2 files changed, 33 insertions, 6 deletions

diff --git a/src/basic/path-util.h b/src/basic/path-util.h
index d548f0c345..349cdac7d6 100644
--- a/src/basic/path-util.h
+++ b/src/basic/path-util.h
@@ -66,6 +66,18 @@ static inline bool path_equal_ptr(const char *a, const char *b) {
                 _found;                                         \
         })
 
+#define PATH_STARTSWITH_SET(p, ...)                             \
+        ({                                                      \
+                char **s;                                       \
+                bool _found = false;                            \
+                STRV_FOREACH(s, STRV_MAKE(__VA_ARGS__))         \
+                        if (path_startswith(p, *s)) {           \
+                               _found = true;                   \
+                               break;                           \
+                        }                                       \
+                _found;                                         \
+        })
+
 int path_strv_make_absolute_cwd(char **l);
 char** path_strv_resolve(char **l, const char *root);
 char** path_strv_resolve_uniq(char **l, const char *root);
diff --git a/src/basic/virt.c b/src/basic/virt.c
index d8d57381ad..9b7eb71319 100644
--- a/src/basic/virt.c
+++ b/src/basic/virt.c
@@ -25,15 +25,16 @@
 
 #include "alloc-util.h"
 #include "dirent-util.h"
+#include "env-util.h"
 #include "fd-util.h"
 #include "fileio.h"
+#include "fs-util.h"
 #include "macro.h"
 #include "process-util.h"
 #include "stat-util.h"
 #include "string-table.h"
 #include "string-util.h"
 #include "virt.h"
-#include "env-util.h"
 
 static int detect_vm_cpuid(void) {
 
@@ -556,16 +557,30 @@ int running_in_userns(void) {
 }
 
 int running_in_chroot(void) {
-        int ret;
+        _cleanup_free_ char *self_mnt = NULL, *pid1_mnt = NULL;
+        int r;
+
+        /* Try to detect whether we are running in a chroot() environment. Specifically, check whether we have a
+         * different root directory than PID 1, even though we live in the same mount namespace as it. */
 
         if (getenv_bool("SYSTEMD_IGNORE_CHROOT") > 0)
                 return 0;
 
-        ret = files_same("/proc/1/root", "/");
-        if (ret < 0)
-                return ret;
+        r = files_same("/proc/1/root", "/");
+        if (r < 0)
+                return r;
+        if (r > 0)
+                return 0;
+
+        r = readlink_malloc("/proc/self/ns/mnt", &self_mnt);
+        if (r < 0)
+                return r;
+
+        r = readlink_malloc("/proc/1/ns/mnt", &pid1_mnt);
+        if (r < 0)
+                return r;
 
-        return ret == 0;
+        return streq(self_mnt, pid1_mnt); /* Only if we live in the same namespace! */
 }
 
 static const char *const virtualization_table[_VIRTUALIZATION_MAX] = {