Package Details: osquery-git 2.11.1.r0.g489ec3fc-1

Git Clone URL: https://aur.archlinux.org/osquery-git.git (read-only)
Package Base: osquery-git
Description: SQL powered operating system instrumentation, monitoring, and analytics.
Upstream URL: https://osquery.io
Licenses: BSD
Submitter: m3thodic
Maintainer: m3thodic
Last Packager: m3thodic
Votes: 7
Popularity: 0.901969
First Submitted: 2016-07-17 08:27
Last Updated: 2017-12-26 18:35

Pinned Comments

m3thodic commented on 2017-02-28 01:55

*** ATTENTION *** ATTENTION *** ATTENTION *** ATTENTION *** ATTENTION ***

You may have to rm -rf /var/osquery if osqueryd fails to start!

*** ATTENTION *** ATTENTION *** ATTENTION *** ATTENTION *** ATTENTION ***

Latest Comments

psy0nic commented on 2017-12-31 00:08

Is it possible to get a section added to your patch for Artix Linux? The only section that fails is the os detection. I tried editing get_platform.py directly substituting Arch with Artix but I am admittedely new and not yet good with Arch package management nor Python. I was able to get it to continue compiling by temporarily changing my /etc/lsb-release to read Arch instead of Artix. From reading some of the Arch documentation and forums I don't think forks of Arch are necessarily supported nor actually appreciated but we do also use AUR for packages not yet in the main pacman repos such as this one and thought it may be a simple request to help out a (so far) small community of Arch enthusiasts?

daskol commented on 2017-12-18 22:29

It seems that apt package as well as dpkg is not necessary and so they could are excluded since the default package manager for Arch is pacman.

m3thodic commented on 2017-10-30 20:57

@viq Thanks again, updated version should be pushed later tonight.

louiscipher commented on 2017-10-25 16:16

I'm getting build errors when trying to build from the latest version:

