summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2024-02-29 18:19:07 +0100
committerLuca Boccassi <luca.boccassi@gmail.com>2024-02-29 21:43:12 +0100
commitd52320337ee377f011782ed51e8d39a33e4f23be (patch)
treeb3ff520223b1dbdda6a6f855004a6feafe01f9ba /src
parentMerge pull request #31544 from mrc0mmand/more-test-tweaks (diff)
downloadsystemd-d52320337ee377f011782ed51e8d39a33e4f23be.tar.xz
systemd-d52320337ee377f011782ed51e8d39a33e4f23be.zip
ssh-generator: don't do AF_VSOCK stuff if we run in a container
Tighten our VM check: whether we run in a VM is not enough to do AF_VSOCK. We also need to check if we are run in a container, because if we run in a container inside a VM then we should *not* do the AF_VSOCK stuff, but leave the port free for the VM itself. As discussed here: https://github.com/systemd/systemd/pull/31544#issuecomment-1971455401
Diffstat (limited to 'src')
-rw-r--r--src/ssh-generator/ssh-generator.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/src/ssh-generator/ssh-generator.c b/src/ssh-generator/ssh-generator.c
index f906b47568..6fdd4ec27f 100644
--- a/src/ssh-generator/ssh-generator.c
+++ b/src/ssh-generator/ssh-generator.c
@@ -184,10 +184,11 @@ static int add_vsock_socket(
assert(dest);
assert(generated_sshd_template_unit);
- Virtualization v = detect_vm();
+ Virtualization v = detect_virtualization();
if (v < 0)
return log_error_errno(v, "Failed to detect if we run in a VM: %m");
- if (v == VIRTUALIZATION_NONE) {
+ if (!VIRTUALIZATION_IS_VM(v)) {
+ /* NB: if we are running in a container inside a VM, then we'll *not* do AF_VSOCK stuff */
log_debug("Not running in a VM, not listening on AF_VSOCK.");
return 0;
}