wiki: correct SPEC-030 software uninstall to BETA / not guaranteed (Howard)

Code is merged + deployed but the feature is beta and unreliable —
best-effort only, not guaranteed on protected AV, WiX bundles, UI-only
or lingering-child uninstallers, or drivers. Reframe 'SHIPPED' framing
across Summary, Capabilities, Active State, History, and the index.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-06-25 12:23:57 -07:00
parent 974be13f4c
commit ca44a005cc
2 changed files with 7 additions and 6 deletions

View File

@@ -67,7 +67,7 @@ Run `/wiki-lint` to check for stale entries and broken backlinks.
| Article | Summary | Last Compiled |
|---|---|---|
| [GuruRMM](projects/gururmm.md) | RMM platform, Rust/Axum server + React dashboard + cross-platform agent; **agent v0.6.75 / server v0.3.87**; ~270 enrolled (~178 online); 64 migrations on main (through 064_software_removal_jobs). **Two-wave Windows build** — stable (modern x86_64) + legacy 1.77 wave (l_amd64/l_x86 for Win7/Server 2008 R2). Merging to main = build+deploy; artifacts hit **beta** first, `promote-dashboard.sh --confirm` for prod. Recent (2026-06-23/24): **SPEC-030 remote software inventory + bulk uninstall** shipped (Route B) — silent-uninstall engine (`uninstall-engine.ps1`, refuses-to-guess + ARP false-success verification), async removal jobs (mig 064, live progress), three-state fleet knowledge base + learned timing (mig 061-063), `SoftwareManager.tsx`; **universal self-detecting installer (Feature 9)** P1 shipped (v0.6.71). Prior (06-21/22): BUG-021 legacy-build dep-pin (`1dce66d`); BUG-018 reliable delete (202+bg, `cea87d4`); Event Log Watch UI (`0fa65f5`); BUG-022 WatchdogEvent dead-code removed. Watchdog reports via REST `watchdog-alert` only (no WS). NOTE: earlier pending PRs #40-#46 (SPEC-021/MSP360/BUG-018-FK) predicted migrations 061-063 — software-removal merged ahead and took 061-064; verify their live status. Active development | 2026-06-25 |
| [GuruRMM](projects/gururmm.md) | RMM platform, Rust/Axum server + React dashboard + cross-platform agent; **agent v0.6.75 / server v0.3.87**; ~270 enrolled (~178 online); 64 migrations on main (through 064_software_removal_jobs). **Two-wave Windows build** — stable (modern x86_64) + legacy 1.77 wave (l_amd64/l_x86 for Win7/Server 2008 R2). Merging to main = build+deploy; artifacts hit **beta** first, `promote-dashboard.sh --confirm` for prod. Recent (2026-06-23/24): **SPEC-030 remote software inventory + bulk uninstall** **BETA, merged+deployed but NOT guaranteed** (best-effort; fails on protected AV, WiX bundles, UI-only/lingering uninstallers, drivers) — silent-uninstall engine (`uninstall-engine.ps1`, refuses-to-guess + ARP false-success verification), async removal jobs (mig 064, live progress), three-state fleet knowledge base + learned timing (mig 061-063), `SoftwareManager.tsx`; **universal self-detecting installer (Feature 9)** P1 shipped (v0.6.71). Prior (06-21/22): BUG-021 legacy-build dep-pin (`1dce66d`); BUG-018 reliable delete (202+bg, `cea87d4`); Event Log Watch UI (`0fa65f5`); BUG-022 WatchdogEvent dead-code removed. Watchdog reports via REST `watchdog-alert` only (no WS). NOTE: earlier pending PRs #40-#46 (SPEC-021/MSP360/BUG-018-FK) predicted migrations 061-063 — software-removal merged ahead and took 061-064; verify their live status. Active development | 2026-06-25 |
| [GuruConnect](projects/guruconnect.md) | ACG's proprietary Rust remote-access/remote-support tool (ScreenConnect-class) — Windows agent + web dashboard; **v0.3.0 production** at connect.azcomputerguru.com; versioned integration contract with GuruRMM; co-located on the physical .30 box (shares the PG cluster); next: SPEC-018 session broker / capture worker as SYSTEM | 2026-06-12 |
| [Dataforth DOS — Test Datasheet Pipeline](projects/dataforth-dos.md) | DOS update system + TestDataDB pipeline (Node.js, PostgreSQL, Hoffman API); 469K records, 458.5K live on website; 2025 crypto attack recovery; security incident 2026-03-27; SCMVAS/SCMHVAS extension; email notifications via Graph API | 2026-05-24 |
| [ClaudeTools Discord Bot](projects/discord-bot.md) | Claude Agent SDK bot in Discord; one persistent session per thread; Phase 1.5 complete (native tools, no hand-written tools); Phases 2-4 (API integration, remediation, UX) pending; runs as NSSM service on BEAST | 2026-05-24 |

View File

@@ -114,7 +114,7 @@ GuruRMM is a Remote Monitoring & Management platform built by Arizona Computer G
**Current version:** agent 0.6.75 / server v0.3.87 as of 2026-06-25 (was 0.6.67 / 0.3.74 on 2026-06-22). Fleet at ~270 enrolled / ~178 typically online; all metrics flowing, alerts firing with 0 legacy null dedup_keys.
**SPEC-030 Remote Software Inventory + Bulk Uninstall (SHIPPED 2026-06-23..24, Route B = server-orchestrated):** GuruRMM can now list installed programs per agent and remotely uninstall them in bulk. A PowerShell **silent-uninstall engine** (`agent/scripts/uninstall-engine.ps1`, BCU-informed, vendor silent-switch table) runs per target; the engine **refuses to guess** (returns `needs_interactive` rather than risk a wrong removal) and **verifies** each success via a generic ARP re-check (`Test-StillInstalled`) that catches the false-success class. A fleet **three-state knowledge base** (migration 062: `silent` / `requires_ui` / `unknown`, keyed by DisplayName) + **self-tuning learned timeouts** (migration 063) + a **removal-tracking loop** (migration 061: what still needs removing, flag for a remote GuruConnect session). Bulk uninstall is now an **async job** (migration 064): POST returns a `job_id` instantly, a background worker processes targets one at a time, and the dashboard polls a live progress bar — replacing the synchronous request that died at the proxy's ~100s timeout. See the Capabilities section for full detail. Known gaps: drivers/system components appear in the list (they register in ARP) — UI exclusion not yet built; Launchy/AIMP-class uninstallers that hang the agent on an orphaned child process tree need recipes (Route A), not Route B.
**SPEC-030 Remote Software Inventory + Bulk Uninstall (BETA — code merged + deployed 2026-06-23..24, NOT guaranteed to work; Route B = server-orchestrated):** The code is on main and deployed, but the **feature is still beta and unreliable** — it succeeds on cleanly-uninstallable programs and is explicitly NOT guaranteed for the hard cases (most managed/protected AV, WiX/Burn bundles, uninstallers that need UI or spawn lingering child processes — Launchy/AIMP-class, drivers/system components). Treat results as best-effort, verify removals, and do not rely on it for production removals yet. Shape: GuruRMM lists installed programs per agent and attempts bulk removal via a PowerShell **silent-uninstall engine** (`agent/scripts/uninstall-engine.ps1`, BCU-informed, vendor silent-switch table) that **refuses to guess** (returns `needs_interactive` rather than risk a wrong removal) and **verifies** each reported success via a generic ARP re-check (`Test-StillInstalled`, catches the false-success class). Backed by a fleet **three-state knowledge base** (migration 062: `silent` / `requires_ui` / `unknown`), **self-tuning learned timeouts** (migration 063), a **removal-tracking loop** (migration 061: what still needs removing, flag for a remote GuruConnect session), and **async jobs** (migration 064: POST returns a `job_id` instantly, background per-target worker, dashboard live progress — replaces the synchronous request that died at the proxy's ~100s timeout). See the Capabilities section for full detail + the open gaps.
**Universal self-detecting installer (Feature 9, SHIPPED P1, v0.6.71+):** One install URL/script self-detects arch/OS/legacy and pulls the correct agent; the dashboard install UI now points at it (replaces the hardcoded-amd64 one-liner). P2 (native i386 bootstrapper EXE for locked-down boxes) pending.
@@ -144,7 +144,7 @@ GuruRMM is a Remote Monitoring & Management platform built by Arizona Computer G
### 2026-06-23..24 — SPEC-030 Remote Software Uninstall + Universal Installer (Howard-Home)
**SPEC-030 software inventory + remote bulk uninstall (Route B, shipped to main + deployed; agent 0.6.75 / server v0.3.87):**
**SPEC-030 software inventory + remote bulk uninstall (Route B — BETA, code merged to main + deployed but NOT guaranteed to work; agent 0.6.75 / server v0.3.87):**
- **Capability shipped:** `/agents/:id/software` lists installed programs; `/agents/:id/software/uninstall` runs a bulk uninstall; the dashboard `SoftwareManager.tsx` shows the live programs list + bulk-select + a live progress bar. Server endpoints in `server/src/api/software.rs`.
- **Silent-uninstall engine** (`agent/scripts/uninstall-engine.ps1`): Tier-1 silent removal, BCU-informed detection + fail-fast, vendor silent-switch table, captures **real** process exit codes (fixed a `Start-Process` null-ExitCode bug, `f6c1945`). The engine **refuses to guess** — Avast/AVG (`icarus.exe`), Malwarebytes (`mb5uns.exe`) correctly returned `needs_interactive` rather than risk a bad removal.
@@ -334,7 +334,8 @@ Agent<->server communication is a persistent authenticated WebSocket with auto-r
- Code anchors: `server/src/db/commands.rs` (`requeue_undelivered_commands`, `fail_timed_out_commands` rewrite, `DELIVERY_ACK_DEADLINE_SECS=60`, `MAX_DELIVERY_ATTEMPTS=10`), `server/src/ws/mod.rs` (`redispatch_pending_commands`, `CommandAck` handler), `agent/src/transport/websocket.rs` + `agent/src/commands/mod.rs` (ACK send + recent-results cache, `RECENT_CAP=64`, `MAX_CACHED_RESULT_BYTES=256 KB`).
- Phase 2 (live TTY — rides warm WS, seq/resume, cadence switch) and Phase 3 (Adaptive keepalive, bulk file transfer -> short-lived HTTPS, server half-open eviction sweeper) are PLANNED, not shipped.
### Software Inventory & Remote Uninstall (SPEC-030, shipped 2026-06-23..24)
### Software Inventory & Remote Uninstall (SPEC-030 — BETA, not guaranteed)
- **Maturity:** code merged to main + deployed (2026-06-23..24), but the feature is **beta and unreliable** — best-effort only. It works on cleanly-uninstallable programs; it is NOT guaranteed for managed/protected AV, WiX/Burn bundles, UI-only uninstallers, drivers/system components, or Launchy/AIMP-class uninstallers that hang the agent. Verify every removal; do not depend on it for production removals yet.
- **Route B (server-orchestrated):** the server drives removal via agent commands; chosen over embedding the engine per-command (32K dispatch limit). Endpoints: `GET /agents/:id/software` (installed-programs list), `POST /agents/:id/software/uninstall` (async bulk uninstall → `job_id`), `GET /agents/:id/software/uninstall/jobs/:job_id` (live job poll), `GET /agents/:id/software/removal-status` + `POST .../removal-status/:attempt_id/resolve` (removal-tracking loop), `GET /software/knowledge` + `POST /software/knowledge/classify` (fleet KB).
