From 61532a8004963b0a884660e6ae615b5a66234278 Mon Sep 17 00:00:00 2001 From: Mariell Hoversholm Date: Wed, 9 Jul 2025 15:40:01 +0200 Subject: [PATCH] fix(restart_handler): disable if there is no work When there is no work to do, i.e. when all config watching is disabled, there is no need to keep the restart_handler running. Disable it in this case. This is helpful to do on nodes where there is little to no headroom in terms of open inotify watches (as per the inotify/max_user_instances configuration), as can happen on nodes populated with other software that also watch the filesystem for changes. If Falco is run on such a node, it may fail to start due to functionality the app does not even intend on using. This has one change in terms of behaviour, however: the dry-run restarts will no longer occur. As there is still never going to happen a real restart, I understand it as unlikely for there to be a proper need for dry-run restarts. Signed-off-by: Mariell Hoversholm --- userspace/falco/app/restart_handler.cpp | 10 +++++++++- userspace/falco/app/restart_handler.h | 2 +- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/userspace/falco/app/restart_handler.cpp b/userspace/falco/app/restart_handler.cpp index eb0a85a8..da5f3c37 100644 --- a/userspace/falco/app/restart_handler.cpp +++ b/userspace/falco/app/restart_handler.cpp @@ -38,7 +38,9 @@ limitations under the License. falco::app::restart_handler::~restart_handler() { stop(); - close(m_inotify_fd); + if(m_inotify_fd != -1) { + close(m_inotify_fd); + } m_inotify_fd = -1; } @@ -48,6 +50,12 @@ void falco::app::restart_handler::trigger() { bool falco::app::restart_handler::start(std::string& err) { #ifdef __linux__ + if(m_watched_files.empty() && m_watched_dirs.empty()) { + falco_logger::log(falco_logger::level::DEBUG, + "Refusing to start restart handler due to nothing to watch\n"); + return true; + } + m_inotify_fd = inotify_init(); if(m_inotify_fd < 0) { err = "could not initialize inotify handler"; diff --git a/userspace/falco/app/restart_handler.h b/userspace/falco/app/restart_handler.h index 6adc28b5..5fa0e00b 100644 --- a/userspace/falco/app/restart_handler.h +++ b/userspace/falco/app/restart_handler.h @@ -61,7 +61,7 @@ public: private: void watcher_loop() noexcept; - int m_inotify_fd; + int m_inotify_fd = -1; std::thread m_watcher; std::atomic m_stop; std::atomic m_forced;