From 517404476c36b110b4ba21dc89e180795f7926b3 Mon Sep 17 00:00:00 2001 From: RebeccaMahany Date: Mon, 3 Feb 2025 12:18:21 -0500 Subject: [PATCH] Use generate timeout from knapsack in tablewrapper --- ee/katc/config.go | 5 +- ee/katc/config_test.go | 10 ++- ee/tables/airport/table_darwin.go | 5 +- ee/tables/app-icons/app_icons_darwin.go | 5 +- .../apple_silicon_security_policy/table.go | 5 +- .../crowdstrike/falcon_kernel_check/table.go | 5 +- ee/tables/crowdstrike/falconctl/table.go | 5 +- ee/tables/cryptoinfotable/table.go | 5 +- ee/tables/cryptsetup/table.go | 5 +- ee/tables/dataflattentable/exec.go | 5 +- ee/tables/dataflattentable/exec_and_parse.go | 5 +- ee/tables/dataflattentable/tables.go | 17 ++-- ee/tables/desktopprocs/desktopprocs.go | 5 +- ee/tables/dev_table_tooling/table.go | 5 +- .../dsim_default_associations.go | 5 +- ee/tables/filevault/filevault.go | 5 +- ee/tables/firefox_preferences/table.go | 5 +- ee/tables/firmwarepasswd/firmwarepasswd.go | 5 +- ee/tables/fscrypt_info/table.go | 5 +- ee/tables/gsettings/gsettings.go | 5 +- ee/tables/gsettings/metadata.go | 5 +- ee/tables/homebrew/upgradeable.go | 5 +- ee/tables/ioreg/ioreg.go | 5 +- ee/tables/jwt/jwt.go | 5 +- ee/tables/launcher_db/launcher_db.go | 4 +- .../available_products_table.go | 5 +- .../recommended_updates_table.go | 5 +- .../software_update_table.go | 5 +- ee/tables/mdmclient/mdmclient.go | 5 +- ee/tables/munki/munki.go | 9 +- ee/tables/nix_env/upgradeable/upgradeable.go | 5 +- .../osquery_instance_history.go | 5 +- ee/tables/osquery_user_exec_table/table.go | 5 +- ee/tables/profiles/profiles.go | 5 +- ee/tables/pwpolicy/pwpolicy.go | 5 +- ee/tables/secedit/secedit.go | 5 +- ee/tables/secureboot/table.go | 5 +- ee/tables/spotlight/spotlight.go | 5 +- ee/tables/systemprofiler/systemprofiler.go | 5 +- ee/tables/tablewrapper/tablewrapper.go | 68 +++++++++++--- ee/tables/tablewrapper/tablewrapper_test.go | 35 +++++++- ee/tables/tdebug/gc.go | 5 +- ee/tables/tufinfo/release_version.go | 2 +- ee/tables/tufinfo/release_version_test.go | 5 ++ ee/tables/wifi_networks/wifi_networks.go | 5 +- ee/tables/windowsupdatetable/windowsupdate.go | 5 +- ee/tables/wmitable/wmitable.go | 5 +- ee/tables/xfconf/xfconf.go | 5 +- ee/tables/xrdb/xrdb.go | 5 +- ee/tables/zfs/tables.go | 9 +- pkg/osquery/interactive/interactive_test.go | 4 + pkg/osquery/runtime/osqueryinstance_test.go | 2 + pkg/osquery/runtime/runtime_posix_test.go | 4 + pkg/osquery/runtime/runtime_test.go | 18 ++++ pkg/osquery/table/chrome_login_data_emails.go | 5 +- pkg/osquery/table/chrome_login_keychain.go | 5 +- pkg/osquery/table/chrome_user_profiles.go | 5 +- pkg/osquery/table/gdrive_sync.go | 5 +- pkg/osquery/table/gdrive_sync_history.go | 5 +- pkg/osquery/table/keyinfo.go | 5 +- .../kolide_launcher_autoupdate_config.go | 2 +- pkg/osquery/table/launcher_config.go | 4 +- pkg/osquery/table/launcher_db_info.go | 5 +- pkg/osquery/table/launcher_info.go | 4 +- pkg/osquery/table/macho.go | 5 +- pkg/osquery/table/mdm.go | 5 +- pkg/osquery/table/onepassword_config.go | 5 +- pkg/osquery/table/platform_tables_darwin.go | 89 ++++++++++--------- pkg/osquery/table/platform_tables_linux.go | 73 +++++++-------- pkg/osquery/table/platform_tables_windows.go | 19 ++-- pkg/osquery/table/program_icons_windows.go | 5 +- pkg/osquery/table/slack_config.go | 5 +- pkg/osquery/table/sshkeys.go | 5 +- pkg/osquery/table/table.go | 50 +++++------ pkg/osquery/table/touchid_system_darwin.go | 5 +- pkg/osquery/table/touchid_user_darwin.go | 5 +- pkg/osquery/table/user_avatar_darwin.go | 5 +- 77 files changed, 442 insertions(+), 271 deletions(-) diff --git a/ee/katc/config.go b/ee/katc/config.go index c04ae1b10..215ea8779 100644 --- a/ee/katc/config.go +++ b/ee/katc/config.go @@ -6,6 +6,7 @@ import ( "fmt" "log/slog" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/indexeddb" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/osquery/osquery-go" @@ -130,7 +131,7 @@ type ( // ConstructKATCTables takes stored configuration of KATC tables, parses the configuration, // and returns the constructed tables. -func ConstructKATCTables(config map[string]string, slogger *slog.Logger) []osquery.OsqueryPlugin { +func ConstructKATCTables(config map[string]string, flags types.Flags, slogger *slog.Logger) []osquery.OsqueryPlugin { plugins := make([]osquery.OsqueryPlugin, 0) for tableName, tableConfigStr := range config { @@ -145,7 +146,7 @@ func ConstructKATCTables(config map[string]string, slogger *slog.Logger) []osque } t, columns := newKatcTable(tableName, cfg, slogger) - plugins = append(plugins, tablewrapper.New(slogger, tableName, columns, t.generate)) + plugins = append(plugins, tablewrapper.New(flags, slogger, tableName, columns, t.generate)) } return plugins diff --git a/ee/katc/config_test.go b/ee/katc/config_test.go index fed0272e1..de30a5303 100644 --- a/ee/katc/config_test.go +++ b/ee/katc/config_test.go @@ -5,8 +5,12 @@ import ( "fmt" "runtime" "testing" + "time" + "github.com/kolide/launcher/ee/agent/flags/keys" + typesmocks "github.com/kolide/launcher/ee/agent/types/mocks" "github.com/kolide/launcher/pkg/log/multislogger" + "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" ) @@ -149,7 +153,11 @@ func TestConstructKATCTables(t *testing.T) { t.Run(tt.testCaseName, func(t *testing.T) { t.Parallel() - plugins := ConstructKATCTables(tt.katcConfig, multislogger.NewNopLogger()) + mockFlags := typesmocks.NewFlags(t) + mockFlags.On("GenerateTimeout").Return(4 * time.Minute).Maybe() + mockFlags.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return().Maybe() + + plugins := ConstructKATCTables(tt.katcConfig, mockFlags, multislogger.NewNopLogger()) require.Equal(t, tt.expectedPluginCount, len(plugins), "unexpected number of plugins") }) } diff --git a/ee/tables/airport/table_darwin.go b/ee/tables/airport/table_darwin.go index a2cec6872..86d263e8e 100644 --- a/ee/tables/airport/table_darwin.go +++ b/ee/tables/airport/table_darwin.go @@ -12,6 +12,7 @@ import ( "log/slog" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -32,7 +33,7 @@ type Table struct { const tableName = "kolide_airport_util" -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( table.TextColumn("option"), ) @@ -42,7 +43,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("name", tableName), } - return tablewrapper.New(slogger, t.name, columns, t.generate) + return tablewrapper.New(flags, slogger, t.name, columns, t.generate) } type airportExecutor struct { diff --git a/ee/tables/app-icons/app_icons_darwin.go b/ee/tables/app-icons/app_icons_darwin.go index e163d7957..2b7028732 100644 --- a/ee/tables/app-icons/app_icons_darwin.go +++ b/ee/tables/app-icons/app_icons_darwin.go @@ -35,6 +35,7 @@ import ( "image/png" "unsafe" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/nfnt/resize" @@ -45,13 +46,13 @@ import ( var crcTable = crc64.MakeTable(crc64.ECMA) -func AppIcons(slogger *slog.Logger) *table.Plugin { +func AppIcons(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("path"), table.TextColumn("icon"), table.TextColumn("hash"), } - return tablewrapper.New(slogger, "kolide_app_icons", columns, generateAppIcons) + return tablewrapper.New(flags, slogger, "kolide_app_icons", columns, generateAppIcons) } func generateAppIcons(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/apple_silicon_security_policy/table.go b/ee/tables/apple_silicon_security_policy/table.go index 6b1a3dd1b..0bb5a5ac5 100644 --- a/ee/tables/apple_silicon_security_policy/table.go +++ b/ee/tables/apple_silicon_security_policy/table.go @@ -9,6 +9,7 @@ import ( "log/slog" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -24,7 +25,7 @@ type Table struct { slogger *slog.Logger } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns() tableName := "kolide_apple_silicon_security_policy" @@ -33,7 +34,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", tableName), } - return tablewrapper.New(slogger, tableName, columns, t.generate) + return tablewrapper.New(flags, slogger, tableName, columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/crowdstrike/falcon_kernel_check/table.go b/ee/tables/crowdstrike/falcon_kernel_check/table.go index a97594344..609f9dbbd 100644 --- a/ee/tables/crowdstrike/falcon_kernel_check/table.go +++ b/ee/tables/crowdstrike/falcon_kernel_check/table.go @@ -9,6 +9,7 @@ import ( "log/slog" "regexp" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/tablehelpers" "github.com/kolide/launcher/ee/tables/tablewrapper" @@ -20,7 +21,7 @@ type Table struct { slogger *slog.Logger } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("kernel"), table.IntegerColumn("supported"), @@ -33,7 +34,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", tableName), } - return tablewrapper.New(slogger, tableName, columns, t.generate) + return tablewrapper.New(flags, slogger, tableName, columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/crowdstrike/falconctl/table.go b/ee/tables/crowdstrike/falconctl/table.go index 43c254eca..79d8d300d 100644 --- a/ee/tables/crowdstrike/falconctl/table.go +++ b/ee/tables/crowdstrike/falconctl/table.go @@ -10,6 +10,7 @@ import ( "log/slog" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -48,7 +49,7 @@ type falconctlOptionsTable struct { execFunc execFunc } -func NewFalconctlOptionTable(slogger *slog.Logger) *table.Plugin { +func NewFalconctlOptionTable(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( table.TextColumn("options"), ) @@ -59,7 +60,7 @@ func NewFalconctlOptionTable(slogger *slog.Logger) *table.Plugin { execFunc: tablehelpers.RunSimple, } - return tablewrapper.New(slogger, t.tableName, columns, t.generate) + return tablewrapper.New(flags, slogger, t.tableName, columns, t.generate) } func (t *falconctlOptionsTable) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/cryptoinfotable/table.go b/ee/tables/cryptoinfotable/table.go index fab262145..fa0b3f136 100644 --- a/ee/tables/cryptoinfotable/table.go +++ b/ee/tables/cryptoinfotable/table.go @@ -10,6 +10,7 @@ import ( "path/filepath" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/cryptoinfo" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -23,7 +24,7 @@ type Table struct { slogger *slog.Logger } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( table.TextColumn("passphrase"), table.TextColumn("path"), @@ -33,7 +34,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", "kolide_cryptinfo"), } - return tablewrapper.New(slogger, "kolide_cryptinfo", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_cryptinfo", columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/cryptsetup/table.go b/ee/tables/cryptsetup/table.go index 6ec1fd0d4..f03d5f8b9 100644 --- a/ee/tables/cryptsetup/table.go +++ b/ee/tables/cryptsetup/table.go @@ -9,6 +9,7 @@ import ( "log/slog" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -25,7 +26,7 @@ type Table struct { name string } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( table.TextColumn("name"), ) @@ -35,7 +36,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { name: "kolide_cryptsetup_status", } - return tablewrapper.New(slogger, t.name, columns, t.generate) + return tablewrapper.New(flags, slogger, t.name, columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/dataflattentable/exec.go b/ee/tables/dataflattentable/exec.go index fe5cafb0f..79c17cdbc 100644 --- a/ee/tables/dataflattentable/exec.go +++ b/ee/tables/dataflattentable/exec.go @@ -7,6 +7,7 @@ import ( "os" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/tablehelpers" @@ -26,7 +27,7 @@ func WithKVSeparator(separator string) ExecTableOpt { } } -func TablePluginExec(slogger *slog.Logger, tableName string, dataSourceType DataSourceType, cmdGen allowedcmd.AllowedCommand, execArgs []string, opts ...ExecTableOpt) *table.Plugin { +func TablePluginExec(flags types.Flags, slogger *slog.Logger, tableName string, dataSourceType DataSourceType, cmdGen allowedcmd.AllowedCommand, execArgs []string, opts ...ExecTableOpt) *table.Plugin { columns := Columns() t := &Table{ @@ -43,7 +44,7 @@ func TablePluginExec(slogger *slog.Logger, tableName string, dataSourceType Data t.flattenBytesFunc = dataSourceType.FlattenBytesFunc(t.keyValueSeparator) - return tablewrapper.New(slogger, t.tableName, columns, t.generateExec) + return tablewrapper.New(flags, slogger, t.tableName, columns, t.generateExec) } func (t *Table) generateExec(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/dataflattentable/exec_and_parse.go b/ee/tables/dataflattentable/exec_and_parse.go index d03b0d028..ae3b31f91 100644 --- a/ee/tables/dataflattentable/exec_and_parse.go +++ b/ee/tables/dataflattentable/exec_and_parse.go @@ -8,6 +8,7 @@ import ( "os" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/tablehelpers" @@ -53,7 +54,7 @@ func WithIncludeStderr() execTableV2Opt { } } -func NewExecAndParseTable(slogger *slog.Logger, tableName string, p parser, cmd allowedcmd.AllowedCommand, execArgs []string, opts ...execTableV2Opt) *table.Plugin { +func NewExecAndParseTable(flags types.Flags, slogger *slog.Logger, tableName string, p parser, cmd allowedcmd.AllowedCommand, execArgs []string, opts ...execTableV2Opt) *table.Plugin { t := &execTableV2{ slogger: slogger.With("table", tableName), tableName: tableName, @@ -67,7 +68,7 @@ func NewExecAndParseTable(slogger *slog.Logger, tableName string, p parser, cmd opt(t) } - return tablewrapper.New(slogger, t.tableName, Columns(), t.generate) + return tablewrapper.New(flags, slogger, t.tableName, Columns(), t.generate) } func (t *execTableV2) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/dataflattentable/tables.go b/ee/tables/dataflattentable/tables.go index d14551a5d..217228819 100644 --- a/ee/tables/dataflattentable/tables.go +++ b/ee/tables/dataflattentable/tables.go @@ -9,6 +9,7 @@ import ( "path/filepath" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/tablehelpers" @@ -105,17 +106,17 @@ type Table struct { } // AllTablePlugins is a helper to return all the expected flattening tables. -func AllTablePlugins(slogger *slog.Logger) []osquery.OsqueryPlugin { +func AllTablePlugins(flags types.Flags, slogger *slog.Logger) []osquery.OsqueryPlugin { return []osquery.OsqueryPlugin{ - TablePlugin(slogger, JsonType), - TablePlugin(slogger, XmlType), - TablePlugin(slogger, IniType), - TablePlugin(slogger, PlistType), - TablePlugin(slogger, JsonlType), + TablePlugin(flags, slogger, JsonType), + TablePlugin(flags, slogger, XmlType), + TablePlugin(flags, slogger, IniType), + TablePlugin(flags, slogger, PlistType), + TablePlugin(flags, slogger, JsonlType), } } -func TablePlugin(slogger *slog.Logger, dataSourceType DataSourceType) osquery.OsqueryPlugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger, dataSourceType DataSourceType) osquery.OsqueryPlugin { columns := Columns(table.TextColumn("path"), table.TextColumn("raw_data")) t := &Table{ @@ -126,7 +127,7 @@ func TablePlugin(slogger *slog.Logger, dataSourceType DataSourceType) osquery.Os t.slogger = slogger.With("table", t.tableName) - return tablewrapper.New(slogger, t.tableName, columns, t.generate) + return tablewrapper.New(flags, slogger, t.tableName, columns, t.generate) } diff --git a/ee/tables/desktopprocs/desktopprocs.go b/ee/tables/desktopprocs/desktopprocs.go index bab680d50..cffa7d5cd 100644 --- a/ee/tables/desktopprocs/desktopprocs.go +++ b/ee/tables/desktopprocs/desktopprocs.go @@ -5,20 +5,21 @@ import ( "fmt" "log/slog" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/desktop/runner" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/osquery/osquery-go/plugin/table" ) -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("uid"), table.TextColumn("pid"), table.TextColumn("start_time"), table.TextColumn("last_health_check"), } - return tablewrapper.New(slogger, "kolide_desktop_procs", columns, generate()) + return tablewrapper.New(flags, slogger, "kolide_desktop_procs", columns, generate()) } func generate() table.GenerateFunc { diff --git a/ee/tables/dev_table_tooling/table.go b/ee/tables/dev_table_tooling/table.go index de82c3af5..3c9361326 100644 --- a/ee/tables/dev_table_tooling/table.go +++ b/ee/tables/dev_table_tooling/table.go @@ -6,6 +6,7 @@ import ( "log/slog" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/tablehelpers" "github.com/kolide/launcher/ee/tables/tablewrapper" @@ -24,7 +25,7 @@ type Table struct { slogger *slog.Logger } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("name"), table.TextColumn("args"), @@ -38,7 +39,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", tableName), } - return tablewrapper.New(slogger, tableName, columns, t.generate) + return tablewrapper.New(flags, slogger, tableName, columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/dsim_default_associations/dsim_default_associations.go b/ee/tables/dsim_default_associations/dsim_default_associations.go index 45ed6c662..6f2a3ba7f 100644 --- a/ee/tables/dsim_default_associations/dsim_default_associations.go +++ b/ee/tables/dsim_default_associations/dsim_default_associations.go @@ -13,6 +13,7 @@ import ( "strings" "github.com/kolide/launcher/ee/agent" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -26,7 +27,7 @@ type Table struct { slogger *slog.Logger } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns() @@ -34,7 +35,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", "kolide_dsim_default_associations"), } - return tablewrapper.New(slogger, "kolide_dsim_default_associations", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_dsim_default_associations", columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/filevault/filevault.go b/ee/tables/filevault/filevault.go index 9b29eeb16..7b80db9fa 100644 --- a/ee/tables/filevault/filevault.go +++ b/ee/tables/filevault/filevault.go @@ -10,6 +10,7 @@ import ( "os" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/tablehelpers" "github.com/kolide/launcher/ee/tables/tablewrapper" @@ -22,7 +23,7 @@ type Table struct { slogger *slog.Logger } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("status"), } @@ -31,7 +32,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", "kolide_filevault"), } - return tablewrapper.New(slogger, "kolide_filevault", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_filevault", columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/firefox_preferences/table.go b/ee/tables/firefox_preferences/table.go index d8366addb..25bc583b8 100644 --- a/ee/tables/firefox_preferences/table.go +++ b/ee/tables/firefox_preferences/table.go @@ -8,6 +8,7 @@ import ( "regexp" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" "github.com/kolide/launcher/ee/tables/tablehelpers" @@ -35,7 +36,7 @@ const tableName = "kolide_firefox_preferences" // https://github.com/hansmi/go-mozpref var re = regexp.MustCompile(`^user_pref\("([^,]+)",\s*"?(.*?)"?\);$`) -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( table.TextColumn("path"), ) @@ -45,7 +46,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", tableName), } - return tablewrapper.New(slogger, t.name, columns, t.generate) + return tablewrapper.New(flags, slogger, t.name, columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/firmwarepasswd/firmwarepasswd.go b/ee/tables/firmwarepasswd/firmwarepasswd.go index a34b34f2c..3b8964d9f 100644 --- a/ee/tables/firmwarepasswd/firmwarepasswd.go +++ b/ee/tables/firmwarepasswd/firmwarepasswd.go @@ -16,6 +16,7 @@ import ( "strings" "github.com/kolide/launcher/ee/agent" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/tablehelpers" "github.com/kolide/launcher/ee/tables/tablewrapper" @@ -28,7 +29,7 @@ type Table struct { parser *OutputParser } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.IntegerColumn("option_roms_allowed"), table.IntegerColumn("password_enabled"), @@ -37,7 +38,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { t := New(slogger.With("table", "kolide_firmwarepasswd")) - return tablewrapper.New(slogger, "kolide_firmwarepasswd", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_firmwarepasswd", columns, t.generate) } diff --git a/ee/tables/fscrypt_info/table.go b/ee/tables/fscrypt_info/table.go index 092adb520..8703ccc2b 100644 --- a/ee/tables/fscrypt_info/table.go +++ b/ee/tables/fscrypt_info/table.go @@ -3,6 +3,7 @@ package fscrypt_info import ( "log/slog" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/osquery/osquery-go/plugin/table" ) @@ -15,7 +16,7 @@ type Table struct { slogger *slog.Logger } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("path"), table.IntegerColumn("encrypted"), @@ -30,5 +31,5 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { t := &Table{ slogger: slogger.With("table", tableName), } - return tablewrapper.New(slogger, tableName, columns, t.generate) + return tablewrapper.New(flags, slogger, tableName, columns, t.generate) } diff --git a/ee/tables/gsettings/gsettings.go b/ee/tables/gsettings/gsettings.go index 76d4dd59a..3839ad3d8 100644 --- a/ee/tables/gsettings/gsettings.go +++ b/ee/tables/gsettings/gsettings.go @@ -16,6 +16,7 @@ import ( "strings" "github.com/kolide/launcher/ee/agent" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/tablehelpers" "github.com/kolide/launcher/ee/tables/tablewrapper" @@ -34,7 +35,7 @@ type GsettingsValues struct { // Settings returns a table plugin for querying setting values from the // gsettings command. -func Settings(slogger *slog.Logger) *table.Plugin { +func Settings(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("schema"), table.TextColumn("key"), @@ -47,7 +48,7 @@ func Settings(slogger *slog.Logger) *table.Plugin { getBytes: execGsettings, } - return tablewrapper.New(slogger, "kolide_gsettings", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_gsettings", columns, t.generate) } func (t *GsettingsValues) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/gsettings/metadata.go b/ee/tables/gsettings/metadata.go index 0ffedb7bd..fb4328d96 100644 --- a/ee/tables/gsettings/metadata.go +++ b/ee/tables/gsettings/metadata.go @@ -15,6 +15,7 @@ import ( "strings" "github.com/kolide/launcher/ee/agent" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/tablehelpers" "github.com/kolide/launcher/ee/tables/tablewrapper" @@ -30,7 +31,7 @@ type GsettingsMetadata struct { // Metadata returns a table plugin for querying metadata about specific keys in // specific schemas -func Metadata(slogger *slog.Logger) *table.Plugin { +func Metadata(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ // TODO: maybe need to add 'path' for relocatable schemas.. table.TextColumn("schema"), @@ -44,7 +45,7 @@ func Metadata(slogger *slog.Logger) *table.Plugin { cmdRunner: execGsettingsCommand, } - return tablewrapper.New(slogger, "kolide_gsettings_metadata", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_gsettings_metadata", columns, t.generate) } func (t *GsettingsMetadata) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/homebrew/upgradeable.go b/ee/tables/homebrew/upgradeable.go index fab64cd4d..7a5ed80d2 100644 --- a/ee/tables/homebrew/upgradeable.go +++ b/ee/tables/homebrew/upgradeable.go @@ -14,6 +14,7 @@ import ( "strings" "syscall" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -27,7 +28,7 @@ type Table struct { slogger *slog.Logger } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( table.TextColumn("uid"), ) @@ -36,7 +37,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", "kolide_brew_upgradeable"), } - return tablewrapper.New(slogger, "kolide_brew_upgradeable", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_brew_upgradeable", columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/ioreg/ioreg.go b/ee/tables/ioreg/ioreg.go index b1c2b9434..18bdfcf43 100644 --- a/ee/tables/ioreg/ioreg.go +++ b/ee/tables/ioreg/ioreg.go @@ -14,6 +14,7 @@ import ( "log/slog" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -30,7 +31,7 @@ type Table struct { tableName string } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( // ioreg input options. These match the ioreg @@ -48,7 +49,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { tableName: "kolide_ioreg", } - return tablewrapper.New(slogger, t.tableName, columns, t.generate) + return tablewrapper.New(flags, slogger, t.tableName, columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/jwt/jwt.go b/ee/tables/jwt/jwt.go index 8fd85aefe..ec74858d3 100644 --- a/ee/tables/jwt/jwt.go +++ b/ee/tables/jwt/jwt.go @@ -13,6 +13,7 @@ import ( "strings" "github.com/golang-jwt/jwt/v5" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" "github.com/kolide/launcher/ee/tables/tablehelpers" @@ -47,7 +48,7 @@ type Table struct { slogger *slog.Logger } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( table.TextColumn("path"), table.TextColumn("signing_keys"), @@ -58,7 +59,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", "kolide_jwt"), } - return tablewrapper.New(slogger, "kolide_jwt", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_jwt", columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/launcher_db/launcher_db.go b/ee/tables/launcher_db/launcher_db.go index 7359f9f0e..9581830b2 100644 --- a/ee/tables/launcher_db/launcher_db.go +++ b/ee/tables/launcher_db/launcher_db.go @@ -13,13 +13,13 @@ import ( // TablePlugin provides an osquery table plugin that exposes data found in the server_provided_data launcher.db bucket. // This data is intended to be updated by the control server. -func TablePlugin(slogger *slog.Logger, tableName string, iterator types.Iterator) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger, tableName string, iterator types.Iterator) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("key"), table.TextColumn("value"), } - return tablewrapper.New(slogger, tableName, columns, generateServerDataTable(tableName, iterator)) + return tablewrapper.New(flags, slogger, tableName, columns, generateServerDataTable(tableName, iterator)) } func generateServerDataTable(tableName string, iterator types.Iterator) table.GenerateFunc { diff --git a/ee/tables/macos_software_update/available_products_table.go b/ee/tables/macos_software_update/available_products_table.go index 2b6608664..5c8baa931 100644 --- a/ee/tables/macos_software_update/available_products_table.go +++ b/ee/tables/macos_software_update/available_products_table.go @@ -17,6 +17,7 @@ import ( "strings" "time" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" "github.com/kolide/launcher/ee/tables/tablehelpers" @@ -28,7 +29,7 @@ import ( var productsData []map[string]interface{} var cachedTime time.Time -func AvailableProducts(slogger *slog.Logger) *table.Plugin { +func AvailableProducts(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns() tableName := "kolide_macos_available_products" @@ -37,7 +38,7 @@ func AvailableProducts(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", tableName), } - return tablewrapper.New(slogger, tableName, columns, t.generateAvailableProducts) + return tablewrapper.New(flags, slogger, tableName, columns, t.generateAvailableProducts) } func (t *Table) generateAvailableProducts(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/macos_software_update/recommended_updates_table.go b/ee/tables/macos_software_update/recommended_updates_table.go index d95c3c834..908fadbb3 100644 --- a/ee/tables/macos_software_update/recommended_updates_table.go +++ b/ee/tables/macos_software_update/recommended_updates_table.go @@ -16,6 +16,7 @@ import ( "log/slog" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" "github.com/kolide/launcher/ee/tables/tablehelpers" @@ -30,7 +31,7 @@ type Table struct { slogger *slog.Logger } -func RecommendedUpdates(slogger *slog.Logger) *table.Plugin { +func RecommendedUpdates(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns() tableName := "kolide_macos_recommended_updates" @@ -39,7 +40,7 @@ func RecommendedUpdates(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", tableName), } - return tablewrapper.New(slogger, tableName, columns, t.generate) + return tablewrapper.New(flags, slogger, tableName, columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/macos_software_update/software_update_table.go b/ee/tables/macos_software_update/software_update_table.go index 48d03eaa7..cbc086d67 100644 --- a/ee/tables/macos_software_update/software_update_table.go +++ b/ee/tables/macos_software_update/software_update_table.go @@ -18,13 +18,14 @@ import ( "strconv" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/osquery/osquery-go/plugin/table" "golang.org/x/sys/unix" ) -func MacOSUpdate(slogger *slog.Logger) *table.Plugin { +func MacOSUpdate(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.IntegerColumn("autoupdate_managed"), table.IntegerColumn("autoupdate_enabled"), @@ -40,7 +41,7 @@ func MacOSUpdate(slogger *slog.Logger) *table.Plugin { table.IntegerColumn("last_successful_check_timestamp"), } tableGen := &osUpdateTable{} - return tablewrapper.New(slogger, "kolide_macos_software_update", columns, tableGen.generateMacUpdate) + return tablewrapper.New(flags, slogger, "kolide_macos_software_update", columns, tableGen.generateMacUpdate) } type osUpdateTable struct { diff --git a/ee/tables/mdmclient/mdmclient.go b/ee/tables/mdmclient/mdmclient.go index 6eaa3cb07..e3ef7422d 100644 --- a/ee/tables/mdmclient/mdmclient.go +++ b/ee/tables/mdmclient/mdmclient.go @@ -14,6 +14,7 @@ import ( "regexp" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -54,7 +55,7 @@ type Table struct { tableName string } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( table.TextColumn("command"), ) @@ -64,7 +65,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { tableName: "kolide_mdmclient", } - return tablewrapper.New(slogger, t.tableName, columns, t.generate) + return tablewrapper.New(flags, slogger, t.tableName, columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/munki/munki.go b/ee/tables/munki/munki.go index da7fc6a2f..dcb8dce2c 100644 --- a/ee/tables/munki/munki.go +++ b/ee/tables/munki/munki.go @@ -11,6 +11,7 @@ import ( "strings" "github.com/groob/plist" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/osquery/osquery-go/plugin/table" @@ -29,7 +30,7 @@ func New() *MunkiInfo { } } -func (m *MunkiInfo) MunkiReport(slogger *slog.Logger) *table.Plugin { +func (m *MunkiInfo) MunkiReport(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("version"), table.TextColumn("start_time"), @@ -40,17 +41,17 @@ func (m *MunkiInfo) MunkiReport(slogger *slog.Logger) *table.Plugin { table.TextColumn("console_user"), table.TextColumn("manifest_name"), } - return tablewrapper.New(slogger, "kolide_munki_report", columns, m.generateMunkiReport) + return tablewrapper.New(flags, slogger, "kolide_munki_report", columns, m.generateMunkiReport) } -func (m *MunkiInfo) ManagedInstalls(slogger *slog.Logger) *table.Plugin { +func (m *MunkiInfo) ManagedInstalls(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("installed_version"), table.TextColumn("installed"), table.TextColumn("name"), table.TextColumn("end_time"), } - return tablewrapper.New(slogger, "kolide_munki_installs", columns, m.generateMunkiInstalls) + return tablewrapper.New(flags, slogger, "kolide_munki_installs", columns, m.generateMunkiInstalls) } func (m *MunkiInfo) generateMunkiInstalls(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/nix_env/upgradeable/upgradeable.go b/ee/tables/nix_env/upgradeable/upgradeable.go index f6564c9c8..47a84ed54 100644 --- a/ee/tables/nix_env/upgradeable/upgradeable.go +++ b/ee/tables/nix_env/upgradeable/upgradeable.go @@ -10,6 +10,7 @@ import ( "log/slog" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -25,7 +26,7 @@ type Table struct { slogger *slog.Logger } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( table.TextColumn("uid"), ) @@ -34,7 +35,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", "kolide_nix_upgradeable"), } - return tablewrapper.New(slogger, "kolide_nix_upgradeable", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_nix_upgradeable", columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/osquery_instance_history/osquery_instance_history.go b/ee/tables/osquery_instance_history/osquery_instance_history.go index 3cbeffdd7..eeca9ff3d 100644 --- a/ee/tables/osquery_instance_history/osquery_instance_history.go +++ b/ee/tables/osquery_instance_history/osquery_instance_history.go @@ -4,13 +4,14 @@ import ( "context" "log/slog" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/osquery/runtime/history" "github.com/kolide/launcher/pkg/traces" "github.com/osquery/osquery-go/plugin/table" ) -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("registration_id"), table.TextColumn("instance_run_id"), @@ -22,7 +23,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { table.TextColumn("version"), table.TextColumn("errors"), } - return tablewrapper.New(slogger, "kolide_launcher_osquery_instance_history", columns, generate()) + return tablewrapper.New(flags, slogger, "kolide_launcher_osquery_instance_history", columns, generate()) } func generate() table.GenerateFunc { diff --git a/ee/tables/osquery_user_exec_table/table.go b/ee/tables/osquery_user_exec_table/table.go index 53479f311..206299c7e 100644 --- a/ee/tables/osquery_user_exec_table/table.go +++ b/ee/tables/osquery_user_exec_table/table.go @@ -22,6 +22,7 @@ import ( "fmt" "log/slog" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablehelpers" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" @@ -40,7 +41,7 @@ type Table struct { } func TablePlugin( - slogger *slog.Logger, tablename string, osqueryd string, + flags types.Flags, slogger *slog.Logger, tablename string, osqueryd string, osqueryQuery string, columns []table.ColumnDefinition, ) *table.Plugin { columns = append(columns, table.TextColumn("user")) @@ -52,7 +53,7 @@ func TablePlugin( tablename: tablename, } - return tablewrapper.New(slogger, t.tablename, columns, t.generate) + return tablewrapper.New(flags, slogger, t.tablename, columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/profiles/profiles.go b/ee/tables/profiles/profiles.go index 64a036321..f47b22224 100644 --- a/ee/tables/profiles/profiles.go +++ b/ee/tables/profiles/profiles.go @@ -19,6 +19,7 @@ import ( "strings" "github.com/kolide/launcher/ee/agent" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -42,7 +43,7 @@ type Table struct { tableName string } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { // profiles options. See `man profiles`. These may not be needed, // we use `show -all` as the default, and it probably covers // everything. @@ -57,7 +58,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { tableName: "kolide_profiles", } - return tablewrapper.New(slogger, t.tableName, columns, t.generate) + return tablewrapper.New(flags, slogger, t.tableName, columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/pwpolicy/pwpolicy.go b/ee/tables/pwpolicy/pwpolicy.go index f6c3f5e11..0c8f35c64 100644 --- a/ee/tables/pwpolicy/pwpolicy.go +++ b/ee/tables/pwpolicy/pwpolicy.go @@ -16,6 +16,7 @@ import ( "log/slog" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -33,7 +34,7 @@ type Table struct { execCC allowedcmd.AllowedCommand } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( table.TextColumn("username"), @@ -45,7 +46,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { execCC: allowedcmd.Pwpolicy, } - return tablewrapper.New(slogger, t.tableName, columns, t.generate) + return tablewrapper.New(flags, slogger, t.tableName, columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/secedit/secedit.go b/ee/tables/secedit/secedit.go index b890de8b7..7ce9f4441 100644 --- a/ee/tables/secedit/secedit.go +++ b/ee/tables/secedit/secedit.go @@ -15,6 +15,7 @@ import ( "strings" "github.com/kolide/launcher/ee/agent" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -31,7 +32,7 @@ type Table struct { slogger *slog.Logger } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( table.TextColumn("mergedpolicy"), ) @@ -40,7 +41,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", "kolide_secedit"), } - return tablewrapper.New(slogger, "kolide_secedit", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_secedit", columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/secureboot/table.go b/ee/tables/secureboot/table.go index 38e9956a4..886873654 100644 --- a/ee/tables/secureboot/table.go +++ b/ee/tables/secureboot/table.go @@ -5,6 +5,7 @@ import ( "fmt" "log/slog" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/efi" "github.com/kolide/launcher/pkg/traces" @@ -15,7 +16,7 @@ type Table struct { slogger *slog.Logger } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.IntegerColumn("secure_boot"), table.IntegerColumn("setup_mode"), @@ -25,7 +26,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", "kolide_secureboot"), } - return tablewrapper.New(slogger, "kolide_secureboot", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_secureboot", columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/spotlight/spotlight.go b/ee/tables/spotlight/spotlight.go index 799207373..07298dcc0 100644 --- a/ee/tables/spotlight/spotlight.go +++ b/ee/tables/spotlight/spotlight.go @@ -13,6 +13,7 @@ import ( "log/slog" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/tablehelpers" "github.com/kolide/launcher/ee/tables/tablewrapper" @@ -32,7 +33,7 @@ Example Query: AS f JOIN kolide_spotlight ON spotlight.path = f.path AND spotlight.query = "kMDItemKint = 'Agile Keychain'"; */ -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("query"), table.TextColumn("path"), @@ -42,7 +43,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", "kolide_spotlight"), } - return tablewrapper.New(slogger, "kolide_spotlight", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_spotlight", columns, t.generate) } func (t *spotlightTable) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/systemprofiler/systemprofiler.go b/ee/tables/systemprofiler/systemprofiler.go index 3ad332ab2..20aa4241b 100644 --- a/ee/tables/systemprofiler/systemprofiler.go +++ b/ee/tables/systemprofiler/systemprofiler.go @@ -44,6 +44,7 @@ import ( "strings" "github.com/groob/plist" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -87,7 +88,7 @@ type Table struct { tableName string } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( table.TextColumn("parentdatatype"), table.TextColumn("datatype"), @@ -99,7 +100,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { tableName: "kolide_system_profiler", } - return tablewrapper.New(slogger, t.tableName, columns, t.generate) + return tablewrapper.New(flags, slogger, t.tableName, columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/tablewrapper/tablewrapper.go b/ee/tables/tablewrapper/tablewrapper.go index b527e4483..4ecf433b1 100644 --- a/ee/tables/tablewrapper/tablewrapper.go +++ b/ee/tables/tablewrapper/tablewrapper.go @@ -4,8 +4,12 @@ import ( "context" "fmt" "log/slog" + "slices" + "sync" "time" + "github.com/kolide/launcher/ee/agent/flags/keys" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/gowrapper" "github.com/kolide/launcher/pkg/traces" "github.com/osquery/osquery-go/plugin/table" @@ -18,16 +22,19 @@ const ( ) type wrappedTable struct { - slogger *slog.Logger - name string - gen table.GenerateFunc - genTimeout time.Duration - workers *semaphore.Weighted + flagsController types.Flags + slogger *slog.Logger + name string + gen table.GenerateFunc + genTimeout time.Duration + genTimeoutLock *sync.Mutex + workers *semaphore.Weighted } type tablePluginOption func(*wrappedTable) -// WithGenerateTimeout overrides the default table timeout of four minutes +// WithGenerateTimeout overrides the default table timeout of four minutes. +// The control server may override this value. func WithGenerateTimeout(genTimeout time.Duration) tablePluginOption { return func(w *wrappedTable) { w.genTimeout = genTimeout @@ -41,29 +48,62 @@ type generateResult struct { // New returns a table plugin that will attempt to execute a query up until the given timeout, // at which point it will instead return no rows and a timeout error. -func New(slogger *slog.Logger, name string, columns []table.ColumnDefinition, gen table.GenerateFunc, opts ...tablePluginOption) *table.Plugin { +func New(flags types.Flags, slogger *slog.Logger, name string, columns []table.ColumnDefinition, gen table.GenerateFunc, opts ...tablePluginOption) *table.Plugin { wt := &wrappedTable{ - slogger: slogger.With("table_name", name), - name: name, - gen: gen, - genTimeout: DefaultTableTimeout, - workers: semaphore.NewWeighted(numWorkers), + flagsController: flags, + slogger: slogger.With("table_name", name), + name: name, + gen: gen, + genTimeout: flags.GenerateTimeout(), + genTimeoutLock: &sync.Mutex{}, + workers: semaphore.NewWeighted(numWorkers), } for _, opt := range opts { opt(wt) } + flags.RegisterChangeObserver(wt, keys.GenerateTimeout) + return table.NewPlugin(name, columns, wt.generate) //nolint:forbidigo // This is our one allowed usage of table.NewPlugin } +// FlagsChanged satisfies the types.FlagsChangeObserver interface -- handles updates to flags +// that we care about, which is just `GenerateTimeout` +func (wt *wrappedTable) FlagsChanged(ctx context.Context, flagKeys ...keys.FlagKey) { + ctx, span := traces.StartSpan(ctx) + defer span.End() + + if !slices.Contains(flagKeys, keys.GenerateTimeout) { + return + } + + wt.genTimeoutLock.Lock() + defer wt.genTimeoutLock.Unlock() + + newGenTimeout := wt.flagsController.GenerateTimeout() + + wt.slogger.Log(ctx, slog.LevelInfo, + "received changed value for generate_timeout", + "old_timeout", wt.genTimeout.String(), + "new_timeout", newGenTimeout.String(), + ) + + wt.genTimeout = newGenTimeout +} + // generate wraps `wt.gen`, ensuring the function is traced and that it does not run for longer // than `wt.genTimeout`. func (wt *wrappedTable) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { ctx, span := traces.StartSpan(ctx, "table_name", wt.name, "generate_timeout", wt.genTimeout.String()) defer span.End() - ctx, cancel := context.WithTimeout(ctx, wt.genTimeout) + // Get the current timeout value -- this value can change per the control server + wt.genTimeoutLock.Lock() + genTimeout := wt.genTimeout + wt.genTimeoutLock.Unlock() + + ctx, cancel := context.WithTimeout(ctx, genTimeout) defer cancel() // A worker must be available for us to try to run the generate function -- @@ -95,7 +135,7 @@ func (wt *wrappedTable) generate(ctx context.Context, queryContext table.QueryCo "query timed out", "queried_columns", fmt.Sprintf("%+v", queriedColumns), ) - return nil, fmt.Errorf("querying %s timed out after %s (queried columns: %v)", wt.name, wt.genTimeout.String(), queriedColumns) + return nil, fmt.Errorf("querying %s timed out after %s (queried columns: %v)", wt.name, genTimeout.String(), queriedColumns) } } diff --git a/ee/tables/tablewrapper/tablewrapper_test.go b/ee/tables/tablewrapper/tablewrapper_test.go index abdff34b5..4a4c52020 100644 --- a/ee/tables/tablewrapper/tablewrapper_test.go +++ b/ee/tables/tablewrapper/tablewrapper_test.go @@ -5,9 +5,12 @@ import ( "testing" "time" + "github.com/kolide/launcher/ee/agent/flags/keys" + typesmocks "github.com/kolide/launcher/ee/agent/types/mocks" "github.com/kolide/launcher/pkg/log/multislogger" "github.com/osquery/osquery-go/gen/osquery" "github.com/osquery/osquery-go/plugin/table" + "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" ) @@ -23,7 +26,11 @@ func TestCall(t *testing.T) { expectedRow, } - w := New(multislogger.NewNopLogger(), expectedName, nil, func(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { + mockFlags := typesmocks.NewFlags(t) + mockFlags.On("GenerateTimeout").Return(4 * time.Minute) + mockFlags.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return() + + w := New(mockFlags, multislogger.NewNopLogger(), expectedName, nil, func(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { return expectedRows, nil }, WithGenerateTimeout(overrideTimeout)) @@ -35,6 +42,8 @@ func TestCall(t *testing.T) { require.Equal(t, int32(0), resp.Status.Code) // success require.Equal(t, 1, len(resp.Response)) require.Equal(t, expectedRow, resp.Response[0]) + + mockFlags.AssertExpectations(t) } func TestCall_handlesTimeout(t *testing.T) { @@ -43,7 +52,11 @@ func TestCall_handlesTimeout(t *testing.T) { expectedName := "test_table" overrideTimeout := 3 * time.Second - w := New(multislogger.NewNopLogger(), expectedName, nil, func(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { + mockFlags := typesmocks.NewFlags(t) + mockFlags.On("GenerateTimeout").Return(4 * time.Minute) + mockFlags.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return() + + w := New(mockFlags, multislogger.NewNopLogger(), expectedName, nil, func(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { // The generate function must take longer than the timeout time.Sleep(3 * overrideTimeout) return []map[string]string{ @@ -71,6 +84,8 @@ func TestCall_handlesTimeout(t *testing.T) { t.Error("generate did not return within timeout") t.FailNow() } + + mockFlags.AssertExpectations(t) } func TestCall_allowsConcurrentRequests(t *testing.T) { @@ -85,7 +100,11 @@ func TestCall_allowsConcurrentRequests(t *testing.T) { expectedRow, } - w := New(multislogger.NewNopLogger(), expectedName, nil, func(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { + mockFlags := typesmocks.NewFlags(t) + mockFlags.On("GenerateTimeout").Return(4 * time.Minute) + mockFlags.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return() + + w := New(mockFlags, multislogger.NewNopLogger(), expectedName, nil, func(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { time.Sleep(100 * time.Millisecond) // very short wait -- generate will not time out return expectedRows, nil }, WithGenerateTimeout(overrideTimeout)) @@ -113,6 +132,8 @@ func TestCall_allowsConcurrentRequests(t *testing.T) { t.FailNow() } } + + mockFlags.AssertExpectations(t) } func TestCall_limitsExcessiveConcurrentRequests(t *testing.T) { @@ -127,7 +148,11 @@ func TestCall_limitsExcessiveConcurrentRequests(t *testing.T) { expectedRow, } - w := New(multislogger.NewNopLogger(), expectedName, nil, func(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { + mockFlags := typesmocks.NewFlags(t) + mockFlags.On("GenerateTimeout").Return(4 * time.Minute) + mockFlags.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return() + + w := New(mockFlags, multislogger.NewNopLogger(), expectedName, nil, func(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { time.Sleep(overrideTimeout + 1*time.Second) // generate should always time out return expectedRows, nil }, WithGenerateTimeout(overrideTimeout)) @@ -183,4 +208,6 @@ func TestCall_limitsExcessiveConcurrentRequests(t *testing.T) { resp := w.Call(context.TODO(), map[string]string{"action": "generate", "context": "{}"}) require.Equal(t, int32(1), resp.Status.Code) // failure require.Contains(t, resp.Status.Message, "timed out after") // matches `querying %s timed out after %s (queried columns: %v)` + + mockFlags.AssertExpectations(t) } diff --git a/ee/tables/tdebug/gc.go b/ee/tables/tdebug/gc.go index 861989d16..1ca3247ad 100644 --- a/ee/tables/tdebug/gc.go +++ b/ee/tables/tdebug/gc.go @@ -8,6 +8,7 @@ import ( "runtime/debug" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" "github.com/kolide/launcher/ee/tables/tablehelpers" @@ -25,14 +26,14 @@ type gcTable struct { stats debug.GCStats } -func LauncherGcInfo(slogger *slog.Logger) *table.Plugin { +func LauncherGcInfo(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns() t := &gcTable{ slogger: slogger.With("table", gcTableName), } - return tablewrapper.New(slogger, gcTableName, columns, t.generate) + return tablewrapper.New(flags, slogger, gcTableName, columns, t.generate) } func (t *gcTable) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/tufinfo/release_version.go b/ee/tables/tufinfo/release_version.go index 80c457a5e..c2b92a533 100644 --- a/ee/tables/tufinfo/release_version.go +++ b/ee/tables/tufinfo/release_version.go @@ -30,7 +30,7 @@ func TufReleaseVersionTable(slogger *slog.Logger, flags types.Flags) *table.Plug table.TextColumn("target"), } - return tablewrapper.New(slogger, tufReleaseVersionTableName, columns, generateTufReleaseVersionTable(flags)) + return tablewrapper.New(flags, slogger, tufReleaseVersionTableName, columns, generateTufReleaseVersionTable(flags)) } func generateTufReleaseVersionTable(flags types.Flags) table.GenerateFunc { diff --git a/ee/tables/tufinfo/release_version_test.go b/ee/tables/tufinfo/release_version_test.go index 9b308f829..3b0eb4740 100644 --- a/ee/tables/tufinfo/release_version_test.go +++ b/ee/tables/tufinfo/release_version_test.go @@ -6,14 +6,17 @@ import ( "math/rand" "runtime" "testing" + "time" "github.com/google/uuid" + "github.com/kolide/launcher/ee/agent/flags/keys" "github.com/kolide/launcher/ee/agent/types/mocks" "github.com/kolide/launcher/ee/tuf" tufci "github.com/kolide/launcher/ee/tuf/ci" "github.com/kolide/launcher/pkg/log/multislogger" "github.com/osquery/osquery-go/gen/osquery" + "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" ) @@ -31,6 +34,8 @@ func TestTufReleaseVersionTable(t *testing.T) { mockFlags := mocks.NewFlags(t) mockFlags.On("RootDirectory").Return(testRootDir) + mockFlags.On("GenerateTimeout").Return(4 * time.Minute) + mockFlags.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return() // Call table generate func and validate that our data matches what exists in the filesystem testTable := TufReleaseVersionTable(multislogger.NewNopLogger(), mockFlags) diff --git a/ee/tables/wifi_networks/wifi_networks.go b/ee/tables/wifi_networks/wifi_networks.go index 5eb3bfc67..cb8f32edc 100644 --- a/ee/tables/wifi_networks/wifi_networks.go +++ b/ee/tables/wifi_networks/wifi_networks.go @@ -14,6 +14,7 @@ import ( "time" "github.com/kolide/launcher/ee/agent" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" @@ -43,7 +44,7 @@ type Table struct { getBytes execer } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns() t := &Table{ @@ -51,7 +52,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { getBytes: execPwsh(slogger), } - return tablewrapper.New(slogger, "kolide_wifi_networks", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_wifi_networks", columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/windowsupdatetable/windowsupdate.go b/ee/tables/windowsupdatetable/windowsupdate.go index 21bbcaa9d..987ff2de7 100644 --- a/ee/tables/windowsupdatetable/windowsupdate.go +++ b/ee/tables/windowsupdatetable/windowsupdate.go @@ -11,6 +11,7 @@ import ( "strconv" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" "github.com/kolide/launcher/ee/tables/tablehelpers" @@ -34,7 +35,7 @@ type Table struct { name string } -func TablePlugin(mode tableMode, slogger *slog.Logger) *table.Plugin { +func TablePlugin(mode tableMode, flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( table.TextColumn("locale"), @@ -54,7 +55,7 @@ func TablePlugin(mode tableMode, slogger *slog.Logger) *table.Plugin { t.slogger = slogger.With("name", t.name) - return tablewrapper.New(slogger, t.name, columns, t.generate) + return tablewrapper.New(flags, slogger, t.name, columns, t.generate) } func queryUpdates(searcher *windowsupdate.IUpdateSearcher) (interface{}, error) { diff --git a/ee/tables/wmitable/wmitable.go b/ee/tables/wmitable/wmitable.go index 34ac7ac17..a72b63277 100644 --- a/ee/tables/wmitable/wmitable.go +++ b/ee/tables/wmitable/wmitable.go @@ -10,6 +10,7 @@ import ( "strings" "time" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" "github.com/kolide/launcher/ee/tables/tablehelpers" @@ -25,7 +26,7 @@ type Table struct { slogger *slog.Logger } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := dataflattentable.Columns( table.TextColumn("namespace"), @@ -38,7 +39,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", "kolide_wmi"), } - return tablewrapper.New(slogger, "kolide_wmi", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_wmi", columns, t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/xfconf/xfconf.go