update(scripts): multiple renamings to falcoctl service + fixed descr…

…iption.

Moreover, now falcoctl service is enabled by default. It being bound to falco.target
allows us to avoid it running when falco.target is not running.

Signed-off-by: Federico Di Pierro <[email protected]>

cmake/cpack/CMakeCPackOptions.cmake

@@ -6,7 +6,7 @@ if(CPACK_GENERATOR MATCHES "DEB" OR CPACK_GENERATOR MATCHES "RPM")
 	list(APPEND CPACK_INSTALL_COMMANDS "cp scripts/systemd/falco-bpf.service _CPack_Packages/${CPACK_TOPLEVEL_TAG}/${CPACK_GENERATOR}/${CPACK_PACKAGE_FILE_NAME}/usr/lib/systemd/system")
 	list(APPEND CPACK_INSTALL_COMMANDS "cp scripts/systemd/falco-modern-bpf.service _CPack_Packages/${CPACK_TOPLEVEL_TAG}/${CPACK_GENERATOR}/${CPACK_PACKAGE_FILE_NAME}/usr/lib/systemd/system")
 	list(APPEND CPACK_INSTALL_COMMANDS "cp scripts/systemd/falco-plugin.service _CPack_Packages/${CPACK_TOPLEVEL_TAG}/${CPACK_GENERATOR}/${CPACK_PACKAGE_FILE_NAME}/usr/lib/systemd/system")
-	list(APPEND CPACK_INSTALL_COMMANDS "cp scripts/systemd/falcoctl.service _CPack_Packages/${CPACK_TOPLEVEL_TAG}/${CPACK_GENERATOR}/${CPACK_PACKAGE_FILE_NAME}/usr/lib/systemd/system")
+	list(APPEND CPACK_INSTALL_COMMANDS "cp scripts/systemd/falcoctl-artifact-follow.service _CPack_Packages/${CPACK_TOPLEVEL_TAG}/${CPACK_GENERATOR}/${CPACK_PACKAGE_FILE_NAME}/usr/lib/systemd/system")
 endif()
 
 if(CPACK_GENERATOR MATCHES "TGZ")

scripts/CMakeLists.txt

@@ -28,7 +28,7 @@ file(COPY "${PROJECT_SOURCE_DIR}/scripts/systemd/falco-modern-bpf.service"
 		DESTINATION "${PROJECT_BINARY_DIR}/scripts/systemd")
 file(COPY "${PROJECT_SOURCE_DIR}/scripts/systemd/falco-plugin.service"
 		DESTINATION "${PROJECT_BINARY_DIR}/scripts/systemd")
-file(COPY "${PROJECT_SOURCE_DIR}/scripts/systemd/falcoctl.service"
+file(COPY "${PROJECT_SOURCE_DIR}/scripts/systemd/falcoctl-artifact-follow.service"
 		DESTINATION "${PROJECT_BINARY_DIR}/scripts/systemd")
 
 # Debian

scripts/debian/postinst.in

@@ -17,7 +17,7 @@
 #
 
 chosen_driver=
-enable_falcoctl=0
+enable_falcoctl=1
 
 if [ "$1" = "configure" ]; then
         if [ -x /usr/bin/dialog ]; then
@@ -40,21 +40,18 @@ if [ "$1" = "configure" ]; then
                       chosen_driver="modern-bpf"
                       ;;
                   5)
-                      chosen_driver="plugin"
+                      chosen_driver="plugin (needs manual configuration)"
                       ;;
           esac
-
-          if [ -n "$chosen_driver" ]; then
-            CHOICE=$(dialog --clear --title "Falcoctl" --menu "Do you want to subscribe to automatic ruleset feed?" 10 40 2 \
-                    1 "No" \
-                    2 "Yes" \
-                    2>&1 >/dev/tty)
-            case $CHOICE in
-               2)
-                enable_falcoctl=1
-                ;;
-            esac
-          fi
+          CHOICE=$(dialog --clear --title "Falcoctl" --menu "Do you want to follow automatic ruleset updates?" 10 40 2 \
+                  1 "Yes" \
+                  2 "No" \
+                  2>&1 >/dev/tty)
+          case $CHOICE in
+              2)
+              enable_falcoctl=0
+              ;;
+          esac
           clear
         fi
 fi
@@ -79,13 +76,12 @@ if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-decon
             systemctl --system enable "falco-$chosen_driver.service" || true
             echo "[POST-INSTALL] Start 'falco-$chosen_driver.service':"
             systemctl --system start "falco-$chosen_driver.service" || true
-
-            if [ $enable_falcoctl -eq 1 ]; then
-              echo "[POST-INSTALL] Enable 'falcoctl.service':"
-              systemctl --system enable "falcoctl.service" || true
-              echo "[POST-INSTALL] Start 'falcoctl.service':"
-              systemctl --system start "falcoctl.service" || true
-            fi
+        fi
+        if [ $enable_falcoctl -eq 1 ]; then
+             echo "[POST-INSTALL] Enable 'falcoctl-artifact-follow.service':"
+             systemctl --system enable "falcoctl-artifact-follow.service" || true
+             echo "[POST-INSTALL] Start 'falcoctl-artifact-follow.service':"
+             systemctl --system start "falcoctl-artifact-follow.service" || true
         fi
 fi
 
