Releases: kolide/launcher
Releases · kolide/launcher
v1.4.1
1.4.1 is a small release to start getting the new autoupdate functionality out and into testing.
General
- Parse int instead of uint by @RebeccaMahany in #1521
- linux uninstall and docs updates by @zackattack01 in #1516
- [TUF] Add flag for TUF autoupdater rollout by @RebeccaMahany in #1524
- Detect hardware or enrollment change by @RebeccaMahany in #1492
- Add sqlite database for storing shared agent data; store and monitor startup data by @RebeccaMahany in #1515
- update desktop to use slogger by @James-Pickett in #1525
- Use slogger in new autoupdater by @RebeccaMahany in #1527
- [TUF] Use use_tuf_autoupdater in startupsettings to determine whether to use new autoupdater by @RebeccaMahany in #1526
- Update ee/control and sub-packages to use new slogger by @RebeccaMahany in #1528
- Update trace exporter to use slogger by @RebeccaMahany in #1529
- Move osquery extension and initial runner to use slogger by @RebeccaMahany in #1530
- Ensure kolide URL is set before doing DNS check by @RebeccaMahany in #1533
- Log stack trace for panic when possible by @RebeccaMahany in #1535
- Modify flags when needed to accommodate pflag by @RebeccaMahany in #1534
- use slogger for runLauncher logging by @James-Pickett in #1536
Full Changelog: v1.3.2...v1.4.1
Contributors
RebeccaMahany, James-Pickett, and zackattack01
Assets 2
v1.3.2
v1.3.2 shifts a lot of the Kolide Agent to being under our EE license. As this now includes the bulk of our tables, this should be considered a breaking change.
This also includes a lot of great changes. Too many to summarize, you'll have to dig through the notes. 🚀
Breaking Changes
- Relicense pkg/agent to ee/agent by @RebeccaMahany in #1494
- Relicense pkg/allowedcmd by @RebeccaMahany in #1495
- Relicense the bulk of our tables to
eeby @directionless in #1464 - Relicense debug/checkups and debug/shipper to
eeby @RebeccaMahany in #1478 - Relicense the TUF autoupdater by @RebeccaMahany in #1466
- Remove tables.ext by @directionless in #1496
- Update
package-builderfor EE license by @directionless in #1497
Table Changes
- Add filesystem and full path data to lsblk table by @Micah-Kolide in #1502
General
- make info default shipping level by @James-Pickett in #1451
- Include logs in test failure when TUF autoupdater doesn't shut down/restart within 5 seconds by @RebeccaMahany in #1452
- Enable watchdog for all channels by @RebeccaMahany in #1460
- [NixOS support] Run patchelf after autoupdate download by @RebeccaMahany in #1468
- Move code around. (Re-license and cleanup) by @directionless in #1483
- add console users when remote is false instead of looking at seat by @James-Pickett in #1453
- [TUF] Roll out tuf autoupdater to beta channel by @RebeccaMahany in #1430
- Check correct error to see if it's ETXTBSY by @RebeccaMahany in #1455
- Add package to perform path lookups and validations for commands by @RebeccaMahany in #1443
- remove old logger from local server, use slog and span http, add span_id and trace_sampled attrs to log by @James-Pickett in #1457
- [Flare] flare consumer always logs errors and returns nil by @James-Pickett in #1462
- don't delete logs until after successful send by @James-Pickett in #1463
- override log shipping level on start up by @James-Pickett in #1467
- [Desktop] Fall back to finding DISPLAY from display server process by @RebeccaMahany in #1471
- populate device id attributes to buffered logs before turning on shipping by @James-Pickett in #1472
- preserve ctx when dialing unix socket for desktop by @James-Pickett in #1475
- [Desktop] update desktop runner to include WINDIR as env var by @James-Pickett in #1480
- [Rungroups] Remove os.Exit in favor of more graceful shutdown when osquery instance can't be restarted by @RebeccaMahany in #1479
- [Rungroups] Add logs to track osquery errgroup shutdowns by @RebeccaMahany in #1485
