Channels
doorman
infrastructure
random
zercurity
community-feeds
fleet-dev
code-review
queryhub
apple-silicon
carving
tls
fim
goquery
zentral
aws
querycon
golang
zeek
file-carving
fuzzing
auditing-warroom
linen-dev
fleetosquery
plugins
jobs
arm-architecture
darkbytes
process-auditing
uptycs
android_tests
selfgroup
vendor-feeds
fleet
eclecticiq-polylogyx-extension
ebpf
website
core
general
macos
kolide
osctrl
extensions
foundation
sql
officehours
linux
windows
Title
g
Grigory Emelianov
08/04/2021, 9:35 AMHi there, we are trying to use osquery to check employee laptops for encryption and checking inventory. Here is the catch - we want to do it for another company, their team uses macos. We thought of setting up a fleet on our servers using fleetdm, Question - is there an easy way to launch osquery on the employee laptops and avoid becoming identified developer for apple (in case of app download)? Would be great if they could just download a pkg file. I heard it takes time to get verified and it's not really in scope for us
s
seph
08/04/2021, 2:08 PMGenerally speaking, macOS won’t install an unsigned pkg.
So you might be able to use a vendor with appropriately signed pkg files.
Use the osquery ones and distribute configuration outside it
Get your own certs. and sign pkgs that bundle osquery and configs. (FYI I think it’s pretty fast to get apple developer accounts, I don’t remember long delays)
Might be other ways? Kinda depends on where you want to spend time.
g
Grigory Emelianov
08/04/2021, 5:10 PMHey seph, thanks! We thought it will take months to get approve to apple store. But I will try now and see how it goes
m
Mystery Incorporated
08/04/2021, 10:37 PMIsn’t the official osquery package signed? I just downloaded it from osquery.io and installed it on my mac no problem and didn’t have to sign it.
s
seph
08/04/2021, 11:07 PMIt takes months to get endpoint security credentials. But you don't need those.
Yes, the official packages are signed. TBH they would be useful if they weren't.