There is really no need to limit reading the config under
$XDG_CONFIG_HOME or $HOME to rootless users only. This poses two
problems, first on a multi user system any config that should be only
applied to root in /etc will also be read by all other users which makes
this impossible to use without having all user overwrite that option
with their local containers.conf. If we read the config from $HOME as
root as well then such changes are easy.
Second, because connections/farms are currently written by the cli it
means as root is tries to write under /etc which is not good as in some
envs /etc is mounted read only.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This fixes a regression in
https://github.com/containers/podman/pull/19241 which quite reasonably
assumed that the default image volume mode from pkg/config was correct.
Signed-off-by: Doug Rabson <dfr@rabson.org>
The correct location on FreeBSD is /usr/local/etc/containers/policy.json
which is consistent with path conventions for installed packages. This
fixes 'podman commit' on FreeBSD.
There are several definitions of this path:
- c/image/signature has builtinDefaultPolicyPath and DefaultPolicy
- c/podman/pkg/trust has systemDefaultPolicyPath and DefaultPolicyPath
- c/common/pkg/config has DefaultSignaturePolicyPath
As far as I can tell, buildah uses c/image/signature which is why 'buildah
commit' was already working for me. Podman is using the c/common one. Very
confusing.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
Paul Holzinger
Doug Rabson