Question

Worklet payload files - Where are they?

  • 31 January 2024
  • 4 replies
  • 36 views

Badge

Hi Everyone!

I am trying to create a worklet for Linux servers that requires a file to be put onto the servers.  I have uploaded the file to the worklet, but I cannot find details on where this file will be located for me to interact with it.  Where do the files get placed when the worklet runs?  My evaluation and remediation code will need to interact with this payload file.


4 replies

Badge

It looks like the evaluation and remediation code are run out from the same directory as the payload files, so we can simply reference them using the local path of ./filename without needing to know the full file path.  

The temporary execution folders are generated in /var/lib/amagent/ for anyone that is wondering or curious.  I have confirmed this with support.  

Userlevel 3

Hi @justmirsk !

On linux, the amagent works out of this directory: /var/lib/amagent/ 


When an Automox worklet, scan, or policy is in the process of executing, a temporary subfolder named execDir will be created here. This is the folder that will include the worklet’s payload.  This folder and contents are automatically removed after the policy or worklet run completes.  During the worklet run though, you can interact with the file as you please.

You can read more about the location of Automox files here: https://help.automox.com/hc/en-us/articles/5352197953300-Location-of-Files-Required-By-Automox

 

Have a great day!

Userlevel 3
Badge

One additional add to JohnG’s response and a clarifying point on the original question, the payload is never downloaded during a scan which means the Evaluation code is not able to interact with it. If you want the Eval code to interface with a payload, it already has to exist on the device somewhere (or not).

Badge

Ah, thank you.  It makes sense to not download the payload if it isn’t needed.  That makes me process a bit more involved when I update my payload object.  I was hoping it would be downloaded so I could run a hash against it and compare that hash to the target, if they are different, then overwrite the target with the payload file.  I will need to adjust my process so that whenever we update this payload file, we generate a hash manually, then put it into the evaluation code for comparison needs.  

Reply