Facing this issue while running the tailsofbits OS...
# generaln
Nerd
04/08/2021, 1:02 PMFacing this issue while running the tailsofbits OSQuery extension in MAC
E0408 182608.503185 189222912 registry_factory.cpp:179] table registry HostDenylist plugin caused exception: Failed to create the firewall object
Error: Failed to create the firewall object
The code snapshot of trailsofbuts fwctl code
IFirewall& GetFirewall() {
static bool conf_dir_init_status = InitializeConfigurationFolder();
if (!conf_dir_init_status) {
throw std::runtime_error(
"Failed to initialize the firewall configuration folder");
}
static std::unique_ptr<IFirewall> firewall;
static IFirewall::Status firewall_init_status =
trailofbits::CreateFirewallObject(firewall);
if (!firewall_init_status.success()) {
throw std::runtime_error("Failed to create the firewall object");
}
return *firewall.get();
}
m
Mike Myers
04/09/2021, 7:00 PMAre you running osquery as root?
n
Nerd
04/10/2021, 6:42 AMYes @Mike Myers, running in following manner
sudo ./osqueryi --allow_unsafe --extensions_default_index=false --disable_extensions=false --extension ../external/extension_trailofbits/trailofbits_osquery_extensions.ext
m
Mike Myers
04/12/2021, 5:07 PMOk, I see this is a known issue we haven't solved yet https://github.com/trailofbits/osquery-extensions/issues/65
Mike Myers
04/12/2021, 10:36 PMI believe I've fixed it, if you can rebuild from the latest source
n
Nerd
04/13/2021, 3:06 AMThank you and will let you after rebuilding it.
Nerd
04/13/2021, 3:20 AM@Mike Myers After basic testing. I am not seeing this error.
👌 1
Nerd
04/13/2021, 3:25 AMI will continue to test and let you know
2 Views