new(userspace/falco): allow entirely disabling plugin hostinfo support.

Signed-off-by: Federico Di Pierro <[email protected]>
falcosecurity · Nov 22, 2024 · f5a4503 · f5a4503
1 parent ee4c9f9
commit f5a4503
Show file tree

Hide file tree

Showing 5 changed files with 20 additions and 3 deletions.
diff --git a/falco.yaml b/falco.yaml
@@ -480,6 +480,10 @@ plugins:
   - name: json
     library_path: libjson.so
 
+# Uncomment to disable host info support for source plugins
+# that DO NOT generate raw events from the libscap event table,
+# dropping the `hostPath` volume requirement for them.
+# plugins_hostinfo: false
 
 ##########################
 # Falco outputs settings #

diff --git a/userspace/falco/app/actions/helpers_inspector.cpp b/userspace/falco/app/actions/helpers_inspector.cpp
@@ -61,9 +61,15 @@ falco::app::run_result falco::app::actions::open_live_inspector(falco::app::stat
 					falco_logger::log(
 					        falco_logger::level::INFO,
 					        "Opening '" + source + "' source with plugin '" + cfg->m_name + "'");
-					inspector->open_plugin(cfg->m_name,
-					                       cfg->m_open_params,
-					                       sinsp_plugin_platform::SINSP_PLATFORM_HOSTINFO);
+					if(s.config->m_plugins_hostinfo) {
+						inspector->open_plugin(cfg->m_name,
+						                       cfg->m_open_params,
+						                       sinsp_plugin_platform::SINSP_PLATFORM_HOSTINFO);
+					} else {
+						inspector->open_plugin(cfg->m_name,
+						                       cfg->m_open_params,
+						                       sinsp_plugin_platform::SINSP_PLATFORM_GENERIC);
+					}
 					return run_result::ok();
 				}
 			}

diff --git a/userspace/falco/config_json_schema.h b/userspace/falco/config_json_schema.h
@@ -44,6 +44,9 @@ const char config_schema_string[] = LONG_STRING_CONST(
                 "watch_config_files": {
                     "type": "boolean"
                 },
+                "plugins_hostinfo": {
+                    "type": "boolean"
+                },
                 "rules_files": {
                     "type": "array",
                     "items": {

diff --git a/userspace/falco/configuration.cpp b/userspace/falco/configuration.cpp
@@ -96,6 +96,7 @@ falco_configuration::falco_configuration():
         m_metrics_flags(0),
         m_metrics_convert_memory_to_mb(true),
         m_metrics_include_empty_values(false),
+        m_plugins_hostinfo(true),
         m_container_engines_mask(0),
         m_container_engines_disable_cri_async(false),
         m_container_engines_cri_socket_paths({"/run/containerd/containerd.sock",
@@ -616,6 +617,8 @@ void falco_configuration::load_yaml(const std::string &config_name) {
 	m_metrics_include_empty_values =
 	        m_config.get_scalar<bool>("metrics.include_empty_values", false);
 
+	m_plugins_hostinfo = m_config.get_scalar<bool>("plugins_hostinfo", true);
+
 	m_config.get_sequence<std::vector<rule_selection_config>>(m_rules_selection, "rules");
 	m_config.get_sequence<std::vector<append_output_config>>(m_append_output, "append_output");
 

diff --git a/userspace/falco/configuration.h b/userspace/falco/configuration.h
@@ -193,6 +193,7 @@ class falco_configuration {
 	bool m_metrics_convert_memory_to_mb;
 	bool m_metrics_include_empty_values;
 	std::vector<plugin_config> m_plugins;
+	bool m_plugins_hostinfo;
 
 	// container engines
 	uint64_t m_container_engines_mask;