Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-18 06:28:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 46
fleet/changes
History
Sharon Katz 103239105f
Fix #27888 (#29040) 
This is fixing a misinterpretation of the [CIS
document](https://drive.google.com/file/d/1Bq6GSn_wRMp2JKbYsRt51V5BXV1gizDp/view?usp=drive_link)
for Macos 15/

In the doc search for:  "show full Website". 
The Audit bash script is:
```
% /usr/bin/sudo /usr/sbin/system_profiler SPConfigurationProfileDataType |
/usr/bin/grep ShowFullURLInSmartSearchField | /usr/bin/tr -d ' '

Result on my Mac:
ShowFullURLInSmartSearchField = 1;
```
This should be interpreted as 'Any user who has this setting is ok'. Not
looking for an empty user.
We have 48 other occurrences that we will discuss outside the scope of
this issue.

QA:
Applying the profile for my main user worked.
Adding a test user
The configuration was applied to it without the need to redeploy the
profile.

--> Hence, we are good with the way CIS recommends auditing.

checking with a query finds both accounts with the proper settign:

![image](https://github.com/user-attachments/assets/258c4183-dc76-49aa-a022-63954f1733dc)



# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
2025-05-23 10:19:23 -04:00
..
.keep Issue 1009 calculate diff software (#1305) 2021-07-08 13:57:43 -03:00
24083-app-metadata Improve .pkg metadata extraction for names and bundle IDs, let custom package metadata extraction tool check an entire directory at a time (#29249) 2025-05-19 10:32:36 -05:00
25545-mac-app-sha256 Added SHA256 hash from mac apps on install paths (#29280) 2025-05-20 23:38:59 -05:00
25547-smtp-setup-test-email-warning Add SMTP settings save tooltip (#29112) 2025-05-22 14:47:38 -04:00
26674-update-disk-info-docs update docs about disk_info table (#28795) 2025-05-06 15:28:07 -05:00
26693-verify-linux-escrowed-userkey Re-verify Linux disk encryption #26693 (#29034) 2025-05-22 16:15:26 -04:00
26996-and-28452-skip-webview-popup Remove webview when IdP not enabled. (#29283) 2025-05-20 22:50:48 +03:00
27085-sync-host-failing-policies-count Re-calculate host failing policy and total issue counts whenever GET ing that host (#29109) 2025-05-20 13:41:38 -07:00
27233-fix-cursor-alignment-issue Fix SQL query editor cursor alignment issue (#28878) 2025-05-20 16:56:52 -05:00
27255-hide-script-content-for-saved-scripts UI: Hide script contents for saved script run activity details (#29064) 2025-05-13 11:16:27 -07:00
27396-win-11-cis-4 Windows 11 Enterprise CIS 4.0 (#29191) 2025-05-22 15:55:45 -04:00
27522-installer-encoding Properly decode MSI product names from Windows-1252 (#29245) 2025-05-19 10:39:57 -05:00
27609-user-menu-style UI: User menu style fix (#29066) 2025-05-13 11:49:48 -07:00
27667-fix-TooltipTruncatedText UI: Improve TooltipTruncatedText and now underlying useCheckTruncatedElement (#29232) 2025-05-20 15:41:53 -07:00
27700-validate-bootstrap-is-distribution-pkg Only allow distribution packages for bootstrap package (#28787) 2025-05-06 11:02:13 -05:00
27701-fix-manual-label-with-duplicate-serials add HostIDs to label API (#29185) 2025-05-22 08:20:35 -05:00
27867-fix-chrome-profiles-not-reset-after-reenroll Immediately ask for a host refetch when a host re-enrolls and reuses an existing host row (#29081) 2025-05-14 09:38:53 -04:00
27888-CIS-issue Fix #27888 (#29040) 2025-05-23 10:19:23 -04:00
27979-ddm-profile-verification Fixing issues with Apple DDM profile status (#29059) 2025-05-15 13:05:25 -05:00
28038-uninstall Add backend for uninstalls in My device UI (#29035) 2025-05-13 12:14:45 -05:00
