Load/unload kernel module on start/stop (#459)

* Load/unload kernel module on start/stop When falco is started, load the kernel module. (The falco binary also will do a modprobe if it can't open the inspector, as a backup). When falco is stopped, unload the kernel module. This fixes https://github.com/falcosecurity/falco/issues/418. * Put script execute line in right place.
2025-09-07 01:30:13 +00:00 · 2018-11-06 13:07:50 -08:00
parent 6eac49e5ae
commit 32f8e304eb
2 changed files with 10 additions and 1 deletions
--- a/scripts/debian/falco
+++ b/scripts/debian/falco
@@ -65,6 +65,9 @@ do_start()
 	#   2 if daemon could not be started
 	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
 		|| return 1
+	if [ ! -d /sys/module/falco_probe ]; then
+		/sbin/modprobe falco-probe || exit 1
+	fi
 	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
 		$DAEMON_ARGS \
 		|| return 2
@@ -94,6 +97,7 @@ do_stop()
 	# sleep for some time.
 	start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
 	[ "$?" = 2 ] && return 2
+	/sbin/rmmod falco-probe
 	# Many daemons don't delete their pidfiles when they exit.
 	rm -f $PIDFILE
 	return "$RETVAL"