Merge pull request #557 from cgwalters/switch-earlier-error

cli: More environment detection

lib/src/cli.rs

@@ -369,12 +369,18 @@ pub(crate) fn require_root() -> Result<()> {
 /// A few process changes that need to be made for writing.
 #[context("Preparing for write")]
 pub(crate) async fn prepare_for_write() -> Result<()> {
-    crate::cli::require_root()?;
     if ostree_ext::container_utils::is_ostree_container()? {
         anyhow::bail!(
             "Detected container (ostree base); this command requires a booted host system."
         );
     }
+    if ostree_ext::container_utils::running_in_container() {
+        anyhow::bail!("Detected container; this command requires a booted host system.");
+    }
+    if !std::path::Path::new("/run/ostree-booted").exists() {
+        anyhow::bail!("This command requires an ostree-booted host system");
+    }
+    crate::cli::require_root()?;
     ensure_self_unshared_mount_namespace().await?;
     if crate::lsm::selinux_enabled()? && !crate::lsm::selinux_ensure_install()? {
         tracing::warn!("Do not have install_t capabilities");

lib/src/privtests.rs

@@ -93,22 +93,12 @@ pub(crate) fn impl_run_container() -> Result<()> {
         assert!(!st.success());
         let stderr = String::from_utf8(o.stderr)?;
         assert!(
-            stderr.contains("This command requires full root privileges"),
+            stderr.contains("this command requires a booted host system"),
             "stderr: {stderr}",
         );
     }
     println!("ok upgrade/update are errors in container");
 
-    let o = Command::new("runuser")
-        .args(["-u", "bin", "bootc", "upgrade"])
-        .output()?;
-    assert!(!o.status.success());
-    let stderr = String::from_utf8(o.stderr)?;
-    assert!(
-        stderr.contains("requires root privileges"),
-        "stderr: {stderr}"
-    );
-
     let config = cmd!(sh, "bootc install print-configuration").read()?;
     let mut config: InstallConfiguration =
         serde_json::from_str(&config).context("Parsing install config")?;