Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Renamed macOS Login Item #2207

Merged
merged 15 commits into from
May 24, 2023
Merged

Renamed macOS Login Item #2207

merged 15 commits into from
May 24, 2023

Conversation

verdx
Copy link
Contributor

@verdx verdx commented May 19, 2023
edited
Loading

Related issue
#2199

Description

The name of the script used as a Login Item is changed, thus changing the name of the Login Item appearing on Settings -> General -> Login Items. The call to darwin-init.sh during the installation has been removed, as it only repeats what is done in the preinstall.sh script.

Tests

@verdx
Change name of MacOS service from launcher.sh to Wazuh
957c6e4 
Signed-off-by: Miguel Verdaguer Velázquez <verdx@riseup.net>
@verdx verdx self-assigned this May 19, 2023
@verdx
Remove darwin-init.sh to allow for changes(all it does is repeated on…
7014715 
… postinstall.sh)

Signed-off-by: Miguel Verdaguer Velázquez <verdx@riseup.net>
@verdx verdx requested review from DFolchA, c-bordon and snaow May 19, 2023 13:49
@verdx verdx linked an issue May 19, 2023 that may be closed by this pull request
Rename macOS login item #2199
Closed
@snaow snaow changed the title Renamed MacOS Login Item Renamed macOS Login Item May 19, 2023
snaow
snaow suggested changes May 19, 2023
View reviewed changes
Copy link
Contributor

@snaow snaow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please, continue with the testing with the following cases:

  • Upgrade from previous versions (screenshots)
  • Reboot macOS and check if the service is running (the agent is running and connected after the reboot)
  • Uninstall removes successfully all files (no traces)

@verdx
Copy link
Contributor Author

verdx commented May 22, 2023
edited
Loading

Further testing

The testing asked for in #2207 (review) has been completed without error.

Installation of 4.4.1 
sh-3.2# curl -O https://packages.wazuh.com/4.x/macos/wazuh-agent-4.4.1-1.pkg
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 5501k  100 5501k    0     0   131M      0 --:--:-- --:--:-- --:--:--  149M
sh-3.2# launchctl setenv WAZUH_MANAGER "10.0.0.2" && installer -pkg wazuh-agent-4.4.1-1.pkg -target /
installer: Package name is Wazuh Agent
installer: Installing at base path /
installer: The install was successful.
sh-3.2# /Library/Ossec/bin/wazuh-control start
Starting Wazuh v4.4.1...
Started wazuh-execd...
Started wazuh-agentd...
Started wazuh-syscheckd...
Started wazuh-logcollector...
Started wazuh-modulesd...
Completed.
sh-3.2# /Library/Ossec/bin/wazuh-control start
Starting Wazuh v4.4.1...
wazuh-execd already running...
wazuh-agentd already running...
wazuh-syscheckd already running...
wazuh-logcollector already running...
wazuh-modulesd already running...
Completed.
Upgrade to 4.4.2 
sh-3.2# launchctl setenv WAZUH_MANAGER "10.0.0.2" && installer -pkg wazuh-agent-4.4.2-1\(1\).pkg -target /
installer: Package name is Wazuh Agent
installer: Upgrading at base path /
installer: The upgrade was successful.
sh-3.2# /Library/Ossec/bin/wazuh-control status
wazuh-modulesd is running...
wazuh-logcollector is running...
wazuh-syscheckd is running...
wazuh-agentd is running...
wazuh-execd is running...
sh-3.2#
Check the Login Item

