fleet/it-and-security/lib/linux/scripts/uninstall-fleetd-linux.sh

#!/bin/bash
# Please don't delete. This script is used in tests (tools/tuf/test/migration/migration_test.sh), workflors (.github/workflows/), and in the guide here: https://fleetdm.com/guides/how-to-uninstall-fleetd

if [ $(id -u) -ne 0 ]; then
    echo "Please run as root"
    exit 1
fi

function remove_fleet {
    set -x
    systemctl stop orbit.service || true
    systemctl disable orbit.service || true
    rm -rf /var/lib/orbit /opt/orbit /var/log/orbit /usr/local/bin/orbit /etc/default/orbit /usr/lib/systemd/system/orbit.service

    # Remove any package references
    if command -v dpkg > /dev/null; then
        dpkg --purge fleet-osquery || true
    elif command -v rpm > /dev/null; then
        rpm -e fleet-osquery || true
    elif command -v pacman > /dev/null; then
        pacman -Rns --noconfirm fleet-osquery || true
    fi

    # Kill any running Fleet processes
    pkill -f fleet-desktop || true

    # Reload systemd configuration
    systemctl daemon-reload

    echo "Fleetd has been successfully removed from the system."
}

if [ "$1" = "remove" ]; then
    # We are in the detached child process
    # Give the parent process time to report the success before removing
    echo "inside remove process" >>/tmp/fleet_remove_log.txt
    sleep 15

    # We are root
    remove_fleet >>/tmp/fleet_remove_log.txt 2>&1
else
    # We are in the parent shell, start the detached child and return success
    echo "Removing fleetd, system will be unenrolled in 15 seconds..."
    echo "Executing detached child process"

    # We are root
    # Use systemd-run to spawn the removal process in a separate transient unit.
    # This ensures the process escapes the orbit.service cgroup, so when
    # orbit.service is stopped, the removal script continues running.
    if command -v systemd-run > /dev/null; then
        systemd-run --quiet bash "$0" remove
    else
        # Fallback for non-systemd systems (rare for modern Linux)
        bash -c "bash $0 remove >/dev/null 2>/dev/null </dev/null &"
    fi
fi
Uninstall fleetd remotely (#27024) 2025-03-19 18:35:39 +00:00			`#!/bin/bash`
Cleanup scripts (#27307) - Move duplicate scripts out of `scripts/mdm/` and into `it-and-security/` so we have one version that we can continue to iterate and improve. - Remove no longer used scripts out of `scripts/mdm/` --------- Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com> 2025-03-27 21:43:53 +00:00			`# Please don't delete. This script is used in tests (tools/tuf/test/migration/migration_test.sh), workflors (.github/workflows/), and in the guide here: https://fleetdm.com/guides/how-to-uninstall-fleetd`
Uninstall fleetd remotely (#27024) 2025-03-19 18:35:39 +00:00
			`if [ $(id -u) -ne 0 ]; then`
			`echo "Please run as root"`
			`exit 1`
			`fi`

			`function remove_fleet {`
			`set -x`
			`systemctl stop orbit.service \|\| true`
			`systemctl disable orbit.service \|\| true`
			`rm -rf /var/lib/orbit /opt/orbit /var/log/orbit /usr/local/bin/orbit /etc/default/orbit /usr/lib/systemd/system/orbit.service`
🤖 Move child process to separate cgroup for Linux uninstall script (#37131) For #36619. Zed + Opus 4.5, prompt was just "fix https://github.com/fleetdm/fleet/issues/36619" <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves # # Checklist for submitter If some of the following don't apply, delete the relevant line. No changes file as this isn't in a Fleet release. ## Testing - [ ] QA'd all new/changed functionality manually --------- Co-authored-by: Allen Houchins <allenhouchins@mac.com> 2025-12-31 18:16:35 +00:00
Uninstall fleetd remotely (#27024) 2025-03-19 18:35:39 +00:00			`# Remove any package references`
			`if command -v dpkg > /dev/null; then`
30259 - fix linux uninstall script (#30488) I tested the uninstall script by: - Making a new agent package and installing it - Checking with `dpkg --get-selections \| grep 'fleet'` that fleet-osquery is installed - Checking with `sudo systemctl list-units \| grep 'orbit'` that orbit.service is running - Uninstalling the package with uninstall-fleetd-linux.sh - Checking the above commands again to see that fleet-osquery and orbit.service are uninstalled. # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. - For Orbit and Fleet Desktop changes: - [x] Manual QA done on one Linux machine (Ubuntu 24 on HP laptop). 2025-07-01 22:50:47 +00:00			`dpkg --purge fleet-osquery \|\| true`
Uninstall fleetd remotely (#27024) 2025-03-19 18:35:39 +00:00			`elif command -v rpm > /dev/null; then`
30259 - fix linux uninstall script (#30488) I tested the uninstall script by: - Making a new agent package and installing it - Checking with `dpkg --get-selections \| grep 'fleet'` that fleet-osquery is installed - Checking with `sudo systemctl list-units \| grep 'orbit'` that orbit.service is running - Uninstalling the package with uninstall-fleetd-linux.sh - Checking the above commands again to see that fleet-osquery and orbit.service are uninstalled. # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. - For Orbit and Fleet Desktop changes: - [x] Manual QA done on one Linux machine (Ubuntu 24 on HP laptop). 2025-07-01 22:50:47 +00:00			`rpm -e fleet-osquery \|\| true`
🤖 Move child process to separate cgroup for Linux uninstall script (#37131) For #36619. Zed + Opus 4.5, prompt was just "fix https://github.com/fleetdm/fleet/issues/36619" <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves # # Checklist for submitter If some of the following don't apply, delete the relevant line. No changes file as this isn't in a Fleet release. ## Testing - [ ] QA'd all new/changed functionality manually --------- Co-authored-by: Allen Houchins <allenhouchins@mac.com> 2025-12-31 18:16:35 +00:00			`elif command -v pacman > /dev/null; then`
			`pacman -Rns --noconfirm fleet-osquery \|\| true`
Uninstall fleetd remotely (#27024) 2025-03-19 18:35:39 +00:00			`fi`
🤖 Move child process to separate cgroup for Linux uninstall script (#37131) For #36619. Zed + Opus 4.5, prompt was just "fix https://github.com/fleetdm/fleet/issues/36619" <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves # # Checklist for submitter If some of the following don't apply, delete the relevant line. No changes file as this isn't in a Fleet release. ## Testing - [ ] QA'd all new/changed functionality manually --------- Co-authored-by: Allen Houchins <allenhouchins@mac.com> 2025-12-31 18:16:35 +00:00
Uninstall fleetd remotely (#27024) 2025-03-19 18:35:39 +00:00			`# Kill any running Fleet processes`
			`pkill -f fleet-desktop \|\| true`
🤖 Move child process to separate cgroup for Linux uninstall script (#37131) For #36619. Zed + Opus 4.5, prompt was just "fix https://github.com/fleetdm/fleet/issues/36619" <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves # # Checklist for submitter If some of the following don't apply, delete the relevant line. No changes file as this isn't in a Fleet release. ## Testing - [ ] QA'd all new/changed functionality manually --------- Co-authored-by: Allen Houchins <allenhouchins@mac.com> 2025-12-31 18:16:35 +00:00
Uninstall fleetd remotely (#27024) 2025-03-19 18:35:39 +00:00			`# Reload systemd configuration`
			`systemctl daemon-reload`
🤖 Move child process to separate cgroup for Linux uninstall script (#37131) For #36619. Zed + Opus 4.5, prompt was just "fix https://github.com/fleetdm/fleet/issues/36619" <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves # # Checklist for submitter If some of the following don't apply, delete the relevant line. No changes file as this isn't in a Fleet release. ## Testing - [ ] QA'd all new/changed functionality manually --------- Co-authored-by: Allen Houchins <allenhouchins@mac.com> 2025-12-31 18:16:35 +00:00
Uninstall fleetd scripts: "fleetd" (#29196) Fleet's agent is called "fleetd": https://fleetdm.com/docs/get-started/anatomy#fleetd 2025-05-15 22:48:14 +00:00			`echo "Fleetd has been successfully removed from the system."`
Uninstall fleetd remotely (#27024) 2025-03-19 18:35:39 +00:00			`}`

			`if [ "$1" = "remove" ]; then`
			`# We are in the detached child process`
			`# Give the parent process time to report the success before removing`
			`echo "inside remove process" >>/tmp/fleet_remove_log.txt`
			`sleep 15`
🤖 Move child process to separate cgroup for Linux uninstall script (#37131) For #36619. Zed + Opus 4.5, prompt was just "fix https://github.com/fleetdm/fleet/issues/36619" <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves # # Checklist for submitter If some of the following don't apply, delete the relevant line. No changes file as this isn't in a Fleet release. ## Testing - [ ] QA'd all new/changed functionality manually --------- Co-authored-by: Allen Houchins <allenhouchins@mac.com> 2025-12-31 18:16:35 +00:00
Uninstall fleetd remotely (#27024) 2025-03-19 18:35:39 +00:00			`# We are root`
			`remove_fleet >>/tmp/fleet_remove_log.txt 2>&1`
			`else`
			`# We are in the parent shell, start the detached child and return success`
Uninstall fleetd scripts: "fleetd" (#29196) Fleet's agent is called "fleetd": https://fleetdm.com/docs/get-started/anatomy#fleetd 2025-05-15 22:48:14 +00:00			`echo "Removing fleetd, system will be unenrolled in 15 seconds..."`
Uninstall fleetd remotely (#27024) 2025-03-19 18:35:39 +00:00			`echo "Executing detached child process"`
🤖 Move child process to separate cgroup for Linux uninstall script (#37131) For #36619. Zed + Opus 4.5, prompt was just "fix https://github.com/fleetdm/fleet/issues/36619" <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves # # Checklist for submitter If some of the following don't apply, delete the relevant line. No changes file as this isn't in a Fleet release. ## Testing - [ ] QA'd all new/changed functionality manually --------- Co-authored-by: Allen Houchins <allenhouchins@mac.com> 2025-12-31 18:16:35 +00:00
Uninstall fleetd remotely (#27024) 2025-03-19 18:35:39 +00:00			`# We are root`
🤖 Move child process to separate cgroup for Linux uninstall script (#37131) For #36619. Zed + Opus 4.5, prompt was just "fix https://github.com/fleetdm/fleet/issues/36619" <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves # # Checklist for submitter If some of the following don't apply, delete the relevant line. No changes file as this isn't in a Fleet release. ## Testing - [ ] QA'd all new/changed functionality manually --------- Co-authored-by: Allen Houchins <allenhouchins@mac.com> 2025-12-31 18:16:35 +00:00			`# Use systemd-run to spawn the removal process in a separate transient unit.`
			`# This ensures the process escapes the orbit.service cgroup, so when`
			`# orbit.service is stopped, the removal script continues running.`
			`if command -v systemd-run > /dev/null; then`
			`systemd-run --quiet bash "$0" remove`
			`else`
			`# Fallback for non-systemd systems (rare for modern Linux)`
			`bash -c "bash $0 remove >/dev/null 2>/dev/null </dev/null &"`
			`fi`
Uninstall fleetd scripts: "fleetd" (#29196) Fleet's agent is called "fleetd": https://fleetdm.com/docs/get-started/anatomy#fleetd 2025-05-15 22:48:14 +00:00			`fi`