fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)

https://fleetdm.com

Other

3.11k stars 428 forks source link

Update fleetd to use uninstall script to rollback after a failed postInstall #22081

Closed getvictor closed 1 month ago

getvictor commented 1 month ago

When postInstall script fails, fleetd should run the user-visible uninstall script instead of the secret remove script.

Also need to update the docs regarding this behavior.

Demo

[Demo] Uninstall script runs after failed post-install script - Watch Video

lucasmrod commented 1 month ago

I've started QAing this issue.

Tried uninstalling Tailscale on a Windows 10 and 11 VMs (VMWare), I got the following error in the uninstall script output:

Start-Process : This command cannot be run due to the error: The system cannot find the file specified.

At C:\Windows\TEMP\fleet-436bbb32-ce1b-49f5-b75d-d2e047cc63f9-236699952\script.ps1:46 char:20

+         $process = Start-Process @processOptions

+                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidOperation: (:) [Start-Process], InvalidOperationException

    + FullyQualifiedErrorId : InvalidOperationException,Microsoft.PowerShell.Commands.StartProcessCommand

Uninstall exit code:

getvictor commented 1 month ago

@lucasmrod Yes, I'm aware of this issue. Fixing as part of #20000 -- currently EXE flow is buggy.

lucasmrod commented 1 month ago

I tried installing+uninstalling a Firefox MSI (downloaded from here) and I got the following error on uninstall, let me know if it's expected/known: This action is only valid for products that are currently installed

Screenshot 2024-09-17 at 10 57 20 AM

Am trying to get a successful uninstall before proceeding to test the edge case here. Am happy to skip the happy path if we know about these issues.

getvictor commented 1 month ago

For the specific EXE fail, fix is here: https://github.com/fleetdm/fleet/pull/22164

getvictor commented 1 month ago

The MSI uninstall issue is new.

lucasmrod commented 1 month ago

QA Update:

I was able to verify the fix for macOS. Installing Microsoft Teams pkg (with a exit 1 post install script) does effectively run the uninstaller script. (I had to build fleetd from main of course).

Am having some trouble with install scripts that have !#/bin/sh on Linux, most likely a bug but not related to this issue.

So, TODO are Linux and Windows.

lucasmrod commented 1 month ago

QA Update:

I was able to verify Windows using 7-zip's MSI installer. (Exit 1 on the post install script and adding Write-Host "Hello" to the uninstall script).

TODO: Linux (I'm having issues with the new lines, it might be a bug on my VM, investigating...)

lucasmrod commented 1 month ago

QA Update:

Installing Firefox deb with a post-install script with exit 1. I get the following output:

Post-install script output:

Running script...
Exit code: 1 (Failed)
Hello

Attempting rollback by running uninstall script...
Uninstall script exit code: 100
/tmp/2512911600/rollback-script.sh: 2: 
: not found
Reading package lists...
Building dependency tree...
Reading state information...
E: Unable to locate package firefox

I also got the following error while trying to install again: Screenshot 2024-09-18 at 9 26 45 AM

(I didn't change the package itself, and it installed successfully in previous attempts...)

lucasmrod commented 1 month ago

I finally was able to root cause the issue for Ubuntu packages: https://github.com/fleetdm/fleet/issues/22196

lucasmrod commented 1 month ago

22196 is now fixed which allowed me to verify this fix for Linux. g2g QA-wise.

fleet-release commented 1 month ago

Uninstall script glows, In clouds, a gentle safety, Docs reflect the change.