https://github.com/osquery/osquery logo
Join Slack
Powered by
hi all, I'm working on a self-hosted deployment of...
# fleet
b
hi all, I'm working on a self-hosted deployment of Fleet on AWS ECS. I've got everything up and running, but I'm having issues with running 
fleetctl
from my local machine to generate an install package. any subcommand of 
fleetctl
I try just seems to hang forever. I've tried both the release from the GitHub releases page and installing via 
npm
. I've also tried with and without 
sudo
. I'm on macOS 12.6 (Intel hardware). any idea what might be causing this?
k
That's odd, @brian! Do you successfully get the version if you run 
fleetctl -v
?
b
I don’t, just hangs like this
(same with 
sudo
)
I realized that I’ll probably ultimately have some issues since I put Fleet behind AWS Cognito authentication (going to look into keeping that in place for the web UI but bypassing for other traffic like from 
fleetctl
or from hosts), but I’m not sure if that’s what’s causing my problems with 
fleetctl
right now.
k
No, 
fleetctl
has functionality that doesn't require an existing server so you should at the very least get a version output.
Is the currently installed version the npm version, or downloaded from github?
b
currently from npm. 
npm -g list
shows 
├── fleetctl@v4.26.0
.
k
Testing installing a fresh version just in case there's something odd going on.
The first time a new version of 
fleetctl
runs, the actual CLI app should be installed. It looks something like this: Do you recall that happening ever?
b
nope, it’s never given me any output (other than similar npm output about 24 packages being installed). let me try remove/purge and installing again.
k
just for giggles, try running 
fleetctl -v
after the ourge, but before reinstalling.
b
same behavior. the only other piece of the puzzle that may be relevant is that I had the Fleet agent installed and connected to a sandbox account on fleetdm.com. I’m not sure if that would affect this at all.
zsh: command not found: fleetctl
k
Thanks! just wanted to make sure that there wasn't some weird overlap going on
the only other piece of the puzzle that may be relevant is that I had the Fleet agent installed and connected to a sandbox account on fleetdm.com. I’m not sure if that would affect this at all.
It really shouldn't, but just for safety's sake, try running the cleanup script: https://github.com/fleetdm/fleet/blob/main/orbit/tools/cleanup/cleanup_macos.sh
b
Maybe skip npm altogether? Download the binary directly from the release page https://github.com/fleetdm/fleet/releases/tag/fleet-v4.26.0
k
@Benjamin Edwards Had the same issue with that version
b
Npm and sudo just never sits right.
b
yeah, I can try that again but saw the same behavior as with the npm package.
b
Oh sorry I might have missed you trying that already.
b
no luck doing the cleanup script and then reinstalling with npm.
doesn’t seem to be doing much
Copy code
$ sudo lsof -p 12026
COMMAND   PID         USER   FD   TYPE DEVICE SIZE/OFF                NODE NAME
env     12026 briandefiant  cwd    DIR    1,9     2240              379729 /Users/briandefiant
env     12026 briandefiant  txt    REG    1,9   151360 1152921500312781607 /usr/bin/env
env     12026 briandefiant  txt    REG    1,9  2177216 1152921500312782996 /usr/lib/dyld
env     12026 briandefiant    0u   CHR   16,5    0t557                1021 /dev/ttys005
env     12026 briandefiant    1u   CHR   16,5    0t557                1021 /dev/ttys005
env     12026 briandefiant    2u   CHR   16,5    0t557                1021 /dev/ttys005
that’s the PID of the 
/usr/bin/env node /usr/local/bin/fleetctl -v
process.
maybe I have a weird version of node or something…
b
I’d download raw binary and run with ./fleetctl just to make sure it’s not trying to run the one installed on $PATH
I think this is npm foo honestly
Or uninstall via npm, then run binary with ./fleetctl just to be sure
b
same behavior. 
./fleetctl -v
hangs and basically the same output from 
lsof
.
I’ll have to call it a day now, but will hopefully have a “eureka” moment with fresh eyes tomorrow morning 🙂. thanks @Kathy Satterlee and @Benjamin Edwards for your help so far.
b
Did you install with sudo npm install -g fleetctl
b
the classic solution of a reboot fixed this 🙄. first run of 
./fleetctl -v
after the reboot gave me the “the developer of this app can’t be verified” popup, so I right-clicked the 
fleetctl
binary and did “Open”, then ran it from the terminal again and it worked! guess I should have tried a reboot sooner! I wonder why that “can’t be verified” popup wasn’t showing up at first though (iTerm or tmux related?).
thanks again for the troubleshooting help.
b
Lol! Glad to hear things are working ok! Thanks for following up
m
It could’ve been hanging on the quarantine bit
Check in terminal with 
xattr -l
Sometimes when downloading binaries the quarantine bit there (the clue is the message this app couldn’t be verified neaaage which suggests it’s not signed or notarized or stapled or all of the above)
b
yeah, I’m assuming it was. for whatever reason I wasn’t getting the normal UI popup until after rebooting (closing and re-opening iTerm and/or tmux may have had the same effect).
Open in Slack
PreviousNext
Powered by