Remove Remote Shell (#641)

The remote shell is no longer supported.

cmd/launcher/control.go

@@ -19,7 +19,6 @@ func createControl(ctx context.Context, db *bolt.DB, logger log.Logger, opts *la
 
 	controlOpts := []control.Option{
 		control.WithLogger(logger),
-		control.WithGetShellsInterval(opts.GetShellsInterval),
 	}
 	if opts.InsecureTLS {
 		controlOpts = append(controlOpts, control.WithInsecureSkipVerify())

cmd/launcher/options.go

@@ -45,22 +45,21 @@ func parseOptions(args []string) (*launcher.Options, error) {
 
 	var (
 		// Primary options
-		flCertPins          = flagset.String("cert_pins", "", "Comma separated, hex encoded SHA256 hashes of pinned subject public key info")
-		flControl           = flagset.Bool("control", false, "Whether or not the control server is enabled (default: false)")
-		flControlServerURL  = flagset.String("control_hostname", "", "The hostname of the control server")
-		flEnrollSecret      = flagset.String("enroll_secret", "", "The enroll secret that is used in your environment")
-		flEnrollSecretPath  = flagset.String("enroll_secret_path", "", "Optionally, the path to your enrollment secret")
-		flGetShellsInterval = flagset.Duration("control_get_shells_interval", 60*time.Second, "The interval at which the 'get shells' request will be made")
-		flInitialRunner     = flagset.Bool("with_initial_runner", false, "Run differential queries from config ahead of scheduled interval.")
-		flKolideServerURL   = flagset.String("hostname", "", "The hostname of the gRPC server")
-		flTransport         = flagset.String("transport", "grpc", "The transport protocol that should be used to communicate with remote (default: grpc)")
-		flLoggingInterval   = flagset.Duration("logging_interval", 60*time.Second, "The interval at which logs should be flushed to the server")
-		flOsquerydPath      = flagset.String("osqueryd_path", "", "Path to the osqueryd binary to use (Default: find osqueryd in $PATH)")
-		flRootDirectory     = flagset.String("root_directory", "", "The location of the local database, pidfiles, etc.")
-		flRootPEM           = flagset.String("root_pem", "", "Path to PEM file including root certificates to verify against")
-		flVersion           = flagset.Bool("version", false, "Print Launcher version and exit")
-		flOsqueryFlags      arrayFlags // set below with flagset.Var
-		_                   = flagset.String("config", "", "config file to parse options from (optional)")
+		flCertPins         = flagset.String("cert_pins", "", "Comma separated, hex encoded SHA256 hashes of pinned subject public key info")
+		flControl          = flagset.Bool("control", false, "Whether or not the control server is enabled (default: false)")
+		flControlServerURL = flagset.String("control_hostname", "", "The hostname of the control server")
+		flEnrollSecret     = flagset.String("enroll_secret", "", "The enroll secret that is used in your environment")
+		flEnrollSecretPath = flagset.String("enroll_secret_path", "", "Optionally, the path to your enrollment secret")
+		flInitialRunner    = flagset.Bool("with_initial_runner", false, "Run differential queries from config ahead of scheduled interval.")
+		flKolideServerURL  = flagset.String("hostname", "", "The hostname of the gRPC server")
+		flTransport        = flagset.String("transport", "grpc", "The transport protocol that should be used to communicate with remote (default: grpc)")
+		flLoggingInterval  = flagset.Duration("logging_interval", 60*time.Second, "The interval at which logs should be flushed to the server")
+		flOsquerydPath     = flagset.String("osqueryd_path", "", "Path to the osqueryd binary to use (Default: find osqueryd in $PATH)")
+		flRootDirectory    = flagset.String("root_directory", "", "The location of the local database, pidfiles, etc.")
+		flRootPEM          = flagset.String("root_pem", "", "Path to PEM file including root certificates to verify against")
+		flVersion          = flagset.Bool("version", false, "Print Launcher version and exit")
+		flOsqueryFlags     arrayFlags // set below with flagset.Var
+		_                  = flagset.String("config", "", "config file to parse options from (optional)")
 
