From 8d7bc4b9dc0aaae052c8e464ff4228eaf6afed64 Mon Sep 17 00:00:00 2001
From: Sunny Neo <sunnyneo@users.noreply.github.com>
Date: Sun, 16 Jun 2019 22:56:11 +0800
Subject: [PATCH] Explicitly define the file directory

Osquery was not working with Fleet after deployment due to wrong directories.

The following command installs the osqueryd service with --flagfile=\ProgramData\osquery\osquery.flags" however osquery.flags found at "C:\Program Files\osquery\osquery.flags"

``` "c:\Program Files\osquery\osqueryd\osqueryd.exe" -ArgumentList "--install" -Wait
```

The original osquery.flags defines the certfile.crt to be in "C:\programdata\osquery", it should be in  "c:\Program Files\osquery\" instead.
---
 Vagrant/scripts/install-osquery.ps1 | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/Vagrant/scripts/install-osquery.ps1 b/Vagrant/scripts/install-osquery.ps1
index f8935da..b46e1ee 100755
--- a/Vagrant/scripts/install-osquery.ps1
+++ b/Vagrant/scripts/install-osquery.ps1
@@ -8,7 +8,8 @@ choco install -y --limit-output --no-progress osquery | Out-String  # Apparently
 $service = Get-WmiObject -Class Win32_Service -Filter "Name='osqueryd'"
 If (-not ($service)) {
   Write-Host "Setting osquery to run as a service"
-  Start-Process -FilePath "c:\Program Files\osquery\osqueryd\osqueryd.exe" -ArgumentList "--install" -Wait
+  New-Service -Name "osqueryd" -BinaryPathName "C:\Program Files\osquery\osqueryd\osqueryd.exe --flagfile=`"C:\Program Files\osquery\osquery.flags`""
+
   # Copy over the config and packs from the Palantir repo
   Copy-Item "c:\Users\vagrant\AppData\Local\Temp\osquery-configuration-master\Classic\Endpoints\Windows\*" "c:\Program Files\osquery"
   Copy-Item "c:\Users\vagrant\AppData\Local\Temp\osquery-configuration-master\Classic\Endpoints\packs" -Path "c:\Program Files\osquery"
@@ -27,12 +28,11 @@ If (-not ($service)) {
   (Get-Content "c:\Program Files\osquery\osquery.flags") -replace 'tls.endpoint.server.com', 'kolide:8412' | Set-Content "c:\Program Files\osquery\osquery.flags"
   ## Change path to secrets
   (Get-Content "c:\Program Files\osquery\osquery.flags") -replace 'path\\to\\file\\containing\\secret.txt', 'Program Files\osquery\kolide_secret.txt' | Set-Content "c:\Program Files\osquery\osquery.flags"
+  ## Change path to certfile
+  (Get-Content "c:\Program Files\osquery\osquery.flags") -replace 'c:\\ProgramData\\osquery\\certfile.crt', 'c:\Program Files\osquery\certfile.crt' | Set-Content "c:\Program Files\osquery\osquery.flags"
   ## Add certfile.crt
   Copy-Item "c:\vagrant\resources\fleet\server.crt" "c:\Program Files\osquery\certfile.crt"
   ### --- TLS CONFIG ENDS ---
-
-  Stop-service osqueryd
-  Start-Sleep -s 5
   Start-Service osqueryd
 }
 else {