https://github.com/osquery/osquery logo
Powered by
#extensions
Title
# extensions
m

Mike Myers

01/27/2021, 9:14 PM
@seph I looked at the issues (open and closed) and I don't think this has been asked before, but would Kolide Launcher accept a change to give it the ability to update osquery extensions as well as the agent?
s

seph

01/27/2021, 9:18 PM
I'm not sure. I'm not opposed, in theory. But I think it would be a surprisingly substantial, and hard to do without larger rework of the update mechanism
What kind of thing are you thinking about?
m

Mike Myers

01/27/2021, 9:23 PM
I'm trying to understand how hard of a problem it would be, but first I wanted to see if it was out of the question. Sounds like it would be considered
s

seph

01/27/2021, 9:25 PM
Yes... but I'd rather talk through it. The updated code is gnarly. I'd might be willing to just add something, but yeah...
m

Mike Myers

01/27/2021, 9:27 PM
Maybe I don't have a grasp of the requirements yet but I assume the basic need is to check for a new version of the existing extensions, and replace them with new versions if such exist Are there some challenges you are already aware of?
Ok, maybe I should look at what's there and find a time to talk through it with you later
s

seph

01/27/2021, 9:28 PM
Baked in pretty deeply is the idea that and update is a single binary. Which goes through the notary servers. So this would need several singletons, or add mechanisms for a set.
Also inherent is that the update servers are notary+http. (And it assumes ours)
Probably something else about how they get passed a long.
I'm happy to chat, though as I talk about it it sounds more and more like a large amount of code.
I wonder if I can see a way to get there incrementally
Do y'all run your own notary servers or are you using ours?
m

Mike Myers

01/27/2021, 9:30 PM
currently we don't have a Notary server, right now we're just needing to get acquainted with how it might be done
we'll do our homework, discuss, maybe open a blueprint issue on the Launcher repo?
s

seph

01/27/2021, 9:32 PM
I'm generally available 9-2 eastern. (Modulo random school surprises) if you wanted to schedule time feel free to throw an invite at me. (I'll decline if unavailable)
You could start with the code. But it's... opaque.
m

Mike Myers

01/27/2021, 9:36 PM
ok, possibly Friday, I'll find out who can come from this side
s

seph

01/27/2021, 9:43 PM
Friday is an early day for child. Ends around 11:30 for. E
For me
m

Mike Myers

01/27/2021, 10:04 PM
ok, guess I'll send an invite for early
2 Views
Powered by