A Microsoft Addition For systemd 246 Exposes Host OS Information To Containers

Written by Michael Larabel in systemd on 9 July 2020 at 03:02 AM EDT. 40 Comments
There is a last minute change from a Microsoft engineer to the upcoming systemd 246 that is now undergoing release preparations.

This change is allowing containers to access details about the host OS being run. In particular, the focus is on exposing the os-release details to container-like runtimes.

The change was first proposed and then written by Microsoft engineer Luca Boccassi. The original explanation in the proposal is that "We find ourselves in a situation where application running containerized (specifically as portable services, although this issue is general) need to either find information about the host, or alter their behaviour depending on the host's flavour."

Granted, exposing more host details to guests/containers can open up the system to potentially easier (more efficient/straightforward) exploit paths and that if some container images become too catered towards specific hosts it may make the containers less robust.

With systemd 246, containers will be able to find out the host's os-release details via environment variables in the container_host_KEY=VALUE syntax. The host's OS release details can also be fetched from the container via /run/host/usr/lib/os-release.

The changes were merged on Wednesday into systemd Git ahead of the v246 release.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week