From c086936ebc304f413061dee871c9f71491026431 Mon Sep 17 00:00:00 2001 From: zackattack01 Date: Thu, 30 May 2024 15:15:29 -0400 Subject: [PATCH] unstage options for PR breakout --- cmd/launcher/svc_config_windows.go | 61 +++++++++++----------- cmd/launcher/svc_windows.go | 2 +- ee/agent/storage/sqlite/logstore_sqlite.go | 17 ------ ee/agent/types/logstore.go | 7 ++- pkg/launcher/options.go | 21 +++----- 5 files changed, 42 insertions(+), 66 deletions(-) diff --git a/cmd/launcher/svc_config_windows.go b/cmd/launcher/svc_config_windows.go index 7be84bfa7c..1d7ee7a629 100644 --- a/cmd/launcher/svc_config_windows.go +++ b/cmd/launcher/svc_config_windows.go @@ -28,7 +28,7 @@ const ( notFoundInRegistryError = "The system cannot find the file specified." ) -func checkServiceConfiguration(slogger *slog.Logger, opts *launcher.Options) { +func checkServiceConfiguration(logger *slog.Logger, opts *launcher.Options) { // If this isn't a Kolide installation, do not update the configuration if opts.KolideServerURL != "k2device.kolide.com" && opts.KolideServerURL != "k2device-preprod.kolide.com" { return @@ -37,7 +37,7 @@ func checkServiceConfiguration(slogger *slog.Logger, opts *launcher.Options) { // Get launcher service key launcherServiceKey, err := registry.OpenKey(registry.LOCAL_MACHINE, launcherServiceRegistryKeyName, registry.ALL_ACCESS) if err != nil { - slogger.Log(context.TODO(), slog.LevelError, + logger.Log(context.TODO(), slog.LevelError, "could not open registry key", "key_name", launcherServiceRegistryKeyName, "err", err, @@ -49,7 +49,7 @@ func checkServiceConfiguration(slogger *slog.Logger, opts *launcher.Options) { // Close it once we're done defer func() { if err := launcherServiceKey.Close(); err != nil { - slogger.Log(context.TODO(), slog.LevelError, + logger.Log(context.TODO(), slog.LevelError, "could not close registry key", "key_name", launcherServiceRegistryKeyName, "err", err, @@ -58,29 +58,17 @@ func checkServiceConfiguration(slogger *slog.Logger, opts *launcher.Options) { }() // Check to see if we need to turn off delayed autostart - checkDelayedAutostart(launcherServiceKey, slogger) + checkDelayedAutostart(launcherServiceKey, logger) // Check to see if we need to update the service to depend on Dnscache - checkDependOnService(launcherServiceKey, slogger) + checkDependOnService(launcherServiceKey, logger) - sman, err := mgr.Connect() - if err != nil { - slogger.Log(context.TODO(), slog.LevelError, - "connecting to service control manager", - "err", err, - ) - - return - } - - defer sman.Disconnect() - - checkRestartActions(sman, slogger) + checkRestartActions(logger) } // checkDelayedAutostart checks the current value of `DelayedAutostart` (whether to wait ~2 minutes // before starting the launcher service) and updates it if necessary. -func checkDelayedAutostart(launcherServiceKey registry.Key, slogger *slog.Logger) { +func checkDelayedAutostart(launcherServiceKey registry.Key, logger *slog.Logger) { currentDelayedAutostart, _, getDelayedAutostartErr := launcherServiceKey.GetIntegerValue(delayedAutostartName) // Can't determine current value, don't update @@ -95,7 +83,7 @@ func checkDelayedAutostart(launcherServiceKey registry.Key, slogger *slog.Logger // Turn off delayed autostart if err := launcherServiceKey.SetDWordValue(delayedAutostartName, delayedAutostartDisabled); err != nil { - slogger.Log(context.TODO(), slog.LevelError, + logger.Log(context.TODO(), slog.LevelError, "could not turn off DelayedAutostart", "err", err, ) @@ -104,14 +92,14 @@ func checkDelayedAutostart(launcherServiceKey registry.Key, slogger *slog.Logger // checkDependOnService checks the current value of `DependOnService` (the list of services that must // start before launcher can) and updates it if necessary. -func checkDependOnService(launcherServiceKey registry.Key, slogger *slog.Logger) { +func checkDependOnService(launcherServiceKey registry.Key, logger *slog.Logger) { serviceList, _, getServiceListErr := launcherServiceKey.GetStringsValue(dependOnServiceName) if getServiceListErr != nil { if getServiceListErr.Error() == notFoundInRegistryError { // `DependOnService` does not exist for this service yet -- we can safely set it to include the Dnscache service. if err := launcherServiceKey.SetStringsValue(dependOnServiceName, []string{dnscacheService}); err != nil { - slogger.Log(context.TODO(), slog.LevelError, + logger.Log(context.TODO(), slog.LevelError, "could not set strings value for DependOnService", "err", err, ) @@ -135,7 +123,7 @@ func checkDependOnService(launcherServiceKey registry.Key, slogger *slog.Logger) // Set service to depend on Dnscache serviceList = append(serviceList, dnscacheService) if err := launcherServiceKey.SetStringsValue(dependOnServiceName, serviceList); err != nil { - slogger.Log(context.TODO(), slog.LevelError, + logger.Log(context.TODO(), slog.LevelError, "could not set strings value for DependOnService", "err", err, ) @@ -146,12 +134,23 @@ func checkDependOnService(launcherServiceKey registry.Key, slogger *slog.Logger) // sets it to true if required. See https://learn.microsoft.com/en-us/windows/win32/api/winsvc/ns-winsvc-service_failure_actions_flag // if we choose to implement restart backoff, that logic must be added here (it is not exposed via wix). See the "Windows Service Manager" // doc in Notion for additional details on configurability -func checkRestartActions(serviceManager *mgr.Mgr, slogger *slog.Logger) { - logCtx := context.TODO() - launcherService, err := serviceManager.OpenService(launcherServiceName) +func checkRestartActions(logger *slog.Logger) { + sman, err := mgr.Connect() + if err != nil { + logger.Log(context.TODO(), slog.LevelError, + "connecting to service control manager", + "err", err, + ) + + return + } + + defer sman.Disconnect() + + launcherService, err := sman.OpenService(launcherServiceName) if err != nil { - slogger.Log(logCtx, slog.LevelError, - "opening the launcher restart service from control manager", + logger.Log(context.TODO(), slog.LevelError, + "opening the launcher service from control manager", "err", err, ) @@ -162,7 +161,7 @@ func checkRestartActions(serviceManager *mgr.Mgr, slogger *slog.Logger) { curFlag, err := launcherService.RecoveryActionsOnNonCrashFailures() if err != nil { - slogger.Log(logCtx, slog.LevelError, + logger.Log(context.TODO(), slog.LevelError, "querying for current RecoveryActionsOnNonCrashFailures flag", "err", err, ) @@ -175,7 +174,7 @@ func checkRestartActions(serviceManager *mgr.Mgr, slogger *slog.Logger) { } if err = launcherService.SetRecoveryActionsOnNonCrashFailures(true); err != nil { - slogger.Log(logCtx, slog.LevelError, + logger.Log(context.TODO(), slog.LevelError, "setting RecoveryActionsOnNonCrashFailures flag", "err", err, ) @@ -183,5 +182,5 @@ func checkRestartActions(serviceManager *mgr.Mgr, slogger *slog.Logger) { return } - slogger.Log(logCtx, slog.LevelInfo, "successfully set RecoveryActionsOnNonCrashFailures flag") + logger.Log(context.TODO(), slog.LevelInfo, "successfully set RecoveryActionsOnNonCrashFailures flag") } diff --git a/cmd/launcher/svc_windows.go b/cmd/launcher/svc_windows.go index deac306cec..c12549f729 100644 --- a/cmd/launcher/svc_windows.go +++ b/cmd/launcher/svc_windows.go @@ -66,7 +66,7 @@ func runWindowsSvc(systemSlogger *multislogger.MultiSlogger, args []string) erro } // Confirm that service configuration is up-to-date - go checkServiceConfiguration(localSlogger.Logger, opts) + checkServiceConfiguration(localSlogger.Logger, opts) systemSlogger.Log(context.TODO(), slog.LevelInfo, "launching service", diff --git a/ee/agent/storage/sqlite/logstore_sqlite.go b/ee/agent/storage/sqlite/logstore_sqlite.go index 0e04e32fb7..fb429789ac 100644 --- a/ee/agent/storage/sqlite/logstore_sqlite.go +++ b/ee/agent/storage/sqlite/logstore_sqlite.go @@ -101,20 +101,3 @@ func (s *sqliteStore) ForEach(fn func(rowid, timestamp int64, v []byte) error) e return nil } - -func (s *sqliteStore) Count() (int, error) { - if s == nil || s.conn == nil { - return 0, errors.New("store is nil") - } - - // It's fine to interpolate the table name into the query because - // we require the table name to be in our allowlist `supportedTables` - query := fmt.Sprintf(`SELECT COUNT(*) FROM %s;`, s.tableName) - - var countValue int - if err := s.conn.QueryRow(query).Scan(&countValue); err != nil { - return 0, fmt.Errorf("querying for %s table count: %w", s.tableName, err) - } - - return countValue, nil -} diff --git a/ee/agent/types/logstore.go b/ee/agent/types/logstore.go index ae0949e14c..4d85c5b66d 