This has the major benefit that the entire payload of the container can
access these files there. Previously, we'd set them only as env vars,
but that meant only PID 1 could read them directly or other privileged
payload code with access to /run/1/environ.
}
}
+ /* The container manager might have placed this in the /run/host hierarchy for us, which is best
+ * because we can be consumed just like that, without special privileges. */
+ r = read_one_line_file("/run/host/container-manager", &m);
+ if (r > 0) {
+ e = m;
+ goto translate_name;
+ }
+ if (!IN_SET(r, -ENOENT, 0))
+ return log_debug_errno(r, "Failed to read /run/systemd/container: %m");
+
if (getpid_cached() == 1) {
/* If we are PID 1 we can just check our own environment variable, and that's authoritative.
* We distinguish three cases:
if (r < 0)
return r;
+ /* The same stuff as the $container env var, but nicely readable for the entire payload */
+ p = prefix_roota(directory, "/run/host/container-manager");
+ (void) write_string_file(p, arg_container_service_name, WRITE_STRING_FILE_CREATE);
+
+ /* The same stuff as the $container_uuid env var */
+ p = prefix_roota(directory, "/run/host/container-uuid");
+ (void) write_string_filef(p, WRITE_STRING_FILE_CREATE, SD_ID128_UUID_FORMAT_STR, SD_ID128_FORMAT_VAL(arg_uuid));
+
if (!arg_use_cgns) {
r = mount_cgroups(
directory,
projects / thirdparty / systemd.git / commitdiff
