-
Notifications
You must be signed in to change notification settings - Fork 100
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add username context to kolide_pwpolicy #650
Add username context to kolide_pwpolicy #650
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pretty close :)
I think there are 2 paths we could take.
First, we could patch dataflattentable.TablePluginExec
to handle the specialness this needs. (optional command line parameter, remove the first line of output). This is my general bias, as it seems useful later. However, these are also slower to get right.
Second, this could be updated to follow the more recent ioreg nested forloops. I think that's my current preferred pattern for these.
Happy to work with you either way. Though the first path still feels better
I thought about how to implement the first path -- expanding the generalized exec. I think it's pretty ugly. So I would recommend that we ditch that idea (sorry) and instead make this look more like ioreg. |
This work is now complete. Can you take another look? |
Co-authored-by: seph <seph@kolide.co>
This PR adds the
username
context to thekolide_pwpolicy_table
so that users of launcher can obtain the password policy for a specified username. If no username is specified the table behaves as it did beforeThis also fixes an issue where the first line of output from the
usr/bin/pwpolicy
binary is not valid XML and can occasionally cause the dataflatten library to fail to parse the plist (esp if that first line contains angle brackets)