Should you have the latest kernel version?

[ASmoliak]

Hi, recently I've been trying to install Sysdig on an CentOS7 machine, the automatic script fails because it tries to download kernel headers that do not exist.

My kernel version: 3.10.0-957.el7.x86_64 The only available kernel headers: kernel-devel-3.10.0-1160 Only way for me to make this work is to update my kernel to the latest version and reboot, but I am not willing to do that.

The script mentions that it cannot install the headers, and yet Sysdig does successfully install and run, I don't understand if it's that important.

[FedeDP]

Only way for me to make this work is to update my kernel to the latest version and reboot, but I am not willing to do that.

Well, you could also download right kernel headers for your currently running kernel version too; it does not require a reboot :)

The script mentions that it cannot install the headers, and yet Sysdig does successfully install and run, I don't understand if it's that important.

Can you share a snippet for this?

[ASmoliak]

I'm sorry about the latter part of your reply. it works because a previous proper install left a probe, and as soon as I removed the probe, sysdig would not run.

On Fri, Apr 29, 2022 at 12:38 PM Federico Di Pierro < @.***> wrote:

Only way for me to make this work is to update my kernel to the latest version and reboot, but I am not willing to do that.

Well, you could also download right kernel headers for your currently running kernel version too; it does not require a reboot :)

The script mentions that it cannot install the headers, and yet Sysdig does successfully install and run, I don't understand if it's that important.

Can you share a snippet for this?

— Reply to this email directly, view it on GitHub https://github.com/draios/sysdig/issues/1847#issuecomment-1113114456, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGGVRFS7XKGJYH2NX23LOF3VHOU3FANCNFSM5PQZ4F6Q . You are receiving this because you authored the thread.Message ID: @.***>

[ASmoliak]

As for the kernel headers, We're trying to deploy Sysdig on a wide variety of machines with varying update states, Is there a script that can automatically install the required headers for the current machine?

[FedeDP]

Hi!

As for the kernel headers, We're trying to deploy Sysdig on a wide variety of machines with varying update states, Is there a script that can automatically install the required headers for the current machine?

I don't think so. We have a script (https://github.com/draios/sysdig/blob/dev/scripts/scap-driver-loader.in) to try to fetch a prebuilt module; if it is missing, it tries to build one for you for the current (as in uname -r) kernel version.

If you want full control, you can build the module/eBPF probe from source by downloading release source code tarball.

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.