Creating extension failed: waiting for unix socket to be available: context deadline exceeded

Question

When i call the funciton osquery.NewExtensionManagerServer i get error: Waiting for unix socket to be available /var/osquery/oq.em context deadline exceeded

i am on linux RHEL 8.2. Haven't seen on other linux version. What might be the issue. any pointers will help.

I was expecting that the unix socket will be created and getting logger callback

Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking. — Community, Mar 27 '23 at 18:09
How is the extension being started? Is osquery starting it, or are you starting it on your own outside osquery? — seph, Mar 30 '23 at 00:40

score 0 · Answer 1 · answered Mar 27 '23 at 18:45

0

Given that you are seeing this error on RHEL and not other Linux versions, I am going to guess there is some issue with SELinux permissions.

Does osquery have permissions to open a unix domain socket (check the logs for any errors)?

Does your extension have permissions to open a unix domain socket?

answered Mar 27 '23 at 18:45

Zach

1,263
11
25

Thanks for the pointers...I have disabled SELinux using setenforce 0, so now SELinux is in permissive mode but still getting same error....also I tried by rebooting the system but same error – Sandip Suryawanshi Mar 28 '23 at 06:20
Are you running both osquery and the extension as root? – Zach Mar 28 '23 at 16:55
Yes I am running both osquery and extension as root. – Sandip Suryawanshi Mar 29 '23 at 10:47

Creating extension failed: waiting for unix socket to be available: context deadline exceeded

1 Answers1