* WIP Clean syncs now leave non-transitive rules by default
* WIP Get existing tests compiling and passing
* Remove clean all sync server key. Basic tests.
* Add SNTConfiguratorTest, test deprecated key migration
* Revert changes to santactl status output
* Add new preflight response sync type key, lots of tests
* Rework configurator flow a bit so calls cannot be made out of order
* Comment clean sync states. Test all permutations.
* Update docs for new sync keys
* Doc updates as requested in PR
* Make santactl status always print out transitive rule status even when not using a sync service.
* Fix typo in SNTCommandRule.m.
* Updated JSON values to put transitive_rules in the daemon section.
* Add missing config keys
* Use more consistent wording
* More consistent whitespace
* Reorder constants to appropriate section groups
* Update docs/deployment/configuration.md
Co-authored-by: Pete Markowsky <pmarkowsky@users.noreply.github.com>
---------
Co-authored-by: Pete Markowsky <pmarkowsky@users.noreply.github.com>
* Ignore TID/SID rules for dev signed code
* Handle code paths from santactl
* Don't bother evaluating isProdSignedCallback if not necessary
* PR feedback. Link to docs.
* WIP add config support to filter logged entitlements
* Add EntitlementInfo proto message to store if entitlements were filtered
* Log cleanup
* Address PR feedback
* Address PR feedback
GoogleTest when built with GTEST_HAS_ABSL fails to convert these strings
to a `std::string_view`. Lets instead explicitly convert them to a
`std::string_view`.
Add support for logging when codesigning has become invalidated for a process.
This adds support to the Recorder to log when codesigning is invalidated as reported by the Endpoint Security Framework's
ES_EVENT_TYPE_NOTIFY_CS_INVALIDATED event.
* e2e test usb mounting
* no poweroff
* no start
* drive usb via sync server since its up
sudo santactl status
sudo?
* revert nostart/nopoweroff
* bump VMCLI minimum os version
* e2e for macos 14
* no shutdown
* gh path
* dismiss santa popup after bad binary
* sleep for ui
* re-enable start vm
* re-enable poweroff
* tabs
* ratchet checkout actions in e2e
* Fix issue preventing rule import / export from working.
* Removed unused --json option from help string.
* Document that import and export as taking a path argument.
Update the syncing-overview.md document to note that FCM based push notifications are not currently available outside the internal Google deployment of Santa.
Update the configuration.md document to note that FCM based push notifications are not currently available outside the internal Google deployment of Santa
Previously the sync command required root in order to establish a connection to santad with enough privilege to use the XPC methods for adding rules. Now that santasyncservice exists this requirement is no longer necessary and there is no risk in allowing unprivileged users to initiate a sync.
We still ensure that privileges are dropped, just in case someone does execute as root.
