* Add disable-updates flag to fleetctl and orbit
* Fix ruleguard execution error on make lint-go
* Introduce dev-mode for ease of development of orbit
* Add changes file
Resolves the warning described in #3699 by updating to the latest
version of the dependency with the warning fixed.
The warning should go away on all clients after new metadata is
generated with these changes.
1. In sh, `which` is actually a binary usually located at `/usr/bin`, but not every GNU/Linux distribution comes with it installed by default. Whereas, `command` is a built-in shell tool, hence, it's safer to use it instead of which to verify if a binary is present in the machine
2. I believe there was a typo in the redirections in the `systemctl daemon-reload 2>/dev/null 2>&1` line
3. The `systemctl enable` command is necessary because the service is created, but not activated, meaning when the user reboots his machine orbit won't automatically relaunch
* Fix orbit and osqueryd logging on Windows
* Add functionality to test the change and use systemprofile app data
* Add centos syslog to README.md
* Add wait on orbit for osquery extension socket to exist (#3571)
* Wait for osquery extension socket to exist
* Amend changes
* Fix lint
* Restore timeout
In some installations (observed on GitHub Actions), the postinstall
script would fail to start the service because the `systemctl` binary
was at a different path than expected, or the `systemd` binary was not
found running.
This change allows the service to start on these environments.
The database is currently unused and sometimes causing problems in Orbit
deployments due to file corruption on Windows. We may need to look at
something less prone to corruption.
This matches the default identifier used in Fleet's prior recommended
osquery installation, easing migration for users. It can still be
overridden via a flagfile.
- Orbit automatically loads the flagfile when it exists in the orbit
root.
- Add packaging support to include flagfile with package.
- Fix a panic when osquery fails to start up.
* Fix races in go tests and run with -race on CI
* Fix race in pubsub
* Increase timeout to 15m for go tests
* CI takes forever, try disabling race
* Remove timeout from go tests
* Make preview work when run from scratch (no orbit running)
* Make vulnerability processing less RAM hungry
* Add changes file
* Only get the cpe list once
* Remove cache
* Try killing osquery as well as orbit and clear their db dir
Co-authored-by: Lucas Rodriguez <lucas@fleetdm.com>
- Fix Windows MSI generation by changing permissions (#2655).
- Refactor temp directory initialization.
- Use root user for Wine in WiX Docker container.
- Support .pkg packaging on Linux without dependencies (besides Docker)
* Download and launch orbit for the current device when starting preview
* Add windows kill
* Fix imports
* Fix import
* Disable secure directory checks on windows for now
* Add missing import
* added package command from orbit as fleetctl command
* update deployment docs
* add changes file
* added tests for package command, run go mod tidy & go mod verify
* validate that package files exist
* comment out msi packaging test until we can investigate github runner permission issues
* Rename core->free and basic->premium
* Fix lint js
* Comment out portion of test that seems to timeout
* Rename tier to premium if basic is still loaded
* Adding certificate functionality to windows agent
* Update windows template
To allow for --fleet-certificate parameter when building windows agent
* Gofmt -ed Windows.go
* Gofmted windows.go again
Replace space indentation with tab
* Add safe mkdirall and open
* Use secure as much as possible and merge gomodules for orbit to fleet
* Improve openfile and mkdirall to check for permissiveness instead of equality
* Don't shift
* Fix links
* Address review comments
