mirror of
https://github.com/falcosecurity/falco.git
synced 2025-10-21 19:44:57 +00:00
345452836b
While building falco from source, I found a couple of problems related
to use of kernel modules:
1. The falco build needs driver_config.h from the sysdig repo, but it
isn't created by default.
[ 50%] Building C object userspace/libscap/CMakeFiles/scap.dir/scap.c.o
/mnt/sf_stemm/work/src/sysdig/userspace/libscap/scap.c:34:40: fatal error: ../../driver/driver_config.h: No such file or directory
compilation terminated.c
Fixed by adding ${SYSDIG_DIR}/driver to CMakeLists.txt. I did notice
that after doing this the object files were in the sysdig/driver
directory, but I don't think this is related to the Makefiles/CMakeFiles
in the sysdig/driver directory?
2. Falco needs the sysdig kernel module, but it may not be loaded if no
other sysdig is installed.
Added notes to the README that discuss loading the kernel module by hand
if no binary sysdig is installed.
189 lines
7.3 KiB
CMake
189 lines
7.3 KiB
CMake
cmake_minimum_required(VERSION 2.8.2)
|
|
|
|
project(falco)
|
|
|
|
if(NOT DEFINED FALCO_VERSION)
|
|
set(FALCO_VERSION "0.1.1dev")
|
|
endif()
|
|
|
|
if(NOT DEFINED DIR_ETC)
|
|
set(DIR_ETC "/etc")
|
|
endif()
|
|
|
|
set(DRAIOS_DEBUG_FLAGS "-D_DEBUG")
|
|
|
|
set(CMAKE_C_FLAGS "-Wall -ggdb ${DRAIOS_FEATURE_FLAGS}")
|
|
set(CMAKE_CXX_FLAGS "-Wall -ggdb --std=c++0x ${DRAIOS_FEATURE_FLAGS}")
|
|
|
|
set(CMAKE_C_FLAGS_DEBUG "${DRAIOS_DEBUG_FLAGS}")
|
|
set(CMAKE_CXX_FLAGS_DEBUG "${DRAIOS_DEBUG_FLAGS}")
|
|
|
|
set(CMAKE_C_FLAGS_RELEASE "-O3 -fno-strict-aliasing -DNDEBUG")
|
|
set(CMAKE_CXX_FLAGS_RELEASE "-O3 -fno-strict-aliasing -DNDEBUG")
|
|
|
|
add_definitions(-DPLATFORM_NAME="${CMAKE_SYSTEM_NAME}")
|
|
add_definitions(-DK8S_DISABLE_THREAD)
|
|
add_definitions(-DHAS_CAPTURE)
|
|
|
|
if(CMAKE_BUILD_TYPE STREQUAL "Debug")
|
|
set(KBUILD_FLAGS "${DRAIOS_DEBUG_FLAGS} ${DRAIOS_FEATURE_FLAGS}")
|
|
else()
|
|
set(KBUILD_FLAGS "${DRAIOS_FEATURE_FLAGS}")
|
|
endif()
|
|
|
|
set(PACKAGE_NAME "falco")
|
|
set(PROBE_VERSION "${FALCO_VERSION}")
|
|
set(PROBE_NAME "sysdig-probe")
|
|
set(PROBE_DEVICE_NAME "sysdig")
|
|
|
|
set(CMD_MAKE make)
|
|
|
|
set(SYSDIG_DIR ${PROJECT_SOURCE_DIR}/../sysdig)
|
|
|
|
include(ExternalProject)
|
|
|
|
set(ZLIB_SRC "${PROJECT_BINARY_DIR}/zlib-prefix/src/zlib")
|
|
message(STATUS "Using bundled zlib in '${ZLIB_SRC}'")
|
|
set(ZLIB_INCLUDE "${ZLIB_SRC}")
|
|
set(ZLIB_LIB "${ZLIB_SRC}/libz.a")
|
|
ExternalProject_Add(zlib
|
|
URL "http://download.draios.com/dependencies/zlib-1.2.8.tar.gz"
|
|
URL_MD5 "44d667c142d7cda120332623eab69f40"
|
|
CONFIGURE_COMMAND "./configure"
|
|
BUILD_COMMAND ${CMD_MAKE}
|
|
BUILD_IN_SOURCE 1
|
|
INSTALL_COMMAND "")
|
|
|
|
set(JSONCPP_SRC "${SYSDIG_DIR}/userspace/libsinsp/third-party/jsoncpp")
|
|
set(JSONCPP_INCLUDE "${JSONCPP_SRC}")
|
|
set(JSONCPP_LIB_SRC "${JSONCPP_SRC}/jsoncpp.cpp")
|
|
|
|
# we pull this in because libsinsp won't build without it
|
|
set(CURSES_BUNDLE_DIR "${PROJECT_BINARY_DIR}/ncurses-prefix/src/ncurses")
|
|
set(CURSES_INCLUDE_DIR "${CURSES_BUNDLE_DIR}/include/")
|
|
set(CURSES_LIBRARIES "${CURSES_BUNDLE_DIR}/lib/libncurses.a")
|
|
message(STATUS "Using bundled ncurses in '${CURSES_BUNDLE_DIR}'")
|
|
ExternalProject_Add(ncurses
|
|
URL "http://download.draios.com/dependencies/ncurses-6.0-20150725.tgz"
|
|
URL_MD5 "32b8913312e738d707ae68da439ca1f4"
|
|
CONFIGURE_COMMAND ./configure --without-cxx --without-cxx-binding --without-ada --without-manpages --without-progs --without-tests --with-terminfo-dirs=/etc/terminfo:/lib/terminfo:/usr/share/terminfo
|
|
BUILD_COMMAND ${CMD_MAKE}
|
|
BUILD_IN_SOURCE 1
|
|
INSTALL_COMMAND "")
|
|
|
|
|
|
set(B64_SRC "${PROJECT_BINARY_DIR}/b64-prefix/src/b64")
|
|
message(STATUS "Using bundled b64 in '${B64_SRC}'")
|
|
set(B64_INCLUDE "${B64_SRC}/include")
|
|
set(B64_LIB "${B64_SRC}/src/libb64.a")
|
|
ExternalProject_Add(b64
|
|
URL "http://download.draios.com/dependencies/libb64-1.2.src.zip"
|
|
URL_MD5 "a609809408327117e2c643bed91b76c5"
|
|
CONFIGURE_COMMAND ""
|
|
BUILD_COMMAND ${CMD_MAKE}
|
|
BUILD_IN_SOURCE 1
|
|
INSTALL_COMMAND "")
|
|
|
|
|
|
set(YAMLCPP_SRC "${PROJECT_BINARY_DIR}/yamlcpp-prefix/src/yamlcpp")
|
|
message(STATUS "Using bundled yaml-cpp in '${YAMLCPP_SRC}'")
|
|
set(YAMLCPP_LIB "${YAMLCPP_SRC}/libyaml-cpp.a")
|
|
set(YAMLCPP_INCLUDE_DIR "${YAMLCPP_SRC}/include")
|
|
# Once the next version of yaml-cpp is released (first version not requiring
|
|
# boost), we can switch to that and no longer pull from github.
|
|
ExternalProject_Add(yamlcpp
|
|
GIT_REPOSITORY "https://github.com/jbeder/yaml-cpp.git"
|
|
GIT_TAG "7d2873ce9f2202ea21b6a8c5ecbc9fe38032c229"
|
|
BUILD_IN_SOURCE 1
|
|
INSTALL_COMMAND "")
|
|
|
|
set(OPENSSL_BUNDLE_DIR "${PROJECT_BINARY_DIR}/openssl-prefix/src/openssl")
|
|
set(OPENSSL_INSTALL_DIR "${OPENSSL_BUNDLE_DIR}/target")
|
|
set(OPENSSL_LIBRARY_SSL "${OPENSSL_INSTALL_DIR}/lib/libssl.a")
|
|
set(OPENSSL_LIBRARY_CRYPTO "${OPENSSL_INSTALL_DIR}/lib/libcrypto.a")
|
|
|
|
message(STATUS "Using bundled openssl in '${OPENSSL_BUNDLE_DIR}'")
|
|
|
|
ExternalProject_Add(openssl
|
|
URL "http://download.draios.com/dependencies/openssl-1.0.2d.tar.gz"
|
|
URL_MD5 "38dd619b2e77cbac69b99f52a053d25a"
|
|
CONFIGURE_COMMAND ./config shared --prefix=${OPENSSL_INSTALL_DIR}
|
|
BUILD_COMMAND ${CMD_MAKE}
|
|
BUILD_IN_SOURCE 1
|
|
INSTALL_COMMAND ${CMD_MAKE} install)
|
|
|
|
set(CURL_SSL_OPTION "--with-ssl=${OPENSSL_INSTALL_DIR}")
|
|
|
|
|
|
set(CURL_BUNDLE_DIR "${PROJECT_BINARY_DIR}/curl-prefix/src/curl")
|
|
set(CURL_INCLUDE_DIR "${CURL_BUNDLE_DIR}/include/")
|
|
set(CURL_LIBRARIES "${CURL_BUNDLE_DIR}/lib/.libs/libcurl.a")
|
|
message(STATUS "Using bundled curl in '${CURL_BUNDLE_DIR}'")
|
|
message(STATUS "Using SSL for curl in '${CURL_SSL_OPTION}'")
|
|
|
|
ExternalProject_Add(curl
|
|
DEPENDS openssl
|
|
URL "http://download.draios.com/dependencies/curl-7.45.0.tar.bz2"
|
|
URL_MD5 "62c1a352b28558f25ba6209214beadc8"
|
|
