From 774eb5dbdd26df2de42ae173ac8c745083df7f6d Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Fri, 7 Jun 2024 15:10:58 +0200
Subject: [PATCH] dev-setup: Follow /dev/console symlinks when locking
 /dev/console

systemd-nspawn sets up /dev/console as a symlink to a pty, so let's
make sure we follow the symlink when trying to lock /dev/console so
we don't fail with ELOOP.
---
 src/shared/dev-setup.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/shared/dev-setup.c b/src/shared/dev-setup.c
index 5dbf064e774..4b4b62565c5 100644
--- a/src/shared/dev-setup.c
+++ b/src/shared/dev-setup.c
@@ -22,7 +22,9 @@ int lock_dev_console(void) {
         _cleanup_close_ int fd = -EBADF;
         int r;
 
-        fd = open_terminal("/dev/console", O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
+        /* NB: We do not use O_NOFOLLOW here, because some container managers might place a symlink to some
+         * pty in /dev/console, in which case it should be fine to lock the target TTY. */
+        fd = open_terminal("/dev/console", O_RDONLY|O_CLOEXEC|O_NOCTTY);
         if (fd < 0)
                 return fd;