Jason
01/28/2022, 1:37 PMfleetctl apply -f
fleetctl get options > options.yaml
fleetctl get config > <filename>
Lucas Rodriguez
01/28/2022, 2:03 PMfleetctl apply -f
?Also this page - https://github.com/kolide/fleet/blob/master/docs/cli/setup-guide.md needs a small fixThat's the old repository: https://github.com/kolide/fleet#fleet-is-retired This is the official fleet repository: https://github.com/fleetdm/fleet
Jason
01/28/2022, 2:10 PM❯ ./fleetctl apply -f ./fleetconfig.yml
applying fleet config: apply config received status 500 forbidden: forbidden
Lucas Rodriguez
01/28/2022, 2:11 PMfleet serve
logs.Jason
01/28/2022, 2:12 PM❯ ./fleetctl --version
fleetctl - version 4.9.0
branch: HEAD
revision: 3018ad0fb45f7f6422b3d12e6a9f4e17d1079420
build date: 2022-01-22
build user: runner
go version: go1.17.2
Lucas Rodriguez
01/28/2022, 2:15 PMfleet serve
logs that correspond to the 500 (anything with level=error
)Jason
01/28/2022, 2:37 PMLucas Rodriguez
01/28/2022, 2:39 PMforbidden
generally means the user you are logged in as in fleetctl
is not authorized to apply the config.
But the server logs should tell us what's really going on.Jason
01/28/2022, 2:58 PM{
"component": "http",
"err": "forbidden",
"internal": "Missing authorization check",
"level": "info",
"path": "/api/v1/fleet/config",
"ts": "2022-01-28T14:10:40.330143989Z"
}
Lucas Rodriguez
01/28/2022, 3:02 PM~/.fleet/config
?Role
of the account? (under "My Account")fleetctl get config
Jason
01/28/2022, 3:08 PMget config
- that's how I grabbed the config to edit, now trying to upload the revised versionLucas Rodriguez
01/28/2022, 3:17 PMJason
01/28/2022, 3:20 PM- SELECT hostname AS hostname FROM system_info;
to- SELECT computer_name AS hostname FROM system_info;
Lucas Rodriguez
01/28/2022, 3:22 PMJason
01/28/2022, 3:22 PMLucas Rodriguez
01/28/2022, 3:24 PM{"component":"http","err":"forbidden","internal":"Missing authorization check","level":"info","path":"/api/v1/fleet/config","ts":"2022-01-28T14:10:40.330143989Z"}Any other error logs around this? (to add to the Github issue.)
Jason
01/28/2022, 3:27 PMLucas Rodriguez
01/28/2022, 3:27 PMJason
01/28/2022, 3:27 PMLucas Rodriguez
01/28/2022, 3:31 PMAlso, you mentioned you were admin, are you a global admin? as in:Under "My Account"
Jason
01/28/2022, 3:32 PMLucas Rodriguez
01/28/2022, 3:33 PMJason
01/28/2022, 3:33 PMfleetctl login
❯ ./fleetctl get config
Invalid session. Please log in with: fleetctl login
Lucas Rodriguez
01/28/2022, 3:34 PMfleetctl login
run successfully?Jason
01/28/2022, 3:36 PM[+] Fleet login successful and context configured!
Lucas Rodriguez
01/28/2022, 3:37 PM./fleetctl
vs a system installed fleetctl
(without ./
)?Jason
01/28/2022, 3:37 PMLucas Rodriguez
01/28/2022, 3:38 PMJason
01/28/2022, 3:38 PMLucas Rodriguez
01/28/2022, 3:38 PM~/.fleet/config
file and check if the content makes sense.fleetctl
uses/sets)contexts:
default:
address: <https://localhost:8080>
email: <mailto:lucas@fleetdm.com|lucas@fleetdm.com>
token: [...]
Jason
01/28/2022, 3:51 PMLucas Rodriguez
01/28/2022, 5:21 PMNoah Talerman
02/02/2022, 2:36 PMJason
02/02/2022, 10:07 PMLucas Rodriguez
02/04/2022, 6:05 PMconfig.yml
you were trying to apply here or in https://github.com/fleetdm/fleet/issues/3913 (with sensitive fields redacted). We cannot seem to reproduce :/
/cc @Reed HaynesJason
02/04/2022, 6:30 PM