Releases: kolide/launcher
Releases · kolide/launcher
v1.0.3
This release represents a big step for the Kolide Agent as a product, and as such, we have opted to declare this 1.0. 🎉
Huge shoutouts to everyone who's contributed over the years. We have come a long way.
There are significant improvement in the Kolide Agent's EE features. These are under the Kolide Desktop process -- including a new menubar setup and notifications. This allows the Kolide SaaS to provide timely information directly to users.
The Open Source side of things remains much the same.
Table Changes
- converts
kolide_server_datatable to be genericlauncher_dbtable, adds table foragent_flagsby @James-Pickett in #1092
General
- Fix log stream error relating to notifications by @RebeccaMahany in #1096
- Lower log verbosity during desktop runner shutdown by @James-Pickett in #1095
- Add local key info to initial enrollment request by @directionless in #1032
- Add default certs to interactive mode if no cert set as flag by @James-Pickett in #1054
- Fix CI by ignoring a process.Wait() in runner users process test by @James-Pickett in #1053
- bumps up log write timeout in test to 4 seconds in effort to reduce flakeyness in CI by @James-Pickett in #1055
- Add additional log checkpoint information by @directionless in #1070
- Adds flag to run ee componments regardless of server url by @James-Pickett in #1069
- Update docs for process spawning enabled by @RebeccaMahany in #1076
- Begin adding internal interfaces -- bbolt begone: phase 1 by @seejdev in #1062
- Consolidating agent temp path/dir creation to a single function by @seejdev in #1015
- Add docs + script for using Multipass by @RebeccaMahany in #1043
- Control: Revert disabling control server by @RebeccaMahany in #1024
- Control: Add auth to control server requests by @RebeccaMahany in #1020
- Control: Several small updates by @directionless in #1026
- Localserver: adds hardware signer to local server ec middleware, moar tests by @James-Pickett in #1025
- Localserver: query over localserver by @James-Pickett in #1030
- Localserver: removes v1 krypto from local server by @James-Pickett in #1044
- Localserver: Remove debugging output from localserver by @blaedj in #1058
- Localserver: adds endpoint to run scheduled queries on demand over by @James-Pickett in #1064
- Desktop: Add Menu icons and generator function by @directionless in #1018
- Desktop: Update and improve icons @seejdev in #1036, #1045, #1060, #1077
- Desktop: Limit spawning to human console users only by @seejdev in #1035
- Desktop: Don't run as root on macOS by @RebeccaMahany in #1049
- Desktop: Monitor correct parent process by @RebeccaMahany in #1050
- Desktop: Activation actions for notifications by @RebeccaMahany in #1017
- Desktop: Ensure one malformed notification doesn't prevent us from processing the rest of the batch by @RebeccaMahany in #1063
- Desktop: Support notification actions for Ubuntu 22.04/Wayland by @RebeccaMahany in #1065
- Desktop: Using Kolide's fork of systray by @seejdev in #1021
- Desktop: Flag day for the new menu format by @directionless in #1088
- Desktop: Fix stale menus by @seejdev in #1052
- Desktop: Periodically refresh the desktop menu by @seejdev in #1079
- Desktop: Template functions to support relative times in menu items by @seejdev in #1078
- Desktop: Integrating new icons into menu bar by @seejdev in #1031
- Desktop: Fix double read from an io.Reader inside the menu generation by @directionless in #1038
- Desktop: Improve menu items to allow templated strings by @seejdev in #992
- Desktop: Remove
NonProdOnlyand renameIsSeparatortoSeparatorby @directionless in #1042 - Desktop: Dark mode support for macOS & Windows by @seejdev in #1048
- Desktop: Fixed dark mode support on macOS by @seejdev in #1066
- Desktop: Fix desktop not running on restart by @seejdev in #1094
Build and Package
- Address GO-2023-1568, GO-2023-1571 by @RebeccaMahany in #1039
- Bump golang.org/x/image from 0.3.0 to 0.5.0 by @dependabot in #1040
- Bump go version from 1.19.6 to 1.19.7 to address crypto vuln GO-2023-1621 by @James-Pickett in #1087
- Backmerge 0.13.6 into main by @RebeccaMahany in #1023
Full Changelog: v0.13.5...v1.0.3
Contributors
directionless, blaedj, and 4 other contributors
Assets 2
v0.13.6
This release disables an internal tool that was connecting to localhost:3000. This was not intended to go live, and was an inadvertent addition to v0.13.5.
