https://github.com/osquery/osquery logo
Title
s

seph

12/16/2019, 7:37 PM
I’d suggest that someone else (I’ll volunteer) run the 4.1.2 build.
z

zwass

12/16/2019, 8:08 PM
This sounds like a great idea! Are there private keys or something that would prevent this?
s

seph

12/16/2019, 8:09 PM
Yes and no. The current osquery mac packaging is signed with Teddy’s personal key. Obviously I can’t sign it with that, but I can sign it with mine. But even knowing that we can get that far is progress.
Pretty suire we have some notes about other things. (like the s3 bucket credentials for releases)
g

Gavin

12/16/2019, 8:10 PM
Signing with another key will mean that admins may need to Deploy a new TCC profile for FDA , worth mentioning in the release notes this is for Mojave / Catalina
s

seph

12/16/2019, 8:11 PM
My gut sense is that it’d be better to wait, but have the option.
g

Gavin

12/16/2019, 8:13 PM
Worth chipping in some cash for an OSquery specific dev account and eating the pain once for the move to an organisation shared Cert ?
s

seph

12/16/2019, 8:15 PM
I have been slowly working through https://github.com/osquery/foundation/issues/3
“get an apple developer account for osquery”
g

Gavin

12/16/2019, 8:17 PM
Hmm DUNs is a pita
s

seph

12/16/2019, 8:19 PM
Nah. It’s fine. Just lots of bits I had to work through