santa icon indicating copy to clipboard operation
santa copied to clipboard

Published 20 hours ago verified publisher icon google

Fix USB config sync

Open np5 opened this issue 1 year ago • 1 comments

  • get BlockUSBMount and RemountUSBMode from the configState and from the syncState.
  • disable BlockUSBMount if set to false in the preflight response.
  • only set BlockUSBMount in syncState if present in the preflight response.
  • Fix keyPathsForValuesAffecting* for RemountUSBMode, RemountUSBBlockMessage and USBBlockMessage.
  • Add BlockUSBMount and RemountUSBMode to the docs.
  • Fix block_usb_mount docs.

np5 avatar Sep 21 '22 10:09 np5

I think this change is necessary if we want to be able to unblock the USB device mounts and if we want to not update the SNTConfigurator syncState if the server is not sending the key.

np5 avatar Sep 21 '22 16:09 np5

Hey folks 👋

We're looking at rolling this out internally and appear to have hit the same issue - is there an update on this, or a workaround? The Santa documentation seems to suggest that it'll work with a sync server. Happy to help get this over the line if you need!

liamn avatar Oct 14 '22 14:10 liamn

@liamn the main issue with this PR is that the settings are being changed in the Preflight stage rather than at the end in the Postflight stage. This breaks how the sync protocol is supposed to work.

As @russellhancox calls out reverting the changes in the syncservice should enough to fix this. If the PR can be changed to do that I think it'll good to merge.

pmarkowsky avatar Oct 14 '22 16:10 pmarkowsky

If @np5 doesn't chime in soon I'll remind him that this is pending his response.

arubdesu avatar Oct 14 '22 19:10 arubdesu

Sorry for the delay. I made the change in the preflight because it was easier for me to manage the true/false/missing values in the server response. I think that "missing" or "absent" is important, because if a sync server is not yet implementing this, you do not want to overwrite the value set in the config profile. I am not really proficient with objective C, but maybe by setting the value as a pointer to a ~~boolean~~ NSNumber in the preflight, it would be possible to maintain the "absent" state separate from "false" and only apply the change in the postflight if the value was sent by the server?

np5 avatar Oct 15 '22 14:10 np5

I am not really proficient with objective C, but maybe by setting the value as a pointer to a boolean NSNumber in the preflight, it would be possible to maintain the "absent" state separate from "false" and only apply the change in the postflight if the value was sent by the server?

Yes, this will work and what you have now meets our general constraint of receiving new configuration during preflight but applying it during postflight so that syncing acts like a kind of transaction.

Thanks!

russellhancox avatar Oct 18 '22 14:10 russellhancox