From 3528d888eed2e226826085f68b40171dee18c5cb Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Sun, 5 May 2024 10:43:33 -0400 Subject: [PATCH] gnu: Add sysdig. * gnu/packages/admin.scm (sysdig): New variable. * gnu/packages/patches/sysdig-shared-falcosecurity-libs.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. Change-Id: I02b64db7a548e17ea83beb1ea27db87d29e99cf1 --- gnu/local.mk | 1 + gnu/packages/admin.scm | 59 +++++++++++++ .../sysdig-shared-falcosecurity-libs.patch | 84 +++++++++++++++++++ 3 files changed, 144 insertions(+) create mode 100644 gnu/packages/patches/sysdig-shared-falcosecurity-libs.patch diff --git a/gnu/local.mk b/gnu/local.mk index 678701c276..6c50b315ed 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -2083,6 +2083,7 @@ dist_patch_DATA = \ %D%/packages/patches/slim-login.patch \ %D%/packages/patches/slim-display.patch \ %D%/packages/patches/stex-copy-from-immutable-store.patch \ + %D%/packages/patches/sysdig-shared-falcosecurity-libs.patch \ %D%/packages/patches/syslinux-gcc10.patch \ %D%/packages/patches/syslinux-strip-gnu-property.patch \ %D%/packages/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch \ diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm index 775083c92c..d1efd6213f 100644 --- a/gnu/packages/admin.scm +++ b/gnu/packages/admin.scm @@ -115,6 +115,7 @@ (define-module (gnu packages admin) #:use-module (gnu packages c) #:use-module (gnu packages check) #:use-module (gnu packages compression) + #:use-module (gnu packages cpp) #:use-module (gnu packages crates-graphics) #:use-module (gnu packages crates-io) #:use-module (gnu packages crates-windows) @@ -5726,6 +5727,64 @@ (define-public seatd that require it.") (license license:expat))) +(define-public sysdig + ;; Use the latest commit for now, as the latest 0.36.1 release does not yet + ;; support the falcosecurity-libs 0.16 API. + (let ((commit "598ad292b659425e475e5814d9e92c3c29188480") + (revision "0")) + (package + (name "sysdig") + (version (git-version "0.36.1" revision commit)) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/draios/sysdig") + (commit commit))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "0yyins3rb286dfibadfwwp2gwmdj7fsz3pdkpdvx05yvdqfkqds7")) + (patches + (search-patches "sysdig-shared-falcosecurity-libs.patch")))) + (build-system cmake-build-system) + (arguments + (list #:tests? #f ;no test suite + #:configure-flags + #~(list "-DUSE_BUNDLED_DEPS=OFF" + ;; Already built and part of falcosecurity-libs, but + ;; needed for the 'HAS_MODERN_BPF' define. + "-DBUILD_SYSDIG_MODERN_BPF=ON" + #$(string-append "-DSYSDIG_VERSION=" version)))) + (native-inputs (list pkg-config)) + (inputs + (list falcosecurity-libs + luajit + ncurses + nlohmann-json + yaml-cpp + zlib)) + (home-page "https://github.com/draios/sysdig") + (synopsis "System exploration and troubleshooting tool") + (description "Sysdig is a simple tool for deep system visibility, with +native support for containers. It combines features of multiple system +administration tools such as the @command{strace}, @command{tcpdump}, +@command{htop}, @command{iftop} and @command{lsof} into a single interface. +The novel architecture of the tool means that the performance impact of the +tracing on the system is very light, compared to the likes of +@command{strace}. The @command{sysdig} command has an interface similar to +@command{strace}, while the @command{csysdig} command is better suited for +interactive used, and has a user interface similar to @command{htop}. + +If you use Guix System, the kernel Linux has @acronym{BPF, Berkeley Packet +Filter} support, and you should launch this tool using the @samp{--modern-bpf} +argument of the @command{sysdig} or @command{csysdig} commands. The following +Bash aliases can be added to your @file{~/.bash_profile} file, for example: + +alias sysdig=sudo sysdig --modern-bpf +alias cysdig=sudo csysdig --modern-bpf +") ;XXX no @example Texinfo support + (license license:asl2.0)))) + (define-public fail2ban (package (name "fail2ban") diff --git a/gnu/packages/patches/sysdig-shared-falcosecurity-libs.patch b/gnu/packages/patches/sysdig-shared-falcosecurity-libs.patch new file mode 100644 index 0000000000..5d0fd4d1fb --- /dev/null +++ b/gnu/packages/patches/sysdig-shared-falcosecurity-libs.patch @@ -0,0 +1,84 @@ +Upstream status: https://github.com/draios/sysdig/pull/2093 + +diff --git a/cmake/modules/falcosecurity-libs.cmake b/cmake/modules/falcosecurity-libs.cmake +index 7cee8a3c4..dd59c1b32 100644 +--- a/cmake/modules/falcosecurity-libs.cmake ++++ b/cmake/modules/falcosecurity-libs.cmake +@@ -16,6 +16,19 @@ + # limitations under the License. + # + ++option(USE_BUNDLED_FALCOSECURITY_LIBS "Enable building of the bundled falcosecurity libraries" ${USE_BUNDLED_DEPS}) ++ ++if(NOT USE_BUNDLED_FALCOSECURITY_LIBS) ++ find_package(PkgConfig REQUIRED) ++ pkg_check_modules(LIBSINSP REQUIRED IMPORTED_TARGET libsinsp) ++ message(STATUS "Found libsinsp: ++ include: ${LIBSINSP_INCLUDE_DIRS} ++ lib: ${LIBSINSP_LIBRARIES} ++ cflags: ${LIBSINSP_CFLAGS}") ++ return() ++endif() ++ ++# else(): using bundled falcosecurity libs + set(FALCOSECURITY_LIBS_CMAKE_SOURCE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules/falcosecurity-libs-repo") + set(FALCOSECURITY_LIBS_CMAKE_WORKING_DIR "${CMAKE_BINARY_DIR}/falcosecurity-libs-repo") + +diff --git a/userspace/sysdig/CMakeLists.txt b/userspace/sysdig/CMakeLists.txt +index 60f8072ad..0cb179ccc 100644 +--- a/userspace/sysdig/CMakeLists.txt ++++ b/userspace/sysdig/CMakeLists.txt +@@ -20,7 +20,6 @@ if(NOT WIN32) + include(ncurses) + endif() # NOT WIN32 + +-include(zlib) + include(luajit) + + include_directories("${PROJECT_BINARY_DIR}/userspace/sinspui") +@@ -84,6 +83,12 @@ if(USE_BUNDLED_DEPS) + add_dependencies(csysdig luajit) + endif() + ++if(USE_BUNDLED_FALCOSECURITY_LIBS) ++ set(SINSP_LIB sinsp) ++else() ++ set(SINSP_LIB PkgConfig::LIBSINSP) ++endif() ++ + target_include_directories( + sysdig + PUBLIC +@@ -108,7 +113,7 @@ if(NOT WIN32) + include_directories(${PROJECT_BINARY_DIR}/driver/src) + + target_link_libraries(sysdig +- sinsp ++ "${SINSP_LIB}" + "${LUAJIT_LIB}" + "${YAMLCPP_LIB}") + +@@ -117,7 +122,7 @@ if(NOT WIN32) + endif() + + target_link_libraries(csysdig +- sinsp ++ "${SINSP_LIB}" + "${LUAJIT_LIB}" + "${CURSES_LIBRARIES}" + "${YAMLCPP_LIB}") +@@ -140,12 +145,12 @@ else() + add_definitions(-DNOCURSESUI) + + target_link_libraries(sysdig +- sinsp ++ "${SINSP_LIB}" + "${LUAJIT_LIB}" + "${YAMLCPP_LIB}") + + target_link_libraries(csysdig +- sinsp ++ "${SINSP_LIB}" + "${LUAJIT_LIB}" + "${YAMLCPP_LIB}") +