in chef/cookbooks/cpe_osquery/resources/cpe_osquery.rb [154:323]
def manage
directory osquery_dir do
if macos? || debian?
owner root_owner
group node['root_group']
mode '0700'
end
end
service_type, service_name = service_info.first
options = node['cpe_osquery']['options'].to_hash
ext_file = ::File.join(osquery_dir, 'extensions.load')
extensions = node['cpe_osquery']['extensions']
extension_paths = []
unless extensions.empty?
options['extensions_autoload'] = ext_file
directory osquery_ext_dir do
recursive true
unless windows?
mode '0755'
owner root_owner
group node['root_group']
end
end
extensions.each do |name, values|
ext_extension = windows? ? 'exe' : 'ext'
ext_path = ::File.join(osquery_ext_dir, "#{name}.#{ext_extension}")
extension_paths << ext_path
cpe_remote_file "#{name}-#{values['version']}" do
file_name "#{name}-#{values['version']}"
folder_name "osquery/extensions/#{node['platform_family']}"
checksum values['checksum']
path ext_path
unless windows?
mode '0755'
owner root_owner
group node['root_group']
end
notifies :restart, "#{service_type}[#{service_name}]"
end
end
template ext_file do
source 'extensions.load.erb'
variables(
'extensions' => extension_paths,
)
notifies :restart, "#{service_type}[#{service_name}]"
end
end
flag_file = ::File.join(osquery_dir, 'osquery.flags')
template flag_file do
source 'osquery.flags.erb'
variables(
'options' => options,
)
not_if { options.nil? }
notifies :restart, "#{service_type}[#{service_name}]"
end
conf = node['cpe_osquery']['conf'].to_hash
packs = node['cpe_osquery']['packs']
packs_dir = ::File.join(osquery_dir, 'packs')
managed_packs = []
unless packs.empty?
directory packs_dir do
if macos? || debian?
owner root_owner
group node['root_group']
mode '0755'
end
end
conf['packs'] = {}
packs.each do |name, values|
pack_path = ::File.join(packs_dir, "#{name}.conf")
conf['packs'][name] = pack_path
managed_packs.push(pack_path)
file pack_path do
if macos? || debian?
owner root_owner
group node['root_group']
mode '0644'
end
content Chef::JSONCompat.to_json_pretty(values)
notifies :restart, "#{service_type}[#{service_name}]"
end
end
end
official_packs_to_install = node['cpe_osquery']['official_packs_install_list']
if node['cpe_osquery']['manage_official_packs'] && !official_packs_to_install.empty?
official_pack_list.each do |name|
if official_packs_to_install.include?(name)
pack_path = ::File.join(packs_dir, "#{name}.conf")
conf['packs'][name] = pack_path
managed_packs.push(pack_path)
cookbook_file pack_path do
source "packs/#{name}.conf"
if macos? || debian?
owner root_owner
group node['root_group']
mode '0644'
end
notifies :restart, "#{service_type}[#{service_name}]"
end
end
end
end
conf_path = ::File.join(osquery_dir, 'osquery.conf')
cleanup_packs(managed_packs, conf_path)
sortedconf = {}
conf.each do |k, v|
if v.is_a?(Hash)
sortedconf[k] = v.sort.to_h
else
sortedconf[k] = v
end
end
unless sortedconf.empty?
file conf_path do
if macos? || debian?
owner root_owner
group node['root_group']
mode '0700'
end
content Chef::JSONCompat.to_json_pretty(sortedconf.sort.to_h)
notifies :restart, "#{service_type}[#{service_name}]"
end
end
if windows?
service 'osqueryd' do
action :nothing
end
end
debian_manage_service if debian?
macos_manage_service(flag_file) if macos?
windows_manage_service if windows?
end