macos_manage

in chef/cookbooks/cpe_crowdstrike_falcon_sensor/resources/cpe_crowdstrike_falcon_sensor.rb [256:343]

• 68 lines of code
• 12 McCabe index (conditional complexity)

  def macos_manage(falconctl_path = falcon_agent_prefs['falconctl_path'])
    
    
    
    if node.os_less_than?('10.14')
      Chef::Log.warn('cpe_crowdstrike_falcon_sensor only manages macOS Mojave and higher. Please use a prior version '\
        'of this cookbook if you need earlier support.')
      return
    end

    
    kext_path = '/Applications/Falcon.app/Contents/Extensions/Agent.kext'
    if node.catalina? || node.mojave?
      execute 'Purge kext staging cache' do
        command '/usr/sbin/kextcache --clear-staging'
        only_if { ::File.exists?(kext_path) }
        only_if { kernel_extension_healthy?(kext_path) == false }
      end

      
      execute 'Force load the kernel extension' do
        command "/sbin/kextload #{kext_path}"
        only_if { ::File.exists?(kext_path) }
        only_if { kernel_extension_healthy?(kext_path) == true }
        only_if { ::File.exists?('/Library/Application Support/CrowdStrike/Falcon/License.bin') }
        not_if { kernel_extension_running? }
      end
    end

    
    [
      'com.crowdstrike.falcon.UserAgent',
    ].each do |agent|
      launchd agent do
        action :enable
        only_if { ::File.exist?("/Library/LaunchAgents/#{agent}.plist") }
        type 'agent'
      end
    end

    return unless ::File.exists?(falconctl_path)

    if node.at_least_big_sur?
      
      [
        'com.crowdstrike.falcond',
      ].each do |daemon|
        
        launchd daemon do
          only_if { ::File.exist?("/Library/LaunchDaemons/#{daemon}.plist") }
          action :enable
        end
      end

      
      execute 'Force enable Crowdstrike' do
        command "#{falconctl_path} load --force"
        only_if { falconctl_healthy? == false }
      end

      
      if falconctl_healthy? &&
        falcon_agent_prefs['manage_network_filter'] &&
        node.at_least?(node.chef_version, '17.7.22')
        ext_enabled, ext_error = node.network_extension_enabled('com.crowdstrike.falcon.App', 'contentFilter')
        if falcon_agent_prefs['enable_network_filter']
          execute 'Enable Crowdstrike network filter' do
            command "#{falconctl_path} enable-filter"
            not_if { ext_error }
            only_if { ext_enabled == false }
          end
        else
          execute 'Disable Crowdstrike network filter' do
            command "#{falconctl_path} disable-filter"
            not_if { ext_error }
            only_if { ext_enabled }
          end
        end
      end
    end

    
    if Gem::Version.new(falcon_pkg_prefs['version']) >= Gem::Version.new('6.0.0.0')
      grouping_tags = node['cpe_crowdstrike_falcon_sensor']['grouping_tags']
      node.safe_nil_empty?(grouping_tags) ? clear_grouping_tags : append_grouping_tags(grouping_tags)
    end
  end