Terminal Help -- Usage of the commands

I tried tor enable enable_script_checks, but I dint get the way of usage of the command.

When I tried running consul agent -h , displayed options like below, but I dint find the way of usage.

Enables health check scripts from configuration file.
Enables health check scripts.

I would like to suggest - if we have an example of command usage , it could have been more helpful.


Hi @giriadini,

You can enable script checks simply by specifying the flag at the CLI.

❯ consul agent -dev -enable-script-checks
==> Starting Consul agent...
           Version: 'v1.8.0'
           Node ID: '53ff37db-0958-a04b-9189-2389132685c3'
         Node name: 'b1000.local'
        Datacenter: 'dc1' (Segment: '<all>')
            Server: true (Bootstrap: false)
       Client Addr: [] (HTTP: 8500, HTTPS: -1, gRPC: 8502, DNS: 8600)
      Cluster Addr: (LAN: 8301, WAN: 8302)
           Encrypt: Gossip: false, TLS-Outgoing: false, TLS-Incoming: false, Auto-Encrypt-TLS: false

==> Log data will now stream in as it occurs:

    2020-07-17T08:55:45.783-0700 [DEBUG] agent: Using random ID as node ID: id=53ff37db-0958-a04b-9189-2389132685c3
    2020-07-17T08:55:45.784-0700 [ERROR] agent: [SECURITY] issue: error="using enable-script-checks without ACLs and without allow_write_http_from is DANGEROUS, use enable-local-script-checks instead, see https://www.hashicorp.com/blog/protecting-consul-from-rce-risk-in-specific-configurations/"

We recommend using -enable-local-script-checks over -enable-script-checks unless the environment is properly secured using ACLs and allow_http_write_from. See
https://www.hashicorp.com/blog/protecting-consul-from-rce-risk-in-specific-configurations/ for more info.

1 Like