New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
No user data in Falco 0.32.0 #2048
Comments
We are looking into that! Thanks for providing all the info! It seems like this check went wrong in Falco CI (building locally everything works fine!) |
After some testing with @FedeDP it looks like falcosecurity/libs#383 and #2053 fixed the issue! Apparently, the problem was that in our CMake setup we unnoticeably cut-off the compilation of a piace libsinsp code that populated user data. Thank you @deepskyblue86 for reporting this bug! |
Will there be a Falco hotfix version by any chance? |
Hi! |
Describe the bug
Output of any user information leads to
<NA>
How to reproduce it
%user
The rule output has
<NA>
instead of the actual data.I tested a custom rule with the following output:
and I get
Expected behaviour
User information shall be shown
Screenshots
Environment
Falco version: 0.32.0
Driver version: 39ae7d40496793cf3d3e7890c9bbdc202263836b
{
"machine": "x86_64",
"release": "5.11.12-300.fc34.x86_64",
"sysname": "Linux",
}
Additional context
The text was updated successfully, but these errors were encountered: