I've got a problem with my osqueryd.service file that I copy to my devices. The service file is below. The problem is that on one Debian 11 box, it gave me errors because there was not a "=" on the line for the config_file and the pidfile. On other Debian 11 boxes, it loads file without the "=". What is the proper syntax for the service file and do I really need to add those two lines to it or can I simply use the service file that is installed with osquery?

[Unit]

Description=The osquery Daemon

After=network.service syslog.service

[Service]

TimeoutStartSec=0

EnvironmentFile=/etc/default/osqueryd

ExecStartPre=/bin/sh -c "if [ ! -f $FLAG_FILE ]; then touch $FLAG_FILE; fi"

ExecStartPre=/bin/sh -c "if [ -f $LOCAL_PIDFILE ]; then mv $LOCALPIDFILE $PIDFILE; fi"

ExecStart=/opt/osquery/bin/osqueryd \

--flagfile=$FLAG_FILE \

--config_path=$CONFIG_FILE \

--pid_file=/var/osquery/osqueryd.pidfile

Restart=on-failure

KillMode=control-group

KillSignal=SIGTERM

TimeoutStopSec=15

CPUQuota=20%

[Install]

WantedBy=multi-user.target

You can use the one we ship, or you can fix yours. I don’t know where that came from

thanks, appreciate it