Hi all,
I'm getting a `could not start extension p...
# generalm
Matt Ackard
10/14/2020, 3:27 PMHi all,
I'm getting a
could not start extension processMatt Ackard
10/14/2020, 3:27 PM Copy code
#!/usr/bin/env python
import osquery
@osquery.register_plugin
class MyTablePlugin(osquery.TablePlugin):
def name(self):
return "foobar"
def columns(self):
return [
osquery.TableColumn(name="foo", type=osquery.STRING),
osquery.TableColumn(name="baz", type=osquery.STRING),
]
def generate(self, context):
query_data = []
for _ in range(2):
row = {}
row["foo"] = "bar"
row["baz"] = "baz"
query_data.append(row)
return query_data
if __name__ == "__main__":
osquery.start_extension(name="my_awesome_extension", version="1.0.0")c
CptOfEvilMinions
10/14/2020, 3:53 PM@Matt Ackard please try running
osqueryi--allow_unsafeCptOfEvilMinions
10/14/2020, 4:00 PMIf it does work after adding that flag please see the following Osquery documentation to set the correct permissions:
https://osquery.readthedocs.io/en/stable/deployment/extensions/
m
Matt Ackard
10/14/2020, 5:31 PMallow_unsafe doesn't change anything. I think it may be thrift socket related. I get errors from TServerSocket and TServerTransport if I leave the osqueryi process running when it fails to start the extension
Matt Ackard
10/14/2020, 5:44 PMgot it. it was a combination of permissions and default python binary. thanks
🦜 1
4 Views