shared/condition: add ConditionVirtualization=[!]private-users

This can be useful to silence warnings about units which fail in userns
container.

diff --git a/src/shared/condition.c b/src/shared/condition.c
index f13fa6a9fdc548383be77be2dbf2b706b85c1e92..376606e0042f0fc6dedd7d01fba78a7220bb7f82 100644 (file)
--- a/src/shared/condition.c
+++ b/src/shared/condition.c
@@ -146,6 +146,9 @@ static int condition_test_virtualization(Condition *c) {
         assert(c->parameter);
         assert(c->type == CONDITION_VIRTUALIZATION);
 
+        if (streq(c->parameter, "private-users"))
+                return running_in_userns();
+
         v = detect_virtualization();
         if (v < 0)
                 return v;

diff --git a/src/test/test-condition.c b/src/test/test-condition.c
index 6f7d71ef9ab1cd630515257a3003e967a25f6056..dd985f58634fac1691bf7a25307e2927219ffba7 100644 (file)
--- a/src/test/test-condition.c
+++ b/src/test/test-condition.c
@@ -31,6 +31,8 @@
 #include "macro.h"
 #include "selinux-util.h"
 #include "smack-util.h"
+#include "strv.h"
+#include "virt.h"
 #include "util.h"
 
 static void test_condition_test_path(void) {
@@ -265,7 +267,64 @@ static void test_condition_test_security(void) {
         condition_free(condition);
 }
 
+static void test_condition_test_virtualization(void) {
+        Condition *condition;
+        const char *virt;
+        int r;
+
+        condition = condition_new(CONDITION_VIRTUALIZATION, "garbage oifdsjfoidsjoj", false, false);
+        assert_se(condition);
+        r = condition_test(condition);
+        log_info("ConditionVirtualization=garbage → %i", r);
+        assert_se(r == 0);
+        condition_free(condition);
+
+        condition = condition_new(CONDITION_VIRTUALIZATION, "container", false, false);
+        assert_se(condition);
+        r = condition_test(condition);
+        log_info("ConditionVirtualization=container → %i", r);
+        assert_se(r == !!detect_container());
+        condition_free(condition);
+
+        condition = condition_new(CONDITION_VIRTUALIZATION, "vm", false, false);
+        assert_se(condition);
+        r = condition_test(condition);
+        log_info("ConditionVirtualization=vm → %i", r);
+        assert_se(r == (detect_vm() && !detect_container()));
+        condition_free(condition);
+
+        condition = condition_new(CONDITION_VIRTUALIZATION, "private-users", false, false);
+        assert_se(condition);
+        r = condition_test(condition);
+        log_info("ConditionVirtualization=private-users → %i", r);
+        assert_se(r == !!running_in_userns());
+        condition_free(condition);
+
+        NULSTR_FOREACH(virt,
+                       "kvm\0"
+                       "qemu\0"
+                       "bochs\0"
+                       "xen\0"
+                       "uml\0"
+                       "vmware\0"
+                       "oracle\0"
+                       "microsoft\0"
+                       "zvm\0"
+                       "parallels\0"
+                       "bhyve\0"
+                       "vm_other\0") {
+
+                condition = condition_new(CONDITION_VIRTUALIZATION, virt, false, false);
+                assert_se(condition);
+                r = condition_test(condition);
+                log_info("ConditionVirtualization=%s → %i", virt, r);
+                assert_se(r >= 0);
+                condition_free(condition);
+        }
+}
+
 int main(int argc, char *argv[]) {
+        log_set_max_level(LOG_DEBUG);
         log_parse_environment();
         log_open();
 
@@ -276,6 +335,7 @@ int main(int argc, char *argv[]) {
         test_condition_test_kernel_command_line();
         test_condition_test_null();
         test_condition_test_security();
+        test_condition_test_virtualization();
 
         return 0;
 }