https://github.com/osquery/osquery logo
Powered by
a

Anatol Pomazau

01/06/2020, 6:33 PM
Does osquery support pacman (Arch Linux) package manager?
n

nyanshak

01/06/2020, 8:24 PM
Copy code
[~] ❯ pacman -Ss osquery                                                                         [14:24]
community/osquery 4.1.2-1
    SQL powered operating system instrumentation, monitoring, and analytics
a

Anatol Pomazau

01/06/2020, 8:56 PM
I mean the other way. Does 
osquery
tool able to read pacman packages info? I am looking at 
osquery/tables/system/linux
sources and see it has rpm_packages that handles RPM, deb_packages for Debian. But I do not see anything Arch specific here.
n

nyanshak

01/06/2020, 8:58 PM
Ah okay, yeah, I'm not aware of any built-in support for that.
a

alessandrogario

01/06/2020, 9:18 PM
I don't think CMake supports arch packages
@nyanshak 
pacman -Si osquery | grep Packager
😄
n

nyanshak

01/06/2020, 9:19 PM
😄
disappears
😱 1
a

alessandrogario

01/06/2020, 9:20 PM
If you find a way to add support for it, then we can generate them too
we will eventually have signing
with the upstream key
s

Stefano Bonicatti

01/06/2020, 10:03 PM
He means if osquery has a table to display installed Arch packages
we don't
a

alessandrogario

01/06/2020, 10:03 PM
oops, i only read the message in the channel
if there's any library that can be integrated (we can't call command line tools) then it's easy to implement
a

Anatol Pomazau

01/06/2020, 11:12 PM
@alessandrogario there is a library that implements the package manager logic. It called usr/lib/libalpm.so it is part of 
pacman
package.
6 Views
Powered by