image

Uninstall according to documentation 
sh-3.2# /Library/Ossec/bin/wazuh-control stop
Killing wazuh-modulesd... 
Killing wazuh-logcollector... 
Killing wazuh-syscheckd... 
Killing wazuh-agentd... 
Killing wazuh-execd... 
Wazuh v4.4.2 Stopped
sh-3.2# /bin/rm -r /Library/Ossec
sh-3.2# /bin/launchctl unload /Library/LaunchDaemons/com.wazuh.agent.plist
sh-3.2# /bin/rm -f /Library/LaunchDaemons/com.wazuh.agent.plist
sh-3.2# /bin/rm -rf /Library/StartupItems/WAZUH
sh-3.2# /usr/bin/dscl . -delete "/Users/wazuh"
sh-3.2# /usr/bin/dscl . -delete "/Groups/wazuh"
sh-3.2# /usr/sbin/pkgutil --forget com.wazuh.pkg.wazuh-agent
Forgot package 'com.wazuh.pkg.wazuh-agent' on '/'.
sh-3.2# ls /Library/Ossec
ls: /Library/Ossec: No such file or directory
sh-3.2# ls /Library/StartupItems/
sh-3.2# ls /Library/LaunchDaemons/
com.amazon.aws.ssm.plist				com.amazon.ec2.macos-init.plist
com.amazon.ec2.ena-ethernet.plist			com.amazon.ec2.monitoring.agents.cpuutilization.plist
sh-3.2# find / | grep wazuh
/System/Volumes/Data/Users/ec2-user/wazuh-agent-4.4.2-1(1).pkg
/Users/ec2-user/wazuh-agent-4.4.1-1.pkg
/Users/ec2-user/wazuh-agent-4.4.2-1(1).pkg
sh-3.2# find / | grep ossec
sh-3.2#
Run the Startup Item independently 
sh-3.2# /Library/StartupItems/WAZUH/WAZUH 
Starting Wazuh v4.4.2...
wazuh-execd already running...
wazuh-agentd already running...
wazuh-syscheckd already running...
wazuh-logcollector already running...
wazuh-modulesd already running...
Completed.

^C
sh-3.2#

@verdx verdx requested a review from snaow May 22, 2023 09:31
rauldpm
rauldpm requested changes May 22, 2023
View reviewed changes
Copy link
Member

@rauldpm rauldpm left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The macOS sources installation should be modified as this script (darwin-init.sh) is still used: https://github.com/search?q=repo%3Awazuh%2Fwazuh%20darwin-init.sh&type=code

Also, these variables do not match:

https://github.com/wazuh/wazuh/blob/c168773980b67b622d44c58791eacd8c2329416b/src/init/darwin-init.sh#LL12C1-L13C49

LAUNCHER_SCRIPT=/Library/StartupItems/WAZUH/launcher.sh
STARTUP_SCRIPT=/Library/StartupItems/WAZUH/WAZUH

The macOS sources installation guide should be reviewed as it is referencing an old /Library/StartupItems/OSSEC file
https://documentation.wazuh.com/current/deployment-options/wazuh-from-sources/wazuh-agent/index.html

@verdx verdx changed the base branch from 4.4 to 4.4.3 May 22, 2023 14:38
verdx added 2 commits May 22, 2023 16:42
@verdx
Remove creation of service, already done by install.sh->init.sh->darw…
676d685 
…in-init.sh

Signed-off-by: Miguel Verdaguer Velázquez <verdx@riseup.net>
@verdx
Add service files to the package specs
e48957f 
Signed-off-by: Miguel Verdaguer Velázquez <verdx@riseup.net>
@verdx verdx mentioned this pull request May 22, 2023
Merged
@verdx
Copy link
Contributor Author

verdx commented May 22, 2023
edited
Loading

Update

After this commentary, #2207 (review), and speaking with @rauldpm and @DFolchA, the approach to this problem has changed, instead of removing the use of darwin-init.sh inside https://github.com/wazuh/wazuh-packages, the repetition of code in preinstall.sh has been removed, and the service files, created by darwin-init.sh are included inside the package. A new PR has been made in https://github.com/wazuh/wazuh to include the name change for the Login Item, wazuh/wazuh#17190.

