You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Updating metadata for 'fedora-cisco-openh264'... done
Updating metadata for 'updates'... done
Updating metadata for 'fedora'... done
Updating metadata for 'falcosecurity-rpm'... done
Updating metadata for 'updates-archive'... done
Importing rpm-md... done
rpm-md repo 'fedora-cisco-openh264'; generated: 2024-03-12T11:45:42Z solvables: 3
rpm-md repo 'updates'; generated: 2024-09-19T02:22:52Z solvables: 26877
rpm-md repo 'fedora'; generated: 2024-04-14T18:51:11Z solvables: 74881
rpm-md repo 'falcosecurity-rpm'; generated: 2024-08-19T13:23:11Z solvables: 53
rpm-md repo 'updates-archive'; generated: 2024-09-19T03:05:49Z solvables: 40749
Resolving dependencies... done
Will download: 85 packages (131.6 MB)
Downloading from 'fedora'... done
Downloading from 'updates-archive'... done
Downloading from 'falcosecurity-rpm'... done
Downloading from 'updates'... done
⠐ Importing packages 0% [░░░░░░░░░░░░░░░░░░░░] (0s)
Importing packages... done
Checking out packages... done
Running pre scripts... done
Running post scripts... done
error: Running %post for falco: bwrap(/bin/sh): Child process killed by signal 1; run `journalctl -t 'rpm-ostree(falco.post)'` for more information
And the journal log is:
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2535]: [POST-INSTALL] Disable all possible enabled 'falco' service:
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2537]: rpm-ostree-systemctl: Ignored non-preset command: --system stop falco-kmod.service
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2540]: rpm-ostree-systemctl: Ignored non-preset command: --system stop falco-bpf.service
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2541]: rpm-ostree-systemctl: Ignored non-preset command: --system stop falco-modern-bpf.service
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2542]: rpm-ostree-systemctl: Ignored non-preset command: --system stop falco-custom.service
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2544]: rpm-ostree-systemctl: Ignored non-preset command: --system stop falcoctl-artifact-follow.service
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2545]: rpm-ostree-systemctl: Ignored non-preset command: --system disable falco-kmod.service
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2546]: rpm-ostree-systemctl: Ignored non-preset command: --system disable falco-bpf.service
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2547]: rpm-ostree-systemctl: Ignored non-preset command: --system disable falco-modern-bpf.service
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2548]: rpm-ostree-systemctl: Ignored non-preset command: --system disable falco-custom.service
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2549]: rpm-ostree-systemctl: Ignored non-preset command: --system disable falcoctl-artifact-follow.service
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2550]: rpm-ostree-systemctl: Ignored non-preset command: --system unmask falcoctl-artifact-follow.service
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2535]: [POST-INSTALL] Configure falcoctl 'auto' driver type:
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2551]: 2024-09-19 07:04:00 INFO Running falcoctl driver config
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2551]: ├ name: falco
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2551]: ├ version: 7.2.1+driver
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2551]: ├ type: kmod
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2551]: ├ host-root: /
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2551]: └ repos: https://download.falco.org/driver
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2551]: 2024-09-19 07:04:00 INFO Committing driver config to local Falco config
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2551]: 2024-09-19 07:04:00 INFO Storing falcoctl driver config
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2565]: TERM environment variable not set.
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2535]: [POST-INSTALL] Trigger deamon-reload:
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2566]: rpm-ostree-systemctl: Ignored non-preset command: --system daemon-reload
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2535]: [POST-INSTALL] Call 'falcoctl driver install for kmod:
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: 2024-09-19 07:04:00 INFO Running falcoctl driver install
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: ├ driver version: 7.2.1+driver
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: ├ driver type: kmod
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: ├ driver name: falco
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: ├ compile: true
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: ├ download: false
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: ├ target: fedora
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: ├ arch: x86_64
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: ├ kernel release: 6.10.6-200.fc40.x86_64
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: └ kernel version: #1 SMP PREEMPT_DYNAMIC Mon Aug 19 14:09:30 UTC 2024
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: 2024-09-19 07:04:00 INFO Check if kernel module is still loaded.
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: 2024-09-19 07:04:00 INFO OK! There is no module loaded.
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: 2024-09-19 07:04:00 INFO Check all versions of kernel module in dkms.
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: 2024-09-19 07:04:00 INFO OK! There are no module versions in dkms.
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: 2024-09-19 07:04:00 INFO Trying to compile the requested driver
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: 2024-09-19 07:04:00 INFO Trying to load a pre existent system module, if present.
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: 2024-09-19 07:04:00 WARN Consider compiling your own driver and loading it or getting in touch with the Falco community.
Sep 19 07:04:00 localhost.localdomain rpm-ostree(falco.post)[2567]: 2024-09-19 07:04:00 ERROR failed: user: Current requires cgo or $USER, $HOME set in environment
System details
QEMU
40.20240825.3.0 (CoreOS)
Butane or Ignition config
No response
Additional information
I manually downloaded the RPM, unlocked the root filesystem, and successfully installed it using rpm -i falco.rpm.
It appears falcoctl may be unable to retrieve the user's $USER and $HOME variables due to a missing configuration in /etc/passwd for rpm-ostree daemon ?
The text was updated successfully, but these errors were encountered:
Describe the bug
Falco installation on FCOS failed using the instructions provided at https://falco.org/docs/install-operate/installation/#centos-rhel.
Reproduction steps
curl -s -o /etc/yum.repos.d/falcosecurity.repo https://falco.org/repo/falcosecurity-rpm.reporpm-ostree install falcoExpected behavior
Falco installation complete.
Actual behavior
And the journal log is:
System details
Butane or Ignition config
No response
Additional information
I manually downloaded the RPM, unlocked the root filesystem, and successfully installed it using
rpm -i falco.rpm.It appears
falcoctlmay be unable to retrieve the user's $USER and $HOME variables due to a missing configuration in/etc/passwdfor rpm-ostree daemon ?The text was updated successfully, but these errors were encountered: