/opt/sysmon gets removed on upgrade in RHEL8/RHEL9/Ubuntu20.04 #177
Assignees
Labels
Comments
|
Any updates on this? |
|
Hi - Thanks for following up on this! We are working on some other priority issues at the moment, but we haven't forgotten about this. Once we’ve made progress on our current priorities, we’ll revisit this issue and provide an update. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
The directory /opt/sysmon gets removed when upgrading the rpm and deb to a newer version. This means that the service cannot start again after an upgrade unless the configuration file is re-installed.
To Reproduce
yum upgrade sysmon
apt upgrade sysmon
Sysmon version
Initial version: 1.3.2
Upgraded version: 1.3.3
Distro/kernel version
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9
Ubuntu 20.04
Expected behavior
The service should start up with the currently running configuration on the upgraded version of sysmon
Additional context
Is it possible to add a check in the post-install sections to only run the removal if it's a new install?
https://github.com/Sysinternals/SysmonForLinux/blob/main/package/SPECS.in/spec.in
https://github.com/Sysinternals/SysmonForLinux/blob/main/package/DEBIAN/postrm
There seems to be flags you can use to check if it's the package is being freshly installed or upgraded.
https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/
https://askubuntu.com/a/102128
https://manpages.debian.org/unstable/dpkg-dev/deb-postrm.5.en.html#old-postrm
If removal of these directories are by design during a package upgrade, maybe put the sysmon configuration file in a different path and automatically run sysmon -i pointing to that configuration file
The text was updated successfully, but these errors were encountered: