Jason
01/28/2022, 1:37 PMfleetctl apply -f
Jason
01/28/2022, 1:38 PMJason
01/28/2022, 1:38 PMfleetctl get options > options.yaml
Jason
01/28/2022, 1:38 PMfleetctl get config > <filename>
Lucas Rodriguez
01/28/2022, 2:03 PMfleetctl apply -f
?Lucas Rodriguez
01/28/2022, 2:07 PMAlso this page - https://github.com/kolide/fleet/blob/master/docs/cli/setup-guide.md needs a small fixThat's the old repository: https://github.com/kolide/fleet#fleet-is-retired This is the official fleet repository: https://github.com/fleetdm/fleet
Lucas Rodriguez
01/28/2022, 2:08 PMJason
01/28/2022, 2:10 PMJason
01/28/2022, 2:10 PM❯ ./fleetctl apply -f ./fleetconfig.yml
applying fleet config: apply config received status 500 forbidden: forbidden
Jason
01/28/2022, 2:11 PMLucas Rodriguez
01/28/2022, 2:11 PMfleet serve
logs.Jason
01/28/2022, 2:12 PM❯ ./fleetctl --version
fleetctl - version 4.9.0
branch: HEAD
revision: 3018ad0fb45f7f6422b3d12e6a9f4e17d1079420
build date: 2022-01-22
build user: runner
go version: go1.17.2
Lucas Rodriguez
01/28/2022, 2:15 PMfleet serve
logs that correspond to the 500 (anything with level=error
)Jason
01/28/2022, 2:37 PMLucas Rodriguez
01/28/2022, 2:39 PMforbidden
generally means the user you are logged in as in fleetctl
is not authorized to apply the config.
But the server logs should tell us what's really going on.Jason
01/28/2022, 2:58 PMJason
01/28/2022, 2:58 PM{
"component": "http",
"err": "forbidden",
"internal": "Missing authorization check",
"level": "info",
"path": "/api/v1/fleet/config",
"ts": "2022-01-28T14:10:40.330143989Z"
}
Jason
01/28/2022, 3:00 PMLucas Rodriguez
01/28/2022, 3:02 PM~/.fleet/config
?Lucas Rodriguez
01/28/2022, 3:03 PMRole
of the account? (under "My Account")Lucas Rodriguez
01/28/2022, 3:03 PMfleetctl get config
Jason
01/28/2022, 3:08 PMJason
01/28/2022, 3:08 PMJason
01/28/2022, 3:09 PMget config
- that's how I grabbed the config to edit, now trying to upload the revised versionLucas Rodriguez
01/28/2022, 3:17 PMJason
01/28/2022, 3:20 PMJason
01/28/2022, 3:21 PMJason
01/28/2022, 3:21 PMJason
01/28/2022, 3:21 PM- SELECT hostname AS hostname FROM system_info;
toJason
01/28/2022, 3:21 PM- SELECT computer_name AS hostname FROM system_info;
Lucas Rodriguez
01/28/2022, 3:22 PMJason
01/28/2022, 3:22 PMJason
01/28/2022, 3:22 PMLucas Rodriguez
01/28/2022, 3:24 PM{"component":"http","err":"forbidden","internal":"Missing authorization check","level":"info","path":"/api/v1/fleet/config","ts":"2022-01-28T141040.330143989Z"}Any other error logs around this? (to add to the Github issue.)
Lucas Rodriguez
01/28/2022, 3:27 PMJason
01/28/2022, 3:27 PMLucas Rodriguez
01/28/2022, 3:27 PMJason
01/28/2022, 3:27 PMJason
01/28/2022, 3:29 PMLucas Rodriguez
01/28/2022, 3:31 PMAlso, you mentioned you were admin, are you a global admin? as in:Under "My Account"
Lucas Rodriguez
01/28/2022, 3:31 PMLucas Rodriguez
01/28/2022, 3:32 PMJason
01/28/2022, 3:32 PMLucas Rodriguez
01/28/2022, 3:33 PMJason
01/28/2022, 3:33 PMJason
01/28/2022, 3:33 PMJason
01/28/2022, 3:33 PMJason
01/28/2022, 3:33 PMfleetctl login
Jason
01/28/2022, 3:33 PMJason
01/28/2022, 3:33 PM❯ ./fleetctl get config
Invalid session. Please log in with: fleetctl login
Jason
01/28/2022, 3:34 PMLucas Rodriguez
01/28/2022, 3:34 PMfleetctl login
run successfully?Jason
01/28/2022, 3:36 PM[+] Fleet login successful and context configured!
Lucas Rodriguez
01/28/2022, 3:37 PM./fleetctl
vs a system installed fleetctl
(without ./
)?Jason
01/28/2022, 3:37 PMJason
01/28/2022, 3:38 PMLucas Rodriguez
01/28/2022, 3:38 PMJason
01/28/2022, 3:38 PMJason
01/28/2022, 3:38 PMLucas Rodriguez
01/28/2022, 3:38 PMLucas Rodriguez
01/28/2022, 3:39 PM~/.fleet/config
file and check if the content makes sense.Lucas Rodriguez
01/28/2022, 3:40 PMfleetctl
uses/sets)Lucas Rodriguez
01/28/2022, 3:40 PMcontexts:
default:
address: <https://localhost:8080>
email: <mailto:lucas@fleetdm.com|lucas@fleetdm.com>
token: [...]
Jason
01/28/2022, 3:51 PMJason
01/28/2022, 3:52 PMLucas Rodriguez
01/28/2022, 5:21 PMNoah Talerman
02/02/2022, 2:36 PMJason
02/02/2022, 10:07 PMLucas Rodriguez
02/04/2022, 6:05 PMconfig.yml
you were trying to apply here or in https://github.com/fleetdm/fleet/issues/3913 (with sensitive fields redacted). We cannot seem to reproduce :/
/cc @Reed HaynesJason
02/04/2022, 6:30 PM