Russell Hancox
f323f5e3de
santad: Up watchdog interval to 60s and CPU threshold to 20%.
...
Whilst during normal operation santad doesn't use more than 5% CPU, it does spike if lots
of processes start, such as during bootup. This change helps to reduce the noise.
2015-06-22 15:28:02 -04:00
Russell Hancox
44c9d9aead
santad: Add watchdog thread to print warnings if CPU/RAM usage seem high.
2015-06-15 16:31:55 -04:00
Russell Hancox
f95245cedd
10.11 Prep: Move santad,santactl from /usr/libexec,/usr/sbin to within santa-driver.kext
2015-06-15 16:18:51 -04:00
Russell Hancox
2a8bdfd714
santad: Use _exit instead of exit after fork. Oops.
2015-06-01 17:12:12 -04:00
Russell Hancox
567e0b6431
santad: If exiting because of a failed dequeue, log the return code at ERROR level.
2015-05-18 13:06:31 -04:00
Russell Hancox
3f5400b264
santa-driver: Split FetchDecision, notify daemon of missed executions, reorganize some methods.
2015-05-14 17:01:49 -04:00
Russell Hancox
25f1b71f10
santa-driver: Move dataqueue to SantaDecisionManager rather than
...
recreating it on every connect.
2015-05-14 17:01:48 -04:00
Russell Hancox
30df44df96
santad: Correctly delete corrupt events. Add test for this.
2015-05-08 14:57:37 -04:00
Russell Hancox
fc55b86f30
santad: Switch to uint32_t for table version numbers
2015-05-08 14:56:20 -04:00
Russell Hancox
59ffb67554
santad: Reject addRules requests with empty/nil array. Also switch to NSUInteger for rule counts.
2015-05-08 14:55:28 -04:00
Russell Hancox
838da16da1
santad: Delete events that fail to unarchive
2015-05-06 14:44:09 -04:00
Russell Hancox
be1e66c29d
Project: Enable more warnings and then fix them.
2015-05-01 17:40:39 -04:00
Russell Hancox
57866308e3
santad: Consider scripts that are part of installer packages as in-scope.
2015-04-30 18:37:04 -04:00
Russell Hancox
63bc8fca2d
santad: Don't post GUI notification for SILENT_BLACKLIST rules.
2015-04-30 18:36:43 -04:00
Russell Hancox
408712f00f
santad: Don't log when client mode is not set in defaultDecision, as that can't actually happen.
2015-04-30 18:36:20 -04:00
Russell Hancox
297fb4cb68
Add parent process name collection and upload
2015-04-30 18:21:13 -04:00
Russell Hancox
4fd5e1139f
Project: Style clean-ups
2015-04-21 14:29:30 -04:00
Russell Hancox
96517573e7
santactl/sync: rename SyncStatus->SyncState, add cleanSync option that can be requested by client or server.
2015-04-10 12:39:22 -04:00
Russell Hancox
a629e6cff1
Clean-up: NSString length is quicker than isEqual
2015-04-09 10:01:44 -04:00
Russell Hancox
323a38dc21
Project: Clean-up block style, order of public/private in C++ headers
2015-04-08 12:29:22 -04:00
Russell Hancox
c37f1eb006
SNTConfigurator: remove auto-reloading code, move to file watching
...
class.
2015-04-08 12:28:58 -04:00
Russell Hancox
88897477b6
santad: Now that SNTConfigurator auto-reloads, stop tracking clientMode separately. Also reload logAllDecisions if req'd.
2015-03-27 15:38:55 -04:00
Russell Hancox
8b5720b291
santad: Update comments in DriverManager
2015-03-27 15:37:08 -04:00
Russell Hancox
472558a03c
santad: Add LogAllEvents option
2015-03-13 18:17:09 -04:00
Russell Hancox
d27a26ca50
santad: Make driver-waiting an exponential backoff up to 16s
2015-03-11 19:14:41 -04:00
Russell Hancox
d109aae6ef
santad/santactl: include pid and ppid in event upload
2015-03-09 09:52:56 -04:00
Russell Hancox
d88fa4ecfe
santad: sleep for less time when waiting for driver
2015-02-03 18:56:25 -05:00
Russell Hancox
3423026a43
santad: move scope check after bin/cert rule checks
2015-02-02 18:25:28 -05:00
Russell Hancox
40af338af2
santad: Correctly log when file allowed due to scope
2015-02-02 17:35:45 -05:00
Russell Hancox
912f3aa0e1
SantaGUI: kill daemon connection on user-switch, re-create on switch back.
2015-02-02 17:32:09 -05:00
Russell Hancox
54ffbf40d6
Ensure kernel cache is flushed if rules are added which are not whitelisting
2015-02-02 17:04:37 -05:00
Russell Hancox
101c9d2b1f
Event Table: rename a method, simplify event decoding, lowercase all table fields
2015-02-02 17:04:06 -05:00
Russell Hancox
9d1117b0c7
SNTExecutionController: Change logging separator from comma to pipe. Also use logDecision when out of scope
2015-02-02 17:00:30 -05:00
Russell Hancox
ee9a7f635a
Move from Certificate SHA-1 to SHA-256
2015-02-02 16:59:04 -05:00
Russell Hancox
b728ea3077
Rename SNTBinaryInfo -> SNTFileInfo, add more tests
2015-01-31 17:54:29 -05:00
Russell Hancox
7a03183cf0
Update Copyright years
2015-01-30 18:41:12 -05:00
Russell Hancox
b095625972
Remove SNTNotificationMessage, use SNTStoredEvent for that purpose instead.
2015-01-30 18:31:17 -05:00
Russell Hancox
a66255aa8f
Events: store event in archived form in database, store & upload entire signing chain rather than just leaf, rename eventsPendingCount, add unit tests.
2015-01-30 17:27:34 -05:00
Russell Hancox
30d335658c
More missed SHA-1 references
2015-01-29 19:55:03 -05:00
Russell Hancox
20a7d6074f
Missed a few SHA-1 references
2015-01-29 12:33:57 -05:00
Russell Hancox
a607136a0d
Add logging of out-of-scope files
2015-01-28 23:20:16 -05:00
Russell Hancox
22e5ffa1f1
SNTEventTable, rename from indexes to id
2015-01-28 21:28:59 -05:00
Russell Hancox
ecbd92646d
Update all docstrings to triple-slash doxygen style
2015-01-28 21:28:17 -05:00
Russell Hancox
b946598f7b
Remove unused method from SNTEventTable
2015-01-28 19:13:00 -05:00
Russell Hancox
6335a02404
Move to SHA-256 hashing
2015-01-28 19:12:59 -05:00
Russell Hancox
71b08307a3
Driver: Move SHA-1 calculation to userland
2015-01-28 19:12:06 -05:00
Russell Hancox
a7715e3ce2
santad: Fix long-standing bug where santad won't finish shutting down when kext goes away
2015-01-14 18:37:46 -05:00
Russell Hancox
d4538b4f7c
Project: simplify version numbering by basing the version number on the latest git tag number. Mark debug builds with git commit id.
2015-01-07 18:42:17 -05:00
Remco
546b2f1383
switched to @() boxing syntax instead of NSNumber literals
2014-12-19 17:10:49 +01:00
Remco
4509cd5c0b
fixed segfault while adding rules
2014-12-19 12:45:35 +01:00
