From 1eb18361783a25e6c70a94564d55d4e2db7586dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= Date: Wed, 7 Apr 2021 15:12:39 +0100 Subject: [PATCH] use systemd-detect-virt to detect building as root in container MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Drop the older container detection attempts because they are not reliable to detect being run as root in a container in github actions. https://github.com/google/oss-fuzz/issues/4093#issuecomment-656290094 "It appears some GitHub actions are run with docker.service (where docker is in /proc/self/cgroup) while the zstd actions are run with containerd.service where /proc/self/cgroup looks like […]" https://github.com/google/oss-fuzz/pull/4101 → probably also just use systemd-detect-virt instead of the grepping ourselves... if we're root and systemd-detect-virt doesn't exist or it claims we're not in a container then continue to abort the build using LIB_FUZZING_ENGINE for the oss-fuzz specific case worked fine, but lets try something a little more generic. Change-Id: I59711b01dfcd052b5af899ad41ae5890f849eacb Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113738 Tested-by: Jenkins Reviewed-by: Caolán McNamara --- Makefile.in | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/Makefile.in b/Makefile.in index 23b4d4f17d90..1e0d1a5d0968 100644 --- a/Makefile.in +++ b/Makefile.in @@ -59,11 +59,14 @@ else # MAKE_RESTARTS .DEFAULT_GOAL := build check-if-root: - @if test ! `uname` = 'Haiku' -a `id -u` = 0 && test -z $$LIB_FUZZING_ENGINE && test -z $$container && ! grep -q 'lxc\|docker' /proc/self/cgroup && ! grep -q 'libpod_parent' /proc/self/cgroup; then \ - echo; \ - echo 'Building LibreOffice as root is a very bad idea, use a regular user.'; \ - echo; \ - exit 1; \ + @if test ! `uname` = 'Haiku' -a `id -u` = 0; then \ + # if the systemd-detect-virt command doesn't exist or it reports we're not in a container \ + if test ! -x "$$(command -v systemd-detect-virt)" || ! systemd-detect-virt -c -q; then \ + echo; \ + echo 'Building LibreOffice as root is a very bad idea, use a regular user.'; \ + echo; \ + exit 1; \ + fi \ fi gb_Side ?= host