diff --git a/scripts/falco-probe-loader b/scripts/falco-probe-loader index 8a3affd3..1c3e7501 100755 --- a/scripts/falco-probe-loader +++ b/scripts/falco-probe-loader @@ -143,20 +143,20 @@ load_kernel_probe() { echo "* Skipping dkms install for UEK host" else echo "* Running dkms install for ${PACKAGE_NAME}" - if dkms install -m "${PACKAGE_NAME}" -v "${SYSDIG_VERSION}" -k "${KERNEL_RELEASE}"; then + if dkms install -m "${PACKAGE_NAME}" -v "${FALCO_VERSION}" -k "${KERNEL_RELEASE}"; then echo "* Trying to load a dkms ${PROBE_NAME}, if present" - if insmod "/var/lib/dkms/${PACKAGE_NAME}/${SYSDIG_VERSION}/${KERNEL_RELEASE}/${ARCH}/module/${PROBE_NAME}.ko" > /dev/null 2>&1; then + if insmod "/var/lib/dkms/${PACKAGE_NAME}/${FALCO_VERSION}/${KERNEL_RELEASE}/${ARCH}/module/${PROBE_NAME}.ko" > /dev/null 2>&1; then echo "${PROBE_NAME} found and loaded in dkms" exit 0 - elif insmod "/var/lib/dkms/${PACKAGE_NAME}/${SYSDIG_VERSION}/${KERNEL_RELEASE}/${ARCH}/module/${PROBE_NAME}.ko.xz" > /dev/null 2>&1; then + elif insmod "/var/lib/dkms/${PACKAGE_NAME}/${FALCO_VERSION}/${KERNEL_RELEASE}/${ARCH}/module/${PROBE_NAME}.ko.xz" > /dev/null 2>&1; then echo "${PROBE_NAME} found and loaded in dkms (xz)" exit 0 else echo "* Unable to insmod" fi else - DKMS_LOG="/var/lib/dkms/${PACKAGE_NAME}/${SYSDIG_VERSION}/build/make.log" + DKMS_LOG="/var/lib/dkms/${PACKAGE_NAME}/${FALCO_VERSION}/build/make.log" if [ -f "${DKMS_LOG}" ]; then echo "* Running dkms build failed, dumping ${DKMS_LOG}" cat "${DKMS_LOG}" @@ -177,21 +177,21 @@ load_kernel_probe() { get_kernel_config - local SYSDIG_PROBE_FILENAME="${PROBE_NAME}-${SYSDIG_VERSION}-${ARCH}-${KERNEL_RELEASE}-${HASH}.ko" + local FALCO_PROBE_FILENAME="${PROBE_NAME}-${FALCO_VERSION}-${ARCH}-${KERNEL_RELEASE}-${HASH}.ko" - if [ -f "${HOME}/.sysdig/${SYSDIG_PROBE_FILENAME}" ]; then - echo "Found precompiled module at ~/.sysdig/${SYSDIG_PROBE_FILENAME}, loading module" - insmod "${HOME}/.sysdig/${SYSDIG_PROBE_FILENAME}" + if [ -f "${HOME}/.falco/${FALCO_PROBE_FILENAME}" ]; then + echo "Found precompiled module at ~/.falco/${FALCO_PROBE_FILENAME}, loading module" + insmod "${HOME}/.falco/${FALCO_PROBE_FILENAME}" exit $? fi local URL - URL=$(echo "${SYSDIG_PROBE_URL}/${SYSDIG_REPOSITORY}/sysdig-probe-binaries/${SYSDIG_PROBE_FILENAME}" | sed s/+/%2B/g) + URL=$(echo "${SYSDIG_PROBE_URL}/${SYSDIG_REPOSITORY}/sysdig-probe-binaries/${FALCO_PROBE_FILENAME}" | sed s/+/%2B/g) echo "* Trying to download precompiled module from ${URL}" - if curl --create-dirs "${SYSDIG_PROBE_CURL_OPTIONS}" -o "${HOME}/.sysdig/${SYSDIG_PROBE_FILENAME}" "${URL}"; then + if curl --create-dirs "${FALCO_PROBE_CURL_OPTIONS}" -o "${HOME}/.falco/${FALCO_PROBE_FILENAME}" "${URL}"; then echo "Download succeeded, loading module" - insmod "${HOME}/.sysdig/${SYSDIG_PROBE_FILENAME}" + insmod "${HOME}/.falco/${FALCO_PROBE_FILENAME}" exit $? else echo "Download failed, consider compiling your own ${PROBE_NAME} and loading it or getting in touch with the sysdig community" @@ -221,9 +221,9 @@ load_bpf_probe() { MINIKUBE_VERSION="$(cat ${SYSDIG_HOST_ROOT}/etc/VERSION)" fi - local BPF_PROBE_FILENAME="${BPF_PROBE_NAME}-${SYSDIG_VERSION}-${ARCH}-${KERNEL_RELEASE}-${HASH}.o" + local BPF_PROBE_FILENAME="${BPF_PROBE_NAME}-${FALCO_VERSION}-${ARCH}-${KERNEL_RELEASE}-${HASH}.o" - if [ ! -f "${HOME}/.sysdig/${BPF_PROBE_FILENAME}" ]; then + if [ ! -f "${HOME}/.falco/${BPF_PROBE_FILENAME}" ]; then local BPF_KERNEL_SOURCES_URL="" local STRIP_COMPONENTS=1 @@ -297,7 +297,7 @@ load_bpf_probe() { mkdir -p /tmp/kernel cd /tmp/kernel cd `mktemp -d -p /tmp/kernel` - if ! curl -o kernel-sources.tgz --create-dirs "${SYSDIG_PROBE_CURL_OPTIONS}" "${BPF_KERNEL_SOURCES_URL}"; then + if ! curl -o kernel-sources.tgz --create-dirs "${FALCO_PROBE_CURL_OPTIONS}" "${BPF_KERNEL_SOURCES_URL}"; then exit 1; fi @@ -320,26 +320,26 @@ load_bpf_probe() { echo "* Trying to compile BPF probe ${BPF_PROBE_NAME} (${BPF_PROBE_FILENAME})" - make -C "/usr/src/${PACKAGE_NAME}-${SYSDIG_VERSION}/bpf" > /dev/null + make -C "/usr/src/${PACKAGE_NAME}-${FALCO_VERSION}/bpf" > /dev/null - mkdir -p ~/.sysdig - mv "/usr/src/${PACKAGE_NAME}-${SYSDIG_VERSION}/bpf/probe.o" "${HOME}/.sysdig/${BPF_PROBE_FILENAME}" + mkdir -p ~/.falco + mv "/usr/src/${PACKAGE_NAME}-${FALCO_VERSION}/bpf/probe.o" "${HOME}/.falco/${BPF_PROBE_FILENAME}" if [ -n "${BPF_KERNEL_SOURCES_URL}" ]; then rm -r /tmp/kernel fi fi - if [ ! -f "${HOME}/.sysdig/${BPF_PROBE_FILENAME}" ]; then + if [ ! -f "${HOME}/.falco/${BPF_PROBE_FILENAME}" ]; then local URL URL=$(echo "${SYSDIG_PROBE_URL}/${SYSDIG_REPOSITORY}/sysdig-probe-binaries/${BPF_PROBE_FILENAME}" | sed s/+/%2B/g) echo "* Trying to download precompiled BPF probe from ${URL}" - curl --create-dirs "${SYSDIG_PROBE_CURL_OPTIONS}" -o "${HOME}/.sysdig/${BPF_PROBE_FILENAME}" "${URL}" + curl --create-dirs "${FALCO_PROBE_CURL_OPTIONS}" -o "${HOME}/.falco/${BPF_PROBE_FILENAME}" "${URL}" fi - if [ -f "${HOME}/.sysdig/${BPF_PROBE_FILENAME}" ]; then + if [ -f "${HOME}/.falco/${BPF_PROBE_FILENAME}" ]; then if [ ! -f /proc/sys/net/core/bpf_jit_enable ]; then echo "**********************************************************" echo "** BPF doesn't have JIT enabled, performance might be **" @@ -351,7 +351,7 @@ load_bpf_probe() { echo "* BPF probe located, it's now possible to start sysdig" - ln -sf "${HOME}/.sysdig/${BPF_PROBE_FILENAME}" "${HOME}/.sysdig/${BPF_PROBE_NAME}.o" + ln -sf "${HOME}/.falco/${BPF_PROBE_FILENAME}" "${HOME}/.falco/${BPF_PROBE_NAME}.o" exit $? else echo "* Failure to find a BPF probe" @@ -365,9 +365,9 @@ SCRIPT_NAME=$(basename "${0}") SYSDIG_PROBE_URL=${SYSDIG_PROBE_URL:-https://s3.amazonaws.com/download.draios.com} if [ -n "$SYSDIG_PROBE_INSECURE_DOWNLOAD" ] then - SYSDIG_PROBE_CURL_OPTIONS=-fsSk + FALCO_PROBE_CURL_OPTIONS=-fsSk else - SYSDIG_PROBE_CURL_OPTIONS=-fsS + FALCO_PROBE_CURL_OPTIONS=-fsS fi MAX_RMMOD_WAIT=60 @@ -381,7 +381,7 @@ fi if [ "${SCRIPT_NAME}" = "falco-probe-loader" ]; then if [ -z "$SYSDIG_VERSION" ]; then - SYSDIG_VERSION=$(falco --version | cut -d' ' -f3) + FALCO_VERSION=$(falco --version | cut -d' ' -f3) fi PROBE_NAME="falco-probe" BPF_PROBE_NAME="falco-probe-bpf"