28099-sha-hash Fleet UI: Surface copyable SHA256 hash on software details page (#29152) 2025-05-15 12:20:22 -04:00
28110-gitOps-mode-add-package-view-yaml Fleet UI: Allow gitOps mode to add package to view YAML (#29274) 2025-05-22 09:47:57 -04:00
28118-clear-gitops-settings Allow GitOps to clear global settings more easily using overwrite option (#29215) 2025-05-19 11:18:28 -05:00
28196-SCIM-for-Entra-ID SCIM Entra ID support (#28832) 2025-05-08 13:02:49 -05:00
28197-SCIM-for-authentik SCIM support for authentik (#29002) 2025-05-09 15:06:03 -04:00
28205-skip-policies-during-setup-experience Hold off on policy queries until after setup experience (#29159) 2025-05-16 14:56:27 -04:00
28440-deleting-non-managed-gitops-labels Error when deleting non managed GitOps labels #28440 (#29067) 2025-05-13 20:16:16 -04:00
28521-host-activity-read-disk-key Make read_host_disk_encryption_key a host activity (#28858) 2025-05-21 16:47:11 -04:00
28532-fix-query-edit-permissinos UI: Fix permissions for accessing queries table Edit UX (#29319) 2025-05-21 10:40:57 -07:00
28560-add-neon-to-linux-platforms Add neon to Linux platform list (#28977) 2025-05-12 17:37:21 -05:00
28652-copy-button-consistency Fleet UI: Created consistent UI for the copy button of an input field (#29056) 2025-05-13 10:24:32 -04:00
28699-support-running-scripts-on-host-batches-defined-by-filter UI: Add ability to run a script on all hosts that match a set of supported filters; Add UI to view batch run summaries (#29025) 2025-05-22 16:45:43 -07:00
28700-add-bulk-execute-by-script Add ability to bulk execute scripts based on filters (#29149) 2025-05-22 16:44:34 -05:00
28701-batch-script-cancel Cancel upcoming scripts on edit (#28924) 2025-05-21 13:04:59 -04:00
28762-batch-resend-profile-to-hosts BRP: add batch-resend profile to hosts endpoint based on status (#28871) 2025-05-07 16:48:18 -04:00
28857-vuln-checks Add spot check on 2024 and 2025 NVD feeds to ensure VulnCheck enrichment (#28952) 2025-05-08 22:13:46 -05:00
28929-fleet-desktop-errors Fleet Desktop: Update component level error states (#28816) 2025-05-12 09:25:09 -04:00
29042-windows-mdm-query-enhancement Tweak MDM detection query to return the proper enrollment when there are multiple entries (#29360) 2025-05-22 14:08:05 -04:00
29090-cancel-profile-delivery-on-delete BRP: cancel single profile on delete via UI (#29107) 2025-05-20 08:55:51 -04:00
29143-add-batch-script-summary-endpoint Add batch script execution summary endpoint (#29312) 2025-05-22 15:07:35 -05:00
29197-fma-search handle case when fleet maintained apps list is null (#29296) 2025-05-20 15:42:35 -04:00
29345-new-ubuntus Add OVAL supported OS mappings for Ubuntu 24.10 and 25.04 (#29381) 2025-05-22 18:05:51 -05:00
issue-23784-turn-off-mdm-iphone-ipad allow turning off mdm for iphone and ipad hosts (#29087) 2025-05-15 12:38:07 +01:00
issue-28215-allow-fleet-secrets-for-macos-setup-script enable fleet secret variables in the macos setup script in gitops (#29164) 2025-05-16 19:05:33 +01:00
issue-28757-ui-for-profiles-status-and-batch-resend Add UI for viewing config profile install status and enable resending profiles to failed hosts. (#28964) 2025-05-09 16:46:09 +01:00
issue-28759-ui-for-filter-hosts-by-config-profile-status Feat UI host filter by custom profiles (#29038) 2025-05-15 12:37:45 +01:00
issue-28761-filter-list-hosts-by-profile add host filtering by mdm config profile and the profile status (#29287) 2025-05-21 18:29:13 +01:00
warn-on-save-script UI: Warn before saving script contents (#29026) 2025-05-12 13:51:38 -07:00