gnu: Add sysdig.

* gnu/packages/admin.scm (sysdig): New variable.
* gnu/packages/patches/sysdig-shared-falcosecurity-libs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.

Change-Id: I02b64db7a548e17ea83beb1ea27db87d29e99cf1
This commit is contained in:
Maxim Cournoyer 2024-05-05 10:43:33 -04:00
parent 07fbaa87e1
commit 3528d888ee
No known key found for this signature in database
GPG key ID: 1260E46482E63562
3 changed files with 144 additions and 0 deletions

View file

@ -2083,6 +2083,7 @@ dist_patch_DATA = \
%D%/packages/patches/slim-login.patch \
%D%/packages/patches/slim-display.patch \
%D%/packages/patches/stex-copy-from-immutable-store.patch \
%D%/packages/patches/sysdig-shared-falcosecurity-libs.patch \
%D%/packages/patches/syslinux-gcc10.patch \
%D%/packages/patches/syslinux-strip-gnu-property.patch \
%D%/packages/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch \

View file

@ -115,6 +115,7 @@ (define-module (gnu packages admin)
#:use-module (gnu packages c)
#:use-module (gnu packages check)
#:use-module (gnu packages compression)
#:use-module (gnu packages cpp)
#:use-module (gnu packages crates-graphics)
#:use-module (gnu packages crates-io)
#:use-module (gnu packages crates-windows)
@ -5726,6 +5727,64 @@ (define-public seatd
that require it.")
(license license:expat)))
(define-public sysdig
;; Use the latest commit for now, as the latest 0.36.1 release does not yet
;; support the falcosecurity-libs 0.16 API.
(let ((commit "598ad292b659425e475e5814d9e92c3c29188480")
(revision "0"))
(package
(name "sysdig")
(version (git-version "0.36.1" revision commit))
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/draios/sysdig")
(commit commit)))
(file-name (git-file-name name version))
(sha256
(base32
"0yyins3rb286dfibadfwwp2gwmdj7fsz3pdkpdvx05yvdqfkqds7"))
(patches
(search-patches "sysdig-shared-falcosecurity-libs.patch"))))
(build-system cmake-build-system)
(arguments
(list #:tests? #f ;no test suite
#:configure-flags
#~(list "-DUSE_BUNDLED_DEPS=OFF"
;; Already built and part of falcosecurity-libs, but
;; needed for the 'HAS_MODERN_BPF' define.
"-DBUILD_SYSDIG_MODERN_BPF=ON"
#$(string-append "-DSYSDIG_VERSION=" version))))
(native-inputs (list pkg-config))
(inputs
(list falcosecurity-libs
luajit
ncurses
nlohmann-json
yaml-cpp
zlib))
(home-page "https://github.com/draios/sysdig")
(synopsis "System exploration and troubleshooting tool")
(description "Sysdig is a simple tool for deep system visibility, with
native support for containers. It combines features of multiple system
administration tools such as the @command{strace}, @command{tcpdump},
@command{htop}, @command{iftop} and @command{lsof} into a single interface.
The novel architecture of the tool means that the performance impact of the
tracing on the system is very light, compared to the likes of
@command{strace}. The @command{sysdig} command has an interface similar to
@command{strace}, while the @command{csysdig} command is better suited for
interactive used, and has a user interface similar to @command{htop}.
If you use Guix System, the kernel Linux has @acronym{BPF, Berkeley Packet
Filter} support, and you should launch this tool using the @samp{--modern-bpf}
argument of the @command{sysdig} or @command{csysdig} commands. The following
Bash aliases can be added to your @file{~/.bash_profile} file, for example:
alias sysdig=sudo sysdig --modern-bpf
alias cysdig=sudo csysdig --modern-bpf
") ;XXX no @example Texinfo support
(license license:asl2.0))))
(define-public fail2ban
(package
(name "fail2ban")

View file

@ -0,0 +1,84 @@
Upstream status: https://github.com/draios/sysdig/pull/2093
diff --git a/cmake/modules/falcosecurity-libs.cmake b/cmake/modules/falcosecurity-libs.cmake
index 7cee8a3c4..dd59c1b32 100644
--- a/cmake/modules/falcosecurity-libs.cmake
+++ b/cmake/modules/falcosecurity-libs.cmake
@@ -16,6 +16,19 @@
# limitations under the License.
#
+option(USE_BUNDLED_FALCOSECURITY_LIBS "Enable building of the bundled falcosecurity libraries" ${USE_BUNDLED_DEPS})
+
+if(NOT USE_BUNDLED_FALCOSECURITY_LIBS)
+ find_package(PkgConfig REQUIRED)
+ pkg_check_modules(LIBSINSP REQUIRED IMPORTED_TARGET libsinsp)
+ message(STATUS "Found libsinsp:
+ include: ${LIBSINSP_INCLUDE_DIRS}
+ lib: ${LIBSINSP_LIBRARIES}
+ cflags: ${LIBSINSP_CFLAGS}")
+ return()
+endif()
+
+# else(): using bundled falcosecurity libs
set(FALCOSECURITY_LIBS_CMAKE_SOURCE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules/falcosecurity-libs-repo")
set(FALCOSECURITY_LIBS_CMAKE_WORKING_DIR "${CMAKE_BINARY_DIR}/falcosecurity-libs-repo")
diff --git a/userspace/sysdig/CMakeLists.txt b/userspace/sysdig/CMakeLists.txt
index 60f8072ad..0cb179ccc 100644
--- a/userspace/sysdig/CMakeLists.txt
+++ b/userspace/sysdig/CMakeLists.txt
@@ -20,7 +20,6 @@ if(NOT WIN32)
include(ncurses)
endif() # NOT WIN32
-include(zlib)
include(luajit)
include_directories("${PROJECT_BINARY_DIR}/userspace/sinspui")
@@ -84,6 +83,12 @@ if(USE_BUNDLED_DEPS)
add_dependencies(csysdig luajit)
endif()
+if(USE_BUNDLED_FALCOSECURITY_LIBS)
+ set(SINSP_LIB sinsp)
+else()
+ set(SINSP_LIB PkgConfig::LIBSINSP)
+endif()
+
target_include_directories(
sysdig
PUBLIC
@@ -108,7 +113,7 @@ if(NOT WIN32)
include_directories(${PROJECT_BINARY_DIR}/driver/src)
target_link_libraries(sysdig
- sinsp
+ "${SINSP_LIB}"
"${LUAJIT_LIB}"
"${YAMLCPP_LIB}")
@@ -117,7 +122,7 @@ if(NOT WIN32)
endif()
target_link_libraries(csysdig
- sinsp
+ "${SINSP_LIB}"
"${LUAJIT_LIB}"
"${CURSES_LIBRARIES}"
"${YAMLCPP_LIB}")
@@ -140,12 +145,12 @@ else()
add_definitions(-DNOCURSESUI)
target_link_libraries(sysdig
- sinsp
+ "${SINSP_LIB}"
"${LUAJIT_LIB}"
"${YAMLCPP_LIB}")
target_link_libraries(csysdig
- sinsp
+ "${SINSP_LIB}"
"${LUAJIT_LIB}"
"${YAMLCPP_LIB}")