From d06cd2f94b8c48d3e0d934ca3dabe0481b090d24 Mon Sep 17 00:00:00 2001
From: Maxim Kostrikin <mkostrikin@tradeshift.com>
Date: Mon, 10 Sep 2018 18:10:25 +0700
Subject: [PATCH] Hardened proc disallow systemd detection

If you have a vagrant box with proc mounted with
proc    /proc    proc    defaults,hidepid=2     0     0
ps output will be limited to owned process
sudo should extend output
---
 lib/vagrant/util/guest_inspection.rb                          | 2 +-
 .../unit/plugins/guests/debian/cap/configure_networks_test.rb | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/vagrant/util/guest_inspection.rb b/lib/vagrant/util/guest_inspection.rb
index 27228af6b..86ab1dc69 100644
--- a/lib/vagrant/util/guest_inspection.rb
+++ b/lib/vagrant/util/guest_inspection.rb
@@ -12,7 +12,7 @@ module Vagrant
         #
         # @return [Boolean]
         def systemd?(comm)
-          comm.test("ps -o comm= 1 | grep systemd")
+          comm.test("sudo ps -o comm= 1 | grep systemd")
         end
 
         # systemd-networkd.service is in use
diff --git a/test/unit/plugins/guests/debian/cap/configure_networks_test.rb b/test/unit/plugins/guests/debian/cap/configure_networks_test.rb
index 3e9ae4d5d..b4691d0fd 100644
--- a/test/unit/plugins/guests/debian/cap/configure_networks_test.rb
+++ b/test/unit/plugins/guests/debian/cap/configure_networks_test.rb
@@ -67,7 +67,7 @@ describe "VagrantPlugins::GuestDebian::Cap::ConfigureNetworks" do
     before do
       allow(comm).to receive(:test).with("nmcli -t d show eth1").and_return(false)
       allow(comm).to receive(:test).with("nmcli -t d show eth2").and_return(false)
-      allow(comm).to receive(:test).with("ps -o comm= 1 | grep systemd").and_return(false)
+      allow(comm).to receive(:test).with("sudo ps -o comm= 1 | grep systemd").and_return(false)
       allow(comm).to receive(:test).with("sudo systemctl status systemd-networkd.service").and_return(false)
       allow(comm).to receive(:test).with("netplan -h").and_return(false)
     end
@@ -85,7 +85,7 @@ describe "VagrantPlugins::GuestDebian::Cap::ConfigureNetworks" do
 
     context "with systemd" do
       before do
-        expect(comm).to receive(:test).with("ps -o comm= 1 | grep systemd").and_return(true)
+        expect(comm).to receive(:test).with("sudo ps -o comm= 1 | grep systemd").and_return(true)
         allow(comm).to receive(:test).with("netplan -h").and_return(false)
       end