Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(userspace): deprecate -d daemonize option #2677

Merged
merged 1 commit into from
Aug 25, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion userspace/falco/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ set(
app/actions/helpers_inspector.cpp
app/actions/configure_interesting_sets.cpp
app/actions/create_signal_handlers.cpp
app/actions/daemonize.cpp
app/actions/pidfile.cpp
app/actions/init_falco_engine.cpp
app/actions/init_inspectors.cpp
app/actions/init_clients.cpp
Expand Down
2 changes: 1 addition & 1 deletion userspace/falco/app/actions/actions.h
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ falco::app::run_result configure_syscall_buffer_size(falco::app::state& s);
falco::app::run_result configure_syscall_buffer_num(falco::app::state& s);
falco::app::run_result create_requested_paths(falco::app::state& s);
falco::app::run_result create_signal_handlers(falco::app::state& s);
falco::app::run_result daemonize(falco::app::state& s);
falco::app::run_result pidfile(falco::app::state& s);
falco::app::run_result init_clients(falco::app::state& s);
falco::app::run_result init_falco_engine(falco::app::state& s);
falco::app::run_result init_inspectors(falco::app::state& s);
Expand Down
89 changes: 0 additions & 89 deletions userspace/falco/app/actions/daemonize.cpp

This file was deleted.

2 changes: 1 addition & 1 deletion userspace/falco/app/actions/init_outputs.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ falco::app::run_result falco::app::actions::init_outputs(falco::app::state& s)

if (s.options.dry_run)
{
falco_logger::log(LOG_DEBUG, "Skipping daemonizing in dry-run\n");
falco_logger::log(LOG_DEBUG, "Skipping outputs initialization in dry-run\n");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oh cool you have already done it here, ignore my comment in the other PR i don't remember which 😹

return run_result::ok();
}

Expand Down
52 changes: 52 additions & 0 deletions userspace/falco/app/actions/pidfile.cpp
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
/*
Copyright (C) 2023 The Falco Authors.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>

#include "actions.h"

using namespace falco::app;
using namespace falco::app::actions;

falco::app::run_result falco::app::actions::pidfile(falco::app::state& s)
{
if (s.options.dry_run)
{
falco_logger::log(LOG_DEBUG, "Skipping pidfile creation in dry-run\n");
return run_result::ok();
}

if (!s.options.pidfilename.empty())
{
int64_t self_pid = getpid();

std::ofstream pidfile;
pidfile.open(s.options.pidfilename);

if (!pidfile.good())
{
falco_logger::log(LOG_ERR, "Could not write pid to pidfile " + s.options.pidfilename + ". Exiting.\n");
exit(-1);
Andreagit97 marked this conversation as resolved.
Show resolved Hide resolved
}
pidfile << self_pid;
pidfile.close();

}

return run_result::ok();
}
2 changes: 1 addition & 1 deletion userspace/falco/app/app.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ bool falco::app::run(falco::app::state& s, bool& restart, std::string& errstr)
falco::app::actions::init_outputs,
falco::app::actions::create_signal_handlers,
falco::app::actions::create_requested_paths,
falco::app::actions::daemonize,
falco::app::actions::pidfile,
falco::app::actions::init_clients,
falco::app::actions::configure_interesting_sets,
falco::app::actions::configure_syscall_buffer_size,
Expand Down
8 changes: 1 addition & 7 deletions userspace/falco/app/options.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -142,11 +142,6 @@ bool options::parse(int argc, char **argv, std::string &errstr)
return false;
}

if (daemon && pidfilename == "") {
errstr = std::string("If -d is provided, a pid file must also be provided");
return false;
}

list_fields = m_cmdline_parsed.count("list") > 0 ? true : false;

int open_modes = 0;
Expand Down Expand Up @@ -183,7 +178,6 @@ void options::define(cxxopts::Options& opts)
("b,print-base64", "Print data buffers in base64. This is useful for encoding binary data that needs to be used over media designed to consume this format.")
#if !defined(_WIN32) && !defined(__EMSCRIPTEN__) && !defined(MINIMAL_BUILD)
("cri", "Path to CRI socket for container metadata. Use the specified socket to fetch data from a CRI-compatible runtime. If not specified, uses the libs default. This option can be passed multiple times to specify socket to be tried until a successful one is found.", cxxopts::value(cri_socket_paths), "<path>")
("d,daemon", "Run as a daemon.", cxxopts::value(daemon)->default_value("false"))
("disable-cri-async", "Disable asynchronous CRI metadata fetching. This is useful to let the input event wait for the container metadata fetch to finish before moving forward. Async fetching, in some environments leads to empty fields for container metadata when the fetch is not fast enough to be completed asynchronously. This can have a performance penalty on your environment depending on the number of containers and the frequency at which they are created/started/stopped.", cxxopts::value(disable_cri_async)->default_value("false"))
#endif
("disable-source", "Disable a specific event source. By default, all loaded sources get enabled. Available sources are 'syscall' and all sources defined by loaded plugins supporting the event sourcing capability. This option can be passed multiple times. This has no offect when reading events from a trace file. Can not disable all event sources. Can not be mixed with --enable-source.", cxxopts::value(disable_sources), "<event_source>")
Expand Down Expand Up @@ -217,7 +211,7 @@ void options::define(cxxopts::Options& opts)
("o,option", "Set the value of option <opt> to <val>. Overrides values in configuration file. <opt> can be identified using its location in configuration file using dot notation. Elements which are entries of lists can be accessed via square brackets [].\n E.g. base.id = val\n base.subvalue.subvalue2 = val\n base.list[1]=val", cxxopts::value(cmdline_config_options), "<opt>=<val>")
("plugin-info", "Print info for a single plugin and exit.\nThis includes all descriptivo info like name and author, along with the\nschema format for the init configuration and a list of suggested open parameters.\n<plugin_name> can be the name of the plugin or its configured library_path.", cxxopts::value(print_plugin_info), "<plugin_name>")
("p,print", "Print (or replace) additional information in rule's output.\nUse -pc or -pcontainer to append container details.\nUse -pk or -pkubernetes to add both container and Kubernetes details.\nIf using gVisor, choose -pcg or -pkg variants (or -pcontainer-gvisor and -pkubernetes-gvisor, respectively).\nIf a rule's output contains %container.info, it will be replaced with the corresponding details. Otherwise, these details will be directly appended to the rule's output.\nAlternatively, use -p \"...\" for a custom format. In this case, the given content will be appended to the rule's output without any replacement.", cxxopts::value(print_additional), "<output_format>")
("P,pidfile", "When run as a daemon, write pid to specified file", cxxopts::value(pidfilename)->default_value("/var/run/falco.pid"), "<pid_file>")
("P,pidfile", "Write pid to specified file, by default no pidfile is created.", cxxopts::value(pidfilename)->default_value(""), "<pid_file>")
("r", "Rules file/directory (defaults to value set in configuration file, or /etc/falco_rules.yaml). This option can be passed multiple times to read from multiple files/directories.", cxxopts::value<std::vector<std::string>>(), "<rules_file>")
("S,snaplen", "Capture the first <len> bytes of each I/O buffer. By default, the first 80 bytes are captured. Use this option with caution, it can have a strong performance impact.", cxxopts::value(snaplen)->default_value("0"), "<len>")
("support", "Print support information including version, rules files used, etc. and exit.", cxxopts::value(print_support)->default_value("false"))
Expand Down
1 change: 0 additions & 1 deletion userspace/falco/app/options.h
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,6 @@ class options {
bool all_events;
sinsp_evt::param_fmt event_buffer_format;
std::vector<std::string> cri_socket_paths;
bool daemon;
bool disable_cri_async;
std::vector<std::string> disable_sources;
std::vector<std::string> disabled_rule_substrings;
Expand Down
3 changes: 1 addition & 2 deletions userspace/falco/falco.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,7 @@ limitations under the License.
static void display_fatal_err(const std::string &&msg)
{
/**
* If stderr logging is not enabled, also log to stderr. When
* daemonized this will simply write to /dev/null.
* If stderr logging is not enabled, also log to stderr.
*/
if (! falco_logger::log_stderr)
{
Expand Down