github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-09-16 14:58:31 +00:00
Code Issues Projects Releases Wiki Activity

fix(scripts): some small fixes around falco and falcoctl systemd services logic.

Browse Source 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
This commit is contained in:
Federico Di Pierro
2023-01-20 15:49:27 +01:00
committed by poiana
parent 3b2732355a
commit f96f2179ba
2 changed files with 63 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
scripts/debian/postinst.in
View File

@@ -17,7 +17,7 @@
#
chosen_driver=
enable_falcoctl=1
enable_falcoctl=0
if [ "$1" = "configure" ]; then
if [ -x /usr/bin/dialog ]; then
@@ -27,7 +27,7 @@ if [ "$1" = "configure" ]; then
2 "Kmod" \
3 "eBPF" \
4 "Modern eBPF" \
5 "Plugin" \
5 "Plugin (needs manual configuration)" \
2>&1 >/dev/tty)
case $CHOICE in
2)
@@ -40,18 +40,20 @@ if [ "$1" = "configure" ]; then
chosen_driver="modern-bpf"
;;
5)
chosen_driver="plugin (needs manual configuration)"
chosen_driver="plugin"
;;
esac
CHOICE=$(dialog --clear --title "Falcoctl" --menu "Do you want to follow automatic ruleset updates?" 10 40 2 \
1 "Yes" \
2 "No" \
2>&1 >/dev/tty)
case $CHOICE in
2)
enable_falcoctl=0
;;
esac
if [ -n "$chosen_driver" ]; then
CHOICE=$(dialog --clear --title "Falcoctl" --menu "Do you want to follow automatic ruleset updates?" 10 40 2 \
1 "Yes" \
2 "No" \
2>&1 >/dev/tty)
case $CHOICE in
1)
enable_falcoctl=1
;;
esac
fi
clear
fi
fi
@@ -76,12 +78,12 @@ if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-decon
systemctl --system enable "falco-$chosen_driver.service" || true
echo "[POST-INSTALL] Start 'falco-$chosen_driver.service':"
systemctl --system start "falco-$chosen_driver.service" || true
fi
if [ $enable_falcoctl -eq 1 ]; then
echo "[POST-INSTALL] Enable 'falcoctl-artifact-follow.service':"
systemctl --system enable "falcoctl-artifact-follow.service" || true
echo "[POST-INSTALL] Start 'falcoctl-artifact-follow.service':"
systemctl --system start "falcoctl-artifact-follow.service" || true
if [ $enable_falcoctl -eq 1 ]; then
echo "[POST-INSTALL] Enable 'falcoctl-artifact-follow.service':"
systemctl --system enable "falcoctl-artifact-follow.service" || true
echo "[POST-INSTALL] Start 'falcoctl-artifact-follow.service':"
systemctl --system start "falcoctl-artifact-follow.service" || true
fi
fi
fi
@@ -93,11 +95,11 @@ if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-decon
echo "[POST-INSTALL] Trigger 'falco-$chosen_driver.service' condrestart:"
# restart falco on upgrade if service is already running
systemctl --system condrestart "falco-$chosen_driver.service" || true
fi
if [ $enable_falcoctl -eq 1 ]; then
echo "[POST-INSTALL] Trigger 'falcoctl-artifact-follow.service' condrestart:"
# restart falcoctl-artifact-follow on upgrade if service is already running
systemctl --system condrestart "falcoctl-artifact-follow.service" || true
if [ $enable_falcoctl -eq 1 ]; then
echo "[POST-INSTALL] Trigger 'falcoctl-artifact-follow.service' condrestart:"
# restart falcoctl-artifact-follow on upgrade if service is already running
systemctl --system condrestart "falcoctl-artifact-follow.service" || true
fi
fi
fi
fi

74
scripts/rpm/postinstall.in
View File

@@ -16,7 +16,7 @@
#
chosen_driver=
enable_falcoctl=1
enable_falcoctl=0
if [ $1 -eq 1 ]; then
if [ -x /usr/bin/dialog ]; then
@@ -26,32 +26,34 @@ if [ $1 -eq 1 ]; then
2 "Kmod" \
3 "eBPF" \
4 "Modern eBPF" \
5 "Plugin" \
5 "Plugin (needs manual configuration)" \
2>&1 >/dev/tty)
case $CHOICE in
2)
chosen_driver="kmod"
;;
3)
chosen_driver="bpf"
;;
4)
chosen_driver="modern-bpf"
;;
5)
chosen_driver="plugin (needs manual configuration)"
;;
esac
CHOICE=$(dialog --clear --title "Falcoctl" --menu "Do you want to follow automatic ruleset updates?" 10 40 2 \
1 "Yes" \
2 "No" \
2>&1 >/dev/tty)
case $CHOICE in
2)
enable_falcoctl=0
case $CHOICE in
2)
chosen_driver="kmod"
;;
esac
clear
3)
chosen_driver="bpf"
;;
4)
chosen_driver="modern-bpf"
;;
5)
chosen_driver="plugin"
;;
esac
if [ -n "$chosen_driver" ]; then
CHOICE=$(dialog --clear --title "Falcoctl" --menu "Do you want to follow automatic ruleset updates?" 10 40 2 \
1 "Yes" \
2 "No" \
2>&1 >/dev/tty)
case $CHOICE in
1)
enable_falcoctl=1
;;
esac
fi
clear
fi
fi
@@ -85,12 +87,12 @@ if [ $1 -eq 1 ]; then
systemctl --system enable "falco-$chosen_driver.service" || true
echo "[POST-INSTALL] Start 'falco-$chosen_driver.service':"
systemctl --system start "falco-$chosen_driver.service" || true
fi
if [ $enable_falcoctl -eq 1 ]; then
echo "[POST-INSTALL] Enable 'falcoctl-artifact-follow.service':"
systemctl --system enable "falcoctl-artifact-follow.service" || true
echo "[POST-INSTALL] Start 'falcoctl-artifact-follow.service':"
systemctl --system start "falcoctl-artifact-follow.service" || true
if [ $enable_falcoctl -eq 1 ]; then
echo "[POST-INSTALL] Enable 'falcoctl-artifact-follow.service':"
systemctl --system enable "falcoctl-artifact-follow.service" || true
echo "[POST-INSTALL] Start 'falcoctl-artifact-follow.service':"
systemctl --system start "falcoctl-artifact-follow.service" || true
fi
fi
fi
@@ -103,11 +105,11 @@ if [ $1 -gt 1 ]; then
echo "[POST-INSTALL] Trigger 'falco-$chosen_driver.service' condrestart:"
# restart falco on upgrade if service is already running
systemctl --system condrestart "falco-$chosen_driver.service" || true
fi
if [ $enable_falcoctl -eq 1 ]; then
echo "[POST-INSTALL] Trigger 'falcoctl-artifact-follow.service' condrestart:"
# restart falcoctl-artifact-follow on upgrade if service is already running
systemctl --system condrestart "falcoctl-artifact-follow.service" || true
if [ $enable_falcoctl -eq 1 ]; then
echo "[POST-INSTALL] Trigger 'falcoctl-artifact-follow.service' condrestart:"
# restart falcoctl-artifact-follow on upgrade if service is already running
systemctl --system condrestart "falcoctl-artifact-follow.service" || true
fi
fi
fi
fi