b/ee/tables/xfconf/xfconf.go index efdaab062..b041d427e 100644 --- a/ee/tables/xfconf/xfconf.go +++ b/ee/tables/xfconf/xfconf.go @@ -13,6 +13,7 @@ import ( "path/filepath" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" "github.com/kolide/launcher/ee/tables/tablehelpers" @@ -32,12 +33,12 @@ type xfconfTable struct { slogger *slog.Logger } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { t := &xfconfTable{ slogger: slogger.With("table", "kolide_xfconf"), } - return tablewrapper.New(slogger, "kolide_xfconf", dataflattentable.Columns(table.TextColumn("username"), table.TextColumn("path")), t.generate) + return tablewrapper.New(flags, slogger, "kolide_xfconf", dataflattentable.Columns(table.TextColumn("username"), table.TextColumn("path")), t.generate) } func (t *xfconfTable) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/xrdb/xrdb.go b/ee/tables/xrdb/xrdb.go index 94c421ce7..be0ed687d 100644 --- a/ee/tables/xrdb/xrdb.go +++ b/ee/tables/xrdb/xrdb.go @@ -16,6 +16,7 @@ import ( "strings" "github.com/kolide/launcher/ee/agent" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/tablehelpers" "github.com/kolide/launcher/ee/tables/tablewrapper" @@ -34,7 +35,7 @@ type XRDBSettings struct { getBytes execer } -func TablePlugin(slogger *slog.Logger) *table.Plugin { +func TablePlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("key"), table.TextColumn("value"), @@ -47,7 +48,7 @@ func TablePlugin(slogger *slog.Logger) *table.Plugin { getBytes: execXRDB, } - return tablewrapper.New(slogger, "kolide_xrdb", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_xrdb", columns, t.generate) } func (t *XRDBSettings) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/ee/tables/zfs/tables.go b/ee/tables/zfs/tables.go index e9feff6ad..00add1fc6 100644 --- a/ee/tables/zfs/tables.go +++ b/ee/tables/zfs/tables.go @@ -12,6 +12,7 @@ import ( "os" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/tablehelpers" "github.com/kolide/launcher/ee/tables/tablewrapper" @@ -37,24 +38,24 @@ func columns() []table.ColumnDefinition { } } -func ZfsPropertiesPlugin(slogger *slog.Logger) *table.Plugin { +func ZfsPropertiesPlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { t := &Table{ slogger: slogger.With("table", "kolide_zfs_properties"), cmd: allowedcmd.Zfs, tableName: "kolide_zfs_properties", } - return tablewrapper.New(slogger, "kolide_zfs_properties", columns(), t.generate) + return tablewrapper.New(flags, slogger, "kolide_zfs_properties", columns(), t.generate) } -func ZpoolPropertiesPlugin(slogger *slog.Logger) *table.Plugin { +func ZpoolPropertiesPlugin(flags types.Flags, slogger *slog.Logger) *table.Plugin { t := &Table{ slogger: slogger.With("table", "kolide_zpool_properties"), cmd: allowedcmd.Zpool, tableName: "kolide_zpool_properties", } - return tablewrapper.New(slogger, "kolide_zpool_properties", columns(), t.generate) + return tablewrapper.New(flags, slogger, "kolide_zpool_properties", columns(), t.generate) } func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/pkg/osquery/interactive/interactive_test.go b/pkg/osquery/interactive/interactive_test.go index ff9298425..efeff26cf 100644 --- a/pkg/osquery/interactive/interactive_test.go +++ b/pkg/osquery/interactive/interactive_test.go @@ -18,11 +18,13 @@ import ( "github.com/kolide/kit/fsutil" "github.com/kolide/kit/ulid" + "github.com/kolide/launcher/ee/agent/flags/keys" "github.com/kolide/launcher/ee/agent/storage" storageci "github.com/kolide/launcher/ee/agent/storage/ci" "github.com/kolide/launcher/ee/agent/types/mocks" "github.com/kolide/launcher/pkg/packaging" "github.com/kolide/launcher/pkg/threadsafebuffer" + "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" ) @@ -125,6 +127,8 @@ func TestProc(t *testing.T) { store, err := storageci.NewStore(t, slogger, storage.KatcConfigStore.String()) require.NoError(t, err) mockSack.On("KatcConfigStore").Return(store) + mockSack.On("GenerateTimeout").Return(4 * time.Minute).Maybe() + mockSack.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return().Maybe() // Make sure the process starts in a timely fashion var proc *os.Process diff --git a/pkg/osquery/runtime/osqueryinstance_test.go b/pkg/osquery/runtime/osqueryinstance_test.go index 2805cb23a..68868275d 100644 --- a/pkg/osquery/runtime/osqueryinstance_test.go +++ b/pkg/osquery/runtime/osqueryinstance_test.go @@ -270,6 +270,8 @@ func TestLaunch(t *testing.T) { k.On("PinnedLauncherVersion").Return("").Maybe() k.On("PinnedOsquerydVersion").Return("").Maybe() k.On("RegistrationIDs").Return([]string{types.DefaultRegistrationID}).Maybe() + k.On("GenerateTimeout").Return(4 * time.Minute).Maybe() + k.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return().Maybe() s := settingsstoremock.NewSettingsStoreWriter(t) s.On("WriteSettings").Return(nil) diff --git a/pkg/osquery/runtime/runtime_posix_test.go b/pkg/osquery/runtime/runtime_posix_test.go index 64265ae8c..4e6b2d9b0 100644 --- a/pkg/osquery/runtime/runtime_posix_test.go +++ b/pkg/osquery/runtime/runtime_posix_test.go @@ -64,6 +64,8 @@ func TestOsquerySlowStart(t *testing.T) { k.On("UpdateChannel").Return("stable").Maybe() k.On("PinnedLauncherVersion").Return("").Maybe() k.On("PinnedOsquerydVersion").Return("").Maybe() + k.On("GenerateTimeout").Return(4 * time.Minute).Maybe() + k.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return().Maybe() setUpMockStores(t, k) s := settingsstoremock.NewSettingsStoreWriter(t) @@ -122,6 +124,8 @@ func TestExtensionSocketPath(t *testing.T) { k.On("UpdateChannel").Return("stable").Maybe() k.On("PinnedLauncherVersion").Return("").Maybe() k.On("PinnedOsquerydVersion").Return("").Maybe() + k.On("GenerateTimeout").Return(4 * time.Minute).Maybe() + k.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return().Maybe() setUpMockStores(t, k) s := settingsstoremock.NewSettingsStoreWriter(t) diff --git a/pkg/osquery/runtime/runtime_test.go b/pkg/osquery/runtime/runtime_test.go index 8d89df819..4d9c5558d 100644 --- a/pkg/osquery/runtime/runtime_test.go +++ b/pkg/osquery/runtime/runtime_test.go @@ -151,6 +151,8 @@ func TestBadBinaryPath(t *testing.T) { k.On("UpdateChannel").Return("stable").Maybe() k.On("PinnedLauncherVersion").Return("").Maybe() k.On("PinnedOsquerydVersion").Return("").Maybe() + k.On("GenerateTimeout").Return(4 * time.Minute).Maybe() + k.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return().Maybe() setUpMockStores(t, k) runner := New(k, mockServiceClient(t), settingsstoremock.NewSettingsStoreWriter(t)) @@ -196,6 +198,8 @@ func TestWithOsqueryFlags(t *testing.T) { k.On("UpdateChannel").Return("stable").Maybe() k.On("PinnedLauncherVersion").Return("").Maybe() k.On("PinnedOsquerydVersion").Return("").Maybe() + k.On("GenerateTimeout").Return(4 * time.Minute).Maybe() + k.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return().Maybe() setUpMockStores(t, k) s := settingsstoremock.NewSettingsStoreWriter(t) @@ -239,6 +243,8 @@ func TestFlagsChanged(t *testing.T) { k.On("UpdateChannel").Return("stable").Maybe() k.On("PinnedLauncherVersion").Return("").Maybe() k.On("PinnedOsquerydVersion").Return("").Maybe() + k.On("GenerateTimeout").Return(4 * time.Minute).Maybe() + k.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return().Maybe() setUpMockStores(t, k) s := settingsstoremock.NewSettingsStoreWriter(t) @@ -443,6 +449,8 @@ func TestSimplePath(t *testing.T) { k.On("UpdateChannel").Return("stable").Maybe() k.On("PinnedLauncherVersion").Return("").Maybe() k.On("PinnedOsquerydVersion").Return("").Maybe() + k.On("GenerateTimeout").Return(4 * time.Minute).Maybe() + k.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return().Maybe() setUpMockStores(t, k) s := settingsstoremock.NewSettingsStoreWriter(t) @@ -490,6 +498,8 @@ func TestMultipleInstances(t *testing.T) { k.On("UpdateChannel").Return("stable").Maybe() k.On("PinnedLauncherVersion").Return("").Maybe() k.On("PinnedOsquerydVersion").Return("").Maybe() + k.On("GenerateTimeout").Return(4 * time.Minute).Maybe() + k.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return().Maybe() setUpMockStores(t, k) serviceClient := mockServiceClient(t) @@ -560,6 +570,8 @@ func TestRunnerHandlesImmediateShutdownWithMultipleInstances(t *testing.T) { k.On("UpdateChannel").Return("stable").Maybe() k.On("PinnedLauncherVersion").Return("").Maybe() k.On("PinnedOsquerydVersion").Return("").Maybe() + k.On("GenerateTimeout").Return(4 * time.Minute).Maybe() + k.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return().Maybe() setUpMockStores(t, k) serviceClient := mockServiceClient(t) @@ -622,6 +634,8 @@ func TestMultipleShutdowns(t *testing.T) { k.On("UpdateChannel").Return("stable").Maybe() k.On("PinnedLauncherVersion").Return("").Maybe() k.On("PinnedOsquerydVersion").Return("").Maybe() + k.On("GenerateTimeout").Return(4 * time.Minute).Maybe() + k.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return().Maybe() setUpMockStores(t, k) s := settingsstoremock.NewSettingsStoreWriter(t) @@ -665,6 +679,8 @@ func TestOsqueryDies(t *testing.T) { k.On("UpdateChannel").Return("stable").Maybe() k.On("PinnedLauncherVersion").Return("").Maybe() k.On("PinnedOsquerydVersion").Return("").Maybe() + k.On("GenerateTimeout").Return(4 * time.Minute).Maybe() + k.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return().Maybe() setUpMockStores(t, k) s := settingsstoremock.NewSettingsStoreWriter(t) @@ -811,6 +827,8 @@ func setupOsqueryInstanceForTests(t *testing.T) (runner *Runner, logBytes *threa k.On("UpdateChannel").Return("stable").Maybe() k.On("PinnedLauncherVersion").Return("").Maybe() k.On("PinnedOsquerydVersion").Return("").Maybe() + k.On("GenerateTimeout").Return(4 * time.Minute).Maybe() + k.On("RegisterChangeObserver", mock.Anything, keys.GenerateTimeout).Return().Maybe() setUpMockStores(t, k) s := settingsstoremock.NewSettingsStoreWriter(t) diff --git a/pkg/osquery/table/chrome_login_data_emails.go b/pkg/osquery/table/chrome_login_data_emails.go index 6dacf0e64..552de2909 100644 --- a/pkg/osquery/table/chrome_login_data_emails.go +++ b/pkg/osquery/table/chrome_login_data_emails.go @@ -12,6 +12,7 @@ import ( "github.com/kolide/kit/fsutil" "github.com/kolide/launcher/ee/agent" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/osquery/osquery-go/plugin/table" @@ -23,7 +24,7 @@ var profileDirs = map[string][]string{ } var profileDirsDefault = []string{".config/google-chrome", ".config/chromium", "snap/chromium/current/.config/chromium"} -func ChromeLoginDataEmails(slogger *slog.Logger) *table.Plugin { +func ChromeLoginDataEmails(flags types.Flags, slogger *slog.Logger) *table.Plugin { c := &ChromeLoginDataEmailsTable{ slogger: slogger.With("table", "kolide_chrome_login_data_emails"), } @@ -32,7 +33,7 @@ func ChromeLoginDataEmails(slogger *slog.Logger) *table.Plugin { table.TextColumn("email"), table.BigIntColumn("count"), } - return tablewrapper.New(slogger, "kolide_chrome_login_data_emails", columns, c.generate) + return tablewrapper.New(flags, slogger, "kolide_chrome_login_data_emails", columns, c.generate) } type ChromeLoginDataEmailsTable struct { diff --git a/pkg/osquery/table/chrome_login_keychain.go b/pkg/osquery/table/chrome_login_keychain.go index 6304e6cc8..40a5abeba 100644 --- a/pkg/osquery/table/chrome_login_keychain.go +++ b/pkg/osquery/table/chrome_login_keychain.go @@ -10,13 +10,14 @@ import ( "github.com/kolide/kit/fsutil" "github.com/kolide/launcher/ee/agent" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/osquery/osquery-go/plugin/table" ) // DEPRECATED use kolide_chrome_login_data_emails -func ChromeLoginKeychainInfo(slogger *slog.Logger) *table.Plugin { +func ChromeLoginKeychainInfo(flags types.Flags, slogger *slog.Logger) *table.Plugin { c := &ChromeLoginKeychain{ slogger: slogger.With("table", "kolide_chrome_login_keychain"), } @@ -25,7 +26,7 @@ func ChromeLoginKeychainInfo(slogger *slog.Logger) *table.Plugin { table.TextColumn("action_url"), table.TextColumn("username_value"), } - return tablewrapper.New(slogger, "kolide_chrome_login_keychain", columns, c.generate) + return tablewrapper.New(flags, slogger, "kolide_chrome_login_keychain", columns, c.generate) } type ChromeLoginKeychain struct { diff --git a/pkg/osquery/table/chrome_user_profiles.go b/pkg/osquery/table/chrome_user_profiles.go index 096e2f745..2148431c7 100644 --- a/pkg/osquery/table/chrome_user_profiles.go +++ b/pkg/osquery/table/chrome_user_profiles.go @@ -10,6 +10,7 @@ import ( "runtime" "strconv" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/osquery/osquery-go/plugin/table" @@ -23,7 +24,7 @@ var chromeLocalStateDirs = map[string][]string{ // try the list of known linux paths if runtime.GOOS doesn't match 'darwin' or 'windows' var chromeLocalStateDirDefault = []string{".config/google-chrome", ".config/chromium", "snap/chromium/current/.config/chromium"} -func ChromeUserProfiles(slogger *slog.Logger) *table.Plugin { +func ChromeUserProfiles(flags types.Flags, slogger *slog.Logger) *table.Plugin { c := &chromeUserProfilesTable{ slogger: slogger.With("table", "kolide_chrome_user_profiles"), } @@ -35,7 +36,7 @@ func ChromeUserProfiles(slogger *slog.Logger) *table.Plugin { table.IntegerColumn("ephemeral"), } - return tablewrapper.New(slogger, "kolide_chrome_user_profiles", columns, c.generate) + return tablewrapper.New(flags, slogger, "kolide_chrome_user_profiles", columns, c.generate) } type chromeUserProfilesTable struct { diff --git a/pkg/osquery/table/gdrive_sync.go b/pkg/osquery/table/gdrive_sync.go index f554cac66..0653b33da 100644 --- a/pkg/osquery/table/gdrive_sync.go +++ b/pkg/osquery/table/gdrive_sync.go @@ -10,12 +10,13 @@ import ( "github.com/kolide/kit/fsutil" "github.com/kolide/launcher/ee/agent" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/osquery/osquery-go/plugin/table" ) -func GDriveSyncConfig(slogger *slog.Logger) *table.Plugin { +func GDriveSyncConfig(flags types.Flags, slogger *slog.Logger) *table.Plugin { g := &gdrive{ slogger: slogger.With("table", "kolide_gdrive_sync_config"), } @@ -24,7 +25,7 @@ func GDriveSyncConfig(slogger *slog.Logger) *table.Plugin { table.TextColumn("user_email"), table.TextColumn("local_sync_root_path"), } - return tablewrapper.New(slogger, "kolide_gdrive_sync_config", columns, g.generate) + return tablewrapper.New(flags, slogger, "kolide_gdrive_sync_config", columns, g.generate) } type gdrive struct { diff --git a/pkg/osquery/table/gdrive_sync_history.go b/pkg/osquery/table/gdrive_sync_history.go index 8008ad980..a22ee7479 100644 --- a/pkg/osquery/table/gdrive_sync_history.go +++ b/pkg/osquery/table/gdrive_sync_history.go @@ -10,12 +10,13 @@ import ( "github.com/kolide/kit/fsutil" "github.com/kolide/launcher/ee/agent" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/osquery/osquery-go/plugin/table" ) -func GDriveSyncHistoryInfo(slogger *slog.Logger) *table.Plugin { +func GDriveSyncHistoryInfo(flags types.Flags, slogger *slog.Logger) *table.Plugin { g := &GDriveSyncHistory{ slogger: slogger.With("table", "kolide_gdrive_sync_history"), } @@ -25,7 +26,7 @@ func GDriveSyncHistoryInfo(slogger *slog.Logger) *table.Plugin { table.TextColumn("mtime"), table.TextColumn("size"), } - return tablewrapper.New(slogger, "kolide_gdrive_sync_history", columns, g.generate) + return tablewrapper.New(flags, slogger, "kolide_gdrive_sync_history", columns, g.generate) } type GDriveSyncHistory struct { diff --git a/pkg/osquery/table/keyinfo.go b/pkg/osquery/table/keyinfo.go index abc601eb8..c9346d0c3 100644 --- a/pkg/osquery/table/keyinfo.go +++ b/pkg/osquery/table/keyinfo.go @@ -6,6 +6,7 @@ import ( "log/slog" "strconv" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/keyidentifier" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" @@ -17,7 +18,7 @@ type KeyInfoTable struct { kIdentifer *keyidentifier.KeyIdentifier } -func KeyInfo(slogger *slog.Logger) *table.Plugin { +func KeyInfo(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("path"), @@ -43,7 +44,7 @@ func KeyInfo(slogger *slog.Logger) *table.Plugin { kIdentifer: kIdentifer, } - return tablewrapper.New(slogger, "kolide_keyinfo", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_keyinfo", columns, t.generate) } func (t *KeyInfoTable) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/pkg/osquery/table/kolide_launcher_autoupdate_config.go b/pkg/osquery/table/kolide_launcher_autoupdate_config.go index 26346f14f..633531f62 100644 --- a/pkg/osquery/table/kolide_launcher_autoupdate_config.go +++ b/pkg/osquery/table/kolide_launcher_autoupdate_config.go @@ -21,7 +21,7 @@ func LauncherAutoupdateConfigTable(slogger *slog.Logger, flags types.Flags) *tab table.TextColumn("update_channel"), } - return tablewrapper.New(slogger, launcherAutoupdateConfigTableName, columns, generateLauncherAutoupdateConfigTable(flags)) + return tablewrapper.New(flags, slogger, launcherAutoupdateConfigTableName, columns, generateLauncherAutoupdateConfigTable(flags)) } func boolToString(in bool) string { diff --git a/pkg/osquery/table/launcher_config.go b/pkg/osquery/table/launcher_config.go index 059980a5f..5381e489a 100644 --- a/pkg/osquery/table/launcher_config.go +++ b/pkg/osquery/table/launcher_config.go @@ -11,12 +11,12 @@ import ( "github.com/osquery/osquery-go/plugin/table" ) -func LauncherConfigTable(slogger *slog.Logger, store types.Getter, registrationTracker types.RegistrationTracker) *table.Plugin { +func LauncherConfigTable(flags types.Flags, slogger *slog.Logger, store types.Getter, registrationTracker types.RegistrationTracker) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("config"), table.TextColumn("registration_id"), } - return tablewrapper.New(slogger, "kolide_launcher_config", columns, generateLauncherConfig(store, registrationTracker)) + return tablewrapper.New(flags, slogger, "kolide_launcher_config", columns, generateLauncherConfig(store, registrationTracker)) } func generateLauncherConfig(store types.Getter, registrationTracker types.RegistrationTracker) table.GenerateFunc { diff --git a/pkg/osquery/table/launcher_db_info.go b/pkg/osquery/table/launcher_db_info.go index 28aa6fe72..778cd63cc 100644 --- a/pkg/osquery/table/launcher_db_info.go +++ b/pkg/osquery/table/launcher_db_info.go @@ -8,6 +8,7 @@ import ( "strings" "github.com/kolide/launcher/ee/agent" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/dataflatten" "github.com/kolide/launcher/ee/tables/dataflattentable" "github.com/kolide/launcher/ee/tables/tablehelpers" @@ -17,9 +18,9 @@ import ( "go.etcd.io/bbolt" ) -func LauncherDbInfo(slogger *slog.Logger, db *bbolt.DB) *table.Plugin { +func LauncherDbInfo(flags types.Flags, slogger *slog.Logger, db *bbolt.DB) *table.Plugin { columns := dataflattentable.Columns() - return tablewrapper.New(slogger, "kolide_launcher_db_info", columns, generateLauncherDbInfo(db)) + return tablewrapper.New(flags, slogger, "kolide_launcher_db_info", columns, generateLauncherDbInfo(db)) } func generateLauncherDbInfo(db *bbolt.DB) table.GenerateFunc { diff --git a/pkg/osquery/table/launcher_info.go b/pkg/osquery/table/launcher_info.go index 9afff07d2..17e63de48 100644 --- a/pkg/osquery/table/launcher_info.go +++ b/pkg/osquery/table/launcher_info.go @@ -22,7 +22,7 @@ import ( "github.com/osquery/osquery-go/plugin/table" ) -func LauncherInfoTable(slogger *slog.Logger, configStore types.GetterSetter, LauncherHistoryStore types.GetterSetter) *table.Plugin { +func LauncherInfoTable(flags types.Flags, slogger *slog.Logger, configStore types.GetterSetter, LauncherHistoryStore types.GetterSetter) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("branch"), table.TextColumn("build_date"), @@ -51,7 +51,7 @@ func LauncherInfoTable(slogger *slog.Logger, configStore types.GetterSetter, Lau table.TextColumn("fingerprint"), table.TextColumn("public_key"), } - return tablewrapper.New(slogger, "kolide_launcher_info", columns, generateLauncherInfoTable(configStore, LauncherHistoryStore)) + return tablewrapper.New(flags, slogger, "kolide_launcher_info", columns, generateLauncherInfoTable(configStore, LauncherHistoryStore)) } func generateLauncherInfoTable(configStore types.GetterSetter, LauncherHistoryStore types.GetterSetter) table.GenerateFunc { diff --git a/pkg/osquery/table/macho.go b/pkg/osquery/table/macho.go index b2e93b984..2567fdea5 100644 --- a/pkg/osquery/table/macho.go +++ b/pkg/osquery/table/macho.go @@ -7,19 +7,20 @@ import ( "log/slog" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/osquery/osquery-go/plugin/table" ) -func MachoInfo(slogger *slog.Logger) *table.Plugin { +func MachoInfo(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("path"), table.TextColumn("name"), table.TextColumn("cpu"), } - return tablewrapper.New(slogger, "kolide_macho_info", columns, generateMacho) + return tablewrapper.New(flags, slogger, "kolide_macho_info", columns, generateMacho) } func generateMacho(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/pkg/osquery/table/mdm.go b/pkg/osquery/table/mdm.go index c716b31b1..659efede8 100644 --- a/pkg/osquery/table/mdm.go +++ b/pkg/osquery/table/mdm.go @@ -12,13 +12,14 @@ import ( "time" "github.com/groob/plist" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/osquery/osquery-go/plugin/table" ) -func MDMInfo(slogger *slog.Logger) *table.Plugin { +func MDMInfo(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("enrolled"), table.TextColumn("server_url"), @@ -33,7 +34,7 @@ func MDMInfo(slogger *slog.Logger) *table.Plugin { table.TextColumn("installed_from_dep"), table.TextColumn("user_approved"), } - return tablewrapper.New(slogger, "kolide_mdm_info", columns, generateMDMInfo) + return tablewrapper.New(flags, slogger, "kolide_mdm_info", columns, generateMDMInfo) } func generateMDMInfo(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/pkg/osquery/table/onepassword_config.go b/pkg/osquery/table/onepassword_config.go index 8b30ab4c5..601d5bbd4 100644 --- a/pkg/osquery/table/onepassword_config.go +++ b/pkg/osquery/table/onepassword_config.go @@ -12,6 +12,7 @@ import ( "github.com/kolide/kit/fsutil" "github.com/kolide/launcher/ee/agent" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/osquery/osquery-go/plugin/table" @@ -26,7 +27,7 @@ var onepasswordDataFiles = map[string][]string{ }, } -func OnePasswordAccounts(slogger *slog.Logger) *table.Plugin { +func OnePasswordAccounts(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("username"), table.TextColumn("user_email"), @@ -41,7 +42,7 @@ func OnePasswordAccounts(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", "kolide_onepassword_accounts"), } - return tablewrapper.New(slogger, "kolide_onepassword_accounts", columns, o.generate) + return tablewrapper.New(flags, slogger, "kolide_onepassword_accounts", columns, o.generate) } type onePasswordAccountsTable struct { diff --git a/pkg/osquery/table/platform_tables_darwin.go b/pkg/osquery/table/platform_tables_darwin.go index e6fd28ad6..0370eaba8 100644 --- a/pkg/osquery/table/platform_tables_darwin.go +++ b/pkg/osquery/table/platform_tables_darwin.go @@ -8,6 +8,7 @@ import ( "github.com/knightsc/system_policy/osquery/table/kextpolicy" "github.com/knightsc/system_policy/osquery/table/legacyexec" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/airport" appicons "github.com/kolide/launcher/ee/tables/app-icons" @@ -41,14 +42,14 @@ const ( screenlockQuery = "select enabled, grace_period from screenlock" ) -func platformSpecificTables(slogger *slog.Logger, currentOsquerydBinaryPath string) []osquery.OsqueryPlugin { +func platformSpecificTables(k types.Knapsack, slogger *slog.Logger, currentOsquerydBinaryPath string) []osquery.OsqueryPlugin { munki := munki.New() // This table uses undocumented APIs, There is some discussion at the // PR adding the table. See // https://github.com/osquery/osquery/pull/6243 screenlockTable := osquery_user_exec_table.TablePlugin( - slogger, "kolide_screenlock", + k, slogger, "kolide_screenlock", currentOsquerydBinaryPath, screenlockQuery, []table.ColumnDefinition{ table.IntegerColumn("enabled"), @@ -56,7 +57,7 @@ func platformSpecificTables(slogger *slog.Logger, currentOsquerydBinaryPath stri }) keychainAclsTable := osquery_user_exec_table.TablePlugin( - slogger, "kolide_keychain_acls", + k, slogger, "kolide_keychain_acls", currentOsquerydBinaryPath, keychainItemsQuery, []table.ColumnDefinition{ table.TextColumn("keychain_path"), @@ -67,7 +68,7 @@ func platformSpecificTables(slogger *slog.Logger, currentOsquerydBinaryPath stri }) keychainItemsTable := osquery_user_exec_table.TablePlugin( - slogger, "kolide_keychain_items", + k, slogger, "kolide_keychain_items", currentOsquerydBinaryPath, keychainAclsQuery, []table.ColumnDefinition{ table.TextColumn("label"), @@ -82,54 +83,54 @@ func platformSpecificTables(slogger *slog.Logger, currentOsquerydBinaryPath stri return []osquery.OsqueryPlugin{ keychainAclsTable, keychainItemsTable, - appicons.AppIcons(slogger), - brew_upgradeable.TablePlugin(slogger), - ChromeLoginKeychainInfo(slogger), - firmwarepasswd.TablePlugin(slogger), - GDriveSyncConfig(slogger), - GDriveSyncHistoryInfo(slogger), - MDMInfo(slogger), - macos_software_update.MacOSUpdate(slogger), - macos_software_update.RecommendedUpdates(slogger), - macos_software_update.AvailableProducts(slogger), - MachoInfo(slogger), - spotlight.TablePlugin(slogger), - TouchIDUserConfig(slogger), - TouchIDSystemConfig(slogger), - UserAvatar(slogger), - ioreg.TablePlugin(slogger), - profiles.TablePlugin(slogger), - airport.TablePlugin(slogger), + appicons.AppIcons(k, slogger), + brew_upgradeable.TablePlugin(k, slogger), + ChromeLoginKeychainInfo(k, slogger), + firmwarepasswd.TablePlugin(k, slogger), + GDriveSyncConfig(k, slogger), + GDriveSyncHistoryInfo(k, slogger), + MDMInfo(k, slogger), + macos_software_update.MacOSUpdate(k, slogger), + macos_software_update.RecommendedUpdates(k, slogger), + macos_software_update.AvailableProducts(k, slogger), + MachoInfo(k, slogger), + spotlight.TablePlugin(k, slogger), + TouchIDUserConfig(k, slogger), + TouchIDSystemConfig(k, slogger), + UserAvatar(k, slogger), + ioreg.TablePlugin(k, slogger), + profiles.TablePlugin(k, slogger), + airport.TablePlugin(k, slogger), kextpolicy.TablePlugin(), - filevault.TablePlugin(slogger), - mdmclient.TablePlugin(slogger), - apple_silicon_security_policy.TablePlugin(slogger), + filevault.TablePlugin(k, slogger), + mdmclient.TablePlugin(k, slogger), + apple_silicon_security_policy.TablePlugin(k, slogger), legacyexec.TablePlugin(), - dataflattentable.TablePluginExec(slogger, + dataflattentable.TablePluginExec(k, slogger, "kolide_diskutil_list", dataflattentable.PlistType, allowedcmd.Diskutil, []string{"list", "-plist"}), - dataflattentable.TablePluginExec(slogger, + dataflattentable.TablePluginExec(k, slogger, "kolide_falconctl_stats", dataflattentable.PlistType, allowedcmd.Falconctl, []string{"stats", "-p"}), - dataflattentable.TablePluginExec(slogger, + dataflattentable.TablePluginExec(k, slogger, "kolide_apfs_list", dataflattentable.PlistType, allowedcmd.Diskutil, []string{"apfs", "list", "-plist"}), - dataflattentable.TablePluginExec(slogger, + dataflattentable.TablePluginExec(k, slogger, "kolide_apfs_users", dataflattentable.PlistType, allowedcmd.Diskutil, []string{"apfs", "listUsers", "/", "-plist"}), - dataflattentable.TablePluginExec(slogger, + dataflattentable.TablePluginExec(k, slogger, "kolide_tmutil_destinationinfo", dataflattentable.PlistType, allowedcmd.Tmutil, []string{"destinationinfo", "-X"}), - dataflattentable.TablePluginExec(slogger, + dataflattentable.TablePluginExec(k, slogger, "kolide_powermetrics", dataflattentable.PlistType, allowedcmd.Powermetrics, []string{"-n", "1", "-f", "plist"}), screenlockTable, - pwpolicy.TablePlugin(slogger), - systemprofiler.TablePlugin(slogger), - munki.ManagedInstalls(slogger), - munki.MunkiReport(slogger), - dataflattentable.TablePluginExec(slogger, "kolide_nix_upgradeable", dataflattentable.XmlType, allowedcmd.NixEnv, []string{"--query", "--installed", "-c", "--xml"}), - dataflattentable.NewExecAndParseTable(slogger, "kolide_remotectl", remotectl.Parser, allowedcmd.Remotectl, []string{`dumpstate`}), - dataflattentable.NewExecAndParseTable(slogger, "kolide_socketfilterfw", socketfilterfw.Parser, allowedcmd.Socketfilterfw, []string{"--getglobalstate", "--getblockall", "--getallowsigned", "--getstealthmode", "--getloggingmode", "--getloggingopt"}, dataflattentable.WithIncludeStderr()), - dataflattentable.NewExecAndParseTable(slogger, "kolide_socketfilterfw_apps", socketfilterfw.Parser, allowedcmd.Socketfilterfw, []string{"--listapps"}, dataflattentable.WithIncludeStderr()), - dataflattentable.NewExecAndParseTable(slogger, "kolide_softwareupdate", softwareupdate.Parser, allowedcmd.Softwareupdate, []string{`--list`, `--no-scan`}, dataflattentable.WithIncludeStderr()), - dataflattentable.NewExecAndParseTable(slogger, "kolide_softwareupdate_scan", softwareupdate.Parser, allowedcmd.Softwareupdate, []string{`--list`}, dataflattentable.WithIncludeStderr()), - dataflattentable.NewExecAndParseTable(slogger, "kolide_carbonblack_repcli_status", repcli.Parser, allowedcmd.Repcli, []string{"status"}, dataflattentable.WithIncludeStderr()), - zfs.ZfsPropertiesPlugin(slogger), - zfs.ZpoolPropertiesPlugin(slogger), + pwpolicy.TablePlugin(k, slogger), + systemprofiler.TablePlugin(k, slogger), + munki.ManagedInstalls(k, slogger), + munki.MunkiReport(k, slogger), + dataflattentable.TablePluginExec(k, slogger, "kolide_nix_upgradeable", dataflattentable.XmlType, allowedcmd.NixEnv, []string{"--query", "--installed", "-c", "--xml"}), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_remotectl", remotectl.Parser, allowedcmd.Remotectl, []string{`dumpstate`}), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_socketfilterfw", socketfilterfw.Parser, allowedcmd.Socketfilterfw, []string{"--getglobalstate", "--getblockall", "--getallowsigned", "--getstealthmode", "--getloggingmode", "--getloggingopt"}, dataflattentable.WithIncludeStderr()), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_socketfilterfw_apps", socketfilterfw.Parser, allowedcmd.Socketfilterfw, []string{"--listapps"}, dataflattentable.WithIncludeStderr()), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_softwareupdate", softwareupdate.Parser, allowedcmd.Softwareupdate, []string{`--list`, `--no-scan`}, dataflattentable.WithIncludeStderr()), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_softwareupdate_scan", softwareupdate.Parser, allowedcmd.Softwareupdate, []string{`--list`}, dataflattentable.WithIncludeStderr()), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_carbonblack_repcli_status", repcli.Parser, allowedcmd.Repcli, []string{"status"}, dataflattentable.WithIncludeStderr()), + zfs.ZfsPropertiesPlugin(k, slogger), + zfs.ZpoolPropertiesPlugin(k, slogger), } } diff --git a/pkg/osquery/table/platform_tables_linux.go b/pkg/osquery/table/platform_tables_linux.go index fc5266a15..e6d9349f2 100644 --- a/pkg/osquery/table/platform_tables_linux.go +++ b/pkg/osquery/table/platform_tables_linux.go @@ -6,6 +6,7 @@ package table import ( "log/slog" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/crowdstrike/falcon_kernel_check" "github.com/kolide/launcher/ee/tables/crowdstrike/falconctl" @@ -15,7 +16,7 @@ import ( "github.com/kolide/launcher/ee/tables/execparsers/data_table" "github.com/kolide/launcher/ee/tables/execparsers/dnf" "github.com/kolide/launcher/ee/tables/execparsers/dpkg" - "github.com/kolide/launcher/ee/tables/execparsers/flatpak/remote_ls/upgradeable" + flatpak_upgradeable "github.com/kolide/launcher/ee/tables/execparsers/flatpak/remote_ls/upgradeable" pacman_group "github.com/kolide/launcher/ee/tables/execparsers/pacman/group" pacman_info "github.com/kolide/launcher/ee/tables/execparsers/pacman/info" pacman_upgradeable "github.com/kolide/launcher/ee/tables/execparsers/pacman/upgradeable" @@ -24,7 +25,7 @@ import ( "github.com/kolide/launcher/ee/tables/execparsers/simple_array" "github.com/kolide/launcher/ee/tables/fscrypt_info" "github.com/kolide/launcher/ee/tables/gsettings" - "github.com/kolide/launcher/ee/tables/homebrew" + brew_upgradeable "github.com/kolide/launcher/ee/tables/homebrew" nix_env_upgradeable "github.com/kolide/launcher/ee/tables/nix_env/upgradeable" "github.com/kolide/launcher/ee/tables/secureboot" "github.com/kolide/launcher/ee/tables/xfconf" @@ -33,47 +34,47 @@ import ( osquery "github.com/osquery/osquery-go" ) -func platformSpecificTables(slogger *slog.Logger, currentOsquerydBinaryPath string) []osquery.OsqueryPlugin { +func platformSpecificTables(k types.Knapsack, slogger *slog.Logger, currentOsquerydBinaryPath string) []osquery.OsqueryPlugin { return []osquery.OsqueryPlugin{ - brew_upgradeable.TablePlugin(slogger), - cryptsetup.TablePlugin(slogger), - gsettings.Settings(slogger), - gsettings.Metadata(slogger), - nix_env_upgradeable.TablePlugin(slogger), - secureboot.TablePlugin(slogger), - xrdb.TablePlugin(slogger), - fscrypt_info.TablePlugin(slogger), - falcon_kernel_check.TablePlugin(slogger), - falconctl.NewFalconctlOptionTable(slogger), - xfconf.TablePlugin(slogger), + brew_upgradeable.TablePlugin(k, slogger), + cryptsetup.TablePlugin(k, slogger), + gsettings.Settings(k, slogger), + gsettings.Metadata(k, slogger), + nix_env_upgradeable.TablePlugin(k, slogger), + secureboot.TablePlugin(k, slogger), + xrdb.TablePlugin(k, slogger), + fscrypt_info.TablePlugin(k, slogger), + falcon_kernel_check.TablePlugin(k, slogger), + falconctl.NewFalconctlOptionTable(k, slogger), + xfconf.TablePlugin(k, slogger), - dataflattentable.TablePluginExec(slogger, + dataflattentable.TablePluginExec(k, slogger, "kolide_nmcli_wifi", dataflattentable.KeyValueType, allowedcmd.Nmcli, []string{"--mode=multiline", "--fields=all", "device", "wifi", "list"}, dataflattentable.WithKVSeparator(":")), - dataflattentable.TablePluginExec(slogger, "kolide_lsblk", dataflattentable.JsonType, + dataflattentable.TablePluginExec(k, slogger, "kolide_lsblk", dataflattentable.JsonType, allowedcmd.Lsblk, []string{"-fJp"}, ), - dataflattentable.TablePluginExec(slogger, "kolide_wsone_uem_status_enroll", dataflattentable.JsonType, allowedcmd.Ws1HubUtil, []string{"status", "--enroll"}), - dataflattentable.TablePluginExec(slogger, "kolide_wsone_uem_status_dependency", dataflattentable.JsonType, allowedcmd.Ws1HubUtil, []string{"status", "--dependency"}), - dataflattentable.TablePluginExec(slogger, "kolide_wsone_uem_status_profile", dataflattentable.JsonType, allowedcmd.Ws1HubUtil, []string{"status", "--profile"}), - dataflattentable.NewExecAndParseTable(slogger, "kolide_falconctl_systags", simple_array.New("systags"), allowedcmd.Falconctl, []string{"-g", "--systags"}), - dataflattentable.NewExecAndParseTable(slogger, "kolide_apt_upgradeable", apt.Parser, allowedcmd.Apt, []string{"list", "--upgradeable"}, dataflattentable.WithIncludeStderr()), - dataflattentable.NewExecAndParseTable(slogger, "kolide_dnf_upgradeable", dnf.Parser, allowedcmd.Dnf, []string{"check-update"}, dataflattentable.WithIncludeStderr()), - dataflattentable.NewExecAndParseTable(slogger, "kolide_dpkg_version_info", dpkg.Parser, allowedcmd.Dpkg, []string{"-p"}, dataflattentable.WithIncludeStderr()), - dataflattentable.NewExecAndParseTable(slogger, "kolide_flatpak_upgradeable", flatpak_upgradeable.Parser, allowedcmd.Flatpak, []string{"remote-ls", "--updates"}, dataflattentable.WithIncludeStderr()), - dataflattentable.NewExecAndParseTable(slogger, "kolide_pacman_group", pacman_group.Parser, allowedcmd.Pacman, []string{"-Qg"}, dataflattentable.WithIncludeStderr()), - dataflattentable.NewExecAndParseTable(slogger, "kolide_pacman_version_info", pacman_info.Parser, allowedcmd.Pacman, []string{"-Qi"}, dataflattentable.WithIncludeStderr()), - dataflattentable.NewExecAndParseTable(slogger, "kolide_pacman_upgradeable", pacman_upgradeable.Parser, allowedcmd.Pacman, []string{"-Qu"}, dataflattentable.WithIncludeStderr()), - dataflattentable.NewExecAndParseTable(slogger, "kolide_rpm_version_info", rpm.Parser, allowedcmd.Rpm, []string{"-qai"}, dataflattentable.WithIncludeStderr()), - dataflattentable.NewExecAndParseTable(slogger, "kolide_snap_installed", data_table.NewParser(), allowedcmd.Snap, []string{"list"}, dataflattentable.WithIncludeStderr()), - dataflattentable.NewExecAndParseTable(slogger, "kolide_snap_upgradeable", data_table.NewParser(), allowedcmd.Snap, []string{"refresh", "--list"}, dataflattentable.WithIncludeStderr()), - dataflattentable.NewExecAndParseTable(slogger, "kolide_carbonblack_repcli_status", repcli.Parser, allowedcmd.Repcli, []string{"status"}, dataflattentable.WithIncludeStderr()), - dataflattentable.TablePluginExec(slogger, "kolide_zypper_upgradeable_packages", dataflattentable.XmlType, allowedcmd.Zypper, []string{"-x", "lu"}), - dataflattentable.TablePluginExec(slogger, "kolide_zypper_upgradeable_patches", dataflattentable.XmlType, allowedcmd.Zypper, []string{"-x", "lp"}), - dataflattentable.TablePluginExec(slogger, "kolide_nftables", dataflattentable.JsonType, allowedcmd.Nftables, []string{"-jat", "list", "ruleset"}), // -j (json) -a (show object handles) -t (terse, omit set contents) - zfs.ZfsPropertiesPlugin(slogger), - zfs.ZpoolPropertiesPlugin(slogger), + dataflattentable.TablePluginExec(k, slogger, "kolide_wsone_uem_status_enroll", dataflattentable.JsonType, allowedcmd.Ws1HubUtil, []string{"status", "--enroll"}), + dataflattentable.TablePluginExec(k, slogger, "kolide_wsone_uem_status_dependency", dataflattentable.JsonType, allowedcmd.Ws1HubUtil, []string{"status", "--dependency"}), + dataflattentable.TablePluginExec(k, slogger, "kolide_wsone_uem_status_profile", dataflattentable.JsonType, allowedcmd.Ws1HubUtil, []string{"status", "--profile"}), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_falconctl_systags", simple_array.New("systags"), allowedcmd.Falconctl, []string{"-g", "--systags"}), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_apt_upgradeable", apt.Parser, allowedcmd.Apt, []string{"list", "--upgradeable"}, dataflattentable.WithIncludeStderr()), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_dnf_upgradeable", dnf.Parser, allowedcmd.Dnf, []string{"check-update"}, dataflattentable.WithIncludeStderr()), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_dpkg_version_info", dpkg.Parser, allowedcmd.Dpkg, []string{"-p"}, dataflattentable.WithIncludeStderr()), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_flatpak_upgradeable", flatpak_upgradeable.Parser, allowedcmd.Flatpak, []string{"remote-ls", "--updates"}, dataflattentable.WithIncludeStderr()), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_pacman_group", pacman_group.Parser, allowedcmd.Pacman, []string{"-Qg"}, dataflattentable.WithIncludeStderr()), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_pacman_version_info", pacman_info.Parser, allowedcmd.Pacman, []string{"-Qi"}, dataflattentable.WithIncludeStderr()), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_pacman_upgradeable", pacman_upgradeable.Parser, allowedcmd.Pacman, []string{"-Qu"}, dataflattentable.WithIncludeStderr()), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_rpm_version_info", rpm.Parser, allowedcmd.Rpm, []string{"-qai"}, dataflattentable.WithIncludeStderr()), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_snap_installed", data_table.NewParser(), allowedcmd.Snap, []string{"list"}, dataflattentable.WithIncludeStderr()), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_snap_upgradeable", data_table.NewParser(), allowedcmd.Snap, []string{"refresh", "--list"}, dataflattentable.WithIncludeStderr()), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_carbonblack_repcli_status", repcli.Parser, allowedcmd.Repcli, []string{"status"}, dataflattentable.WithIncludeStderr()), + dataflattentable.TablePluginExec(k, slogger, "kolide_zypper_upgradeable_packages", dataflattentable.XmlType, allowedcmd.Zypper, []string{"-x", "lu"}), + dataflattentable.TablePluginExec(k, slogger, "kolide_zypper_upgradeable_patches", dataflattentable.XmlType, allowedcmd.Zypper, []string{"-x", "lp"}), + dataflattentable.TablePluginExec(k, slogger, "kolide_nftables", dataflattentable.JsonType, allowedcmd.Nftables, []string{"-jat", "list", "ruleset"}), // -j (json) -a (show object handles) -t (terse, omit set contents) + zfs.ZfsPropertiesPlugin(k, slogger), + zfs.ZpoolPropertiesPlugin(k, slogger), } } diff --git a/pkg/osquery/table/platform_tables_windows.go b/pkg/osquery/table/platform_tables_windows.go index 60f67ced5..64ab30715 100644 --- a/pkg/osquery/table/platform_tables_windows.go +++ b/pkg/osquery/table/platform_tables_windows.go @@ -6,6 +6,7 @@ package table import ( "log/slog" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/dataflattentable" "github.com/kolide/launcher/ee/tables/dsim_default_associations" @@ -17,15 +18,15 @@ import ( osquery "github.com/osquery/osquery-go" ) -func platformSpecificTables(slogger *slog.Logger, currentOsquerydBinaryPath string) []osquery.OsqueryPlugin { +func platformSpecificTables(k types.Knapsack, slogger *slog.Logger, currentOsquerydBinaryPath string) []osquery.OsqueryPlugin { return []osquery.OsqueryPlugin{ - ProgramIcons(slogger), - dsim_default_associations.TablePlugin(slogger), - secedit.TablePlugin(slogger), - wifi_networks.TablePlugin(slogger), - windowsupdatetable.TablePlugin(windowsupdatetable.UpdatesTable, slogger), - windowsupdatetable.TablePlugin(windowsupdatetable.HistoryTable, slogger), - wmitable.TablePlugin(slogger), - dataflattentable.NewExecAndParseTable(slogger, "kolide_dsregcmd", dsregcmd.Parser, allowedcmd.Dsregcmd, []string{`/status`}), + ProgramIcons(k, slogger), + dsim_default_associations.TablePlugin(k, slogger), + secedit.TablePlugin(k, slogger), + wifi_networks.TablePlugin(k, slogger), + windowsupdatetable.TablePlugin(windowsupdatetable.UpdatesTable, k, slogger), + windowsupdatetable.TablePlugin(windowsupdatetable.HistoryTable, k, slogger), + wmitable.TablePlugin(k, slogger), + dataflattentable.NewExecAndParseTable(k, slogger, "kolide_dsregcmd", dsregcmd.Parser, allowedcmd.Dsregcmd, []string{`/status`}), } } diff --git a/pkg/osquery/table/program_icons_windows.go b/pkg/osquery/table/program_icons_windows.go index 8bca2d436..ae71e0e83 100644 --- a/pkg/osquery/table/program_icons_windows.go +++ b/pkg/osquery/table/program_icons_windows.go @@ -12,6 +12,7 @@ import ( "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/mat/besticon/ico" @@ -27,14 +28,14 @@ type icon struct { hash uint64 } -func ProgramIcons(slogger *slog.Logger) *table.Plugin { +func ProgramIcons(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("name"), table.TextColumn("version"), table.TextColumn("icon"), table.TextColumn("hash"), } - return tablewrapper.New(slogger, "kolide_program_icons", columns, generateProgramIcons) + return tablewrapper.New(flags, slogger, "kolide_program_icons", columns, generateProgramIcons) } func generateProgramIcons(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/pkg/osquery/table/slack_config.go b/pkg/osquery/table/slack_config.go index 80f081b1c..7fbe8c345 100644 --- a/pkg/osquery/table/slack_config.go +++ b/pkg/osquery/table/slack_config.go @@ -11,6 +11,7 @@ import ( "runtime" "strconv" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/osquery/osquery-go/plugin/table" @@ -30,7 +31,7 @@ var slackConfigDirs = map[string][]string{ // try the list of known linux paths if runtime.GOOS doesn't match 'darwin' or 'windows' var slackConfigDirDefault = []string{".config/Slack"} -func SlackConfig(slogger *slog.Logger) *table.Plugin { +func SlackConfig(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("team_id"), table.TextColumn("team_name"), @@ -44,7 +45,7 @@ func SlackConfig(slogger *slog.Logger) *table.Plugin { slogger: slogger.With("table", "kolide_slack_config"), } - return tablewrapper.New(slogger, "kolide_slack_config", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_slack_config", columns, t.generate) } type SlackConfigTable struct { diff --git a/pkg/osquery/table/sshkeys.go b/pkg/osquery/table/sshkeys.go index 85bd40929..8011646af 100644 --- a/pkg/osquery/table/sshkeys.go +++ b/pkg/osquery/table/sshkeys.go @@ -10,6 +10,7 @@ import ( "runtime" "strconv" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/keyidentifier" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" @@ -28,7 +29,7 @@ type SshKeysTable struct { } // New returns a new table extension -func SshKeys(slogger *slog.Logger) *table.Plugin { +func SshKeys(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("user"), table.TextColumn("path"), @@ -54,7 +55,7 @@ func SshKeys(slogger *slog.Logger) *table.Plugin { kIdentifer: kIdentifer, } - return tablewrapper.New(slogger, "kolide_ssh_keys", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_ssh_keys", columns, t.generate) } func (t *SshKeysTable) generate(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) { diff --git a/pkg/osquery/table/table.go b/pkg/osquery/table/table.go index 370296446..403b0fc28 100644 --- a/pkg/osquery/table/table.go +++ b/pkg/osquery/table/table.go @@ -30,16 +30,16 @@ import ( // around _launcher_ things thus do not make sense in tables.ext func LauncherTables(k types.Knapsack, slogger *slog.Logger) []osquery.OsqueryPlugin { return []osquery.OsqueryPlugin{ - LauncherConfigTable(slogger, k.ConfigStore(), k), - LauncherDbInfo(slogger, k.BboltDB()), - LauncherInfoTable(slogger, k.ConfigStore(), k.LauncherHistoryStore()), - launcher_db.TablePlugin(slogger, "kolide_server_data", k.ServerProvidedDataStore()), - launcher_db.TablePlugin(slogger, "kolide_control_flags", k.AgentFlagsStore()), + LauncherConfigTable(k, slogger, k.ConfigStore(), k), + LauncherDbInfo(k, slogger, k.BboltDB()), + LauncherInfoTable(k, slogger, k.ConfigStore(), k.LauncherHistoryStore()), + launcher_db.TablePlugin(k, slogger, "kolide_server_data", k.ServerProvidedDataStore()), + launcher_db.TablePlugin(k, slogger, "kolide_control_flags", k.AgentFlagsStore()), LauncherAutoupdateConfigTable(slogger, k), - osquery_instance_history.TablePlugin(slogger), + osquery_instance_history.TablePlugin(k, slogger), tufinfo.TufReleaseVersionTable(slogger, k), - launcher_db.TablePlugin(slogger, "kolide_tuf_autoupdater_errors", k.AutoupdateErrorsStore()), - desktopprocs.TablePlugin(slogger), + launcher_db.TablePlugin(k, slogger, "kolide_tuf_autoupdater_errors", k.AutoupdateErrorsStore()), + desktopprocs.TablePlugin(k, slogger), } } @@ -47,30 +47,30 @@ func LauncherTables(k types.Knapsack, slogger *slog.Logger) []osquery.OsqueryPlu func PlatformTables(k types.Knapsack, registrationId string, slogger *slog.Logger, currentOsquerydBinaryPath string) []osquery.OsqueryPlugin { // Common tables to all platforms tables := []osquery.OsqueryPlugin{ - ChromeLoginDataEmails(slogger), - ChromeUserProfiles(slogger), - KeyInfo(slogger), - OnePasswordAccounts(slogger), - SlackConfig(slogger), - SshKeys(slogger), - cryptoinfotable.TablePlugin(slogger), - dev_table_tooling.TablePlugin(slogger), - firefox_preferences.TablePlugin(slogger), - jwt.TablePlugin(slogger), - dataflattentable.TablePluginExec(slogger, + ChromeLoginDataEmails(k, slogger), + ChromeUserProfiles(k, slogger), + KeyInfo(k, slogger), + OnePasswordAccounts(k, slogger), + SlackConfig(k, slogger), + SshKeys(k, slogger), + cryptoinfotable.TablePlugin(k, slogger), + dev_table_tooling.TablePlugin(k, slogger), + firefox_preferences.TablePlugin(k, slogger), + jwt.TablePlugin(k, slogger), + dataflattentable.TablePluginExec(k, slogger, "kolide_zerotier_info", dataflattentable.JsonType, allowedcmd.ZerotierCli, []string{"info"}), - dataflattentable.TablePluginExec(slogger, + dataflattentable.TablePluginExec(k, slogger, "kolide_zerotier_networks", dataflattentable.JsonType, allowedcmd.ZerotierCli, []string{"listnetworks"}), - dataflattentable.TablePluginExec(slogger, + dataflattentable.TablePluginExec(k, slogger, "kolide_zerotier_peers", dataflattentable.JsonType, allowedcmd.ZerotierCli, []string{"listpeers"}), - tdebug.LauncherGcInfo(slogger), + tdebug.LauncherGcInfo(k, slogger), } // The dataflatten tables - tables = append(tables, dataflattentable.AllTablePlugins(slogger)...) + tables = append(tables, dataflattentable.AllTablePlugins(k, slogger)...) // add in the platform specific ones (as denoted by build tags) - tables = append(tables, platformSpecificTables(slogger, currentOsquerydBinaryPath)...) + tables = append(tables, platformSpecificTables(k, slogger, currentOsquerydBinaryPath)...) // Add in the Kolide custom ATC tables tables = append(tables, kolideCustomAtcTables(k, registrationId, slogger)...) @@ -99,7 +99,7 @@ func kolideCustomAtcTables(k types.Knapsack, registrationId string, slogger *slo } } - return katc.ConstructKATCTables(config, slogger) + return katc.ConstructKATCTables(config, k, slogger) } func katcFromDb(k types.Knapsack, registrationId string) (map[string]string, error) { diff --git a/pkg/osquery/table/touchid_system_darwin.go b/pkg/osquery/table/touchid_system_darwin.go index 8c0110859..4389e4bef 100644 --- a/pkg/osquery/table/touchid_system_darwin.go +++ b/pkg/osquery/table/touchid_system_darwin.go @@ -6,6 +6,7 @@ import ( "regexp" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/tablehelpers" "github.com/kolide/launcher/ee/tables/tablewrapper" @@ -13,7 +14,7 @@ import ( "github.com/osquery/osquery-go/plugin/table" ) -func TouchIDSystemConfig(slogger *slog.Logger) *table.Plugin { +func TouchIDSystemConfig(flags types.Flags, slogger *slog.Logger) *table.Plugin { t := &touchIDSystemConfigTable{ slogger: slogger.With("table", "kolide_touchid_system_config"), } @@ -24,7 +25,7 @@ func TouchIDSystemConfig(slogger *slog.Logger) *table.Plugin { table.IntegerColumn("touchid_unlock"), } - return tablewrapper.New(slogger, "kolide_touchid_system_config", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_touchid_system_config", columns, t.generate) } type touchIDSystemConfigTable struct { diff --git a/pkg/osquery/table/touchid_user_darwin.go b/pkg/osquery/table/touchid_user_darwin.go index 4458d4295..6772d26f0 100644 --- a/pkg/osquery/table/touchid_user_darwin.go +++ b/pkg/osquery/table/touchid_user_darwin.go @@ -7,6 +7,7 @@ import ( "os/user" "strings" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/allowedcmd" "github.com/kolide/launcher/ee/tables/tablehelpers" "github.com/kolide/launcher/ee/tables/tablewrapper" @@ -14,7 +15,7 @@ import ( "github.com/osquery/osquery-go/plugin/table" ) -func TouchIDUserConfig(slogger *slog.Logger) *table.Plugin { +func TouchIDUserConfig(flags types.Flags, slogger *slog.Logger) *table.Plugin { t := &touchIDUserConfigTable{ slogger: slogger.With("table", "kolide_touchid_user_config"), } @@ -27,7 +28,7 @@ func TouchIDUserConfig(slogger *slog.Logger) *table.Plugin { table.IntegerColumn("effective_applepay"), } - return tablewrapper.New(slogger, "kolide_touchid_user_config", columns, t.generate) + return tablewrapper.New(flags, slogger, "kolide_touchid_user_config", columns, t.generate) } type touchIDUserConfigTable struct { diff --git a/pkg/osquery/table/user_avatar_darwin.go b/pkg/osquery/table/user_avatar_darwin.go index b0df710d4..6563f5432 100644 --- a/pkg/osquery/table/user_avatar_darwin.go +++ b/pkg/osquery/table/user_avatar_darwin.go @@ -48,6 +48,7 @@ import ( "strings" "unsafe" + "github.com/kolide/launcher/ee/agent/types" "github.com/kolide/launcher/ee/tables/tablewrapper" "github.com/kolide/launcher/pkg/traces" "github.com/nfnt/resize" @@ -57,14 +58,14 @@ import ( var crcTable = crc64.MakeTable(crc64.ECMA) -func UserAvatar(slogger *slog.Logger) *table.Plugin { +func UserAvatar(flags types.Flags, slogger *slog.Logger) *table.Plugin { columns := []table.ColumnDefinition{ table.TextColumn("username"), table.TextColumn("thumbnail"), table.TextColumn("hash"), } t := &userAvatarTable{slogger: slogger.With("table", "kolide_user_avatars")} - return tablewrapper.New(slogger, "kolide_user_avatars", columns, t.generateAvatars) + return tablewrapper.New(flags, slogger, "kolide_user_avatars", columns, t.generateAvatars) } type userAvatarTable struct {