Hi there, we are trying to use osquery to check employee laptops for encryption and checking inventory. Here is the catch - we want to do it for another company, their team uses macos. We thought of setting up a fleet on our servers using fleetdm, Question - is there an easy way to launch osquery on the employee laptops and avoid becoming identified developer for apple (in case of app download)? Would be great if they could just download a pkg file. I heard it takes time to get verified and it's not really in scope for us
08/04/2021, 2:08 PM
Generally speaking, macOS won’t install an unsigned pkg.
So you might be able to use a vendor with appropriately signed pkg files.
Use the osquery ones and distribute configuration outside it
Get your own certs. and sign pkgs that bundle osquery and configs. (FYI I think it’s pretty fast to get apple developer accounts, I don’t remember long delays)
Might be other ways? Kinda depends on where you want to spend time.
08/04/2021, 5:10 PM
Hey seph, thanks! We thought it will take months to get approve to apple store. But I will try now and see how it goes
08/04/2021, 10:37 PM
Isn’t the official osquery package signed? I just downloaded it from osquery.io and installed it on my mac no problem and didn’t have to sign it.
08/04/2021, 11:07 PM
It takes months to get endpoint security credentials. But you don't need those.
Yes, the official packages are signed. TBH they would be useful if they weren't.