Version: 8.14.0
Operating System: macos sonoma v14.5
Platform: arm64
While working on this issue comparing root and unprivileged elastic agents, I encountered an error with the inspect command when using unprivileged agent.
Steps to Reproduce:
- Deploy ESS v8.14.0
- Create agent policy with system integration
- Install fleet managed agent with the unprivileged flag
sudo ./elastic-agent install --unprivileged --url=<fleet url> --enrollment-token=<token>
- Run
sudo elastic-agent inspect. You should see an error similar to what's shown below
Error: error loading agent config: error loading raw config: fail to read configuration /Library/Elastic/Agent/fleet.enc for the elastic-agent: fail to decode bytes: cipher: message authentication failed
For help, please see our troubleshooting guide at https://www.elastic.co/guide/en/fleet/8.14/fleet-troubleshooting.html
Definition of Done
Based on discussion in #4889 comments:
Version: 8.14.0
Operating System: macos sonoma v14.5
Platform: arm64
While working on this issue comparing root and unprivileged elastic agents, I encountered an error with the
inspectcommand when using unprivileged agent.Steps to Reproduce:
sudo ./elastic-agent install --unprivileged --url=<fleet url> --enrollment-token=<token>sudo elastic-agent inspect. You should see an error similar to what's shown belowDefinition of Done
Based on discussion in #4889 comments:
installs an Agent using--unprivileged, then tries toinspectthis Agent with a privileged user, an error message with the suggestions in Actionable error message when attempting toenrollan unprivileged Agent as a privileged user #4889 (comment) is shown to the user.