In file included from /tmp/yaourt-tmp-bverdier/aur-osquery-git/src/osquery-git/generated/gen-cpp/Extension.cpp:7:
In file included from /tmp/yaourt-tmp-bverdier/aur-osquery-git/src/osquery-git/generated/gen-cpp/Extension.h:10:
In file included from /usr/local/osquery/include/thrift/TDispatchProcessor.h:22:
In file included from /usr/local/osquery/include/thrift/TProcessor.h:23:
In file included from /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/7.2.0/../../../../include/c++/7.2.0/string:52:
In file included from /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/7.2.0/../../../../include/c++/7.2.0/bits/basic_string.h:6159:
In file included from /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/7.2.0/../../../../include/c++/7.2.0/ext/string_conversions.h:41:
In file included from /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/7.2.0/../../../../include/c++/7.2.0/cstdlib:75:
/usr/include/stdlib.h:131:24: error: function-like macro '__GLIBC_USE' is not defined
#if __HAVE_FLOAT128 && __GLIBC_USE (IEC_60559_TYPES_EXT)
^
/usr/include/stdlib.h:174:5: error: function-like macro '__GLIBC_USE' is not defined
#if __GLIBC_USE (IEC_60559_BFP_EXT)
^
/usr/include/stdlib.h:188:24: error: function-like macro '__GLIBC_USE' is not defined
#if __HAVE_FLOAT128 && __GLIBC_USE (IEC_60559_TYPES_EXT)
^
In file included from /tmp/yaourt-tmp-bverdier/aur-osquery-git/src/osquery-git/generated/gen-cpp/Extension.cpp:7:
In file included from /tmp/yaourt-tmp-bverdier/aur-osquery-git/src/osquery-git/generated/gen-cpp/Extension.h:10:
In file included from /usr/local/osquery/include/thrift/TDispatchProcessor.h:22:
In file included from /usr/local/osquery/include/thrift/TProcessor.h:23:
In file included from /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/7.2.0/../../../../include/c++/7.2.0/string:52:
In file included from /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/7.2.0/../../../../include/c++/7.2.0/bits/basic_string.h:6159:
In file included from /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/7.2.0/../../../../include/c++/7.2.0/ext/string_conversions.h:41:
In file included from /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/7.2.0/../../../../include/c++/7.2.0/cstdlib:75:
In file included from /usr/include/stdlib.h:199:
In file included from /usr/include/bits/types/locale_t.h:22:
/usr/include/bits/types/__locale_t.h:28:8: error: redefinition of '__locale_struct'
struct __locale_struct
^
/usr/local/osquery/legacy/include/xlocale.h:28:16: note: previous definition is here
typedef struct __locale_struct
^
In file included from /tmp/yaourt-tmp-bverdier/aur-osquery-git/src/osquery-git/generated/gen-cpp/Extension.cpp:7:
In file included from /tmp/yaourt-tmp-bverdier/aur-osquery-git/src/osquery-git/generated/gen-cpp/Extension.h:10:
In file included from /usr/local/osquery/include/thrift/TDispatchProcessor.h:22:
In file included from /usr/local/osquery/include/thrift/TProcessor.h:23:
In file included from /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/7.2.0/../../../../include/c++/7.2.0/string:52:
In file included from /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/7.2.0/../../../../include/c++/7.2.0/bits/basic_string.h:6159:
In file included from /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/7.2.0/../../../../include/c++/7.2.0/ext/string_conversions.h:41:
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/7.2.0/../../../../include/c++/7.2.0/cstdlib:131:11: error: no
member named 'at_quick_exit' in the global namespace
using ::at_quick_exit;
~~^
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/7.2.0/../../../../include/c++/7.2.0/cstdlib:154:11: error: no
member named 'quick_exit' in the global namespace
using ::quick_exit;
~~^
In file included from /tmp/yaourt-tmp-bverdier/aur-osquery-git/src/osquery-git/generated/gen-cpp/Extension.cpp:7:
In file included from /tmp/yaourt-tmp-bverdier/aur-osquery-git/src/osquery-git/generated/gen-cpp/Extension.h:10:
In file included from /usr/local/osquery/include/thrift/TDispatchProcessor.h:22:
In file included from /usr/local/osquery/include/thrift/TProcessor.h:24:
In file included from /usr/local/osquery/include/thrift/protocol/TProtocol.h:28:
In file included from /usr/local/osquery/include/thrift/transport/TTransport.h:24:
In file included from /usr/local/osquery/include/boost/shared_ptr.hpp:17:
In file included from /usr/local/osquery/include/boost/smart_ptr/shared_ptr.hpp:28:
In file included from /usr/local/osquery/include/boost/smart_ptr/detail/shared_count.hpp:29:
In file included from /usr/local/osquery/include/boost/smart_ptr/detail/sp_counted_base.hpp:45:
In file included from /usr/local/osquery/include/boost/smart_ptr/detail/sp_counted_base_clang.hpp:19:
In file included from /usr/local/osquery/include/boost/cstdint.hpp:440:
In file included from /usr/local/osquery/legacy/include/limits.h:125:
In file included from /usr/lib/clang/5.0.0/include/limits.h:37:
/usr/include/limits.h:145:5: error: function-like macro '__GLIBC_USE' is not defined
#if __GLIBC_USE (IEC_60559_BFP_EXT)
^
7 errors generated.
make[2]: *** [osquery/extensions/CMakeFiles/osquery_extensions.dir/build.make:85: osquery/extensions/CMakeFiles/osquery_extensions.dir/__/__/generated/gen-cpp/Extension.cpp.o] Error 1
make[2]: Leaving directory '/tmp/yaourt-tmp-bverdier/aur-osquery-git/src/osquery-git'
make[1]: *** [CMakeFiles/Makefile2:1673: osquery/extensions/CMakeFiles/osquery_extensions.dir/all] Error 2
make[1]: Leaving directory '/tmp/yaourt-tmp-bverdier/aur-osquery-git/src/osquery-git'
make: *** [Makefile:144: all] Error 2
==> ERROR: A failure occurred in build().
Aborting...
==> ERROR: Makepkg was unable to build osquery-git.

viq commented on 2017-10-17 11:06

Looks like it now needs librdkafka to build, which currently is provided only by https://aur.archlinux.org/packages/librdkafka-git/

m3thodic commented on 2017-08-20 12:59

@viq Thanks, added!

viq commented on 2017-08-08 07:07

Looks like it may need zstd to build now.

mignacio commented on 2017-03-14 15:38

I got about the same errors as my last comment, so I spun up an fresh Arch instance in EC2 and managed to run makepkg successfully there.

Not sure what was wrong with my build environment but I don't know much about this kind of stuff.

m3thodic commented on 2017-02-28 01:55

*** ATTENTION *** ATTENTION *** ATTENTION *** ATTENTION *** ATTENTION ***

You may have to rm -rf /var/osquery if osqueryd fails to start!

*** ATTENTION *** ATTENTION *** ATTENTION *** ATTENTION *** ATTENTION ***

m3thodic commented on 2017-02-28 01:54

Hey guys, it took FOREVER to finally get this to compile/run but I managed to get a working osquery package from the latest master at the time of this writing (commit hash 3c3d649b1ed80362e6653409876110f254cfc719).

Please test and report to let me know if this works for you or not.

Thanks!

All comments