mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-23 17:34:00 +03:00
util: detect systemd-nspawn without relying on ns cgroup tree
This commit is contained in:
parent
3bb1c6b04f
commit
65bc2c2114
@ -746,18 +746,22 @@
|
||||
whether it is a specific
|
||||
implementation. Takes either boolean
|
||||
value to check if being executed in
|
||||
any virtual environment or one of the
|
||||
any virtual environment or one of
|
||||
<varname>qemu</varname>,
|
||||
<varname>kvm</varname>,
|
||||
<varname>vmware</varname>,
|
||||
<varname>microsoft</varname>,
|
||||
<varname>oracle</varname>,
|
||||
<varname>xen</varname>,
|
||||
<varname>pidns</varname>,
|
||||
<varname>openvz</varname> to test
|
||||
against a specific implementation. The
|
||||
test may be negated by prepending an
|
||||
exclamation mark.
|
||||
<varname>openvz</varname>,
|
||||
<varname>lxc</varname>,
|
||||
<varname>systemd-nspawn</varname>,
|
||||
<varname>pidns</varname> to test
|
||||
against a specific implementation. If
|
||||
multiple virtualization technologies
|
||||
are nested only the innermost is
|
||||
considered. The test may be negated by
|
||||
prepending an exclamation mark.
|
||||
<varname>ConditionSecurity=</varname>
|
||||
may be used to check whether the given
|
||||
security module is enabled on the
|
||||
@ -788,7 +792,8 @@
|
||||
pipe symbol must be passed first, the
|
||||
exclamation second. Except for
|
||||
<varname>ConditionPathIsSymbolicLink=</varname>,
|
||||
all path checks follow symlinks.</para></listitem>
|
||||
all path checks follow
|
||||
symlinks.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
@ -34,7 +34,8 @@ int main(int argc, char *argv[]) {
|
||||
* to detect whether we are being run in a virtualized
|
||||
* environment or not */
|
||||
|
||||
if ((r = detect_virtualization(&id)) < 0) {
|
||||
r = detect_virtualization(&id);
|
||||
if (r < 0) {
|
||||
log_error("Failed to check for virtualization: %s", strerror(-r));
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
|
51
src/util.c
51
src/util.c
@ -4384,7 +4384,7 @@ int detect_vm(const char **id) {
|
||||
|
||||
if (hypervisor) {
|
||||
if (id)
|
||||
*id = "other";
|
||||
*id = "other-vm";
|
||||
|
||||
return 1;
|
||||
}
|
||||
@ -4421,7 +4421,51 @@ int detect_container(const char **id) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
if ((f = fopen("/proc/self/cgroup", "re"))) {
|
||||
f = fopen("/proc/1/environ", "re");
|
||||
if (f) {
|
||||
bool done = false;
|
||||
|
||||
do {
|
||||
char line[LINE_MAX];
|
||||
unsigned i;
|
||||
|
||||
for (i = 0; i < sizeof(line)-1; i++) {
|
||||
int c;
|
||||
|
||||
c = getc(f);
|
||||
if (_unlikely_(c == EOF)) {
|
||||
done = true;
|
||||
break;
|
||||
} else if (c == 0)
|
||||
break;
|
||||
|
||||
line[i] = c;
|
||||
}
|
||||
line[i] = 0;
|
||||
|
||||
if (streq(line, "container=lxc")) {
|
||||
fclose(f);
|
||||
*id = "lxc";
|
||||
return 1;
|
||||
|
||||
} else if (streq(line, "container=systemd-nspawn")) {
|
||||
fclose(f);
|
||||
*id = "systemd-nspawn";
|
||||
return 1;
|
||||
|
||||
} else if (startswith(line, "container=")) {
|
||||
fclose(f);
|
||||
*id = "other-container";
|
||||
return 1;
|
||||
}
|
||||
|
||||
} while (!done);
|
||||
|
||||
fclose(f);
|
||||
}
|
||||
|
||||
f = fopen("/proc/self/cgroup", "re");
|
||||
if (f) {
|
||||
|
||||
for (;;) {
|
||||
char line[LINE_MAX], *p;
|
||||
@ -4429,7 +4473,8 @@ int detect_container(const char **id) {
|
||||
if (!fgets(line, sizeof(line), f))
|
||||
break;
|
||||
|
||||
if (!(p = strchr(strstrip(line), ':')))
|
||||
p = strchr(strstrip(line), ':');
|
||||
if (!p)
|
||||
continue;
|
||||
|
||||
if (strncmp(p, ":ns:", 4))
|
||||
|
Loading…
Reference in New Issue
Block a user