[systemd-devel] detect_container() for recent(?) docker

Matwey V. Kornilov matwey.kornilov at gmail.com
Sun Jan 26 08:55:24 UTC 2020


Hello,

I've just found that an assumption used inside detect_container() is
not always true, and that leads to virtualization misdetection.
Namely, I am running systemd inside docker (19.03.5) container on
ubuntu (18.04.2 kernel version is 4.15.0-45-generic).

        /* Interestingly /proc/1/sched actually shows the host's PID
for what we see as PID 1. If the PID
         * shown there is not 1, we know we are in a PID namespace and
hence a container. */
 check_sched:
        r = read_one_line_file("/proc/1/sched", &m);

However, I see the following when reading this file in the container:

64813fe8f025:/ # cat /proc/1/sched
bash (1, #threads: 1)
-------------------------------------------------------------------


Unfortunately, this leads to virtualization misdetection on systemd
startup (docker host runs inside kvm):

Detected virtualization kvm.

And that leads to the issues with getty-generator which tries to use
host serial tty devices.
Running the same docker container with "-e container=docker"
explicitly resolves both issues.

-- 
With best regards,
Matwey V. Kornilov


More information about the systemd-devel mailing list