What's Changed
- Disable connections to
localhost:3000by @RebeccaMahany in #1022
Full Changelog: v0.13.5...v0.13.6
Contributors
RebeccaMahany
Assets 2
v0.13.5
This release changes how launcher identifies itself to K2. Previously, we used RSA and AES to secure some communication, now we use ECC keys and NaCl boxes. This changes parts of the Device Trust Authentication flow.
But the bulk if changes are changes to how upcoming features (Kolide Desktop and it's control protocol) will work. As these features are disabled outside of Kolide's test environment, these should be low impact.
Table Changes
(None)
General
- Control server phase 3: Desktop subsystem implementation by @seejdev in #984
- Persist lastFetched control data across launcher restarts by @seejdev in #990
- Let launcher choose debug icon when running in non-prod by @seejdev in #1014
- First pass at notifications by @RebeccaMahany in #985
- Use dispatch semaphore to signal completion of notifications by @RebeccaMahany in #991
- Small notification adjustments for Darwin by @RebeccaMahany in #1001
- Enable Kolide Desktop, for internal kolide PRs by @seejdev in #1002
- Enable desktop for linux by @RebeccaMahany in #983
- Name changes for desktop / control server systems by @seejdev in #987
- Run desktop process with launchctl asuser so that notifications work by @RebeccaMahany in #1003
- Add ECC Key Support by @directionless in #993
- updates local server the handle new challenge protocol with ecc keys by @James-Pickett in #1000
- Add png encoding back by @directionless in #1004
- adds kolide-krypto header to v2 local server krypto by @James-Pickett in #1005
- makes ec middleware test valid, adds some sanity assertions to test by @James-Pickett in #1006
- Disable hardware keys by @James-Pickett in #1008
- adds local key and hardware key to launcher_info table, fixes vscode debugging, increases local server write timeout by @James-Pickett in #1012
- adds timeout to console users func on local server request id, returns empty array of users if error by @James-Pickett in #1011
- Add documentation on research for user context/secure enclave/notifications by @RebeccaMahany in #1009
- Update README by @directionless in #981
Build and Package
- Entitlements File by @directionless in #996
- Update Entitlements by @directionless in #998
- update krypto, go mod tidy by @James-Pickett in #997
- entitlements-application-identifier by @James-Pickett in #999
- Bump github.com/docker/distribution from 2.7.1+incompatible to 2.8.0+incompatible by @dependabot in #989
- Compile launcher Windows as a GUI binary to avoid cmd window prompts by @seejdev in #1007
Full Changelog: v0.13.2...v0.13.5
Contributors
directionless, seejdev, and 3 other contributors
Assets 2
v0.13.2
This release is the first in the v0.13 line. It moves parts of the underlying macOS install to being an Application Bundle.
Table Changes
- New
kolide_remotectltable for macOS by @RebeccaMahany in #915 - Removing old references to target_membership table by @seejdev in #957
- Add
kolide_xfconftable for devices using xfce by @RebeccaMahany in #948 - Remove launcher specific tables when running in interactive mode. by @seejdev in #960
General
- Adding clang format file for local use by @seejdev in #912
- updates consoleuser.CurrentUids on macOS to examine kCGSSessionOnConsoleKey when determining console user by @James-Pickett in #911
- kills desktop process if initial ping fails by @James-Pickett in #914
- Create app bundle for launcher during build process by @RebeccaMahany in #923
- Small Makefile Fixes by @directionless in #925
- Build launcher app bundle in build/darwin./ by @RebeccaMahany in #926
- Upgrade go to 1.19.3 by @directionless in #927
- When shipping app bundle, ship launcher binary as symlink by @RebeccaMahany in #929
- Revert "When shipping app bundle, ship launcher binary as symlink" by @RebeccaMahany in #931
- Point to newest binary inside most recently updated app bundle if available by @RebeccaMahany in #932
- Replace errors.Wrap() with fmt.Errorf() by @James-Pickett in #937
- updates launcher interactive to find latest osquery binary when no osquery path provided by @James-Pickett in #941
- kolide server data table by @James-Pickett in #940
- Change file extension to .json for debug log by @RebeccaMahany in #944
- Set stdin when running launcher in interactive mode on Windows by @RebeccaMahany in #945
- ioutil deprecation by @RebeccaMahany in #946
- Lock version for ubuntu build container to 20.04 by @RebeccaMahany in #949
- Lock build container image for macOS to 11 by @RebeccaMahany in #950