100644 --- a/ee/agent/types/logstore.go +++ b/ee/agent/types/logstore.go @@ -20,16 +20,15 @@ type TimestampedAppender interface { AppendValue(timestamp int64, value []byte) error } -// TimestampedIteratorDeleterAppenderCounterCloser is an interface to support the storage and retrieval of +// TimestampedIteratorDeleterAppenderCloser is an interface to support the storage and retrieval of // sets of timestamped values. This can be used where a strict key/value interface may not suffice, // e.g. for writing logs or historical records to sqlite -type TimestampedIteratorDeleterAppenderCounterCloser interface { +type TimestampedIteratorDeleterAppenderCloser interface { TimestampedIterator TimestampedAppender - Counter RowDeleter Closer } // LogStore is a convenient alias for a store that supports all methods required to manipulate sqlite logs -type LogStore = TimestampedIteratorDeleterAppenderCounterCloser +type LogStore = TimestampedIteratorDeleterAppenderCloser diff --git a/pkg/launcher/options.go b/pkg/launcher/options.go index 244dac83d5..f97d74be89 100644 --- a/pkg/launcher/options.go +++ b/pkg/launcher/options.go @@ -134,9 +134,6 @@ type Options struct { // LocalDevelopmentPath is the path to a local build of launcher to test against, rather than finding the latest version in the library LocalDevelopmentPath string - - // LauncherWatchdogEnabled determines whether the launcher watchdog service should be installed and run - LauncherWatchdogEnabled bool } // ConfigFilePath returns the path to launcher's launcher.flags file. If the path @@ -249,15 +246,14 @@ func ParseOptions(subcommandName string, args []string) (*Options, error) { flUpdateDirectory = flagset.String("update_directory", "", "Local directory to hold updates for osqueryd and launcher") // Development & Debugging options - flDebug = flagset.Bool("debug", false, "Whether or not debug logging is enabled (default: false)") - flOsqueryVerbose = flagset.Bool("osquery_verbose", false, "Enable verbose osqueryd (default: false)") - flDeveloperUsage = flagset.Bool("dev_help", false, "Print full Launcher help, including developer options (default: false)") - flInsecureTransport = flagset.Bool("insecure_transport", false, "Do not use TLS for transport layer (default: false)") - flInsecureTLS = flagset.Bool("insecure", false, "Do not verify TLS certs for outgoing connections (default: false)") - flIAmBreakingEELicense = flagset.Bool("i-am-breaking-ee-license", false, "Skip license check before running localserver (default: false)") - flDelayStart = flagset.Duration("delay_start", 0*time.Second, "How much time to wait before starting launcher") - flLocalDevelopmentPath = flagset.String("localdev_path", "", "Path to local launcher build") - flLauncherWatchdogEnabled = flagset.Bool("launcher_watchdog_enabled", false, "Whether or not the launcher watchdog service is enabled (default: false)") + flDebug = flagset.Bool("debug", false, "Whether or not debug logging is enabled (default: false)") + flOsqueryVerbose = flagset.Bool("osquery_verbose", false, "Enable verbose osqueryd (default: false)") + flDeveloperUsage = flagset.Bool("dev_help", false, "Print full Launcher help, including developer options (default: false)") + flInsecureTransport = flagset.Bool("insecure_transport", false, "Do not use TLS for transport layer (default: false)") + flInsecureTLS = flagset.Bool("insecure", false, "Do not verify TLS certs for outgoing connections (default: false)") + flIAmBreakingEELicense = flagset.Bool("i-am-breaking-ee-license", false, "Skip license check before running localserver (default: false)") + flDelayStart = flagset.Duration("delay_start", 0*time.Second, "How much time to wait before starting launcher") + flLocalDevelopmentPath = flagset.String("localdev_path", "", "Path to local launcher build") // deprecated options, kept for any kind of config file compatibility _ = flagset.String("debug_log_file", "", "DEPRECATED") @@ -421,7 +417,6 @@ func ParseOptions(subcommandName string, args []string) (*Options, error) { WatchdogDelaySec: *flWatchdogDelaySec, WatchdogMemoryLimitMB: *flWatchdogMemoryLimitMB, WatchdogUtilizationLimitPercent: *flWatchdogUtilizationLimitPercent, - LauncherWatchdogEnabled: *flLauncherWatchdogEnabled, } return opts, nil