diff options
author | Lennart Poettering <lennart@poettering.net> | 2024-02-29 18:19:07 +0100 |
---|---|---|
committer | Luca Boccassi <luca.boccassi@gmail.com> | 2024-02-29 21:43:12 +0100 |
commit | d52320337ee377f011782ed51e8d39a33e4f23be (patch) | |
tree | b3ff520223b1dbdda6a6f855004a6feafe01f9ba /src | |
parent | Merge pull request #31544 from mrc0mmand/more-test-tweaks (diff) | |
download | systemd-d52320337ee377f011782ed51e8d39a33e4f23be.tar.xz systemd-d52320337ee377f011782ed51e8d39a33e4f23be.zip |
ssh-generator: don't do AF_VSOCK stuff if we run in a container
Tighten our VM check: whether we run in a VM is not enough to do
AF_VSOCK. We also need to check if we are run in a container, because if
we run in a container inside a VM then we should *not* do the AF_VSOCK
stuff, but leave the port free for the VM itself.
As discussed here:
https://github.com/systemd/systemd/pull/31544#issuecomment-1971455401
Diffstat (limited to 'src')
-rw-r--r-- | src/ssh-generator/ssh-generator.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/ssh-generator/ssh-generator.c b/src/ssh-generator/ssh-generator.c index f906b47568..6fdd4ec27f 100644 --- a/src/ssh-generator/ssh-generator.c +++ b/src/ssh-generator/ssh-generator.c @@ -184,10 +184,11 @@ static int add_vsock_socket( assert(dest); assert(generated_sshd_template_unit); - Virtualization v = detect_vm(); + Virtualization v = detect_virtualization(); if (v < 0) return log_error_errno(v, "Failed to detect if we run in a VM: %m"); - if (v == VIRTUALIZATION_NONE) { + if (!VIRTUALIZATION_IS_VM(v)) { + /* NB: if we are running in a container inside a VM, then we'll *not* do AF_VSOCK stuff */ log_debug("Not running in a VM, not listening on AF_VSOCK."); return 0; } |