Overview Repositories Revisions Requests Users Attributes Meta

Revisions of velociraptor

Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) accepted request 1060074 from Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) (revision 37) 
Fixed commit message after patch rename
  - vendor-build-fixes-for-SLE12.patch
  - vendor-build-fixes-for-SLE12.patch
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) accepted request 1060071 from Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) (revision 36) 
- Increase required release to enable eBPF to SLE 15 SP2 and
  openSUSE Leap 15.2.  Earlier versions don't have a usable eBPF
  and can't easily build llvm13.

- Increase required release to enable eBPF to SLE 15 SP2 and
  openSUSE Leap 15.2.  Earlier versions don't have a usable eBPF
  and can't easily build llvm13.
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) accepted request 1060070 from Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) (revision 35) 
- Remove dependency on bpftool.  We use the vmlinux.h archive
  to provide vmlinux.h.

- Restored %defattr due to SLE12 using rpm-4.11.
- Fix builds in vendor code on SLE12
- Fix build in third_party/sdjournal due to older systemd on SLE12
- Added patches:
  - vendor-go-magic-build-fix-for-SLE12.patch
  - sdjournal-build-fix-for-SLE12.patch
- Remove dependency on bpftool.  We use the vmlinux.h archive
  to provide vmlinux.h.

- Restored %defattr due to SLE12 using rpm-4.11.
- Fix builds in vendor code on SLE12
- Fix build in third_party/sdjournal due to older systemd on SLE12
- Added patches:
  - vendor-go-magic-build-fix-for-SLE12.patch
  - sdjournal-build-fix-for-SLE12.patch
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) accepted request 1060003 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 34) 
- add memory limit to systemd unit
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1059630 from Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) (revision 33) 
initialized devel package after accepting 1059630
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) accepted request 1059625 from Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) (revision 32) 
---------------------------------------------------------------------
- Restore requirement to build with clang13.  Newer versions
  cause libbpfgo to crash immediately.
-----------------------------------------------------------------
- Added support for setting command line options via sysconfig
- Restore requirement to build with clang13.  Newer versions
  cause libbpfgo to crash immediately.

- Added support for setting command line options via sysconfig
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) committed (revision 31) 
- Update to version 0.6.7.4~git53.0e85855:
  * sdjournal: work around missing _SYSTEMD_UNIT fields

- Update to version 0.6.7.4~git53.0e85855:
  * sdjournal: work around missing _SYSTEMD_UNIT fields
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) accepted request 1059461 from Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) (revision 30) 
- Clean up for Factory submission:
  - Make bpf-enabled builds conditional
  - Removed %defattr and combined service lines.
  - Change clang and llvm dependencies to use >= 13
  - Newer versions of clang hit a DWARF parsing bug in go < 1.19,
    so increase go version dependecy
  - Define ExclusiveArch for x86_64, ppc64le, aarch64, and s390x
    Neither the client or server builds on ix86.
- Added Restart=on-failure to restart the client automatically.

- Update to version 0.6.7.4~git51.a588d6e4:
  * magefile.go: use current architecture for Linux builds
  * Update libbpfgo submodule to include non-AMD64 build fixes
  * bpf: bpf expects s390 instead of s390x

- Clean up for Factory submission:
  - Make bpf-enabled builds conditional
  - Removed %defattr and combined service lines.
  - Change clang and llvm dependencies to use >= 13
  - Newer versions of clang hit a DWARF parsing bug in go < 1.19,
    so increase go version dependecy
  - Define ExclusiveArch for x86_64, ppc64le, aarch64, and s390x
    Neither the client or server builds on ix86.
- Update to version 0.6.7.4~git51.a588d6e4:
  * magefile.go: use current architecture for Linux builds
  * Update libbpfgo submodule to include non-AMD64 build fixes
  * bpf: bpf expects s390 instead of s390x
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) committed (revision 29) 
- Define ExclusiveArch for x86_64, ppc64le, aarch64, and s390x                     
  Neither the client or server builds on ix86.

- Define ExclusiveArch for x86_64, ppc64le, aarch64, and s390x                     
  Neither the client or server builds on ix86.
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) committed (revision 28) 
Added update-vendoring.sh to source list
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) committed (revision 27) 
Removed obsolete Dockerfile
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) committed (revision 26) 
- Update to version 0.6.7.4~git46.5d88d80:
  * contrib/kafka-humio-gateway: add new debug option for noisy events
  * contrib/kafka-humio-gateway: backoff and retry for metadata
  * vql/server/kafka: connect sarama logging to velociraptor logging
  * vql/server/kafka: add exponential backoff (limited to 30s) for metadata retries
  * vql/server/kafka: set appropriate ClientID

