Marc Roelofs
03/30/2022, 12:04 PM/fleet-cve $ fleetctl vulnerability-data-stream --dir /fleet-cve/
I got the following result :
[-] Downloading CPE database...Error: rename /tmp/cpe.sqlite2494941906 /fleet-cve/cpe.sqlite: invalid cross-device link
when choosing a different path like /tmp it seems to work fine
/fleet-cve $ fleetctl vulnerability-data-stream --dir /tmp
[-] Downloading CPE database... Done
[-] Downloading CVE data streams... Done
[+] Data streams successfully downloaded!
After that it was a simple mv from /tmp/<cvefiles> to /fleet-cve/ as the fleet user
Trying to figure out if the invalid cross-device link is a Fleetdm issue or elsewhere.
The /fleet-cve directory is mounted based on a kubernetes volumemount to a GCE persistent disk, and awful as it is , the dirs permissions are 777
Version 4.11.0
Any idea anyone ?
Meanwhile waiting if the Home page results in a succesfull software capturing with the vulnerabilities ,( it says to wait an hour now đ )Benjamin Edwards
03/30/2022, 1:21 PMMarc Roelofs
03/30/2022, 1:53 PMNoah Talerman
03/30/2022, 2:49 PMHome page will not show software and vulnerabilities anymore after updating from 4.7 to 4.10 and 4.11 .. Its bugging me and for the life of me I donât see why ...Hey Marc, sorry that youâre experiencing this issue. As of 4.10, Fleet includes a âHostsâ count for each software item (see image below). Because calculating these counts on each request introduces significant load time, Fleet updates these counts at a configurable interval. Fleet also updates the list of software and âVulnerabilitiesâ at the same interval. This is why, when upgrading, it may take time for software to show at all. Thank you for your feedback. Hearing that the current âwait an hourâ experience is frustrating is very helpful. This is something weâll likely to improve in later Fleet versions. Please follow up in this thread if the software still does not show up. If so, there may be a different, unexpected issue going on.
Marc Roelofs
03/30/2022, 3:06 PMfleetctl get config --include-server-config
The output is exactly the same (aside from user and url of course) and a few newer parameters in 4.11.0 . Prod runs 590 clients , and test only 4 . I restarted ( scaled to 0 and 1 in K8s) after applying some "patches" to the vulnerabilities path, making both envs exactly the same. At this moment only 20 minutes to hit the 1 hour mark , but still no show on the home page yet ...Kathy Satterlee
03/30/2022, 5:14 PMMarc Roelofs
03/30/2022, 6:13 PMKathy Satterlee
03/30/2022, 11:25 PMMarc Roelofs
03/31/2022, 6:03 AM