#28621
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [X] Added/updated automated tests
- [X] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [X] Make sure fleetd is compatible with the latest released version of
Fleet (see [Must
rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/workflows/fleetd-development-and-release-strategy.md)).
- [X] Orbit runs on macOS, Linux and Windows. Check if the orbit
feature/bugfix should only apply to one platform (`runtime.GOOS`).
- [X] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [X] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
Fixes part of #29720.. Includes promoting some bolded to subheadings (in
wireframe docs).
---------
Co-authored-by: Sam Pfluger <108141731+Sampfluger88@users.noreply.github.com>
# Checklist for submitter
Implementation for #28315
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added/updated automated tests (automated testing seemed
infeasible)
- [x] Manual QA for all new/changed functionality (tested on Ubuntu 24)
- For Orbit and Fleet Desktop changes:
- [x] Make sure fleetd is compatible with the latest released version of
Fleet (see [Must
rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/workflows/fleetd-development-and-release-strategy.md)).
- [x] Orbit runs on macOS, Linux and Windows. Check if the orbit
feature/bugfix should only apply to one platform (`runtime.GOOS`).
- [x] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux. (tested on Ubuntu 24, code does not compile on other
platforms)
Fixes#26693
Added functionality to verify that the escrowed LUKS disk encryption key is valid. To achieve this, two new fleetd tables were added: lsblk and cryptsetup_luks_salt/table to compare the stored encryption key with the ones present on the host.
for #26674
# Checklist for submitter
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
## Details
This PR adds text to the existing `disk_info` notes in the UI,
clarifying that in ChromeOS, the table will only return data about
removable storage media. After researching the issue and trying various
alternatives, my conclusion is that ChromeOS is purposely designed to
make it very difficult to obtain hardware information (including
internal disk space and usage) via extensions. In order to actual do
this reporting, we'd need to integrate the [Chrome Admin
API](https://developers.google.com/workspace/admin/directory/reference/rest/v1/chromeosdevices#ChromeOsDevice)
into Fleet, which requires more design and planning.
For #20675 and #25977.
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [X] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [X] Make sure fleetd is compatible with the latest released version of
Fleet (see [Must
rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/fleetd-development-and-release-strategy.md)).
- [X] Orbit runs on macOS, Linux and Windows. Check if the orbit
feature/bugfix should only apply to one platform (`runtime.GOOS`).
- [X] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [x] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
Solves #23955
# Checklist for submitter
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
- [ ] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Orbit runs on macOS, Linux and Windows. Check if the orbit
feature/bugfix should only apply to one platform (`runtime.GOOS`).
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
Changes to add `team_identifier` signing information to macOS
applications on the `/api/latest/fleet/hosts/:id/software` API endpoint.
Docs: https://github.com/fleetdm/fleet/pull/23743
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [X] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [X] Added/updated tests
- [X] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
- [X] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [X] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [X] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ X Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [X] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [X] Orbit runs on macOS, Linux and Windows. Check if the orbit
feature/bugfix should only apply to one platform (`runtime.GOOS`).
- [X] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [X] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
---------
Co-authored-by: Tim Lee <timlee@fleetdm.com>
Co-authored-by: Ian Littman <iansltx@gmail.com>
The core osquery schema incorrectly lists Windows as a supported os for
this query:https://osquery.io/schema/5.12.1/#yara_events
Adding a yaml override to reflect this in Fleet's docu
---------
Co-authored-by: Harrison John <harrisonjohn@Harrisons-MacBook-Pro.local>
Co-authored-by: Eric <eashaw@sailsjs.com>
Missing comma between u.username, u.uid causes the query to fail with
this error (Note the query is only applicable to Mac OS):
```
osquery> SELECT u.username u.uid, strftime('%Y-%m-%dT%H:%M:%S', a.password_last_set_time, 'unixepoch') AS password_last_set_time, a.failed_login_count, strftime('%Y-%m-%dT%H:%M:%S', a.failed_login_timestamp, 'unixepoch') AS failed_login_timestamp FROM account_policy_data AS a CROSS JOIN users AS u USING (uid) ORDER BY password_last_set_time ASC;
Error: near ".": syntax error
```
Output after fixing the missing , (removed part of the output):
```
osquery> SELECT u.username, u.uid, strftime('%Y-%m-%dT%H:%M:%S', a.password_last_set_time, 'unixepoch') AS password_last_set_time, a.failed_login_count, strftime('%Y-%m-%dT%H:%M:%S', a.failed_login_timestamp, 'unixepoch') AS failed_login_timestamp FROM account_policy_data AS a CROSS JOIN users AS u USING (uid) ORDER BY password_last_set_time ASC;
+--------------+------------+------------------------+--------------------+------------------------+
| username | uid | password_last_set_time | failed_login_count | failed_login_timestamp |
+--------------+------------+------------------------+--------------------+------------------------+
| nobody | 4294967294 | | | |
| root | 0 | | | |
```
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
---------
Co-authored-by: Eric <eashaw@sailsjs.com>
Related to: https://github.com/fleetdm/fleet/issues/15651
Changes:
- Removed `hidden: true` from the YAML override file for the iptables
table.
- Regenerated osquery_fleet_schema.json
Closes: #19271Closes: #19286
Changes:
- Updated the example in the schema folder readme
- Updated the block scalar used in Fleet's osquery override
documentation (`>-` » `|-`) and removed extra newlines
- Updated the block scalar used in URLs used to create new yaml override
files
- Regenerated osqeury_fleet_schema.json
Changes:
- Updated the version of osquery schema that is merged with Fleet's
overrides: (5.11.0 » 5.12.1)
- Regenerated schema/osquery_fleet_schema.json
Closes: #18240
Changes:
- Updated the schema override files to use only one YAML block scalar
(`>-`)
- Updated the template yaml included in the link to create a new
override file in get-extended-osquery-schema helper to use the `>-`
block scalar
- regenerated osquery_fleet_schema.json
Changes:
- Updated the `build-static-content` script to remove support for the
`requires_user_context` column attribute
- Updated `get-extended-osquery-schema` to not set a
`requires_user_context` value in the merged schema json.
- Regenerated `schema/osquery_fleet_schema.json`
For #17577
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [x] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux. (performed only on macOS)
Closes: #17883
Changes:
- Updated the `get-extended-osquery-schema` helper to set the `type`
values of columns of tables with Fleet overrides to be lowercase.
- Regenerated `osquery_fleet_schema.json`
Related to: https://github.com/fleetdm/fleet/issues/17861
Changes:
- Updated `get-extended-osquery-schema` helper to remove `examples`
values from the merged schema JSON if they are an empty array.
- regenerated `osqeury_fleet_schema.json`
Closes: https://github.com/fleetdm/fleet/issues/17188
Changes:
- Updated `get-extended-osquery-schema.js` to only include the last
example from the osquery schema if a table has an override file that
does not contain an `examples` value.
- Regenerated osquery_fleet_schema.json with the correct `examples`
values
Changes:
- Added a newline before the code block in the example of the
`vscode_extensions` table override to fix the formatting of the page
generated for this table (see screenshot)
- Ran the `generate-merged-schema` script to regenerate
`osquery_fleet_schema.json`
<img width="860" alt="image"
src="https://github.com/fleetdm/fleet/assets/7445991/1f6f1b37-1240-4d16-b102-f67ecff5fb28">
For https://github.com/fleetdm/fleet/issues/13891
Changes:
- Updated the version of the osquery schema used to generate
osqeury_fleet_schema.json (`5.9.1` » `5.11.0`)
- Removed the table override file for the `atom_packages` table (It was
removed from the osquery schema, our override file was previously hiding
the table)
- Ran the `generate-merged-schema` script to regenerate
osquery_fleet_schema.json
