When a Linux host has tamper protection enabled and no maintenance token is provided, falcon-linux-uninstall.sh exits with the package manager's error code (e.g., 100 for apt) but prints no error message. The user sees:
Removing Falcon Sensor ...
...and then silence with a non-zero exit code. They have no idea tamper protection is the cause or that they need to set FALCON_MAINTENANCE_TOKEN.
The Windows uninstall script already handles this (exit code 106 detection with a clear message). The Linux scripts need parity.
Affected scripts
bash/install/falcon-linux-uninstall.shbash/migrate/falcon-linux-migrate.sh
Both have a cs_sensor_remove() function where remove_package "falcon-sensor" runs under set -e, causing the script to silently exit on failure with no diagnostic output.
Expected behavior
When remove_package fails, the script should print an actionable error message indicating that tamper protection may be enabled and that the user should provide FALCON_MAINTENANCE_TOKEN or use API credentials to retrieve one.
When a Linux host has tamper protection enabled and no maintenance token is provided,
falcon-linux-uninstall.shexits with the package manager's error code (e.g., 100 for apt) but prints no error message. The user sees:...and then silence with a non-zero exit code. They have no idea tamper protection is the cause or that they need to set
FALCON_MAINTENANCE_TOKEN.The Windows uninstall script already handles this (exit code 106 detection with a clear message). The Linux scripts need parity.
Affected scripts
bash/install/falcon-linux-uninstall.shbash/migrate/falcon-linux-migrate.shBoth have a
cs_sensor_remove()function whereremove_package "falcon-sensor"runs underset -e, causing the script to silently exit on failure with no diagnostic output.Expected behavior
When
remove_packagefails, the script should print an actionable error message indicating that tamper protection may be enabled and that the user should provideFALCON_MAINTENANCE_TOKENor use API credentials to retrieve one.