summaryrefslogtreecommitdiff
path: root/src/shared/virt.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2014-12-10 13:23:49 +0100
committerLennart Poettering <lennart@poettering.net>2014-12-10 13:36:10 +0100
commit536bfdab4cca38916ec8b112a6f80b0c068cc806 (patch)
tree534d518c36da1199088167851bceca0678f6d169 /src/shared/virt.c
parenta644abed54bd4a42ebe2c99af5cc621ffbaf6c55 (diff)
virt: when detecting containers and /run/systemd/container cannot be read, check /proc/1/environ
This way, we should be in a slightly better situation if a container is booted up with only a shell as PID 1. In that case /run/systemd/container will not be populated, and a check for it hence be ineffective. Checking /proc/1/environ doesn't fully fix the problem though, as the file is only accessible with privileges. This means if PID 1 is not systemd, and if privileges have been dropped the container detection will continue to fail.
Diffstat (limited to 'src/shared/virt.c')
-rw-r--r--src/shared/virt.c22
1 files changed, 20 insertions, 2 deletions
diff --git a/src/shared/virt.c b/src/shared/virt.c
index f9c4e67c74..f10baab40b 100644
--- a/src/shared/virt.c
+++ b/src/shared/virt.c
@@ -293,8 +293,26 @@ int detect_container(const char **id) {
r = read_one_line_file("/run/systemd/container", &m);
if (r == -ENOENT) {
- r = 0;
- goto finish;
+
+ /* Fallback for cases where PID 1 was not
+ * systemd (for example, cases where
+ * init=/bin/sh is used. */
+
+ r = getenv_for_pid(1, "container", &m);
+ if (r <= 0) {
+
+ /* If that didn't work, give up,
+ * assume no container manager.
+ *
+ * Note: This means we still cannot
+ * detect containers if init=/bin/sh
+ * is passed but privileges dropped,
+ * as /proc/1/environ is only readable
+ * with privileges. */
+
+ r = 0;
+ goto finish;
+ }
}
if (r < 0)
return r;