A Microsoft Addition For systemd 246 Exposes Host OS Information To Containers

Written by Michael Larabel in systemd on 9 July 2020 at 03:02 AM EDT. 40 Comments
SYSTEMD
There is a last minute change from a Microsoft engineer to the upcoming systemd 246 that is now undergoing release preparations.

This change is allowing containers to access details about the host OS being run. In particular, the focus is on exposing the os-release details to container-like runtimes.

The change was first proposed and then written by Microsoft engineer Luca Boccassi. The original explanation in the proposal is that "We find ourselves in a situation where application running containerized (specifically as portable services, although this issue is general) need to either find information about the host, or alter their behaviour depending on the host's flavour."

Granted, exposing more host details to guests/containers can open up the system to potentially easier (more efficient/straightforward) exploit paths and that if some container images become too catered towards specific hosts it may make the containers less robust.

With systemd 246, containers will be able to find out the host's os-release details via environment variables in the container_host_KEY=VALUE syntax. The host's OS release details can also be fetched from the container via /run/host/usr/lib/os-release.

The changes were merged on Wednesday into systemd Git ahead of the v246 release.
40 Comments
Related News
Systemd 256-rc1 Brings A Huge Number Of New Features
systemd In 2023 Added Windows-Inspired "Blue Screen Of Death" & macOS-Inspired T.D.M.
systemd 255 Released With A "Blue Screen of Death" For Linux Systems
systemd 255-rc1 Brings "Blue Screen of Death" Support & New Tool To Spawn VMs
Systemd Working On "Storage Target Mode" Feature - Inspired By Apple macOS
systemd's All Systems Go Conference Returns Next Week
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Fedora Linux 40 Available For Download As A Wonderful Upgrade
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"
GNU Portability Library's Tool Rewritten In Python For 8~100x Better Performance
Godot's Vulkan Backend Seeing Better Performance, 10~20% Reduction In Frame Times
GNOME Working To Make Key Rack A Viable Password Manager, Better Printing For Flatpaks
Niri 0.1.5 Scrollable-Tiling Wayland Compositor Adds New Animations