From 4c5360ba96973eb67e2d828716502b818df91e24 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Sat, 11 Nov 2023 10:20:39 -0500 Subject: [PATCH] install: Just check if we're pid1 I'm working on a buildsystem where we run a "supermin" VM that doesn't use systemd as pid1. There's no reason to hard require systemd for this. This check isn't fully correct because it will allow things to pass if someone does `podman run --init` to make us pid2, but still in a userns. In theory we could detect that in the future. Signed-off-by: Colin Walters --- lib/src/install.rs | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/lib/src/install.rs b/lib/src/install.rs index 295b61c8d..24cacdea3 100644 --- a/lib/src/install.rs +++ b/lib/src/install.rs @@ -722,13 +722,9 @@ pub(crate) fn finalize_filesystem(fs: &Utf8Path) -> Result<()> { Ok(()) } -fn require_systemd_pid1() -> Result<()> { +fn require_host_pidns() -> Result<()> { // We require --pid=host - let pid = std::fs::read_link("/proc/1/exe").context("reading /proc/1/exe")?; - let pid = pid - .to_str() - .ok_or_else(|| anyhow::anyhow!("Non-UTF8 /proc/1/exe"))?; - if !pid.contains("systemd") { + if rustix::process::getpid().is_init() { anyhow::bail!("This command must be run with --pid=host") } Ok(()) @@ -809,7 +805,7 @@ async fn prepare_install( ) -> Result> { // We need full root privileges, i.e. --privileged in podman crate::cli::require_root()?; - require_systemd_pid1()?; + require_host_pidns()?; if cfg!(target_arch = "s390x") { anyhow::bail!("Installation is not supported on this architecture yet");