Blob Blame Raw
From b48d4e5832f3c17b8aeb6af486ee3ea0f1c70376 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 20 Nov 2013 03:44:11 +0100
Subject: [PATCH] manager: don't do plymouth in a container

Given that plymouth listens on an abstract namespace socket and if
CLONE_NEWNET is not used the abstract namespace is shared with the host
we might actually end up send plymouth data to the host.
---
 src/core/manager.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/core/manager.c b/src/core/manager.c
index c7f8f20a70..481ec3029e 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1868,6 +1868,9 @@ void manager_send_unit_plymouth(Manager *m, Unit *u) {
         if (m->running_as != SYSTEMD_SYSTEM)
                 return;
 
+        if (detect_container(NULL) > 0)
+                return;
+
         if (u->type != UNIT_SERVICE &&
             u->type != UNIT_MOUNT &&
             u->type != UNIT_SWAP)