- Update to version 0.6.7.4~git46.5d88d80:
  * contrib/kafka-humio-gateway: add new debug option for noisy events
  * contrib/kafka-humio-gateway: backoff and retry for metadata
  * vql/server/kafka: connect sarama logging to velociraptor logging
  * vql/server/kafka: add exponential backoff (limited to 30s) for metadata retries
  * vql/server/kafka: set appropriate ClientID
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) accepted request 1040837 from Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) (revision 25) 
- Update to version 0.6.7.4~git41.678ed56:
  * rpm: introduce rpm vql plugin
  * users: extend DeleteUser testcase to ensure org membership was dropped
  * users: ensure baseline user state is correct
  * github: run testcases on Linux builds in new workflow
  * gui/reporting: update bluemonday dependency to latest
  * SSHLogin: require _TRANSPORT != 'kernel' from watch_journal()
  * SUSE: Add docker-compose environment
  * SUSE: add Docker files
  * clients/host-info.js: add MAC addresses to client dashboard
  * linux: Add ability to interrogate system and network configuration
  * Add Linux.Sys.Bash to Server.Monitor.Shell artifact
  * kafka-humio-gateway: add sample config file
  * Updating the NewFiles and ProcessStatuses Artifacts
  * cronsnoop: rework testcases to use t.TempDir
  * vql/linux/cronsnoop: Add cronsnoop() plugin
  * Extend audit artifacts to use new interface
  * audit: rearchitect plugin to scale better with multiple invocations
  * audit: use caller-allocated buffer
  * use github.com/jeffmahoney/go-libaudit/v2 for audit
  * Kafka.Events.Client: Update to use new artifactset type
  * Add artifact for chattrsnoop plugin
  * bpflib: ensure it's built only on linux and when requesting bpf
  * Add chattrsnoop plugin
  * Add artifact to monitor user group updates (#24)
  * vql/linux/dnssnoop: Add dnssnoop() plugin
  * Log Sudo/root command by auditd
  * Add custom artifacts for login and logout attempts recorded by auditd
  * Add tcpsnoop plugin
  * vql/linux/bpflib: add helper package for bpf plugins
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) accepted request 1035679 from Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) (revision 24) 
re-add vmlinux handling
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) accepted request 1035327 from Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) (revision 22) 
- Update to version 0.6.4.2~git86.b5931f7:
  * cleanup: go mod tidy
- Fix vendoring of replaced modules.
- Only require libtsan0 on x86_64
- Only attempt to copy vmlinux.h if /sys/kernel/btf/vmlinux doesn't exist
- Fix building of libbpfgo on i586

- Update to version 0.6.4.2~git84.1b38fda:
  * Clean up libbpfgo mess
  * libbpfgo: use forked repo for fully static builds
  * libbpfgo: sync to v0.4.4-libbpf-1.0.1
  * contrib/kafka-humio-gateway: add new debug option for noisy events
  * contrib/kafka-humio-gateway: backoff and retry for metadata
  * vql/server/kafka: connect sarama logging to velociraptor logging
  * vql/server/kafka: add exponential backoff (limited to 30s) for metadata retries
  * vql/server/kafka: set appropriate ClientID
  * libbpfgo: add selftest to build so testcases work
  * cronsnoop: rework testcases to use t.TempDir
  * cronsnoop: move external dependencies to end of import list
  * SSHLogin: require _TRANSPORT != 'kernel' from watch_journal()

- Update to version 0.6.4.2~git67.85b608e:
  * clients/host-info.js: add MAC addresses to client dashboard
  * linux: Add ability to interrogate system and network configuration
  * SUSE: Add docker-compose environment
  * SUSE: add Docker files
  * Add Linux.Sys.Bash to Server.Monitor.Shell artifact
  * api/authenticators: fix handling of missing oauthstate cookie for OAUTH2
  * kafka-humio-gateway: add sample config file
  * Updating the NewFiles and ProcessStatuses Artifacts
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) committed (revision 21) 
- Update to version 0.6.4.2~git70.b7df8172:
  * file_store: handle watching artifacts with named sources

- Update to version 0.6.4.2~git70.b7df8172:
  * file_store: handle watching artifacts with named sources
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) committed (revision 20) 
- Update to version 0.6.4.2~git68.5226b23b:
  * api/authenticators/basic: fix logoff endpoint
  * clients/host-info.js: add MAC addresses to client dashboard
  * linux: Add ability to interrogate system and network configuration
  * SUSE: Add docker-compose environment
  * SUSE: add Docker files
  * Add Linux.Sys.Bash to Server.Monitor.Shell artifact

- Update to version 0.6.4.2~git68.5226b23b:
  * api/authenticators/basic: fix logoff endpoint
  * clients/host-info.js: add MAC addresses to client dashboard
  * linux: Add ability to interrogate system and network configuration
  * SUSE: Add docker-compose environment
  * SUSE: add Docker files
  * Add Linux.Sys.Bash to Server.Monitor.Shell artifact
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) accepted request 998259 from Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) (revision 19) 
- Updated vendoring.
- Fixed update-vendoring script to use an independent go module cache.

- Updated vendoring.
- Fixed update-vendoring script to use an independent go module cache.
Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) accepted request 998240 from Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) (revision 18) 
- Update to version 0.6.4.2~git59.5ebb49db:
  * api/authenticators: fix handling of missing oauthstate cookie for OAUTH2

- Update to version 0.6.4.2~git57.fcb11adf:
  * kafka-humio-gateway: add sample config file

- Updated BuildRequires to use go 1.17 after updating vendoring

- Add vmlinux.h from 5.18.9-2-default to provide type information (x86_64 only)

- Update to version 0.6.4.2~git56.47b4adb4:
  * Updating the NewFiles and ProcessStatuses Artifacts
  * cronsnoop: Add plugin which is able to snoop removal/addition of cron… (#37)
  * third_party/go-libaudit: don't directly use unix.*
  * Add Linux.Remediation.Quarantine artifact
  * Extend audit artifacts to use new interface
  * audit: rearchitect plugin to scale better with multiple invocations
  * third_party/go-libaudit: move handling of receive buffer to caller
  * third_party/go-libaudit: move buffer handling from netlink to audit
  * third_party/go-libaudit: allow audit fd to be pollable
  * third_party/go-libaudit: Add support for removing individual rules
  * third_party/go-libaudit: rule.Rule.Build: Don't assume that no syscalls means all syscalls
  * third_party/go-libaudit: Report missing rules during deletion
  * import go-libaudit as a third-party module
  * quarantine: actually call the OS-specific artifact
  * artifactset: add ability to select named sources
  * GUI: Artifact selector (#1790)
  * host-info: make quarantine UI more robust with non-Windows client hosts
  * shell-viewer: default to Bash on non-Windows clients
Displaying revisions 41 - 60 of 77
openSUSE Build Service is sponsored by
Places