a/velociraptor-client.changes +++ b/velociraptor-client.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Wed Feb 2 04:44:49 UTC 2022 - William Brown + +- Add client service file + ------------------------------------------------------------------- Thu Jan 6 21:50:43 UTC 2022 - Jeff Mahoney diff --git a/velociraptor-client.service b/velociraptor-client.service new file mode 100644 index 0000000..4fe0810 --- /dev/null +++ b/velociraptor-client.service @@ -0,0 +1,21 @@ +[Unit] +Description=Velociraptor Client Service + +[Service] +Type=simple +User=root +Group=root +UMask=0027 +ExecStart=/usr/bin/velociraptor client --config /etc/velociraptor/client.config + +PrivateTmp=true +PrivateDevices=true +ProtectHostname=true +ProtectClock=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectControlGroups=true +MemoryDenyWriteExecute=true + +[Install] +WantedBy=multi-user.target diff --git a/velociraptor-client.spec b/velociraptor-client.spec index 5bab1eb..a769898 100644 --- a/velociraptor-client.spec +++ b/velociraptor-client.spec @@ -20,21 +20,21 @@ Name: velociraptor-client Version: 0.6.2~git73.dc02b45e Release: 0 -Summary: Endpoint visibility and collection tool (endpoint only) +Summary: Endpoint visibility and collection tool (endpoint only) # FIXME: Select a correct license from https://github.com/openSUSE/spec-cleaner#spdx-licenses License: AGPL-3.0-only URL: https://github.com/Velocidex/velociraptor Source: %{projname}-%{version}.tar.xz -Source1: vendor-golang-%{version}.tar.xz -Patch1: velociraptor-golang-mage-vendoring.diff +Source1: vendor-golang-%{version}.tar.xz +Patch1: velociraptor-golang-mage-vendoring.diff BuildRequires: golang-packaging BuildRequires: systemd-rpm-macros BuildRequires: golang(API) >= 1.14 -BuildRequires: fileb0x -BuildRequires: mage -BuildRequires: libtsan0 -Conflicts: velociraptor +BuildRequires: fileb0x +BuildRequires: mage +BuildRequires: libtsan0 +Conflicts: velociraptor %description Velociraptor is a tool for collecting host based state information @@ -63,11 +63,14 @@ make linux_bare %install mkdir -p %buildroot/%{_bindir} -install -m 755 output/velociraptor-v%{version}-linux-* %buildroot/%{_bindir}/velociraptor +install -m 0755 output/velociraptor-v%{version}-linux-* %buildroot/%{_bindir}/velociraptor +install -m 0644 %{SOURCE2} %{buildroot}%{_unitdir}/velociraptor-client.service %files %license LICENSE %doc README.md +%dir %{_sysconfdir}/velociraptor %{_bindir}/velociraptor +%{_unitdir}/velociraptor-client.service %changelog