From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 22 Nov 2024 16:37:35 +0000 (+0100)
Subject: virt: make use of ns inode check in running_in_userns() and running_in_cgroupns(... 
X-Git-Tag: v257-rc3~30^2~1
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a2429f507ca72278bb6d2893b58906ab313d6e0c;p=thirdparty%2Fsystemd.git

virt: make use of ns inode check in running_in_userns() and running_in_cgroupns() too
---

diff --git a/src/basic/virt.c b/src/basic/virt.c
index 7792d64f16b..9dcafb9dea0 100644
--- a/src/basic/virt.c
+++ b/src/basic/virt.c
@@ -585,6 +585,14 @@ static int running_in_cgroupns(void) {
         if (!cg_ns_supported())
                 return false;
 
+        r = namespace_is_init(NAMESPACE_CGROUP);
+        if (r < 0)
+                log_debug_errno(r, "Failed to test if in root cgroup namespace, ignoring: %m");
+        else if (r > 0)
+                return false;
+
+        // FIXME: We really should drop the heuristics below.
+
         r = cg_all_unified();
         if (r < 0)
                 return r;
@@ -882,6 +890,14 @@ int running_in_userns(void) {
         _cleanup_free_ char *line = NULL;
         int r;
 
+        r = namespace_is_init(NAMESPACE_USER);
+        if (r < 0)
+                log_debug_errno(r, "Failed to test if in root user namespace, ignoring: %m");
+        else if (r > 0)
+                return false;
+
+        // FIXME: We really should drop the heuristics below.
+
         r = userns_has_mapping("/proc/self/uid_map");
         if (r != 0)
                 return r;