detect-virt: check the inode number of the pid namespace

The indoe number of root pid namespace is hardcoded in the kernel to 0xEFFFFFFC since 3.8, so check the inode number of our pid namespace if all else fails. If it's not 0xEFFFFFFC then we are in a pid namespace, hence a container environment. Fixes https://github.com/systemd/systemd/issues/35249 [Reworked by Lennart, to make use of namespace_is_init()]
author: Luca Boccassi <luca.boccassi@gmail.com> 2024-11-21 01:47:39 +0100
committer: Lennart Poettering <lennart@poettering.net> 2024-11-23 00:14:20 +0100
commit: 193bf42ab0721384570bb6913e5f38385a9105e7 (patch)
tree: 2dfc120887550aa11e149d709caf8576c35032ef /test
parent: namespace-util: add generic namespace_is_init() call (diff)
download: systemd-193bf42ab0721384570bb6913e5f38385a9105e7.tar.xz
systemd-193bf42ab0721384570bb6913e5f38385a9105e7.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/test/units/TEST-74-AUX-UTILS.detect-virt.sh b/test/units/TEST-74-AUX-UTILS.detect-virt.sh
index fe1db4d2aa..a1539d9b44 100755
--- a/test/units/TEST-74-AUX-UTILS.detect-virt.sh
+++ b/test/units/TEST-74-AUX-UTILS.detect-virt.sh
@@ -5,3 +5,7 @@ set -o pipefail
 
 SYSTEMD_IN_CHROOT=1 systemd-detect-virt --chroot
 (! SYSTEMD_IN_CHROOT=0 systemd-detect-virt --chroot)
+
+if ! systemd-detect-virt -c; then
+    unshare --mount-proc --fork --user --pid systemd-detect-virt --container
+fi
author	Luca Boccassi <luca.boccassi@gmail.com>	2024-11-21 01:47:39 +0100
committer	Lennart Poettering <lennart@poettering.net>	2024-11-23 00:14:20 +0100
commit	193bf42ab0721384570bb6913e5f38385a9105e7 (patch)
tree	2dfc120887550aa11e149d709caf8576c35032ef /test
parent	namespace-util: add generic namespace_is_init() call (diff)
download	systemd-193bf42ab0721384570bb6913e5f38385a9105e7.tar.xz systemd-193bf42ab0721384570bb6913e5f38385a9105e7.zip