use systemd-detect-virt to detect building as root in container

Drop the older container detection attempts because they are not reliable to detect being run as root in a container in github actions. <cloph> https://github.com/google/oss-fuzz/issues/4093#issuecomment-656290094 "It appears some GitHub actions are run with docker.service (where docker is in /proc/self/cgroup) while the zstd actions are run with containerd.service where /proc/self/cgroup looks like […]" <cloph> https://github.com/google/oss-fuzz/pull/4101 → probably also just use systemd-detect-virt instead of the grepping ourselves... if we're root and systemd-detect-virt doesn't exist or it claims we're not in a container then continue to abort the build using LIB_FUZZING_ENGINE for the oss-fuzz specific case worked fine, but lets try something a little more generic. Change-Id: I59711b01dfcd052b5af899ad41ae5890f849eacb Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113738 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com>
2021-04-07 15:12:39 +01:00 · 2021-04-07 15:12:39 +01:00 · 1eb1836178
commit 1eb1836178
parent 44711d9eb5
1 changed files with 8 additions and 5 deletions
--- a/Makefile.in
+++ b/Makefile.in
@ -59,11 +59,14 @@ else # MAKE_RESTARTS
 .DEFAULT_GOAL := build

 check-if-root:
-	@if test ! `uname` = 'Haiku' -a `id -u` = 0 && test -z $$LIB_FUZZING_ENGINE && test -z $$container && ! grep -q 'lxc\|docker' /proc/self/cgroup && ! grep -q 'libpod_parent' /proc/self/cgroup; then \
-		echo; \
-		echo 'Building LibreOffice as root is a very bad idea, use a regular user.'; \
-		echo; \
-		exit 1; \
+	@if test ! `uname` = 'Haiku' -a `id -u` = 0; then \
+		# if the systemd-detect-virt command doesn't exist or it reports we're not in a container \
+		if test ! -x "$$(command -v systemd-detect-virt)" || ! systemd-detect-virt -c -q; then \
+			echo; \
+			echo 'Building LibreOffice as root is a very bad idea, use a regular user.'; \
+			echo; \
+			exit 1; \
+		fi \
 	fi

 gb_Side ?= host