- Packaging for app bundle by @RebeccaMahany in #934
- Add post-create-command script for vscode's dev containers by @RebeccaMahany in #958
- Do not rely on environment variable in parallel tests by @RebeccaMahany in #962
- remove windows cmd prompt on desktop start by @James-Pickett in #964
- Control server phase 1 by @seejdev in #961
- bump to go 1.19.4 by @James-Pickett in #965
- Removed control options from packaging code. by @seejdev in #967
- Control flags compatibility by @seejdev in #968
- Add provisioning profile for Kolide endpoint agent by @RebeccaMahany in #971
- Update filename for provisioning profile by @RebeccaMahany in #972
- Move app bundle install location out of bin directory; create launcher symlink in bin directory by @RebeccaMahany in #975
- Ensure we always put app bundle updates in the bin directory by @RebeccaMahany in #977
- Launcher needs an uninstall by @seejdev in #924
- Replaced deprecated set-output usage by @seejdev in #974
- Control server phase 2 by @seejdev in #966
- Ensure findnew finds the updates dir even with the new app bundle location by @RebeccaMahany in #980
- Ensure Windows launcher prints version to console on
launcher.exe versionby @RebeccaMahany in #982
Full Changelog: v0.12.3...v0.13.2
Contributors
directionless, seejdev, and 2 other contributors
Assets 2
v0.12.3
This release brings in many new tables, always exciting to see them.
This also introduces the ee directory. This represent a portion of the Launcher code that is not open source. See license and comments. This is not expected to impact open source builds.
Tables
- Add
kolide_apple_silicon_security_policytable to capture the boot policies on Apple Silicon Macs by @seejdev in #890 - Add
kolide_dev_table_toolingtable to capture output of allowed commands by @seejdev in #881 - Add
kolide_dsregcmdtable, and a new abstraction for exec and parse by @directionless in #901 - Add
kolide_falcon_kernel_checktable to capture CrowdStrike status data by @seejdev in #888 - Add
kolide_falconctl_statstable for macOS by @FritzX6 in #858 - Add
kolide_falconctl_systagsandkolide_falconctl_optionstables by @directionless in #903 - Add
kolide_firefox_preferencestable by @goronfreeman in #863 - Add
kolide_macos_available_productstable by @seejdev in #908 - Add
kolide_macos_recommended_updatestable by @seejdev in #904 - Fix table names to start with
kolide_by @directionless in #910 - Update error messages from
kolide_airport_utiltable by @seejdev in #892
General
- Create EE directory by @directionless in #861
- Update project workflows by @directionless in #893
- Simple helper function for testing launcher by @directionless in #724
- Add instructions and files for vs code debugging - v0.2 by @James-Pickett in #897
- Fix typo in error output of exec function by @FritzX6 in #853
- Add launcher generated RSA keys to local database by @directionless in #855
- Dataflatten tables should not error out on exec failure by @directionless in #856
- Add a local http server designed to communicate with the Kolide SaaS in by @directionless in #864, #870, #874
- Add additional information to the local http server by @James-Pickett in #905
- Add Kolide Desktop as an expirmental local interface, this should be limited to Kolide Staff by @James-Pickett in #854, #859, #862, #867, #869, #875, #883, #884, #887, #891
Build and Package
- Add govulncheck by @James-Pickett in #880
- Fix flakey desktop runner tests by @James-Pickett in #909
- Move the augeas lens assets to using
fsutil.CopyFSToDiskby @directionless in #899 - Rename the main git branch from
mastertomainby @directionless in #860 - Upgrade go to 1.19 by @James-Pickett in #879
- Upgrade go to 1.19.2 to address tar vuln by @James-Pickett in #906
- Upgrade kolide/kit and handle
fstofsutilrename by @directionless in #871 - Upgraded golang.org/x/net to patch vuln go-2022-0969 by @James-Pickett in #885
- increased timeouts and reduced parallelism for flakey tests by @James-Pickett in #889
New Contributors
- @goronfreeman made their first contribution in #863
- @seejdev made their first contribution in #881
Full Changelog: v0.12.1...v0.12.3
Contributors
directionless, FritzX6, and 3 other contributors
Assets 2
v0.12.1
This release removes the Rosetta dependancy. Though both launcher and osquery have been universal binaries for some time, the launcher package still depended on Rosetta. No more! 🎉
Additionally, launcher now includes an "interactive" mode. This is similar to running osqueryi, but includes the launcher provided tables. Check out launcher interactive.