 		// Autoupdate options
 		flAutoupdate         = flagset.Bool("autoupdate", false, "Whether or not the osquery autoupdater is enabled (default: false)")
@@ -159,7 +158,6 @@ func parseOptions(args []string) (*launcher.Options, error) {
 		EnableInitialRunner: *flInitialRunner,
 		EnrollSecret:        *flEnrollSecret,
 		EnrollSecretPath:    *flEnrollSecretPath,
-		GetShellsInterval:   *flGetShellsInterval,
 		InsecureTLS:         *flInsecureTLS,
 		InsecureTransport:   *flInsecureTransport,
 		KolideServerURL:     *flKolideServerURL,

cmd/launcher/options_test.go

@@ -105,7 +105,6 @@ func getArgsAndResponse() (map[string]string, *launcher.Options) {
 		Control:            true,
 		OsquerydPath:       windowsAddExe("/dev/null"),
 		KolideServerURL:    randomHostname,
-		GetShellsInterval:  60 * time.Second,
 		LoggingInterval:    time.Duration(randomInt) * time.Second,
 		AutoupdateInterval: 48 * time.Hour,
 		NotaryServerURL:    "https://notary.kolide.co",

pkg/control/control.go

@@ -6,23 +6,21 @@ import (
 	"encoding/json"
 	"net/http"
 	"net/url"
-	"time"
 
 	"github.com/boltdb/bolt"
 	"github.com/go-kit/kit/log"
 	"github.com/pkg/errors"
 )
 
 type Client struct {
-	addr              string
-	baseURL           *url.URL
-	cancel            context.CancelFunc
-	client            *http.Client
-	db                *bolt.DB
-	getShellsInterval time.Duration
-	insecure          bool
-	disableTLS        bool
-	logger            log.Logger
+	addr       string
+	baseURL    *url.URL
+	cancel     context.CancelFunc
+	client     *http.Client
+	db         *bolt.DB
+	insecure   bool
+	disableTLS bool
+	logger     log.Logger
 }
 
 func NewControlClient(db *bolt.DB, addr string, opts ...Option) (*Client, error) {
@@ -31,12 +29,11 @@ func NewControlClient(db *bolt.DB, addr string, opts ...Option) (*Client, error)
 		return nil, errors.Wrap(err, "parsing URL")
 	}
 	c := &Client{
-		logger:            log.NewNopLogger(),
-		baseURL:           baseURL,
-		client:            http.DefaultClient,
-		db:                db,
-		addr:              addr,
-		getShellsInterval: 5 * time.Second,
+		logger:  log.NewNopLogger(),
+		baseURL: baseURL,
+		client:  http.DefaultClient,
+		db:      db,
+		addr:    addr,
 	}
 
 	for _, opt := range opts {
@@ -52,13 +49,10 @@ func NewControlClient(db *bolt.DB, addr string, opts ...Option) (*Client, error)
 
 func (c *Client) Start(ctx context.Context) {
 	ctx, c.cancel = context.WithCancel(ctx)
-	getShellsTicker := time.NewTicker(c.getShellsInterval)
 	for {
 		select {
 		case <-ctx.Done():
 			return
-		case <-getShellsTicker.C:
-			c.getShells(ctx)
 		}
 	}
 }

pkg/control/option.go

@@ -3,7 +3,6 @@ package control
 import (
 	"crypto/tls"
 	"net/http"
-	"time"
 
 	"github.com/go-kit/kit/log"
 )
@@ -27,12 +26,6 @@ func WithInsecureSkipVerify() Option {
 	}
 }
 
-func WithGetShellsInterval(i time.Duration) Option {
-	return func(c *Client) {
-		c.getShellsInterval = i
-	}
-}
-
 func WithDisableTLS() Option {
 	return func(c *Client) {
 		c.disableTLS = true

pkg/launcher/options.go

@@ -40,9 +40,6 @@ type Options struct {
 	Control bool
 	// ControlServerURL URL for control server.
 	ControlServerURL string
-	// GetShellsInterval is the interval at which the control server should
-	// be checked for shells.
-	GetShellsInterval time.Duration
 
 	// Autoupdate enables the autoupdate functionality.
 	Autoupdate bool