From 5ee5b1659aad07a6b718de2868124d490c0dfb73 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Mon, 8 Jan 2024 16:14:44 +0100 Subject: [PATCH] id128-util: do not expose product UUID when running in a container When we run in a container we should show our own system's info, not the hosts hence suppress this info in that case. This matches the behaviour of most other calls in hostnamed to expose system properties. --- src/libsystemd/sd-id128/id128-util.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/libsystemd/sd-id128/id128-util.c b/src/libsystemd/sd-id128/id128-util.c index 69fc1bf07e5..5808cea7576 100644 --- a/src/libsystemd/sd-id128/id128-util.c +++ b/src/libsystemd/sd-id128/id128-util.c @@ -13,6 +13,7 @@ #include "stdio-util.h" #include "string-util.h" #include "sync-util.h" +#include "virt.h" int id128_from_string_nonzero(const char *s, sd_id128_t *ret) { sd_id128_t t; @@ -223,6 +224,13 @@ int id128_get_product(sd_id128_t *ret) { /* Reads the systems product UUID from DMI or devicetree (where it is located on POWER). This is * particularly relevant in VM environments, where VM managers typically place a VM uuid there. */ + r = detect_container(); + if (r < 0) + return r; + if (r > 0) /* Refuse returning this in containers, as this is not a property of our system then, but + * of the host */ + return -ENOENT; + r = id128_read("/sys/class/dmi/id/product_uuid", ID128_FORMAT_UUID, &uuid); if (r == -ENOENT) r = id128_read("/proc/device-tree/vm,uuid", ID128_FORMAT_UUID, &uuid); -- 2.47.3