- Increase the default osquery wait time by @directionless in #1484
- use slogger for kolide log adaptor by @James-Pickett in #1488
- [Rungroups] Add log when the rungroup has completed shutdown by @directionless in #1486
- [Rungroups] Add a timeout for killing osquery process group by @RebeccaMahany in #1487
- [Rungroups] Fix
killProcessGroupby @directionless in #1489 - [Rungroups] Add timeout to rungroup shutdown by @RebeccaMahany in #1481
- [Rungroups] Ensure localserver's runAsyncdWorkers shuts down on rungroup shutdown by @RebeccaMahany in #1493
- buffer initial otel spans, update enrollment logging by @James-Pickett in #1491
- Use latest osqueryd path when performing version check by @RebeccaMahany in #1498
- dont use array for log with, set os as log attribute by @James-Pickett in #1500
- Fully log CheckExecutable failures by @RebeccaMahany in #1504
- Add control server flags for watchdog options by @RebeccaMahany in #1505
- Rename EnableWatchdog to WatchdogEnabled by @RebeccaMahany in #1508
- Use knapsack to set watchdog values; restart osquery on watchdog flag changes by @RebeccaMahany in #1506
- [TUF] Pull autoupdate config values from config file OR command-line args by @RebeccaMahany in #1512
- [Desktop] Don't set invalid DISPLAY by @RebeccaMahany in #1518
Build & Package
- Add revive linter and enable superfluous-else rule by @RebeccaMahany in #1448
- Add sloglint by @RebeccaMahany in #1445
- Configure GitHub's release notes autogeneration by @directionless in #1450
- Prevent "text file busy" errors in tests by @RebeccaMahany in #1454
- Update test with more realistic behavior by @RebeccaMahany in #1456
- Enable more revive lint rules by @RebeccaMahany in #1511
- Upgrade golang.org/x/crypto (and krypto) by @directionless in #1520
Full Changelog: v1.2.5...v1.3.2
Contributors
directionless, RebeccaMahany, and 2 other contributors
Assets 2
v1.2.5
Version 1.2.5 is a small patch release to 1.2.1. It adds some additional logging and sets a few more timeouts.
General
- Add logs to track osquery errgroup shutdowns (#1485)
- Increase the default osquery socket wait time (#1484)
- Log when the rungroup has completed shutdown (#1486)
- Add a timeout for killing osquery process group (#1487)
- Fix merge from #1497 (c5c7bd9)
Full Changelog: v1.2.1...v1.2.5
v1.2.1
Breaking Changes
- Remove old
grpc.extby @directionless in #1437
Table Changes
- Add a
kolide_jwttable by @zackattack01 in #1440
General
- Don't log turning off verbose logging more than once by @RebeccaMahany in #1383
- Log query params and URL when we can't extract the challenge box by @RebeccaMahany in #1384
- Enable osquery watchdog for nightly use by @RebeccaMahany in #1374
- Give rungroup actors enough time to shut down on service shutdown by @RebeccaMahany in #1388
- Perform enrollment before starting up osquery, if possible by @RebeccaMahany in #1390
- update log checkpoint to use debug/checkups interface by @zackattack01 in #1386
- [TUF] Roll out new autoupdater to nightly channel by @RebeccaMahany in #1391
- add uptime to hostinfo checkup and tests by @zackattack01 in #1392
- add username to process checkup by @James-Pickett in #1398
- fails checkup when no kolide process running as root by @James-Pickett in #1399
- flare shipping by @James-Pickett in #1352
- Ship and autoupdate to osquery app bundle by @RebeccaMahany in #1351
- Allow actor Interrupt functions to be called multiple times without blocking by @RebeccaMahany in #1394
- Improve TUF test reliability and speed by @RebeccaMahany in #1401
- More test improvements by @RebeccaMahany in #1402
- Add utf16 decoding to json dataflatten by @Micah-Kolide in #1389
- add running user in debug upload request, unexport flare env type by @James-Pickett in #1400
- Expand TUF checkup by @RebeccaMahany in #1407
- Add ADR for autoupdate updates by @RebeccaMahany in #1409
- log checkpoint followup + dns checkup tests by @zackattack01 in #1410
