From 9dd9ebd585958116ac0025df92e189f6863269e84b706217b36392944cb02a09 Mon Sep 17 00:00:00 2001 From: Jeff Mahoney Date: Mon, 14 Nov 2022 15:01:41 +0000 Subject: [PATCH] Accepting request 1035679 from home:jeff_mahoney:security:sensor re-add vmlinux handling OBS-URL: https://build.opensuse.org/request/show/1035679 OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=24 --- velociraptor-client.spec | 9 +++------ velociraptor.spec | 9 +++------ vmlinux.h-5.14.21150400.22-150400-default.tar.xz | 3 +++ vmlinux.h-5.18.9-2-default.tar.xz | 3 --- 4 files changed, 9 insertions(+), 15 deletions(-) create mode 100644 vmlinux.h-5.14.21150400.22-150400-default.tar.xz delete mode 100644 vmlinux.h-5.18.9-2-default.tar.xz diff --git a/velociraptor-client.spec b/velociraptor-client.spec index c96da5f..185f00e 100644 --- a/velociraptor-client.spec +++ b/velociraptor-client.spec @@ -17,7 +17,7 @@ %define projname velociraptor %define vendor_version 0.6.4.2~git86.b5931f7 -%define vmlinux_h_version 5.18.9-2-default +%define vmlinux_h_version 5.14.21150400.22-150400-default Name: velociraptor-client Version: 0.6.4.2~git86.b5931f7 @@ -73,11 +73,8 @@ sed -ie "s/\(VERSION *= \).*/\1 \"%{version}\"/" constants/constants.go mkdir -p third_party/libbpfgo/output -# Any release more recent than SLE 15 SP3/Leap 15.3 will have this -if ! test -e /sys/kernel/btf/vmlinux; then - cp vmlinux.h-%{vmlinux_h_version}/vmlinux-%{_arch}.h \ - third_party/libbpfgo/output/vmlinux.h -fi +cp vmlinux.h-%{vmlinux_h_version}/vmlinux-%{_arch}.h \ + third_party/libbpfgo/output/vmlinux.h # These just clutter the GUI and we don't have Windows clients # Note: There are dependencies on these that need to be resolved before diff --git a/velociraptor.spec b/velociraptor.spec index 0fd6d56..ecb9396 100644 --- a/velociraptor.spec +++ b/velociraptor.spec @@ -17,7 +17,7 @@ %define projname velociraptor %define vendor_version 0.6.4.2~git86.b5931f7 -%define vmlinux_h_version 5.18.9-2-default +%define vmlinux_h_version 5.14.21150400.22-150400-default Name: velociraptor Version: 0.6.4.2~git86.b5931f7 @@ -86,11 +86,8 @@ sed -ie "s/\(VERSION *= \).*/\1 \"%{version}\"/" constants/constants.go mkdir -p third_party/libbpfgo/output -# Any release more recent than SLE 15 SP3/Leap 15.3 will have this -if ! test -e /sys/kernel/btf/vmlinux; then - cp vmlinux.h-%{vmlinux_h_version}/vmlinux-%{_arch}.h \ - third_party/libbpfgo/output/vmlinux.h -fi +cp vmlinux.h-%{vmlinux_h_version}/vmlinux-%{_arch}.h \ + third_party/libbpfgo/output/vmlinux.h # These just clutter the GUI and we don't have Windows clients # Note: There are dependencies on these that need to be resolved before diff --git a/vmlinux.h-5.14.21150400.22-150400-default.tar.xz b/vmlinux.h-5.14.21150400.22-150400-default.tar.xz new file mode 100644 index 0000000..0e89d73 --- /dev/null +++ b/vmlinux.h-5.14.21150400.22-150400-default.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3437ed2f82883d508c385951d3d146f37f7c954fa0da6021494aa15ff19dc9a0 +size 590616 diff --git a/vmlinux.h-5.18.9-2-default.tar.xz b/vmlinux.h-5.18.9-2-default.tar.xz deleted file mode 100644 index 5552aa4..0000000 --- a/vmlinux.h-5.18.9-2-default.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:75a6a812bbed4f1e7abd5a3c02d1658a96b43d3c4fc99a155739c256a8da8245 -size 457380