@@ -97,12 +93,11 @@ if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-decon
         echo "[POST-INSTALL] Trigger 'falco-$chosen_driver.service' condrestart:"
         # restart falco on upgrade if service is already running
         systemctl --system condrestart "falco-$chosen_driver.service" || true
-
-        if [ $enable_falcoctl -eq 1 ]; then
-           echo "[POST-INSTALL] Trigger 'falcoctl.service' condrestart:"
-           # restart falcoctl on upgrade if service is already running
-          systemctl --system condrestart "falcoctl.service" || true
-        fi
+      fi
+      if [ $enable_falcoctl -eq 1 ]; then
+        echo "[POST-INSTALL] Trigger 'falcoctl-artifact-follow.service' condrestart:"
+        # restart falcoctl-artifact-follow on upgrade if service is already running
+        systemctl --system condrestart "falcoctl-artifact-follow.service" || true
       fi
     fi
 fi

scripts/debian/postrm.in

@@ -27,7 +27,7 @@ if [ -d /run/systemd/system ] && [ "$1" = remove ]; then
         systemctl --system disable 'falco-bpf.service' || true
         systemctl --system disable 'falco-modern-bpf.service' || true
         systemctl --system disable 'falco-plugin.service' || true
-        systemctl --system disable 'falcoctl.service' || true
+        systemctl --system disable 'falcoctl-artifact-follow.service' || true
 
         echo "[POST-REMOVE] Trigger deamon-reload:"
         systemctl --system daemon-reload || true

scripts/rpm/postinstall.in

@@ -16,7 +16,7 @@
 #
 
 chosen_driver=
-enable_falcoctl=0
+enable_falcoctl=1
 
 if [ $1 -eq 1 ]; then
         if [ -x /usr/bin/dialog ]; then
@@ -39,20 +39,18 @@ if [ $1 -eq 1 ]; then
                         chosen_driver="modern-bpf"
                         ;;
                     5)
-                        chosen_driver="plugin"
+                        chosen_driver="plugin (needs manual configuration)"
                         ;;
                 esac
-                if [ -n "$chosen_driver" ]; then
-                  CHOICE=$(dialog --clear --title "Falcoctl" --menu "Do you want to subscribe to automatic ruleset feed?" 10 40 2 \
-                          1 "No" \
-                          2 "Yes" \
-                          2>&1 >/dev/tty)
-                  case $CHOICE in
-                     2)
-                      enable_falcoctl=1
-                      ;;
-                  esac
-                fi
+                CHOICE=$(dialog --clear --title "Falcoctl" --menu "Do you want to follow automatic ruleset updates?" 10 40 2 \
+                        1 "Yes" \
+                        2 "No" \
+                        2>&1 >/dev/tty)
+                case $CHOICE in
+                    2)
+                    enable_falcoctl=0
+                    ;;
+                esac
                 clear
         fi
 fi
@@ -87,13 +85,12 @@ if [ $1 -eq 1 ]; then
             systemctl --system enable "falco-$chosen_driver.service" || true
             echo "[POST-INSTALL] Start 'falco-$chosen_driver.service':"
             systemctl --system start "falco-$chosen_driver.service" || true
-
-            if [ $enable_falcoctl -eq 1 ]; then
-              echo "[POST-INSTALL] Enable 'falcoctl.service':"
-              systemctl --system enable "falcoctl.service" || true
-              echo "[POST-INSTALL] Start 'falcoctl.service':"
-              systemctl --system start "falcoctl.service" || true
-            fi
+        fi
+        if [ $enable_falcoctl -eq 1 ]; then
+          echo "[POST-INSTALL] Enable 'falcoctl-artifact-follow.service':"
+          systemctl --system enable "falcoctl-artifact-follow.service" || true
+          echo "[POST-INSTALL] Start 'falcoctl-artifact-follow.service':"
+          systemctl --system start "falcoctl-artifact-follow.service" || true
         fi
 fi
 
@@ -106,11 +103,11 @@ if [ $1 -gt 1 ]; then
           echo "[POST-INSTALL] Trigger 'falco-$chosen_driver.service' condrestart:"
           # restart falco on upgrade if service is already running
           systemctl --system condrestart "falco-$chosen_driver.service" || true
-          if [ $enable_falcoctl -eq 1 ]; then
-            echo "[POST-INSTALL] Trigger 'falcoctl.service' condrestart:"
-            # restart falcoctl on upgrade if service is already running
-            systemctl --system condrestart "falcoctl.service" || true
-          fi
+        fi
+        if [ $enable_falcoctl -eq 1 ]; then
+          echo "[POST-INSTALL] Trigger 'falcoctl-artifact-follow.service' condrestart:"
+          # restart falcoctl-artifact-follow on upgrade if service is already running
+          systemctl --system condrestart "falcoctl-artifact-follow.service" || true
         fi
     fi
 fi

scripts/rpm/postuninstall.in

@@ -23,7 +23,7 @@ if [ -d /run/systemd/system ] && [ $1 -eq 0 ]; then
         systemctl --system disable 'falco-bpf.service' || true
         systemctl --system disable 'falco-modern-bpf.service' || true
         systemctl --system disable 'falco-plugin.service' || true
-        systemctl --system disable 'falcoctl.service' || true
+        systemctl --system disable 'falcoctl-artifact-follow.service' || true
 
         echo "[POST-REMOVE] Trigger deamon-reload:"
         systemctl --system daemon-reload || true

scripts/rpm/preuninstall.in

@@ -34,4 +34,4 @@ falco-driver-loader --clean
 %systemd_preun 'falco-bpf.service'
 %systemd_preun 'falco-modern-bpf.service'
 %systemd_preun 'falco-plugin.service'
-%systemd_preun 'falcoctl.service'
+%systemd_preun 'falcoctl-artifact-follow.service'

scripts/systemd/falcoctl.service → scripts/systemd/falcoctl-artifact-follow.service

@@ -1,5 +1,5 @@
 [Unit]
-Description=Falco: Automatic rules update service
+Description=Falcoctl Artifact Follow: automatic artifacts update service
 Documentation=https://falco.org/docs/
 After=falco.target
 BindsTo=falco.target