github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-09-10 02:59:38 +00:00
Code Issues Projects Releases Wiki Activity

new(scripts, cmake): added support for modern bpf probe.

Browse Source 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
This commit is contained in:
Federico Di Pierro
2022-11-09 14:37:22 +01:00
committed by poiana
parent c6f668bc71
commit cb20cf83ff
10 changed files with 62 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
scripts/systemd/falco-ebpf.service → scripts/systemd/falco-bpf.service
View File

23
scripts/systemd/falco-modern_bpf.service Normal file
View File

@@ -0,0 +1,23 @@
[Unit]
Description=Falco: Container Native Runtime Security with ebpf
Documentation=https://falco.org/docs/
PartOf=falco@ebpf.target
Conflicts=falco-kmod.service
Conflicts=falco-plugin.service
[Service]
Type=simple
User=root
ExecStart=/usr/bin/falco --pidfile=/var/run/falco.pid --modern-bpf
UMask=0077
TimeoutSec=30
RestartSec=15s
Restart=on-failure
PrivateTmp=true
NoNewPrivileges=yes
ProtectHome=read-only
ProtectSystem=full
ProtectKernelTunables=true
RestrictRealtime=true
RestrictAddressFamilies=~AF_PACKET
StandardOutput=null