Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set all env vars on osquery process #1961

Merged
merged 2 commits into from
Nov 19, 2024
Merged

Set all env vars on osquery process #1961

merged 2 commits into from
Nov 19, 2024

Conversation

RebeccaMahany
Copy link
Contributor

@RebeccaMahany RebeccaMahany commented Nov 19, 2024
edited
Loading

This is a follow-up to #1960:

  • We may want other env vars set, so this PR updates to grab all of the env vars from cmd.Environ() -- this is the default behavior for cmd when nothing is set in cmd.Env
  • In the case that SystemDrive happens to be unset, we can prevent undesirable behavior by setting SystemDrive= in the env instead -- so this PR adds a check for that as well

@RebeccaMahany RebeccaMahany mentioned this pull request Nov 19, 2024
Merged
@RebeccaMahany RebeccaMahany added the bug-fixes Bug Fixes label Nov 19, 2024
@RebeccaMahany RebeccaMahany marked this pull request as ready for review November 19, 2024 15:52
directionless
directionless approved these changes Nov 19, 2024
View reviewed changes
Copy link
Contributor

@directionless directionless left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is okay, and just to talk through it...

My normal inclination is to set a minimal ENV -- less likely to make a executated command behave unexpectedly. But, we're not running suid, and we only have the permissions we start with. So, this shouldn't negatively impact us -- if you can adjust launcher's env, you could just call osquery with that same adjusted ENV.

pkg/osquery/runtime/osqueryinstance.go
// On Windows, we need to ensure the `SystemDrive` environment variable is set to _something_,
// so if it isn't already set, we set it to an empty string.
systemDriveEnvVarFound := false
for _, e := range cmd.Env {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Things like this make me grumpy it's an array and not a hash

@RebeccaMahany RebeccaMahany added this pull request to the merge queue Nov 19, 2024
Merged via the queue into kolide:main with commit bcf0102 Nov 19, 2024
29 checks passed
@RebeccaMahany RebeccaMahany deleted the becca/osq-cmd-environ branch November 19, 2024 16:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@James-Pickett James-Pickett James-Pickett approved these changes

@directionless directionless directionless approved these changes

Assignees
No one assigned
Labels
bug-fixes Bug Fixes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@RebeccaMahany @directionless @James-Pickett