diff --git a/changelog/fragments/1718833116-Check-for-tamper-protection-when-uninstalling.yaml b/changelog/fragments/1718833116-Check-for-tamper-protection-when-uninstalling.yaml new file mode 100644 index 00000000000..f6a5efd1378 --- /dev/null +++ b/changelog/fragments/1718833116-Check-for-tamper-protection-when-uninstalling.yaml @@ -0,0 +1,34 @@ +# Kind can be one of: +# - breaking-change: a change to previously-documented behavior +# - deprecation: functionality that is being removed in a later release +# - bug-fix: fixes a problem in a previous version +# - enhancement: extends functionality but does not break or fix existing behavior +# - feature: new functionality +# - known-issue: problems that we are aware of in a given version +# - security: impacts on the security of a product or a user’s deployment. +# - upgrade: important information for someone upgrading from a prior version +# - other: does not fit into any of the other categories +kind: bug + +# Change summary; a 80ish characters long description of the change. +summary: Check for tamper protection when uninstalling + +# Long description; in case the summary is not enough to describe the change +# this field accommodate a description without length limits. +# NOTE: This field will be rendered only for breaking-change and known-issue kinds at the moment. +description: | + The uninstall function will now explictily check if tamper protection is enabled + and if a token has been passed before proceeding. + +# Affected component; a word indicating the component this changeset affects. +component: + +# PR URL; optional; the PR number that added the changeset. +# If not present is automatically filled by the tooling finding the PR where this changelog fragment has been added. +# NOTE: the tooling supports backports, so it's able to fill the original PR number instead of the backport PR number. +# Please provide it if you are adding a fragment for a different PR. +#pr: https://github.com/owner/repo/1234 + +# Issue URL; optional; the GitHub issue related to this changeset (either closes or is part of). +# If not present is automatically filled by the tooling with the issue linked to the PR number. +issue: https://github.com/elastic/elastic-agent/issues/4506 diff --git a/internal/pkg/agent/install/uninstall.go b/internal/pkg/agent/install/uninstall.go index ed8902d9ba2..8c65165d7d2 100644 --- a/internal/pkg/agent/install/uninstall.go +++ b/internal/pkg/agent/install/uninstall.go @@ -37,6 +37,14 @@ import ( // Uninstall uninstalls persistently Elastic Agent on the system. func Uninstall(cfgFile, topPath, uninstallToken string, log *logp.Logger, pt *progressbar.ProgressBar) error { + // Immediatly fail it tamper protection is enabled but no uninstallToken is specified + if features.TamperProtection() && uninstallToken == "" { + return aerrors.New( + fmt.Errorf("missing uninstall token"), + "tamper protection detected, elastic-agent uninstall command must be ran with a valid --uninstall-token arg", + ) + } + cwd, err := os.Getwd() if err != nil { return fmt.Errorf("unable to get current working directory")