Hello everyone, currently I'm trying to get osqueryd running with the custom table from https://github.com/osquery/osquery-python. I start osqueryd with

sudo osqueryd --ephemeral --disable_logging --disable_database --extensions_socket /home/adrian/.osquery/osqueryd.sock --config_path=./osquery/osquery.conf --disable_extensions false

and I start the table with

python3 test.py --socket /home/adrian/.osquery/osqueryd.sock

. But sadly an error "Could not connect to any of ['/home/adrian/.osquery/osqueryd.sock']" is raised every time in my logs. What am I doing wrong? Or do I have to bind the table in a different way?

I'm going to guess it's a permission issue. Osquery is running as root and opening the socket with root perms but Python is running as non-root.

I ran python as root but it's still the same issue. Is there any way to load the python table directly with osqueryd?