- **Silent-uninstall engine** (`agent/scripts/uninstall-engine.ps1`): Tier-1 silent removal, BCU-informed detection + fail-fast, vendor silent-switch table, captures real process exit codes. **Refuses to guess** — returns `needs_interactive` rather than risk a wrong removal (Avast/AVG/Malwarebytes correctly bounce). **Generic post-success verification** (`Test-StillInstalled`, ARP re-check by product_code when present) downgrades a false "success" to failed — catches the WiX/Burn Package-Cache-bundle 1605 false-success class (skip MSI tier for `\Package Cache\` bundles). Orphaned ARP entries (missing uninstaller) classified `tier=orphaned`; reboot-pending (3010/1641) skips the rescan; async-fork uninstallers get retry-verify (~9s/4 checks).
- **Async removal jobs (migration 064):** bulk uninstall is non-blocking — `software_removal_jobs` row created, `job_id` returned in ~0.06s, a background worker processes targets one at a time recording each outcome as it lands, dashboard polls a live progress bar. Replaces the synchronous request that died at the proxy's ~100s timeout and that the agent kill-timeout truncated mid-flush. `server/src/db/software_jobs.rs`.
@@ -717,7 +718,7 @@ Dashboard changes go to beta BEFORE main. To preview a feature branch without me
- Command fields: `command_type` (`shell`/`powershell`/`python`/`script`/`claude_task`/`cmd` alias), `command` (script text, JSON-encoded), optional `context``system` (default) or `user_session` (Windows WTS), plus `timeout_seconds`/`elevated`.
**Dashboard — complete and working:**
Agents management (delete now returns 202 + background purge), Clients/Sites CRUD, Commands execution + terminal, Logs + AI analysis (Claude API), Alerts (clickable severity badges + client filtering), Metrics (CPU/RAM/disk/network, process drill-down modal), Auto-update triggering, Network state, Entra ID SSO, Policies Dashboard (all tabs), Registry editor (read-only via HTTP), MSP360 backup status + mappings/verify UI, Organizations management + dev-admin impersonation UI, Credentials management with inheritance, AgentDetail Crashes tab + version history, fleet stats from `/agents/stats`, SiteDetail Revoke Key + Enrollment audit tab, Install Reports page, Fleet Discovery page, **Event Log Watches management page** (`/event-log-watches`, shipped `0fa65f5`), **Software Manager** (installed-programs list + bulk remote uninstall with live progress + three-state removal knowledge base, SPEC-030, shipped 2026-06-23..24).
Agents management (delete now returns 202 + background purge), Clients/Sites CRUD, Commands execution + terminal, Logs + AI analysis (Claude API), Alerts (clickable severity badges + client filtering), Metrics (CPU/RAM/disk/network, process drill-down modal), Auto-update triggering, Network state, Entra ID SSO, Policies Dashboard (all tabs), Registry editor (read-only via HTTP), MSP360 backup status + mappings/verify UI, Organizations management + dev-admin impersonation UI, Credentials management with inheritance, AgentDetail Crashes tab + version history, fleet stats from `/agents/stats`, SiteDetail Revoke Key + Enrollment audit tab, Install Reports page, Fleet Discovery page, **Event Log Watches management page** (`/event-log-watches`, shipped `0fa65f5`), **Software Manager** (installed-programs list + bulk remote uninstall with live progress + three-state removal knowledge base, SPEC-030**BETA, not guaranteed**; deployed 2026-06-23..24 but best-effort only).
