Quick Start
Disable or restore the Sentinel endpoint agent without a code deploy. Pick the action that matches your scenario.
Quick Reference
1. Disable for a Single Device
Who: Anyone with access to the Quilr admin dashboard or backend API.
The agent goes dormant but stays installed. It re-checks every ~30 minutes and resumes if the flag is turned back on.
To re-enable, set endpointAgentEnabled = true and save.
2. Disable for an Entire Tenant
Who: Anyone with tenant-level admin access.
Disables the agent across all devices for that tenant. The tenant-level flag takes priority over device-level flags.
To re-enable, set tenantEndpointAgentEnabled = true and save.
If the tenant flag is false, individual device flags are ignored — the tenant flag always wins.
3. Immediate Stop on a Specific Machine
Who: IT / helpdesk with sudo access to the macOS machine.
Use this when you cannot wait for the next backend poll cycle.
Stop the agent
sudo launchctl bootout "system/com.sentinel.agent"
All monitoring and proxy interception ceases immediately.
Verify the agent is stopped
sudo launchctl list | grep sentinel
Returns nothing if the agent is stopped.
Restart the agent
sudo launchctl bootstrap system "/Library/LaunchDaemons/com.sentinel.agent.plist"
Prevent restart on reboot (persistent stop)
sudo launchctl disable "system/com.sentinel.agent"
sudo launchctl bootout "system/com.sentinel.agent"
To re-enable after a persistent stop:
sudo launchctl enable "system/com.sentinel.agent"
sudo launchctl bootstrap system "/Library/LaunchDaemons/com.sentinel.agent.plist"
Stopping via launchctl is temporary by default. The agent restarts on reboot unless you also run the disable command above.
4. Roll Back to a Previous Version
Who: IT with sudo access, or engineering via MDM.
Option A — Re-run the installer
sudo /usr/local/sentinel/scripts/sentinel-endpoint.sh --env <environment> --force
Replace <environment> with quartz, preprod, or secure. The installer pulls the latest stable release and overwrites the broken version.
Option B — Clear a stuck auto-rollback
If the agent auto-rolled back after a failed upgrade but the device is still having issues:
# Check what version was rejected
cat ~/.sentinel/.quarantined_version
# Remove the quarantine file to let the agent retry
rm ~/.sentinel/.quarantined_version
Then restart the agent (see Section 3).
Confirm the active version
cat /usr/local/sentinel/VERSION
Sub-feature Flags
The following sub-features have their own enabled flags but are not yet remotely toggleable without a code change. Open an incident ticket and tag the on-call engineer.
Workaround while waiting for engineering: Use the tenant or device-level kill switch (Sections 1–2) to stop the entire agent.
Severity & Escalation
Tag #sentinel-oncall in Slack with the device ID, tenant ID, and what you observed.
Verification Checklist
After any kill switch action:
- Agent status endpoint returns
enabled: falsefor the affected device(s) -
launchctl list | grep sentinelshows not running (if stopped via IT) - User confirms monitoring and proxy interception has stopped
- No new alerts or logs from the device for 5 minutes post-action
- If tenant-wide: spot-check at least 3 devices from the tenant
Re-enabling After an Incident
- Confirm the root cause has been identified.
- Confirm a fix is in place (code deploy, config change, or false alarm).
- Re-enable at the device level first (one test device) and monitor for 10 minutes.
- If clean, re-enable for the full tenant.
- Post a brief incident summary in
#sentinel-oncallwith what was toggled and when.
Next step: See the Architecture for the full enforcement pipeline and state machine.