- [TUF] If a downgrade occurs, restart the given binary by @RebeccaMahany in #1411
- Make TestAddToLibrary less flaky by @RebeccaMahany in #1414
- [TUF] Roll out new autoupdater to alpha channel by @RebeccaMahany in #1415
- set kolide hosted flag by @zackattack01 in #1413
- Add
pkgutil --forgetto the darwin uninstall command by @directionless in #1416 - Ensure there's no schema url mismatch on resource merge by @RebeccaMahany in #1418
- write out metadata json and plist files to root install directory by @zackattack01 in #1417
- prevent duplicate connectivity checks and only check /version endpoint by @zackattack01 in #1425
- Fix Sonoma issues with the build by @directionless in #1424
- Add
containedctxas a linter by @directionless in #1426 - Add traces to important startup behavior by @RebeccaMahany in #1427
- Export traces less frequently by @RebeccaMahany in #1422
- Ensure logshipper is available to anywhere pulling logger out of ctx by @RebeccaMahany in #1429
- [Flare] Update a couple things in how flares are shipped by @directionless in #1420
- Enable osquery watchdog for beta channel by @RebeccaMahany in #1431
- adds std lib slog logger to knapsack by @James-Pickett in #1419
- update version string format for darwin builds by @zackattack01 in #1432
- Update uninstalling.md by @directionless in #1435
- use knapsack and slogger in kolide service by @James-Pickett in #1436
- Call
AttachConsolefor better output on Windows by @RebeccaMahany in #1438 - use provided keys in sign http request func in debug shipper (flare) by @James-Pickett in #1444
- use slogger on local server, add span_id id to logs, add kolide session id to logs by @James-Pickett in #1446
- Add some logs to the remote flare consumer by @directionless in #1441
- adds device id values to slog shipping by @James-Pickett in #1447
Build & Package
- bump otelhttp version and friends by @zackattack01 in #1406
- Bump osquery-go version by @RebeccaMahany in #1385
- Bump golang.org/x/net from 0.10.0 to 0.17.0 by @RebeccaMahany in #1396
Full Changelog: v1.1.2...v1.2.1
Contributors
directionless, RebeccaMahany, and 3 other contributors
Assets 2
v1.1.2
v1.1.2 updates how the initial enrollment details are collected. Instead of using the thrift socket, these are now gathered via an osquery exec.
General
- Update the autoupdate information in readme by @RebeccaMahany in #1364
- If autoupdate channel is not set, do not use new autoupdater by @RebeccaMahany in #1366
- [localserver] Add
access-control-allow-private-networkto the preflight headers by @directionless in #1363 - Fix
exec: already startederror in uninstall on Linux by @RebeccaMahany in #1368 - [TUF] Don't call Fatal when there are no updates downloaded yet by @RebeccaMahany in #1371
- [desktop] Set XAUTHORITY for desktop process when possible by @RebeccaMahany in #1369
- [flare] Allocate less memory when gathering stack by @RebeccaMahany in #1372
- [desktop] set keepalives to false on desktop server by @James-Pickett in #1373
- go 1.21 by @James-Pickett in #1375
- Listen for sigterm, so launcher can shut down gracefully on launchd unload by @RebeccaMahany in #1376
- add LatestOsquerydPath to knapsack by @zackattack01 in #1377
- Get enrollment details via exec, not the thrift socket by @directionless in #1213
- [desktop] restart desktop on macos update by @James-Pickett in #1378
- Ensure osquery config map is always initialized by @RebeccaMahany in #1380
- Move the initial
osquery --versionto using runsimple by @directionless in #1379 - Ensure debug logs are written to debug.json on Windows by @RebeccaMahany in #1381
Full Changelog: v1.1.0...v1.1.2
Contributors
directionless, RebeccaMahany, and 2 other contributors
Assets 2
v1.1.0
1.1.0 is focused on improving initial start up reliability. There are many small changes and tweaks in how launcher and osquery startup work together.
