Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Syscollector - MacPorts package manager inventory support. #15877

Closed
9 tasks done
MiguelazoDS opened this issue Jan 12, 2023 · 5 comments · Fixed by #16117 or wazuh/wazuh-qa#4405
Closed
9 tasks done

Syscollector - MacPorts package manager inventory support. #15877

MiguelazoDS opened this issue Jan 12, 2023 · 5 comments · Fixed by #16117 or wazuh/wazuh-qa#4405
Assignees
@MiguelazoDS
Labels
level/task type/enhancement New feature or request

Comments

@MiguelazoDS
Copy link
Member

MiguelazoDS commented Jan 12, 2023
edited

Description

With the purpose of adding support to Syscollector for MacPorts package manager in Mac OS agents, a spike was performed as part of #15726 always having in mind that the main goal is to provide the information needed to Vulnerability Detector to run against those packages (ports in MacPorts slang).

It is required to parse the information from the package manager database (registry.db) which is a SQlite database to get the information from installed packages.

DoD

  • Evaluate and implement a way to handle multiple architectures if needed.
  • Consider and evaluate the possibility to have multiple versions of the same package.
  • Evaluate a proper default value for those key items that are required by the vulnerability detector.
  • Unit testing.
  • Implement the database parser.
  • Verify the proper functioning.
  • Add QA test to be executed with GitHub Actions.
  • Add QA test specific for macports packages.
  • Refactor to move SQLite wrapper implementation.
@Dwordcito
Copy link
Member

Hey team! Please add your planning poker estimate with Zenhub @tdrauncieal @pereyra-m @MiguelazoDS

@MiguelazoDS MiguelazoDS mentioned this issue Feb 8, 2023
Merged
6 tasks
@MiguelazoDS MiguelazoDS linked a pull request Feb 8, 2023 that will close this issue
Macports pkgs support implementation #16117
Merged
6 tasks
@MiguelazoDS
Copy link
Member Author

Findings

Vendor missing

This implementation (#16089) should fix the issue with MacPorts packages too since they do not report the vendor either.

Multiple architectures.

It was not found a situation when this happens, anyway for MacOS the architecture is ignored.

Multiple packages version

Only one package can be active at a time, although multiple packages can be installed.
image
image

@BelenValdivia BelenValdivia mentioned this issue Feb 13, 2023
Closed
5 tasks
@vikman90 vikman90 changed the title Syscollector - MacPorts package manager inventory support. Syscollector - MacPorts package manager inventory support. Feb 21, 2023
@BelenValdivia BelenValdivia mentioned this issue Feb 22, 2023
Closed
@Dwordcito Dwordcito added type/enhancement New feature or request and removed team/core/data pirates labels Apr 26, 2023
@pereyra-m
Copy link
Member

Blocked by #16901

@MiguelazoDS
Copy link
Member Author

Blocked by #17186 (created after #16901)

@MiguelazoDS
Copy link
Member Author

Update 05/24/23

After rebase checks passed.

@Dwordcito Dwordcito mentioned this issue May 31, 2023
Closed
@Dwordcito Dwordcito mentioned this issue Aug 8, 2023
Merged
@Dwordcito Dwordcito linked a pull request Aug 10, 2023 that will close this issue
Update test_agent_database_version test wazuh/wazuh-qa#4405
Merged
@vikman90 vikman90 mentioned this issue Sep 26, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MiguelazoDS MiguelazoDS

Labels
level/task type/enhancement New feature or request
Projects
No open projects
Release 4.7.0
Status: Done
Milestone
No milestone
4 participants
@vikman90 @MiguelazoDS @Dwordcito @pereyra-m