empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-07 17:28:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,266 Commits 3 Branches 0 Tags 561 MiB
a1720db58e
Commit Graph

1266 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Zachary Wasserman
051d3c8b07
Fix errors when trying to retrieve specs with spaces in name (#1957) 
We need to properly escape and unescape the name parameter.

Fixes #1948
 2018-11-20 17:19:24 -08:00
Blake Atkinson
510ec10769 Documentation: Add mysql conn limits (#1947) 2018-11-01 17:43:24 -04:00
Zachary Wasserman
3a07a4c07e
Update changelog for Fleet 2.0.0 release (#1944) 2018-10-16 15:28:28 -07:00
Zachary Wasserman
0c8a01e2ed
Update minimum osquery version options in query scheduler (#1943) 2018-10-16 14:29:13 -07:00
Zachary Wasserman
e6f4dd54bb
Fix loading of network interfaces with high host counts (#1942) 
This should fix the loading of the all hosts page in cases where there are many
hosts and it overwhelms the number of parameters allowed in a prepared
statement. May also make that page load slightly quicker as it removes the
constraint from the query, but should return the same number of results.

Fixes #1939
 2018-10-16 11:13:55 -07:00
Zachary Wasserman
c7306dc2d8
Update kolide/goose dependency to fix migration error (#1941) 
Fixes #1940
 2018-10-15 15:05:09 -07:00
Zachary Wasserman
1e6437e620
Allow INSERT queries in query editor (#1938) 
Closes #1937
 2018-10-15 11:59:14 -07:00
Zachary Wasserman
be6a16959a Fix error messages related to null users as creators of queries. (#1928) 
Ensure that the queries page still loads even when users are deleted manually
in the DB.

Fixes #1911
 2018-10-11 13:22:43 -07:00
Matt Southworth
863677515e Update README.md (#1936) 
Grammar fix
 2018-10-09 17:54:48 -06:00
Zachary Wasserman
3fa3fe7fdc
Use errors.Wrapf instead of nested fmt.Sprintf (#1933) 2018-10-02 15:19:50 -07:00
Zachary Wasserman
dceedd93e8
Update MySQL dependency (#1932) 
- Introduces support for MySQL 8 authentication methods.
 2018-10-02 13:15:31 -07:00
Caleb Coy
1db3ea9ad8 Update Cloud trial info in readme (#1927) 2018-10-02 09:21:19 -07:00
adamenger
a99313533d Added custom CA support to fleetctl client (#1931) 2018-10-01 15:23:46 -07:00
Zachary Wasserman
85ff9d6cf1
Update API docs for Fleet 2.0 (#1926) 2018-09-21 11:22:45 -04:00
Caleb Coy
0bb9c409a0 Flatten login screen styles (#1912) 2018-09-19 10:07:37 -04:00
Adam Guenther
55ca7bd351 Update osqueryd launch command with flags (#1925) 
Update command to be more copy paste ready.
 2018-09-19 10:03:56 -04:00
Caleb Coy
847cb193fc Flatten visual styles (#1908) 2018-09-18 14:14:13 -07:00
Zachary Wasserman
dab8f21d97 Update changelog for 2.0.0 RC5 2018-09-18 14:56:25 -04:00
Zachary Wasserman
66e720d34d Reduce port scanning possibilities via SMTP configuration 
The SMTP configuration could be used by an admin user to port scan the network
the Fleet server was running on. This commit reduces the information possible
to determine via this technique. A malicious admin can no longer determine
whether any TCP server is listening on a given port/address. They can only
determine ports and addresses where SMTP servers are running.

Thanks to 'quikke' for reporting this vulnerability.
 2018-09-18 14:56:25 -04:00
Zachary Wasserman
7e26b915c5 Refactoring and fixes in user authorization 
- Simplify/fix logic for authorization
- Rename/refactor for clarity
- Add tests for auth related code
 2018-09-18 14:56:25 -04:00
Zachary Wasserman
5cbaa9cb9f Prevent non-admin users from modifying other users 
An incorrect authorization check allowed non-admin users to modify the details of other users. We now enforce the appropriate authorization so that unprivileged users can only modify their own details.

Thanks to 'Quikke' for the report.
 2018-09-18 14:56:25 -04:00
Zachary Wasserman
21269b1dd8 Prevent escalation of user privileges via ModifyUser method 
The ability to modify a users admin and enabled status was erroneously left in
place during development of https://github.com/kolide/fleet/pull/959. To
mitigate a privilege escalation vulnerability we need to ensure those values
can only be modified through the explicit methods.

This patch includes a unit test and fix for the vulnerability.

Thanks to 'Quikke' for submitting this vulnerability.
 2018-09-18 14:56:25 -04:00
Zachary Wasserman
e011cfc464
Delete packs that have already been soft-deleted (#1924) 
We no longer use soft deletion, so this commit introduces a migration that hard
deletes existing deleted packs.

Fixes #1923
 2018-09-12 17:50:30 -07:00
Zachary Wasserman
94f5ee7832
Fix bug preventing rename of queries scheduled in packs (#1921) 
Change the foreign key constraint to automatically update the query name as
appropriate.