**Dashboard — incomplete (see UI_GAPS.md):**
- Watchdog alerts UI — blocked on 2 missing server routes
@@ -794,7 +795,7 @@ These decisions are locked. Do not reverse without explicit user approval.
| 2026-06-21 | BUG-019 (container self-update guard) fixed and merged to main (66a7f4e, v0.6.67 beta). BUG-018 (DELETE 202+bg, cea87d4) merged. Event Log Watch UI shipped (0fa65f5). Enrollment modal UX fix merged to prod (4027c86). sync.sh populate-only guard (Phase 2) fixed submodule-clobber root cause. Howard cleared for GuruRMM merges/deploys (Mike decision). gururmm-build skill + docs/BUILD.md created. Five PRs opened (#40-#44) covering SPEC-021, BUG-018 FK indexes, MSP360 deeplink, Event Log Watch policy-clobber HIGH fix, audit cleanup. |
| 2026-06-22 | BUG-021 (legacy build dep-pin getrandom+zeroize) fixed on main (1dce66d). Windows build green at v0.6.67, 2026-06-22 02:19. Fleet verified: ~270 agents / ~178 online, 0 legacy null dedup_keys. BUG-022 filed + fixed (PR #45): removed dead WatchdogEvent WS path (no producer — watchdog has no WS connection; REST watchdog-alert is the only real path). |
| 2026-06-23 | Universal self-detecting installer (Feature 9) P1 built+deployed+verified (v0.6.71). One install path self-detects arch/OS/legacy/ARM and pulls the correct agent; dashboard install UI repointed at it (`4194b0a`, `53bb682`); script path proven on GND-JWILL (`de30ebc`). av-removal-recipes spec (P3, removal-only) added (#52). RMM_THOUGHTS Feature 10 (AMPIPIT recovery env) → Discussed. |
| 2026-06-24 | SPEC-030 remote software inventory + bulk uninstall shipped (Route B). Silent-uninstall engine (`uninstall-engine.ps1`, BCU-informed, refuses to guess). CRITICAL Avira false-success fixed — WiX Package-Cache bundle GUID misread as MSI ProductCode (1605 "already gone" while installed); skip MSI tier for Package Cache + generic `Test-StillInstalled` ARP re-check (PR #53). Code-review correctness fixes (PR #54). Async removal jobs = permanent fix (PR #56, migration 064): POST→job_id in 0.06s, background per-target worker, dashboard live progress — replaces the synchronous request that died at the proxy ~100s timeout + was truncated by the agent kill-timeout mid-flush. Flush-slack stop-gap (PR #55). Three-state knowledge base + learned timing (migrations 061-063). Orphaned-entry + retry-verify (PR #57). Gaps surfaced: drivers in `/software` (ARP), Launchy/AIMP need recipes (Route A), no list-jobs endpoint. agent 0.6.75 / server v0.3.87. |
| 2026-06-24 | SPEC-030 remote software inventory + bulk uninstall — BETA, code merged + deployed but NOT guaranteed (Route B; best-effort, fails on protected AV / WiX bundles / UI-only / lingering-child uninstallers / drivers). Silent-uninstall engine (`uninstall-engine.ps1`, BCU-informed, refuses to guess). CRITICAL Avira false-success fixed — WiX Package-Cache bundle GUID misread as MSI ProductCode (1605 "already gone" while installed); skip MSI tier for Package Cache + generic `Test-StillInstalled` ARP re-check (PR #53). Code-review correctness fixes (PR #54). Async removal jobs = permanent fix (PR #56, migration 064): POST→job_id in 0.06s, background per-target worker, dashboard live progress — replaces the synchronous request that died at the proxy ~100s timeout + was truncated by the agent kill-timeout mid-flush. Flush-slack stop-gap (PR #55). Three-state knowledge base + learned timing (migrations 061-063). Orphaned-entry + retry-verify (PR #57). Gaps surfaced: drivers in `/software` (ARP), Launchy/AIMP need recipes (Route A), no list-jobs endpoint. agent 0.6.75 / server v0.3.87. |
| 2026-06-25 | Win11 KB5095093 reviewed for MSP fleet use; Point-in-Time Restore (Enterprise snapshot/rollback knobs) + GP update-pause captured as a Raw RMM_THOUGHTS entry (manage the knobs from the RMM; sits below AMPIPIT Feature 10 on the remediation ladder). |
---