From 401749266421e0a7bdb53ab98cd7945d7d473aa1 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Tue, 9 Apr 2024 10:09:48 +0200 Subject: [PATCH] chore(scripts): updated debian and rpm post installation scripts to deal with new automatic driver selection as default behavior. Signed-off-by: Federico Di Pierro --- scripts/debian/postinst.in | 50 +++++++++++++++++++++++----------- scripts/rpm/postinstall.in | 55 +++++++++++++++++++++++++------------- 2 files changed, 70 insertions(+), 35 deletions(-) diff --git a/scripts/debian/postinst.in b/scripts/debian/postinst.in index a0669fc14af..57a577af3f5 100755 --- a/scripts/debian/postinst.in +++ b/scripts/debian/postinst.in @@ -17,7 +17,8 @@ # limitations under the License. # -chosen_driver= +# By default, we use the automatic selection for drivers +chosen_driver="auto" chosen_unit= CHOICE= @@ -39,42 +40,54 @@ systemctl --system unmask falcoctl-artifact-follow.service || true if [ "$1" = "configure" ]; then case $FALCO_DRIVER_CHOICE in + none) + CHOICE=1 + ;; kmod) - CHOICE=2 + CHOICE=3 ;; ebpf) - CHOICE=3 + CHOICE=4 ;; modern_ebpf) - CHOICE=4 + CHOICE=5 ;; esac if [ -z $CHOICE ] && [ -x /usr/bin/dialog ] && [ "${FALCO_FRONTEND}" != "noninteractive" ]; then # If dialog is installed, create a dialog to let users choose the correct driver for them CHOICE=$(dialog --clear --title "Falco drivers" --menu "Choose your preferred driver:" 12 55 4 \ 1 "Manual configuration (no unit is started)" \ - 2 "Kmod" \ - 3 "eBPF" \ - 4 "Modern eBPF" \ + 2 "Automatic selection" \ + 3 "Kmod" \ + 4 "eBPF" \ + 5 "Modern eBPF" \ 2>&1 >/dev/tty) - fi + fi + # No need to manage automatic case since it is already the default case $CHOICE in - 2) - chosen_driver="kmod" - chosen_unit="kmod" + 1) + chosen_driver="" ;; 3) - chosen_driver="ebpf" - chosen_unit="bpf" + chosen_driver="kmod" ;; 4) + chosen_driver="ebpf" + ;; + 5) chosen_driver="modern_ebpf" - chosen_unit="modern-bpf" ;; esac - if [ -n "$CHOICE" ]; then + if [ -n "$chosen_driver" ]; then echo "[POST-INSTALL] Configure falcoctl driver type:" - falcoctl driver config --type $chosen_driver + if [ "$chosen_driver" = "auto" ]; then + # Configure falcoctl to enable all drivers + falcoctl driver config --type "modern_ebpf" --type "ebpf" --type "kmod" + # Load the actually automatic chosen driver + chosen_driver=$(falcoctl driver printenv | grep DRIVER= | cut -d'"' -f2) + else + falcoctl driver config --type "$chosen_driver" + fi CHOICE= case $FALCOCTL_ENABLED in no) @@ -108,10 +121,15 @@ case "$chosen_driver" in # Only compile for kmod, in this way we use dkms echo "[POST-INSTALL] Call 'falcoctl driver install for kmod:" falcoctl driver install --download=false + chosen_unit="kmod" ;; "ebpf") echo "[POST-INSTALL] Call 'falcoctl driver install for ebpf':" falcoctl driver install + chosen_unit="bpf" + ;; + "modern_ebpf") + chosen_unit="modern-bpf" ;; esac diff --git a/scripts/rpm/postinstall.in b/scripts/rpm/postinstall.in index ae509e573e5..2def0c5bcdc 100755 --- a/scripts/rpm/postinstall.in +++ b/scripts/rpm/postinstall.in @@ -16,7 +16,8 @@ # limitations under the License. # -chosen_driver= +# By default, we use the automatic selection for drivers +chosen_driver="auto" chosen_unit= CHOICE= @@ -38,42 +39,53 @@ systemctl --system unmask falcoctl-artifact-follow.service || true if [ $1 -ge 1 ]; then case $FALCO_DRIVER_CHOICE in + none) + CHOICE=1 + ;; kmod) - CHOICE=2 + CHOICE=3 ;; ebpf) - CHOICE=3 + CHOICE=4 ;; modern_ebpf) - CHOICE=4 + CHOICE=5 ;; esac if [ -z $CHOICE ] && [ -x /usr/bin/dialog ] && [ "${FALCO_FRONTEND}" != "noninteractive" ]; then # If dialog is installed, create a dialog to let users choose the correct driver for them CHOICE=$(dialog --clear --title "Falco drivers" --menu "Choose your preferred driver:" 12 55 4 \ 1 "Manual configuration (no unit is started)" \ - 2 "Kmod" \ - 3 "eBPF" \ - 4 "Modern eBPF" \ + 2 "Automatic selection" \ + 3 "Kmod" \ + 4 "eBPF" \ + 5 "Modern eBPF" \ 2>&1 >/dev/tty) - fi + fi + # No need to manage automatic case since it is already the default case $CHOICE in - 2) - chosen_driver="kmod" - chosen_unit="kmod" + 1) + chosen_driver="" ;; 3) - chosen_driver="ebpf" - chosen_unit="bpf" + chosen_driver="kmod" ;; 4) + chosen_driver="ebpf" + ;; + 5) chosen_driver="modern_ebpf" - chosen_unit="modern-bpf" ;; esac - if [ -n "$CHOICE" ]; then - echo "[POST-INSTALL] Configure falcoctl driver type:" - falcoctl driver config --type $chosen_driver + if [ -n "$chosen_driver" ]; then + if [ "$chosen_driver" = "auto" ]; then + # Configure falcoctl to enable all drivers + falcoctl driver config --type "modern_ebpf" --type "ebpf" --type "kmod" + # Load the actually automatic chosen driver + chosen_driver=$(falcoctl driver printenv | grep DRIVER= | cut -d'"' -f2) + else + falcoctl driver config --type "$chosen_driver" + fi CHOICE= case $FALCOCTL_ENABLED in no) @@ -105,12 +117,17 @@ systemctl --system daemon-reload || true case "$chosen_driver" in "kmod") # Only compile for kmod, in this way we use dkms - echo "[POST-INSTALL] Call 'falcoctl driver install for kmod:" - falcoctl driver install --download=false + echo "[POST-INSTALL] Call 'falcoctl driver install for kmod:" + falcoctl driver install --download=false + chosen_unit="kmod" ;; "ebpf") echo "[POST-INSTALL] Call 'falcoctl driver install for ebpf':" falcoctl driver install + chosen_unit="bpf" + ;; + "modern_ebpf") + chosen_unit="modern-bpf" ;; esac