Fixes #1917
 2018-09-12 11:25:35 -07:00
Zachary Wasserman
686e8516e6
Add MySQl version information to infra docs (#1919) 2018-09-11 10:56:14 -07:00
Zachary Wasserman
79b2249e69
Allow update of settings page without enabling SMTP (#1903) 
Fixes #1871
 2018-09-07 15:37:35 -07:00
Thordur Bjornsson
832365c1d4 Fleetctl query improvements (#1888) 
- Exit when all targeted hosts have responded
- Pause the spinner when outputting logs so that output is cleaner
 2018-09-07 15:37:10 -07:00
Allen Golbig
cf84bd9d8e Added KeepAlive and ThrottleInterval (#1916) 2018-09-05 16:18:51 +00:00
Caleb Coy
60bd9157b6 convert rocker button to standard buttons (#1906) 2018-08-29 10:38:43 -04:00
Zachary Wasserman
b220aa23e6
Remove reference to quickstart in documentation (#1905) 2018-08-17 09:21:11 -07:00
Jeremy Rossi
473dc3e265 Add --quiet and --exit arguments for fleetctl query (#1887) 
--quiet will disable all printing other than errors and results
--exit will quit and exit when 100% online hosts have returned results
 2018-08-16 15:31:18 -07:00
Zachary Wasserman
bb789b4932
Display errors on password reset page (#1902) 
Fixes #1885
 2018-08-16 11:25:42 -07:00
Zachary Wasserman
71e8e3917e
Update changelog for RC4 release (#1901) 2018-08-14 16:54:23 -07:00
Zachary Wasserman
ece5e6cda9
Fix pack targets handling in UI (#1898) 
Now targets should be updated to exactly what is displayed in the UI.

Fixes #1827
 2018-08-14 12:14:24 -07:00
Zachary Wasserman
dfac039422
Fix targeting packs to individual hosts (#1897) 
Packs can be targeted to individual hosts through the UI. This was supported
previously and was broken with refactoring in Fleet 2.0.

There is currently no support in the fleetctl format for targeting individual
hosts, but this could be added at a later date.

Fixes #1878
 2018-08-13 10:07:10 -07:00
Chris Helming
4729789943 Trim whitespace from X509 certificate (#1900) 2018-08-10 12:42:35 -07:00
Zachary Wasserman
386bb8a9b9
Add fleetctl to generated Docker images (#1896) 2018-08-08 16:21:49 -07:00
Zachary Wasserman
54f62183ee
Run make generate before make docker-build-release (#1891) 
Ensure that assets are compiled before building Docker images. In the past we
have accidentally published images that were lacking assets.
 2018-08-06 10:55:32 -07:00
Mike Arpaia
ea4ede299a
Add osquery table data from master (#1884) 
This was generated via:

```
python ~/git/osquery/tools/codegen/genapi.py > ~/go/src/github.com/kolide/fleet/frontend/osquery_tables.json
```

close #1883
 2018-08-06 11:30:50 -06:00
Zachary Wasserman
45ab398a6e
Add kolide-fleet-chart to community section of README (#1889) 
Closes #1874
 2018-08-03 11:38:08 -07:00
Caleb Coy
e4b076acc6 Update color scheme to match Kolide branding (#1879) 2018-07-30 06:01:27 -07:00
Zachary Wasserman
6bdddfacf0
Expose API Token in UI (#1868) 
Useful for SAML login users who cannot log in with `fleetctl login`. Instead
they can pull their session token from the UI and configure the fleetctl client
to use it.

Closes #1865
 2018-07-17 11:27:30 -07:00
Zachary Wasserman
ea744709e0
Fix handling of missing scheduled query parameters in UI (#1870) 
The UI previously expected these parameters to be set, but instead we can
massage the data appropriately (because they are not required to be set by
fleetctl).

Fixes #1869
 2018-07-17 10:03:31 -07:00
Zachary Wasserman
614fc9d3c5
Confirm password on setup (#1866) 2018-07-16 10:03:50 -07:00
Zachary Wasserman
e62d2f57df
Improve error message when client is not logged in (#1867) 2018-07-16 09:35:21 -07:00
Mike Arpaia
626cda2d4f
Add the scheduling queries doc back to the repo (#1862) 2018-07-12 10:08:37 -06:00
Zachary Wasserman
a7dd64fb0b
Fix newline handling in fleetctl convert (#1856) 
Previously we stripped all non-word characters which worked for some cases, but
removed necessary characters in others. What we really want (and now do) is to
remove only whitespace characters.

Fixes #1854
 2018-06-28 12:02:46 -07:00
Zachary Wasserman
88cc73e4ca
Fix errors and clarify docs on config platform overrides (#1855) 
Closes #1846
 2018-06-28 12:02:31 -07:00
Zachary Wasserman
293ca56040
Fix error when migrating packs and scheduled query has been deleted. (#1851) 
Fixes #1850
 2018-06-26 09:54:45 -07:00
Zachary Wasserman
87fd9a2c8b
Update favicon with flat Kolide logo (#1849) 2018-06-26 09:13:40 -07:00