Deepak06/16/2021, 3:01 PM
show? If osqueryd is being launched as root then that path and the folder must be owned by root and not user writable.
ls -la /usr/bin/osqueryd
but I don't recommend this.
Deepak06/17/2021, 11:13 AM
Its owned by root and not writable by any user. I’ll try the --allow_unsafe as last resort
-rwxr-xr-x. 1 root root 31265080 Oct 6 2020 /usr/bin/osqueryd
ls -la /usr/bin