Blob Blame History Raw
From c74cf7621353d765a89e800c5a040fefa79e7915 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 20 Nov 2013 03:44:11 +0100
Subject: [PATCH] manager: don't do plymouth in a container

Given that plymouth listens on an abstract namespace socket and if
CLONE_NEWNET is not used the abstract namespace is shared with the host
we might actually end up send plymouth data to the host.
---
 src/core/manager.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/core/manager.c b/src/core/manager.c
index ce32baf..944c196 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1966,6 +1966,9 @@ void manager_send_unit_plymouth(Manager *m, Unit *u) {
         if (m->running_as != SYSTEMD_SYSTEM)
                 return;
 
+        if (detect_container(NULL) > 0)
+                return;
+
         if (u->type != UNIT_SERVICE &&
             u->type != UNIT_MOUNT &&
             u->type != UNIT_SWAP)