aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2020-05-19 16:32:42 -0400
committerDaniel J Walsh <dwalsh@redhat.com>2020-05-19 16:33:24 -0400
commit35829854a24133f5f6900f6ee252d154dd742a15 (patch)
tree133c3489008160ff36a1a432ce0ceabb462b8e10
parent0f8ad039235137d086b9fea33bb74b362e625cdd (diff)
downloadpodman-35829854a24133f5f6900f6ee252d154dd742a15.tar.gz
podman-35829854a24133f5f6900f6ee252d154dd742a15.tar.bz2
podman-35829854a24133f5f6900f6ee252d154dd742a15.zip
Fix mountpont in SecretMountsWithUIDGID
In FIPS Mode we expect to work off of the Mountpath not the Rundir path. This is causing FIPS Mode checks to fail. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
-rw-r--r--libpod/container_internal_linux.go2
1 files changed, 1 insertions, 1 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 8ee0fb456..2bd6099f0 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -1236,7 +1236,7 @@ func (c *Container) makeBindMounts() error {
}
// Add Secret Mounts
- secretMounts := secrets.SecretMountsWithUIDGID(c.config.MountLabel, c.state.RunDir, c.runtime.config.Containers.DefaultMountsFile, c.state.RunDir, c.RootUID(), c.RootGID(), rootless.IsRootless(), false)
+ secretMounts := secrets.SecretMountsWithUIDGID(c.config.MountLabel, c.state.RunDir, c.runtime.config.Containers.DefaultMountsFile, c.state.Mountpoint, c.RootUID(), c.RootGID(), rootless.IsRootless(), false)
for _, mount := range secretMounts {
if _, ok := c.state.BindMounts[mount.Destination]; !ok {
c.state.BindMounts[mount.Destination] = mount.Source