github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-09-09 18:49:22 +00:00
Code Issues Projects Releases Wiki Activity

update(scripts): multiple renamings to falcoctl service + fixed description.

Browse Source 
Moreover, now falcoctl service is enabled by default. It being bound to falco.target
allows us to avoid it running when falco.target is not running.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
This commit is contained in:
Federico Di Pierro
2023-01-19 16:30:37 +01:00
committed by poiana
parent 2591ed4d68
commit 0f22fde7cd
8 changed files with 50 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
scripts/debian/postinst.in
View File

@@ -17,7 +17,7 @@
#
chosen_driver=
enable_falcoctl=0
enable_falcoctl=1
if [ "$1" = "configure" ]; then
if [ -x /usr/bin/dialog ]; then
@@ -40,21 +40,18 @@ if [ "$1" = "configure" ]; then
chosen_driver="modern-bpf"
;;
5)
chosen_driver="plugin"
chosen_driver="plugin (needs manual configuration)"
;;
esac
if [ -n "$chosen_driver" ]; then
CHOICE=$(dialog --clear --title "Falcoctl" --menu "Do you want to subscribe to automatic ruleset feed?" 10 40 2 \
1 "No" \
2 "Yes" \
2>&1 >/dev/tty)
case $CHOICE in
2)
enable_falcoctl=1
;;
esac
fi
CHOICE=$(dialog --clear --title "Falcoctl" --menu "Do you want to follow automatic ruleset updates?" 10 40 2 \
1 "Yes" \
2 "No" \
2>&1 >/dev/tty)
case $CHOICE in
2)
enable_falcoctl=0
;;
esac
clear
fi
fi
@@ -79,13 +76,12 @@ if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-decon
systemctl --system enable "falco-$chosen_driver.service" || true
echo "[POST-INSTALL] Start 'falco-$chosen_driver.service':"
systemctl --system start "falco-$chosen_driver.service" || true
if [ $enable_falcoctl -eq 1 ]; then
echo "[POST-INSTALL] Enable 'falcoctl.service':"
systemctl --system enable "falcoctl.service" || true
echo "[POST-INSTALL] Start 'falcoctl.service':"
systemctl --system start "falcoctl.service" || true
fi
fi
if [ $enable_falcoctl -eq 1 ]; then
echo "[POST-INSTALL] Enable 'falcoctl-artifact-follow.service':"
systemctl --system enable "falcoctl-artifact-follow.service" || true
echo "[POST-INSTALL] Start 'falcoctl-artifact-follow.service':"
systemctl --system start "falcoctl-artifact-follow.service" || true
fi
fi
@@ -97,12 +93,11 @@ if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-decon
echo "[POST-INSTALL] Trigger 'falco-$chosen_driver.service' condrestart:"
# restart falco on upgrade if service is already running
systemctl --system condrestart "falco-$chosen_driver.service" || true
if [ $enable_falcoctl -eq 1 ]; then
echo "[POST-INSTALL] Trigger 'falcoctl.service' condrestart:"
# restart falcoctl on upgrade if service is already running
systemctl --system condrestart "falcoctl.service" || true
fi
fi
if [ $enable_falcoctl -eq 1 ]; then
echo "[POST-INSTALL] Trigger 'falcoctl-artifact-follow.service' condrestart:"
# restart falcoctl-artifact-follow on upgrade if service is already running
systemctl --system condrestart "falcoctl-artifact-follow.service" || true
fi
fi
fi

2
scripts/debian/postrm.in
View File

@@ -27,7 +27,7 @@ if [ -d /run/systemd/system ] && [ "$1" = remove ]; then
systemctl --system disable 'falco-bpf.service' || true
systemctl --system disable 'falco-modern-bpf.service' || true
systemctl --system disable 'falco-plugin.service' || true
systemctl --system disable 'falcoctl.service' || true
systemctl --system disable 'falcoctl-artifact-follow.service' || true
echo "[POST-REMOVE] Trigger deamon-reload:"
systemctl --system daemon-reload || true