Channels
#windows
Title
s
seph
01/16/2020, 6:02 PM
If you’re trying to do this regularly, you should probably figure out packaging systems for real. If you want a one off, you can use wix’s dark.exe to decompile an MSI into the wix xml, then re-compile it with the changes you want.
n
nyanshak
01/16/2020, 10:09 PMIf you’re trying to do this regularly, you should probably figure out packaging systems for real.Are there any docs on that anywhere? I'm just finding lots of old blogs from 2009 to 2012 talking about "orca", "super orca", "insted" but nothing that looks... reasonable for packaging this on an ongoing basis. And for the one-off version... I've decompiled it, edited the
package/wixosquery-<version>.wsx Copy code
PS C:\osquery\build> candle .\osquery-4.1.2.wxs
Windows Installer XML Toolset Compiler version 3.11.2.4516
Copyright (c) .NET Foundation and contributors. All rights reserved.
osquery-4.1.2.wxs
PS C:\osquery\build> light .\osquery-4.1.2.wixobj
Windows Installer XML Toolset Linker version 3.11.2.4516
Copyright (c) .NET Foundation and contributors. All rights reserved.
C:\osquery\build\osquery-4.1.2.wxs(119) : error LGHT0094 : Unresolved reference to symbol 'Property:WIX_ACCOUNT_ADMINISTRATORS' in section 'Product:{0F09414E-B63F-4378-B070-99BBE8A7FA44}'.
C:\osquery\build\osquery-4.1.2.wxs(120) : error LGHT0094 : Unresolved reference to symbol 'Property:WIX_ACCOUNT_LOCALSYSTEM' in section 'Product:{0F09414E-B63F-4378-B070-99BBE8A7FA44}'.
C:\osquery\build\osquery-4.1.2.wxs(121) : error LGHT0094 : Unresolved reference to symbol 'Property:WIX_ACCOUNT_USERS' in section 'Product:{0F09414E-B63F-4378-B070-99BBE8A7FA44}'.
C:\osquery\build\osquery-4.1.2.wxs(122) : error LGHT0094 : Unresolved reference to symbol 'WixUI:WixUI_InstallDir' in section 'Product:{0F09414E-B63F-4378-B070-99BBE8A7FA44}'.
PS C:\osquery\build>@zwass ^ by any chance, do you know what wix magic I need to invoke to get this to actually build?
z
zwass
01/16/2020, 10:44 PM
I have not tried this method with dark.exe... The way I've done this successfully is by taking the script generated by
make_windows_package.ps1PropertyRefn
nyanshak
01/16/2020, 11:04 PMah, okay, I'll try that, gotta get Buck builds working I guess 🤷
z
zwass
01/16/2020, 11:23 PM
Shouldn't be any need to get any build working for that...
In fact you could really just copy the template stuff out of the script and put it together appropriately.
n
nyanshak
01/16/2020, 11:24 PM Copy code
PS C:\osquery> .\tools\deployment\make_windows_package.ps1
[-] Did not find build directory at C:\osquery\tools\deployment\..\..\buck-out\release\gen\osquery. Check build script output.z
zwass
01/16/2020, 11:24 PM
I find it convenient to use 7zip to extract the osqueryd.exe from the MSI package, then use that in the wix bundling.
You'll need to comment out/replace appropriately some sections of the script to get it to the point where it writes the wxs file. You could maybe also just fake those directories.
s
seph
01/17/2020, 3:20 AM
The wix xml should work wherever you get it. The powershell sxript, dark, or hand writing it.
TBH wix sucks. But MSIs suck. Really everything sucks here. The next gen format might be nice, but it's not real.
Read the wix docs. They probably haven't changed.
I'd also suggest finding the launcher go wrapper around wix. You don't have to use it, but it should be readable.
Candle and light sound like the right tools.
The launcher stuff is pkg/packagekit/wix IIRC.
n
nyanshak
01/17/2020, 5:02 PMI ended up figuring it out by creating a
custom Copy code
diff --git a/cmake/packaging.cmake b/cmake/packaging.cmake
index 73bc1b6a..9e83f888 100644
--- a/cmake/packaging.cmake
+++ b/cmake/packaging.cmake
@@ -209,9 +209,12 @@ function(generateInstallTargets)
file(COPY "${CMAKE_SOURCE_DIR}/tools/provision/chocolatey/osquery_utils.ps1" DESTINATION "${CMAKE_BINARY_DIR}/package/wix")
install(FILES "${CMAKE_BINARY_DIR}/package/wix/osquery_utils.ps1" DESTINATION .)
- file(WRITE "${CMAKE_BINARY_DIR}/package/wix/osquery.flags")
+ file(COPY "${CMAKE_SOURCE_DIR}/custom/osquery.flags" DESTINATION "${CMAKE_BINARY_DIR}/package/wix")
install(FILES "${CMAKE_BINARY_DIR}/package/wix/osquery.flags" DESTINATION .)
+ file(COPY "${CMAKE_SOURCE_DIR}/custom/kolide.enrollment_secret" DESTINATION "${CMAKE_BINARY_DIR}/package/wix")
+ install(FILES "${CMAKE_BINARY_DIR}/package/wix/kolide.enrollment_secret" DESTINATION .)
+
# osqueryd
install(TARGETS osqueryd DESTINATION osqueryd)
diff --git a/cmake/wix_patches/osquery_wix_patch.xml b/cmake/wix_patches/osquery_wix_patch.xml
index bfb25032..41613f89 100644
--- a/cmake/wix_patches/osquery_wix_patch.xml
+++ b/cmake/wix_patches/osquery_wix_patch.xml
@@ -11,7 +11,7 @@
<ServiceInstall Id='osqueryd'
Name='osqueryd'
Account='NT AUTHORITY\SYSTEM'
- Arguments='--flagfile="[INSTALL_ROOT]osquery.flags"'
+ Arguments='--flagfile="[INSTALL_ROOT]osquery.flags" --enroll_secret_path="[INSTALL_ROOT]kolide.enrollment_secret"'
Start='auto'
Type='ownProcess'
Vital='yes'
@@ -28,4 +28,4 @@
<PropertyRef Id="WIX_ACCOUNT_USERS" />
<PropertyRef Id="WIX_ACCOUNT_ADMINISTRATORS" />
</CPackWiXFragment>
-</CPackWiXPatch>
\ No newline at end of file
+</CPackWiXPatch>z
zwass
02/04/2020, 2:50 AM
I updated the docs on https://github.com/dactivllc/docker-wix and included an example of how you can build an MSI from any Docker host. It shouldn't be too difficult to move to building your MSI with that container if you have a working
.wxss
seph
02/04/2020, 2:56 AM
wine is 32bit, right? Does that cause any weirdness in the resultant packages?
You might also want to take a look at
ossltoolz
zwass
02/04/2020, 4:31 PM
Wine can be 32 or 64 bit. WiX is 32 bit. I have not found any issue with the packages.
ossltools
seph
02/04/2020, 5:08 PM
If you dig through the launcher repo, you can find the ossltool invocations
4 Views