CONFIGURE_COMMAND ./configure ${CURL_SSL_OPTION} --disable-shared --enable-optimize --disable-curldebug --disable-rt --enable-http --disable-ftp --disable-file --disable-ldap --disable-ldaps --disable-rtsp --disable-telnet --disable-tftp --disable-pop3 --disable-imap --disable-smb --disable-smtp --disable-gopher --disable-sspi --disable-ntlm-wb --disable-tls-srp --without-winssl --without-darwinssl --without-polarssl --without-cyassl --without-nss --without-axtls --without-ca-path --without-ca-bundle --without-libmetalink --without-librtmp --without-winidn --without-libidn --without-nghttp2 --without-libssh2
|
|
BUILD_COMMAND ${CMD_MAKE}
|
|
BUILD_IN_SOURCE 1
|
|
INSTALL_COMMAND "")
|
|
|
|
set(LUAJIT_SRC "${PROJECT_BINARY_DIR}/luajit-prefix/src/luajit/src")
|
|
message(STATUS "Using bundled LuaJIT in '${LUAJIT_SRC}'")
|
|
set(LUAJIT_INCLUDE "${LUAJIT_SRC}")
|
|
set(LUAJIT_LIB "${LUAJIT_SRC}/libluajit.a")
|
|
ExternalProject_Add(luajit
|
|
URL "http://download.draios.com/dependencies/LuaJIT-2.0.3.tar.gz"
|
|
URL_MD5 "f14e9104be513913810cd59c8c658dc0"
|
|
CONFIGURE_COMMAND ""
|
|
BUILD_COMMAND ${CMD_MAKE}
|
|
BUILD_IN_SOURCE 1
|
|
INSTALL_COMMAND "")
|
|
|
|
set (LPEG_SRC "${PROJECT_BINARY_DIR}/lpeg-prefix/src/lpeg")
|
|
ExternalProject_Add(lpeg
|
|
DEPENDS luajit
|
|
URL "http://s3.amazonaws.com/download.draios.com/dependencies/lpeg-1.0.0.tar.gz"
|
|
URL_MD5 "0aec64ccd13996202ad0c099e2877ece"
|
|
BUILD_COMMAND LUA_INCLUDE=${LUAJIT_INCLUDE} ${PROJECT_SOURCE_DIR}/scripts/build-lpeg.sh
|
|
BUILD_IN_SOURCE 1
|
|
CONFIGURE_COMMAND ""
|
|
INSTALL_COMMAND "")
|
|
|
|
install(FILES falco.yaml
|
|
DESTINATION "${DIR_ETC}")
|
|
|
|
add_subdirectory(${SYSDIG_DIR}/driver ${PROJECT_BINARY_DIR}/driver)
|
|
add_subdirectory(${SYSDIG_DIR}/userspace/libscap ${PROJECT_BINARY_DIR}/userspace/libscap)
|
|
add_subdirectory(${SYSDIG_DIR}/userspace/libsinsp ${PROJECT_BINARY_DIR}/userspace/libsinsp)
|
|
|
|
add_subdirectory(rules)
|
|
add_subdirectory(userspace/falco)
|
|
|
|
|
|
set(CPACK_PACKAGE_NAME "${PACKAGE_NAME}")
|
|
set(CPACK_PACKAGE_VENDOR "Sysdig Inc.")
|
|
set(CPACK_PACKAGE_DESCRIPTION_SUMMARY "falco, a system-level activity monitoring tool")
|
|
set(CPACK_PACKAGE_DESCRIPTION_FILE "${PROJECT_SOURCE_DIR}/scripts/description.txt")
|
|
set(CPACK_PACKAGE_VERSION "${FALCO_VERSION}")
|
|
set(CPACK_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}-${CMAKE_SYSTEM_PROCESSOR}")
|
|
set(CPACK_PROJECT_CONFIG_FILE "${PROJECT_SOURCE_DIR}/CMakeCPackOptions.cmake")
|
|
set(CPACK_STRIP_FILES "ON")
|
|
|
|
set(CPACK_GENERATOR DEB RPM TGZ)
|
|
|
|
set(CPACK_DEBIAN_PACKAGE_MAINTAINER "Sysdig <support@sysdig.com>")
|
|
set(CPACK_DEBIAN_PACKAGE_SECTION "utils")
|
|
|
|
set(CPACK_DEBIAN_PACKAGE_HOMEPAGE "http://www.sysdig.org")
|
|
set(CPACK_DEBIAN_PACKAGE_DEPENDS "sysdig")
|
|
|
|
set(CPACK_RPM_PACKAGE_LICENSE "GPLv2")
|
|
set(CPACK_RPM_PACKAGE_URL "http://www.sysdig.org")
|
|
set(CPACK_RPM_PACKAGE_REQUIRES "sysdig")
|
|
set(CPACK_RPM_EXCLUDE_FROM_AUTO_FILELIST_ADDITION /usr/src /usr/share/man /usr/share/man/man8)
|
|
|
|
include(CPack)
|