Testing

The testing is on hold for the creation of the packages, which is in the queue in the pipeline https://ci.wazuh.info/job/Packages_builder_macos/

Documentation fix

A new PR has been created for the documentation, to change the error mentioned in this comment,
#2207 (review). The PR is wazuh/wazuh-documentation#6122

verdx added 7 commits May 22, 2023 17:22
@verdx
Merge branch '4.4.3' into 2199-rename-macos-login-item
43645bd
@verdx
Update postinstall.sh
e02ec0d
@verdx
Copy all StartupItems files so they can be notarized and included in …
d5f6794 
…the package

Signed-off-by: Miguel Verdaguer Velázquez <verdx@riseup.net>
@verdx
Copy entire StartupItems/WAZUH file
897c386 
Signed-off-by: Miguel Verdaguer Velázquez <verdx@riseup.net>
@verdx
Small fixes to facilitate debugging
0c3aab5 
Signed-off-by: Miguel Verdaguer Velázquez <verdx@riseup.net>
@verdx
Copy the StartupItem to the destination of the package so it is found
16cd90b 
Signed-off-by: Miguel Verdaguer Velázquez <verdx@riseup.net>
@verdx
Fix uninstall script for macos
3f6fcb5 
Signed-off-by: Miguel Verdaguer Velázquez <verdx@riseup.net>
@verdx verdx force-pushed the 2199-rename-macos-login-item branch from 05fa878 to 3f6fcb5 Compare May 23, 2023 15:30
@verdx
Change and copy Startup Item to the directory build.sh is run from
8a3c775 
Signed-off-by: Miguel Verdaguer Velázquez <verdx@riseup.net>
@verdx verdx mentioned this pull request May 23, 2023
Closed
verdx added 2 commits May 23, 2023 18:12
@verdx
Remove changes and install services on postinstall.sh
db776eb 
Signed-off-by: Miguel Verdaguer Velázquez <verdx@riseup.net>
@verdx
Remove unnecessary whitespaces
387f07f 
Signed-off-by: Miguel Verdaguer Velázquez <verdx@riseup.net>
@verdx
Copy link
Contributor Author

verdx commented May 23, 2023

Update

The solution chosen has brought a lot of problems when creating the package, with an error appearing saying the StartupItem script WAZUH could not be found by the package builder, and after many tests with no successful result, the solution has been changed to add the Startup Items on the postinstall.sh script, during the installation of the package, instead of including them in the package.

