Fix trust not using local policy file

When running the `trust` command, only the global policy.json file
was being taken into account.

Fixes #19073

[NO NEW TESTS NEEDED]

Signed-off-by: Ismael Arias <ismaelariasmn@gmail.com>

pkg/trust/policy.go

@@ -14,9 +14,13 @@ import (
 
 	"github.com/containers/common/pkg/config"
 	"github.com/containers/image/v5/types"
+	"github.com/containers/storage/pkg/homedir"
 	"github.com/sirupsen/logrus"
 )
 
+// userPolicyFile is the path to the per user policy path.
+var userPolicyFile = filepath.FromSlash(".config/containers/policy.json")
+
 // policyContent is the overall structure of a policy.json file (= c/image/v5/signature.Policy)
 type policyContent struct {
 	Default    []repoContent     `json:"default"`
@@ -54,14 +58,16 @@ type genericRepoMap map[string]json.RawMessage
 
 // DefaultPolicyPath returns a path to the default policy of the system.
 func DefaultPolicyPath(sys *types.SystemContext) string {
+	if sys != nil && sys.SignaturePolicyPath != "" {
+		return sys.SignaturePolicyPath
+	}
+	userPolicyFilePath := filepath.Join(homedir.Get(), userPolicyFile)
+	if _, err := os.Stat(userPolicyFilePath); err == nil {
+		return userPolicyFilePath
+	}
 	systemDefaultPolicyPath := config.DefaultSignaturePolicyPath
-	if sys != nil {
+	if sys != nil && sys.RootForImplicitAbsolutePaths != "" {
-		if sys.SignaturePolicyPath != "" {
+		return filepath.Join(sys.RootForImplicitAbsolutePaths, systemDefaultPolicyPath)
-			return sys.SignaturePolicyPath
-		}
-		if sys.RootForImplicitAbsolutePaths != "" {
-			return filepath.Join(sys.RootForImplicitAbsolutePaths, systemDefaultPolicyPath)
-		}
 	}
 	return systemDefaultPolicyPath
 }