Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
n
Nerd
04/08/2021, 1:02 PMFacing this issue while running the tailsofbits OSQuery extension in MAC
E0408 18:26:08.503185 189222912 registry_factory.cpp:179] table registry HostDenylist plugin caused exception: Failed to create the firewall object
Error: Failed to create the firewall object
The code snapshot of trailsofbuts fwctl code
IFirewall& GetFirewall() {
static bool conf_dir_init_status = InitializeConfigurationFolder();
if (!conf_dir_init_status) {
throw std::runtime_error(
"Failed to initialize the firewall configuration folder");
}
static std::unique_ptr<IFirewall> firewall;
static IFirewall::Status firewall_init_status =
trailofbits::CreateFirewallObject(firewall);
if (!firewall_init_status.success()) {
throw std::runtime_error("Failed to create the firewall object");
}
return *firewall.get();
}
m
Mike Myers
04/09/2021, 7:00 PMAre you running osquery as root?
n
Nerd
04/10/2021, 6:42 AMYes @Mike Myers, running in following manner
sudo ./osqueryi --allow_unsafe --extensions_default_index=false --disable_extensions=false --extension ../external/extension_trailofbits/trailofbits_osquery_extensions.ext
m
Mike Myers
04/12/2021, 5:07 PMOk, I see this is a known issue we haven't solved yet https://github.com/trailofbits/osquery-extensions/issues/65
I believe I've fixed it, if you can rebuild from the latest source
n
Nerd
04/13/2021, 3:06 AMThank you and will let you after rebuilding it.
@Mike Myers After basic testing. I am not seeing this error.
👌 1
I will continue to test and let you know