Tables
- Add persistence to
osquery_instance_historytable (#831)
General
- Remove Rosetta dependancies (#838, #839)
- Launcher interactive mode (#841, #845, #846)
- Correctly drop logs that are too big (#847)
- updated checkpoint logs to be more clear (#835)
- Exempt
tlsfrom--extensions_require(#842) - fix bug where waiting for socket to become available was using timer instead of ticker (#849)
- Rename the initial kolide plugin to
kolide_grpc(#851)
Build and Package
- test: use
T.TempDirto create temporary test directory (#834) - disabled watifor tests on macos due to flakeyness (#844)
- added w flag to postinstall-launchd.sh launchctl command so agent always marked as enabled (#843)
New Contributors
Full Changelog: v0.11.26...v0.12.1
Contributors
Juneezee
Assets 5
v0.11.26
This release reorders some of the startup and enrollment behaviors. We hope this can resolve some of the initial enrollment issues that crop up from time to time.
Tables
- Add airport table, update dataflatten to handle common map case by @James-Pickett in #814
General
- Add additional information to the log checkpoints by @directionless in #810
- Add helper to run a function using setuid by @directionless in #809
- updated socket mode to include launcher tables, added kolide_launcher_osquery_instance_history table by @James-Pickett in #806
- converted updater initial delay to select statement, updated updater logging to specify binary being updated by @James-Pickett in #812
- Adjust some osquery locks by @directionless in #816
- Updates tests to stop occasional failing by @James-Pickett in #817
- Changes to Enrollment by @directionless in #819
- split pkg/osquery/runtime/runtime.go into separate files for osquery instance and runner by @James-Pickett in #822
- Use two
ExtensionManagerServerthreads by @directionless in #823 - Write NodeKey during startup by @directionless in #829
- moved enrollment mutext to lock before node key fetch in enroll func by @James-Pickett in #830
Build and Package
- Fix the duplicate GitHub Actions by @directionless in #820
- Bump github.com/gogo/protobuf from 1.2.0 to 1.3.2 by @dependabot in #811
- Add macOS universal builds to GitHub Actions by @directionless in #824
- Workflow should build on tags as well by @directionless in #832
Full Changelog: v0.11.25...v0.11.26
Contributors
directionless, James-Pickett, and dependabot
Assets 8
v0.11.25
Tables
- Expand
kolide_launcher_infotable to include launcher identifier, removekolide_launcher_identifer#804
General
- Add support for direct osquery transport #797
- Update the checkpoint log to include notable files log #796
- Update the checkpoint log with debugging information about remote hosts #800
- Small updates around socket handling #805
- pkg/simulator: fix clobbered error #793
Build and Package
- Add
mergeabletargets to github actions #798 #799 - Update modules/GitHub.com/google/fscrypt 0.3.3 #808
- Make all tests parallel, add linter #803
- Update package-builder API to allow beta packaging #807
New Contributors
- @alrs made their first contribution
- @James-Pickett made their first contribution
Full Changelog: v0.11.24...v0.11.25
Contributors
alrs and James-Pickett
Assets 7
v0.11.24
Tables
- Add
launcher_gc_infotable (#775) - Add
kolide_cryptoinfotable for generalized certificate parsing (#790, #792)
General
- Add support for
uint8to dataflatten #782 - Don't throw an error for various dataflatten and file based tables #783
- Add a local log file to aid in debugging #784
- Add a manual compaction command for bolt db maintenance #787
Build and Package
- Don't force CGO on windows #776
- Tidy and update some go modules #781
- Add support for the
alphachannel #789
Full Changelog: v0.11.23...v0.11.24
v0.11.23
Tables
General
- Workflow for adding things to a project board (#768, #766, #764)
- Add flag to adjust
LogMaxBytesPerBatch(#756) - Change note about static linking (#771)
Build and Package
- Go 1.16 (#713)
- Update osquery-go SDK (#773)
- Clean out some old go,sum entries (#774)
- Update and expand macOS Rosetta preinstall script (#762, #760)
- Expand Linting (#761)
- Test
package-builderas part of CI (#759)
Full Changelog: v0.11.22...v0.11.23