Additionally, 1.1.0 brings in callback support for the localserver interface.
Table Changes
- Add error output to internal dev table exec calls by @zackattack01 in #1323
- Add table for CarbonBlack repcli output by @zackattack01 in #1318
- Remove
kolide_airdrop_preferencestable by @zackattack01 in #1348
General
- Ensure panic is logged fully by @RebeccaMahany in #1309
- Fix log caller by @James-Pickett in #1299
- [Control] Add support for general launcher actions by @James-Pickett in #1250
- [Flare] Add checkup for gnome extensions by @directionless in #1328
- [Flare] Add more flare data by @directionless in #1329
- [Flare] Flares for osquery by @RebeccaMahany in #1293
- [Flare] Remove noisy log + prevent panic after parse by @RebeccaMahany in #1291
- [Flare] add quarantine check to scan for quarantine files and meddlesome processes by @James-Pickett in #1333
- [Flare] add system time flare check by @James-Pickett in #1340
- [Flare] adds launcher flags to flare by @James-Pickett in #1302
- [Localserver] Add callback support to
kryptoEcMiddlewareby @directionless in #1303 - [Osquery Startup] Add an interrupt routine to log checkpoint by @directionless in #1341
- [Osquery Startup] Add logging to the rungroup by @RebeccaMahany in #1316
- [Osquery Startup] Allow desktop runner Interrupt to be called multiple times by @RebeccaMahany in #1344
- [Osquery Startup] Allow runner.Shutdown to be called more than once by @RebeccaMahany in #1354
- [Osquery Startup] The osquery healthcheck startup delay should not block extension shutdown by @RebeccaMahany in #1351
- [Osquery Startup] Use rungroup in desktop; log all desktop logs at debug level by @RebeccaMahany in #1332
- [Osquery Startup] Run and log
osquery --versionimmediately on launcher startup by @RebeccaMahany in #1307 - [Rungroups] Add flag to delay initial osquery healthchecks; set opts on instance after restart by @RebeccaMahany in #1294
- [Rungroups] Reduce osquery socket usage in localserver, reducing early socket contention by @zackattack01 in #1359
- [Rungroups] Toggle osquery verbose flag on startup by @RebeccaMahany in #1324
- [Rungroups] get build prefix for upgrade table from sysctl instead of osquery by @zackattack01 in #1347
- [Rungroups] remove unused osquery client from all table/plugin method signatures by @zackattack01 in #1350
- [TUF autoupdater] Add to legacy autoupdater initial delay to stagger legacy+new autoupdaters by @RebeccaMahany in #1337
- [TUF autoupdater] Bump lookup logs up to Info level by @RebeccaMahany in #1355
- [TUF autoupdater] Check err != nil first in
checkExecutablePermissionsby @RebeccaMahany in #1335 - [TUF autoupdater] Create a temp staging dir per-download by @RebeccaMahany in #1306
- [TUF autoupdater] Devices on nightly channel use new autoupdate library by @RebeccaMahany in #1268
- [TUF autoupdater] Don't make temp staging dir inside OS temp dir by @RebeccaMahany in #1339
- [TUF autoupdater] Don't perform library lookup for desktop process by @RebeccaMahany in #1357
- [TUF autoupdater] Don't perform unnecessary restarts when not using new autoupdater by @RebeccaMahany in #1331
- [TUF autoupdater] Don't permanently swap prerelease value by @RebeccaMahany in #1356
- [TUF autoupdater] Don't use new autoupdater yet; don't set env var by @RebeccaMahany in #1362
- [TUF autoupdater] Find correct update directory for osqueryd by @RebeccaMahany in #1349
- [TUF autoupdater] Fix prerelease sorting by @RebeccaMahany in #1353
- [TUF autoupdater] Small cleanup for initial TUF rollout by @RebeccaMahany in #1305
- [TUF autoupdater] Update checkExecutablePermissions to check for non-os.IsNotExist errors first by @RebeccaMahany in #1314
Build and Package
- Bump kolide/toast to 1.0.2 by @RebeccaMahany in #1298
- Bump kolide/toast to v1.0.1 by @RebeccaMahany in #1290
- Fix tools for go 1.21 by @directionless in #1304
- Update GitHub Actions to support GitHub merge queues by @directionless in #1336
- [Testing] Allow parsing to be off by one second in test by @RebeccaMahany in #1308
- [Testing] If we can't start command in test, return err immediately by @RebeccaMahany in #1319
- [Testing] Make flaky test less flaky by @RebeccaMahany in #1292
Full Changelog: v1.0.15...v1.1.0
Contributors
directionless, RebeccaMahany, and 2 other contributors
Assets 2
v1.0.15
Version 1.0.15 is a small release, it brings in an attempt at handling windows powersave.
