18.2.1 - successfully Tested for negative and positive cases
18.2.2 - successfully Tested for negative and positive cases
18.2.3 - successfully Tested for negative and positive cases
18.2.4 - successfully Tested for negative and positive cases
18.2.5 - successfully Tested for negative and positive cases
18.2.6 - successfully Tested for negative and positive cases
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
Related to #9459, this adds logic to the cron to add a
`com.fleetdm.fleetd.config` configuration profile to the
`apple_mdm_configuration_profiles` table.
As noted in the comments, this makes some assumptions:
- This profile will be applied to all hosts in the team (or "no team",)
but it will only be used by hosts that have a fleetd installation
without
an enroll secret and fleet URL (mainly DEP enrolled hosts).
- Once the profile is applied to a team (or "no team",) it's not removed
if
AppConfig.MDM.AppleBMDefaultTeam changes, this is to preserve existing
agents using the configuration (mainly ServerURL as EnrollSecret is used
only during enrollment)
Many of these queries reference registry keys that do not exist so I
moved them to the NON-COMPLETED file. However, all queries name in
#10355 are included in either the main or non completed file.
- [x] Manual QA for all new/changed functionality
## Addresses #9988
* Adjust copy in tooltips to take up less width
* Refactor table headers to take an optional "isLastColumn" property
that is set to true when that header is in the last column.
* Use above property in conjunction with presence of TooltipWrapper as a
value for the header cell to add a class specific to that state.
* Use that class to adjust the location of the tooltip text and the
min-width of the column to avoid the bug.
The 3 states which exhibited this bug, now fixed:
<img width="1496" alt="Screenshot 2023-03-27 at 4 36 01 PM"
src="https://user-images.githubusercontent.com/61553566/228091971-4d5d034d-55c5-4921-955a-4946119f7785.png">
<img width="1496" alt="Screenshot 2023-03-27 at 4 36 12 PM"
src="https://user-images.githubusercontent.com/61553566/228091968-adf90b32-8fd2-45d9-b56d-a64c654151ef.png">
<img width="1496" alt="Screenshot 2023-03-27 at 4 36 24 PM"
src="https://user-images.githubusercontent.com/61553566/228091962-ff626daa-b13d-4093-b34f-de704b820161.png">
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
Go tests are failing in main with:
```
=== RUN TestGroupFromBytesWithWin10CISQueries
spec_test.go:69:
Error Trace: /Users/roperzh/fleet/pkg/spec/spec_test.go:69
Error: Received unexpected error:
failed to unmarshal spec item error converting YAML to JSON: yaml: line 20: mapping values are not allowed in this context:
apiVersion: v1
kind: policy
spec:
name: CIS - Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'
platforms: win10
platform: windows
description: |
This policy setting allows you to audit events generated by the management of task scheduler jobs or COM+ objects.
For scheduler jobs, the following are audited:
- Job created.
- Job deleted.
- Job enabled.
- Job disabled.
- Job updated.
For COM+ objects, the following are audited:
- Catalog object added.
- Catalog object updated.
- Catalog object deleted.
The recommended state for this setting is: Success and Failure.
resolution: |
Automatic method:
Ask your system administrator to establish the recommended configuration via GP, set the following UI path to Success and Failure:
'Computer Configuration\Policies\Windows Settings\Security Settings\Advanced Audit Policy Configuration\Audit Policies\Object Access\Audit Other Object Access Events'
query: |
SELECT 1 FROM mdm_bridge where mdm_command_input = "<SyncBody><Get><CmdID>1</CmdID><Item><Target><LocURI>./Device/Vendor/MSFT/Policy/Result/Audit/ObjectAccess_AuditOtherObjectAccessEvents</LocURI></Target></Item></Get></SyncBody>"
AND mdm_command_output = 3;
purpose: Informational
tags: compliance, CIS, CIS_Level1, CIS_win10_enterprise_1.12.0, CIS_bullet_17.6.3
contributors: sharon-fdm
Test: TestGroupFromBytesWithWin10CISQueries
--- FAIL: TestGroupFromBytesWithWin10CISQueries (0.31s)
```
This adds a missing indentation to make them pass.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
Bumps alpine from 3.17.2 to 3.17.3.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
https://fleetdm.slack.com/archives/C01ALP02RB5/p1680103400723359
Changes:
- Updated `imagine/view-launch-party.js` to accept optional inputs
provided via a query string parameter and send two variables to the
page: `showFormOnPageLoad` and `formDataToPrefill`.
- Updated the launch-party page script to use the variables sent from
the view action to show the form when the page loads and pre-fill the
form inputs.
- Updated the launch-party waitlist form's submit button to say "RSVP"
if form inputs are pre-filled.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
Closes#10869
As part of my on-call I'm looking through issues that require
documentation. I saw one about GeoIP in #8570 and wrote an overview of
how to set it up and why you would want to use GeoIP.