Error in the package building 
17:16:39  ERROR: something went wrong while building the package.
17:16:39  The contents of the log file are:
17:16:39  Building Project (17:16:38) at path: /tmp/Packages_builder_macos/B9935/wazuh-packages/macos/package_files/wazuh-agent.pkgproj 
17:16:39  ------------------------------------------------------------------------------
17:16:39  
17:16:39  Build Folder (done)
17:16:39  
17:16:39  Distribution
17:16:39  
17:16:39  	Package "agent"
17:16:39  
17:16:39  		Payload
17:16:39  
17:16:39  			Assemble file hierarchy
17:16:39  
17:16:39  ==============================================================================
17:16:39  ERROR:
17:16:39  
17:16:39  Description:
17:16:39  
17:16:39  Unable to copy item at path 'WAZUH' to '/private/tmp/PCjfxjTJ/0/wazuh-agent/Library/StartupItems/WAZUH' because the item could not be found
17:16:39  
17:16:39  ==============================================================================
17:16:39  Build Failed
17:16:39  wazuh-modulesd not running...
17:16:39  wazuh-logcollector not running...
17:16:39  wazuh-syscheckd not running...
17:16:39  wazuh-agentd not running...
17:16:39  wazuh-execd not running...
17:16:39  Wazuh v4.4.3 Stopped
17:16:39  
17:16:39  Wazuh agent correctly removed from the system.
17:16:39  
17:16:39  
17:16:39  STDERR:
17:16:39  
17:16:39  fatal: destination path '/private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh' already exists and is not an empty directory.
17:16:39  + DESTINATION_PATH=/Library/Ossec
17:16:39  + SOURCES_PATH=/private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh
17:16:39  + BUILD_JOBS=2
17:16:39  + INSTALLATION_SCRIPTS_DIR=/Library/Ossec/packages_files/agent_installation_scripts
17:16:39  + build
17:16:39  + configure
17:16:39  + echo USER_LANGUAGE=en
17:16:39  + echo USER_NO_STOP=y
17:16:39  + echo USER_INSTALL_TYPE=agent
17:16:39  + echo USER_DIR=/Library/Ossec
17:16:39  + echo USER_DELETE_DIR=y
17:16:39  + echo USER_CLEANINSTALL=y
17:16:39  + echo USER_BINARYINSTALL=y
17:16:39  + echo USER_AGENT_SERVER_IP=MANAGER_IP
17:16:39  + echo USER_ENABLE_SYSCHECK=y
17:16:39  + echo USER_ENABLE_ROOTCHECK=y
17:16:39  + echo USER_ENABLE_OPENSCAP=n
17:16:39  + echo USER_ENABLE_CISCAT=n
17:16:39  + echo USER_ENABLE_ACTIVE_RESPONSE=y
17:16:39  + echo USER_CA_STORE=n
17:16:39  + '[' -z yes ']'
17:16:39  + echo 'Running install script'
17:16:39  + /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/install.sh
17:16:39  grep: /etc/os-release: No such file or directory
17:16:39  /Library/LaunchDaemons/com.wazuh.agent.plist: service already loaded
17:16:39  + find /Library/Ossec/ruleset/sca/ -type f -exec rm -f '{}' ';'
17:16:39  + mkdir -p /Library/Ossec/packages_files/agent_installation_scripts/
17:16:39  + cp /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/gen_ossec.sh /Library/Ossec/packages_files/agent_installation_scripts/
17:16:39  + cp /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/add_localfiles.sh /Library/Ossec/packages_files/agent_installation_scripts/
17:16:39  + mkdir -p /Library/Ossec/packages_files/agent_installation_scripts/src/init
17:16:39  + mkdir -p /Library/Ossec/packages_files/agent_installation_scripts/etc/templates/config/generic /Library/Ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin
17:16:39  + cp -r /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/etc/templates/config/generic /Library/Ossec/packages_files/agent_installation_scripts/etc/templates/config
17:16:39  + cp -r /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/etc/templates/config/darwin /Library/Ossec/packages_files/agent_installation_scripts/etc/templates/config
17:16:39  + find /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/src/init/ -name '*.sh' -type f -exec install -m 0640 '{}' /Library/Ossec/packages_files/agent_installation_scripts/src/init ';'
17:16:39  + mkdir -p /Library/Ossec/packages_files/agent_installation_scripts/sca/generic
17:16:39  + mkdir -p /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/15 /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/16 /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/17 /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/18 /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/20 /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/21 /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/22
17:16:39  + cp -r /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/ruleset/sca/darwin /Library/Ossec/packages_files/agent_installation_scripts/sca
17:16:39  + cp -r /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/ruleset/sca/generic /Library/Ossec/packages_files/agent_installation_scripts/sca