Table Changes
General
- [Flare] Defer close file in checkup by @RebeccaMahany in #1286
- [Flare] Add checkups for installation troubleshooting + general Windows troubleshooting by @RebeccaMahany in #1288
- Do not perform osquery healthchecks while system is sleeping by @RebeccaMahany in #1284
- Initial investigation into repcli by @directionless in #1285
Build and Package
- Set timeouts on notary requests during build by @RebeccaMahany in #1287
Full Changelog: v1.0.14...v1.0.15
Contributors
directionless and RebeccaMahany
Assets 2
v1.0.14
Version 1.0.14 is primarily oriented around debugability, but has a big change around accessing the thrift socket. As has come up many times, osquery only allows a single actions on the thrift socket at a time. This can inadvertently create race conditions when working with go routines. As the go sdk now has locks, launcher can use those to avoid socket contention.
It also has a fix for opening notification URLs on some linux X11 enviroments.
Table Changes
- Add debian important updates table by @Micah-Kolide in #1249
- Add tables for rhel and arch package managers by @Micah-Kolide in #1275
- Adjust timeout on
mdfindfrom 30 to 60 seconds by @James-Pickett in #1271 - Don't return errors for
falconctlby @directionless in #1238 - Update error message in firmware password table by @directionless in #1256
General
- Appease the linter with small, inconsequential, "security" fixes by @directionless in #1245
- Fix a couple run groups not exiting by @RebeccaMahany in #1272
- Only lock mutex while accessing auth map on runner server by @James-Pickett in #1274
- Remove superfluous logs in actor.Interrupt by @RebeccaMahany in #1273
- Replace mutex's with locking baked into the osquery-go SDK by @RebeccaMahany in #1212
- Subscribe and log power events on Windows by @RebeccaMahany in #1248
- [Autoupdater] Include arch in release file path and download file path by @RebeccaMahany in #1195
- [Autoupdater] Keep staging directory clean by @RebeccaMahany in #1270
- [Desktop] Ensure we can open links with xdg-open on x11 by @RebeccaMahany in #1252
- [Desktop] Fixed relativeTime 36-48 hours displaying as "1 days" by @seejdev in #1225
- [Desktop] add random suffix to socket by @James-Pickett in #1262
- [Desktop] expose process info in log checkpoint and in
kolide_desktop_procstable by @James-Pickett in #1240 - [Flare] Add Network checkup to
flareanddoctorby @RebeccaMahany in #1280 - [Flare] Add additional checkups to
flareanddoctorcommands by @directionless in #1261 - [Flare] Refactor
flareanddoctorby @directionless in #1255 - [Flare] Tidy Flare and Doctor by @directionless in #1260
- [Logging] Use
%v+to cast unsupported types to string by @RebeccaMahany in #1246 - [Logging] add device identifying info to the log shipper by @James-Pickett in #1242
- [Logging] ship logs to http endpoint by @James-Pickett in #1228
- [Logging] update log shipping to use
copyon arrays. And add ulid and caller to log shipper logs by @James-Pickett in #1239
Build and Package
- Add GHA hosted runners to the smoke tests by @directionless in #1279
- Add GHA smoke test step by @directionless in #1277
- Add retry logic to getting all target metadata form notary by @James-Pickett in #1278
- Bump golang version to 1.20.6 to address GO-2023-1878 by @RebeccaMahany in #1251
