I’m in the process of upgrading osquery from 3.3.0...
# macos
I’m in the process of upgrading osquery from 3.3.0 to 4.9.0. I have the 4.9.0 code building fine and packaging for 
 creating a pkg fine also.  I notice the packaging mechanism has changed since 3.3.0. One thing that I can’t find how to do with 4.9.0 packaging on 
 is to ensure a restart of 
 at the end of the install.  With the 3.3.0 code base, there was a flag passed to the now-superseded packaging script. Any tips on how the same type of postinstall unload/load of the daemon can be achieved?
things are about to change again as we're around the corner from 5… the packaging.cmake file is no longer in master, but they were using a postinstall.sh on linux, you could do the same for Mac
(Or require a restart, to be clumsy about it - not sure how you're distributing it)
Thanks for the suggestions. I’d like to avoid requiring a reboot. Where can I read about the packaging changes planned for v5?
good question, the signing is definitely changing and I believe a lot is moving into githubs actions/pipelines/CI/CD but I'm otherwise unclear about what or where the 'makefile' textual representation of that artifact of the release process is recorded/would be modifiable
I would have thought I'd see stuff in the .github dir but nothing sticks out at present
Thanks. I’ll take a look there next.
Hey, you might want to have a look here for general guidance: https://osquery.readthedocs.io/en/latest/development/building/#building-packages For your specific problem, you would have to modify the osquery-packaging CMake files to add
Copy code
Full path to a file that will be used as the postinstall script for the named <COMP> component's package, where <COMP> is the uppercased component name. No postinstall script is added if this variable is not defined for a given component.
(the tooling I use for Mac packaging makes my life so easy, relatively speaking 😅 I know we'd have to rip
out of the rest of the world's clammy dead hands, but)
silly macadmins and their python-based tooling
Thank you @Stefano Bonicatti and @allister