17:16:39  + cp /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/etc/templates/config/generic/sca.files /Library/Ossec/packages_files/agent_installation_scripts/sca/generic/
17:16:39  + cp /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/etc/templates/config/darwin/15/sca.files /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/15/
17:16:39  + cp /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/etc/templates/config/darwin/16/sca.files /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/16/
17:16:39  + cp /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/etc/templates/config/darwin/17/sca.files /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/17/
17:16:39  + cp /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/etc/templates/config/darwin/18/sca.files /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/18/
17:16:39  + cp /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/etc/templates/config/darwin/19/sca.files /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/19/
17:16:39  + cp /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/etc/templates/config/darwin/20/sca.files /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/20/
17:16:39  + cp /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/etc/templates/config/darwin/21/sca.files /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/21/
17:16:39  + cp /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/etc/templates/config/darwin/22/sca.files /Library/Ossec/packages_files/agent_installation_scripts/sca/darwin/22/
17:16:39  + cp /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/src/VERSION /Library/Ossec/packages_files/agent_installation_scripts/src/
17:16:39  + cp /private/tmp/Packages_builder_macos/B9935/wazuh-packages/macos/repository/wazuh/src/REVISION /Library/Ossec/packages_files/agent_installation_scripts/src/
17:16:39  + cp /Library/StartupItems/WAZUH/WAZUH /Library/Ossec
17:16:39  unlock-keychain "-p" "****" "****"
17:16:39  /Library/Ossec/bin/wazuh-logcollector: signed Mach-O thin (x86_64) [wazuh-logcollector]
17:16:39  /Library/Ossec/bin/wazuh-execd: signed Mach-O thin (x86_64) [wazuh-execd]
17:16:39  /Library/Ossec/bin/wazuh-syscheckd: signed Mach-O thin (x86_64) [wazuh-syscheckd]
17:16:39  /Library/Ossec/bin/manage_agents: signed Mach-O thin (x86_64) [manage_agents]
17:16:39  /Library/Ossec/bin/agent-auth: signed Mach-O thin (x86_64) [agent-auth]
17:16:39  /Library/Ossec/bin/wazuh-agentd: signed Mach-O thin (x86_64) [wazuh-agentd]
17:16:39  /Library/Ossec/bin/wazuh-modulesd: signed Mach-O thin (x86_64) [wazuh-modulesd]
17:16:39  /Library/Ossec/lib/libwazuhshared.dylib: signed Mach-O thin (x86_64) [libwazuhshared]
17:16:39  /Library/Ossec/lib/libsysinfo.dylib: signed Mach-O thin (x86_64) [libsysinfo]
17:16:39  /Library/Ossec/lib/libdbsync.dylib: signed Mach-O thin (x86_64) [libdbsync]
17:16:39  /Library/Ossec/lib/librsync.dylib: signed Mach-O thin (x86_64) [librsync]
17:16:39  /Library/Ossec/lib/libsyscollector.dylib: signed Mach-O thin (x86_64) [libsyscollector]
17:16:39  /Library/Ossec/lib/libwazuhext.dylib: signed Mach-O thin (x86_64) [libwazuhext]
17:16:39  /Library/Ossec/active-response/bin/firewall-drop: signed Mach-O thin (x86_64) [firewall-drop]
17:16:39  /Library/Ossec/active-response/bin/host-deny: signed Mach-O thin (x86_64) [host-deny]
17:16:39  /Library/Ossec/active-response/bin/firewalld-drop: signed Mach-O thin (x86_64) [firewalld-drop]
17:16:39  /Library/Ossec/active-response/bin/default-firewall-drop: signed Mach-O thin (x86_64) [default-firewall-drop]
17:16:39  /Library/Ossec/active-response/bin/npf: signed Mach-O thin (x86_64) [npf]
17:16:39  /Library/Ossec/active-response/bin/pf: signed Mach-O thin (x86_64) [pf]
17:16:39  /Library/Ossec/active-response/bin/ip-customblock: signed Mach-O thin (x86_64) [ip-customblock]
17:16:39  /Library/Ossec/active-response/bin/ipfw: signed Mach-O thin (x86_64) [ipfw]
17:16:39  /Library/Ossec/active-response/bin/route-null: signed Mach-O thin (x86_64) [route-null]
17:16:39  /Library/Ossec/active-response/bin/restart-wazuh: signed Mach-O thin (x86_64) [restart-wazuh]
17:16:39  /Library/Ossec/active-response/bin/wazuh-slack: signed Mach-O thin (x86_64) [wazuh-slack]
17:16:39  /Library/Ossec/active-response/bin/kaspersky: signed Mach-O thin (x86_64) [kaspersky]
17:16:39  /Library/Ossec/active-response/bin/disable-account: signed Mach-O thin (x86_64) [disable-account]
17:16:39  lock-keychain "****"
17:16:39  No receipt for 'com.wazuh.pkg.wazuh-agent' found at '/'.
17:16:39  No receipt for 'com.wazuh.pkg.wazuh-agent-etc' found at '/'.
17:16:39  
17:16:39  
17:16:39  MSG:
17:16:39  
17:16:39  non-zero return code

Tests

Using the new solution, the package has been created correctly(https://ci.wazuh.info/job/Packages_builder_macos/9943) and tested on macOS Ventura:

Installation of 4.4.2 
sh-3.2# launchctl setenv WAZUH_MANAGER "10.0.0.2" && installer -pkg wazuh-agent-4.4.2-1.pkg -target /
installer: Package name is Wazuh Agent
installer: Installing at base path /
installer: The install was successful.
sh-3.2# /Library/Ossec/bin/wazuh-control start
Starting Wazuh v4.4.2...
Started wazuh-execd...
Started wazuh-agentd...
Started wazuh-syscheckd...
Started wazuh-logcollector...
Started wazuh-modulesd...
Completed.
sh-3.2# /Library/Ossec/bin/wazuh-control status
wazuh-modulesd is running...
wazuh-logcollector is running...
wazuh-syscheckd is running...
wazuh-agentd is running...
wazuh-execd is running...
Upgrade to 4.4.3 
sh-3.2# launchctl setenv WAZUH_MANAGER "10.0.0.2" && installer -pkg wazuh-agent-4.4.3-2199.pkg -target /
installer: Package name is Wazuh Agent
installer: Upgrading at base path /
installer: The upgrade was successful.
sh-3.2# /Library/Ossec/bin/wazuh-control status
wazuh-modulesd is running...
wazuh-logcollector is running...
wazuh-syscheckd is running...
wazuh-agentd is running...
wazuh-execd is running...
Check the Login Item

image

Uninstall according to documentation 
sh-3.2# /Library/Ossec/bin/wazuh-control stop
Killing wazuh-modulesd... 
Killing wazuh-logcollector... 
Killing wazuh-syscheckd... 
Killing wazuh-agentd... 
Killing wazuh-execd... 
Wazuh v4.4.3 Stopped
sh-3.2# /bin/rm -r /Library/Ossec
sh-3.2# /bin/launchctl unload /Library/LaunchDaemons/com.wazuh.agent.plist
sh-3.2# /bin/rm -f /Library/LaunchDaemons/com.wazuh.agent.plist
sh-3.2# /bin/rm -rf /Library/StartupItems/WAZUH
sh-3.2# /usr/bin/dscl . -delete "/Users/wazuh"
sh-3.2# /usr/bin/dscl . -delete "/Groups/wazuh"
sh-3.2# /usr/sbin/pkgutil --forget com.wazuh.pkg.wazuh-agent
Forgot package 'com.wazuh.pkg.wazuh-agent' on '/'.
sh-3.2# ls /Library/StartupItems/
sh-3.2# ls /Library/LaunchDaemons/
com.amazon.aws.ssm.plist				com.amazon.ec2.macos-init.plist
com.amazon.ec2.ena-ethernet.plist			com.amazon.ec2.monitoring.agents.cpuutilization.plist
sh-3.2# ls /Library/Ossec
ls: /Library/Ossec: No such file or directory

@verdx verdx requested a review from rauldpm May 23, 2023 17:07
@rauldpm rauldpm requested review from snaow and teddytpc1 May 23, 2023 20:08
@verdx verdx mentioned this pull request May 24, 2023
Closed
@DFolchA DFolchA merged commit cc32d23 into 4.4.3 May 24, 2023
@DFolchA DFolchA deleted the 2199-rename-macos-login-item branch May 24, 2023 16:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DFolchA DFolchA DFolchA approved these changes

@rauldpm rauldpm rauldpm approved these changes

@c-bordon c-bordon Awaiting requested review from c-bordon

@snaow snaow Awaiting requested review from snaow

@teddytpc1 teddytpc1 Awaiting requested review from teddytpc1

Assignees

@verdx verdx

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Rename macOS login item
5 participants
@verdx @snaow @rauldpm @DFolchA @teddytpc1