cgroup: don't emit BPF firewall warning when manager is in test mode

Support for BPF might not have been checked, since it's not necessary
in test mode (eg: running offline analysis of units). This causes an
assert:

Assertion '(_error) != 0' failed at src/core/bpf-firewall.c:914, function emit_bpf_firewall_warning(). Aborting.

Export SYSTEMD_LOG_LEVEl=debug in TEST-65-ANALYZE is enough to trigger
this assert while doing an offline analysis of a unit that has some
firewall/network restrictions set.

Skip the warning if the manager is in test mode.

diff --git a/src/core/bpf-firewall.c b/src/core/bpf-firewall.c
index 2c202f1ea60431cbaad2472fa384450751fddfd4..8da71805fce30c766ceee1a82f45681db16c964d 100644 (file)
--- a/src/core/bpf-firewall.c
+++ b/src/core/bpf-firewall.c
@@ -908,7 +908,10 @@ int bpf_firewall_supported(void) {
 void emit_bpf_firewall_warning(Unit *u) {
         static bool warned = false;
 
-        if (!warned) {
+        assert(u);
+        assert(u->manager);
+
+        if (!warned && !MANAGER_IS_TEST_RUN(u->manager)) {
                 bool quiet = bpf_firewall_unsupported_reason == -EPERM && detect_container() > 0;
 
                 log_unit_full_errno(u, quiet ? LOG_DEBUG : LOG_WARNING, bpf_firewall_unsupported_reason,