diff --git a/foss-heartbeat/Dockerfile b/foss-heartbeat/Dockerfile index f277ef3..fd3e596 100644 --- a/foss-heartbeat/Dockerfile +++ b/foss-heartbeat/Dockerfile @@ -4,8 +4,9 @@ RUN apk add --no-cache \ ca-certificates \ bash \ gfortran \ + lapack \ openjdk8-jre-base \ - lapack + py3-numpy # Install the requirements RUN set -x \ diff --git a/osquery/Dockerfile b/osquery/Dockerfile index d257fb5..4a04aa1 100644 --- a/osquery/Dockerfile +++ b/osquery/Dockerfile @@ -6,23 +6,39 @@ RUN apt-get update && apt-get install -y \ --no-install-recommends \ && rm -rf /var/lib/apt/lists/* -ENV OSQUERY_VERSION 3.3.2 +ENV OSQUERY_VERSION 4.0.0 RUN buildDeps=' \ - curl \ + clang \ + cmake \ + git \ + libc++-dev \ + libc++abi-dev \ + liblzma-dev \ + llvm \ + make \ + python \ + python3 \ ' \ && set -x \ && apt-get update && apt-get install -y $buildDeps --no-install-recommends \ && rm -rf /var/lib/apt/lists/* \ - && mkdir -p /usr/src/osquery \ - && curl -sSL "https://pkg.osquery.io/linux/osquery-${OSQUERY_VERSION}_1.linux_x86_64.tar.gz" | tar -vxzC / --strip-components 1 \ + && mkdir -p /usr/src/osquery/build \ + && git clone --branch "${OSQUERY_VERSION}" --depth 1 https://github.com/osquery/osquery.git /usr/src/osquery/src \ + && cd /usr/src/osquery \ + && ls -la src/ \ + && cd build \ + && cmake ../src -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ \ + && cmake --build . -j # // where # is the number of parallel build jobs \ + && ls -la \ && apt-get purge -y --auto-remove $buildDeps \ && chmod a+x /usr/bin/osquery* COPY osquery.example.conf /etc/osquery/osquery.conf ENV HOME /home/user -RUN useradd --create-home --home-dir $HOME user \ +RUN mkdir -p /var/osquery /usr/share/osquery /var/log/osquery \ + && useradd --create-home --home-dir $HOME user \ && chown -R user:user $HOME /etc/osquery /var/osquery /usr/share/osquery /var/log/osquery WORKDIR $HOME