virt: rework container detection logic

Instead of accessing /proc/1/environ directly, trying to read the $container variable from it, let's make PID 1 save the contents of that variable to /run/systemd/container. This allows us to detect containers without the need for CAP_SYS_PTRACE, which allows us to drop it from a number of daemons and from the file capabilities of systemd-detect-virt. Also, don't consider chroot a container technology anymore. After all, we don't consider file system namespaces container technology anymore, and hence chroot() should be considered a container even less.
author: Lennart Poettering <lennart@poettering.net> 2014-05-28 18:37:11 +0800
committer: Lennart Poettering <lennart@poettering.net> 2014-05-28 18:53:44 +0800
commit: fdd25311706bd32580ec4d43211cdf4665d2f9de (patch)
tree: 37f3d1859779e00321ac69882b40723d5c875531 /Makefile.am
parent: d2edfae0f9bdbecf6a8518e2a5bcf06f470e0d9e (diff)
1 files changed, 0 insertions, 3 deletions
diff --git a/Makefile.am b/Makefile.am
index 5b26bc3cee..f66ef4275b 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1798,9 +1798,6 @@ systemd_detect_virt_SOURCES = \
 systemd_detect_virt_LDADD = \
 	libsystemd-shared.la
 
-systemd-detect-virt-install-hook:
-	-$(SETCAP) cap_dac_override,cap_sys_ptrace=ep $(DESTDIR)$(bindir)/systemd-detect-virt
-
 INSTALL_EXEC_HOOKS += \
 	systemd-detect-virt-install-hook
author	Lennart Poettering <lennart@poettering.net>	2014-05-28 18:37:11 +0800
committer	Lennart Poettering <lennart@poettering.net>	2014-05-28 18:53:44 +0800
commit	fdd25311706bd32580ec4d43211cdf4665d2f9de (patch)
tree	37f3d1859779e00321ac69882b40723d5c875531 /Makefile.am
parent	d2edfae0f9bdbecf6a8518e2a5bcf06f470e0d9e (diff)