- Don't use hardcoded path to signtool.exe if we can help it by @RebeccaMahany in #1259
- Ensure that the root directory is 0755 by @RebeccaMahany in #1265
- Pick golang version from go.mod by @RebeccaMahany in #1254
- Replace altool with notarytool by @RebeccaMahany in #1258
- Set
MACOSX_DEPLOYMENT_TARGETon builds by @directionless in #1282 - Update
osquery-goto include trace instrumentation by @RebeccaMahany in #1244 - Updating to a new version of signtool by @RebeccaMahany in #1253
Full Changelog: v1.0.12...v1.0.14
Contributors
directionless, seejdev, and 3 other contributors
Assets 2
v1.0.12
Version 1.0.12
Table Changes
- Remove deprecated tables (
kolide_best_practices,kolide_email_addresses, andkolide_vulnerabilities) by @directionless in #1218
General
- Desktop: runner server deregisters desktop process when found dead or creating new one by @James-Pickett in #1222
- Desktop: adds logging to runner around checking if process exists by @James-Pickett in #1227
- Tracing: OpenTelemetry for launcher by @RebeccaMahany in #1215
- Tracing: Auth for exporting traces by @RebeccaMahany in #1226
- Tracing: Add flag for trace sampling rate by @RebeccaMahany in #1229
- Tracing: Backfill tests for tracing packages by @RebeccaMahany in #1230
- Tracing: Rename some trace attributes by @RebeccaMahany in #1232
- Tracing: Add error handler to replace global otel error handler by @RebeccaMahany in #1233
- osquery runner waits for socket to appear before moving on by @James-Pickett in #1210
- Fix hostname lookup in the startup checks by @directionless in #1220
- Don't use secure enclave on macOS by @RebeccaMahany in #1234
- Log more information about unknown process locking osquery pidfile by @RebeccaMahany in #1231
Build and Package
- Fix naked returns for lint by @RebeccaMahany in #1216
- Replace deadcode linter with unused linter by @RebeccaMahany in #1217
- bumps ci from go 1.20.4 to 1.20.5 by @James-Pickett in #1223
Full Changelog: v1.0.10...v1.0.12
Contributors
directionless, RebeccaMahany, and James-Pickett
Assets 2
v1.0.10
Version 1.0.10
Table Changes
- Add table
kolide_jsonlfor parsing line delimitated json by @James-Pickett in #1189
General
- Autoupdater: Create a
findNewequivlent for the new TUF version by @RebeccaMahany in #1185 - Autoupdater: Remove osquery client dependency by @RebeccaMahany in #1178
- Desktop: Add
uid >= 1000check when detecting linux console users by @James-Pickett in #1207 - Desktop: Fix relativeTime for 'Just Now' menu items by @seejdev in #1196
- Desktop: better err message by @James-Pickett in #1194
- Fix isses where root directory was not set to temp directory @RebeccaMahany in #1191
- Squelch error about non-existent keys on first boot by @RebeccaMahany in #1208
- Use Healthy function that uses lock by @RebeccaMahany in #1209
- adds
session_pidto logging for launcher and launcher desktop by @James-Pickett in #1206 - launcher doctor subcommand by @seejdev in #1197
Build and Package
- Bump github.com/docker/distribution from 2.8.0+incompatible to 2.8.2+incompatible by @dependabot in #1193
- Fix
make containersto support current versions by @RebeccaMahany in #1190 - Move TUF ci setup to new package by @RebeccaMahany in #1188
- Start to include arch in packaging targets + packaging commands by @RebeccaMahany in #1198
Full Changelog: v1.0.8...v1.0.10
Contributors
seejdev, RebeccaMahany, and 2 other contributors