Deepak
06/16/2021, 3:01 PMtheopolis
06/17/2021, 1:36 AMls -la /usr/bin/osqueryd
show?
If osqueryd is being launched as root then that path and the folder must be owned by root and not user writable.--allow_unsafe
but I don't recommend this.Deepak
06/17/2021, 11:13 AM-rwxr-xr-x. 1 root root 31265080 Oct 6 2020 /usr/bin/osqueryd
Its owned by root and not writable by any user. I’ll try the --allow_unsafe as last resorttheopolis
06/17/2021, 3:52 PMls -la /usr/bin