From e1d3e68a84baf73f2fda39cbc892c5faf949a557 Mon Sep 17 00:00:00 2001
From: JenTing Hsiao <jenting.hsiao@suse.com>
Date: Thu, 4 Feb 2021 14:26:14 +0800
Subject: [PATCH] Modprobe/rmmod at systemd service start/stop

Signed-off-by: JenTing Hsiao <jenting.hsiao@suse.com>
---
 scripts/debian/falco.service | 3 ++-
 scripts/rpm/falco.service    | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/scripts/debian/falco.service b/scripts/debian/falco.service
index 0163e02b..871a8dee 100644
--- a/scripts/debian/falco.service
+++ b/scripts/debian/falco.service
@@ -4,7 +4,9 @@ Description=Falco: Container Native Runtime Security
 [Service]
 Type=simple
 User=root
+ExecStartPre=/sbin/modprobe falco
 ExecStart=/usr/bin/falco --pidfile=/var/run/falco.pid
+ExecStopPost=/sbin/rmmod falco
 UMask=0077
 TimeoutSec=30
 RestartSec=15s
@@ -16,7 +18,6 @@ ProtectSystem=full
 ProtectKernelTunables=true
 RestrictRealtime=true
 RestrictAddressFamilies=~AF_PACKET
-SystemCallFilter=~@debug @mount @cpu-emulation @obsolete @privileged
 
 [Install]
 WantedBy=multi-user.target
diff --git a/scripts/rpm/falco.service b/scripts/rpm/falco.service
index 0163e02b..871a8dee 100644
--- a/scripts/rpm/falco.service
+++ b/scripts/rpm/falco.service
@@ -4,7 +4,9 @@ Description=Falco: Container Native Runtime Security
 [Service]
 Type=simple
 User=root
+ExecStartPre=/sbin/modprobe falco
 ExecStart=/usr/bin/falco --pidfile=/var/run/falco.pid
+ExecStopPost=/sbin/rmmod falco
 UMask=0077
 TimeoutSec=30
 RestartSec=15s
@@ -16,7 +18,6 @@ ProtectSystem=full
 ProtectKernelTunables=true
 RestrictRealtime=true
 RestrictAddressFamilies=~AF_PACKET
-SystemCallFilter=~@debug @mount @cpu-emulation @obsolete @privileged
 
 [Install]
 WantedBy=multi-user.target