cli: Detect non-ostree and error out earlier

Before we even check for root, verify that we are on an ostree-booted host. Signed-off-by: Colin Walters <walters@verbum.org>
containers · May 22, 2024 · e20ab16 · e20ab16
1 parent 6a19638
commit e20ab16
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 11 deletions.
diff --git a/lib/src/cli.rs b/lib/src/cli.rs
@@ -377,6 +377,9 @@ pub(crate) async fn prepare_for_write() -> Result<()> {
     if ostree_ext::container_utils::running_in_container() {
         anyhow::bail!("Detected container; this command requires a booted host system.");
     }
+    if !std::path::Path::new("/run/ostree-booted").exists() {
+        anyhow::bail!("This command requires an ostree-booted host system");
+    }
     crate::cli::require_root()?;
     ensure_self_unshared_mount_namespace().await?;
     if crate::lsm::selinux_enabled()? && !crate::lsm::selinux_ensure_install()? {

diff --git a/lib/src/privtests.rs b/lib/src/privtests.rs
@@ -93,22 +93,12 @@ pub(crate) fn impl_run_container() -> Result<()> {
         assert!(!st.success());
         let stderr = String::from_utf8(o.stderr)?;
         assert!(
-            stderr.contains("This command requires full root privileges"),
+            stderr.contains("this command requires a booted host system"),
             "stderr: {stderr}",
         );
     }
     println!("ok upgrade/update are errors in container");
 
-    let o = Command::new("runuser")
-        .args(["-u", "bin", "bootc", "upgrade"])
-        .output()?;
-    assert!(!o.status.success());
-    let stderr = String::from_utf8(o.stderr)?;
-    assert!(
-        stderr.contains("requires root privileges"),
-        "stderr: {stderr}"
-    );
-
     let config = cmd!(sh, "bootc install print-configuration").read()?;
     let mut config: InstallConfiguration =
         serde_json::from_str(&config).context("Parsing install config")?;