diff options
author | Giuseppe Scrivano <gscrivan@redhat.com> | 2018-07-16 11:48:59 +0200 |
---|---|---|
committer | Giuseppe Scrivano <gscrivan@redhat.com> | 2018-07-20 11:00:53 +0200 |
commit | d4f14be3a7aa7b5b884906d764db3214e51b3e67 (patch) | |
tree | 7e198c5a0b9f07a1dc8537b5f172aee54563832a | |
parent | 45a92f8357de75d06c137e48ce61ab8054d5bc8e (diff) | |
download | podman-d4f14be3a7aa7b5b884906d764db3214e51b3e67.tar.gz podman-d4f14be3a7aa7b5b884906d764db3214e51b3e67.tar.bz2 podman-d4f14be3a7aa7b5b884906d764db3214e51b3e67.zip |
rootless: support a per-user mounts.conf
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
-rw-r--r-- | docs/podman.1.md | 2 | ||||
-rw-r--r-- | pkg/secrets/secrets.go | 7 |
2 files changed, 9 insertions, 0 deletions
diff --git a/docs/podman.1.md b/docs/podman.1.md index 68a9e4e92..5581e0569 100644 --- a/docs/podman.1.md +++ b/docs/podman.1.md @@ -139,6 +139,8 @@ The format of the mounts.conf is the volume format /SRC:/DEST, one mount per lin Note this is not a volume mount. The content of the volumes is copied into container storage, not bind mounted directly from the host. +When Podman runs in rootless mode, the file `$HOME/.config/containers/mounts.conf` is also used. + **hook JSON** (`/usr/share/containers/oci/hooks.d/*.json`) Each `*.json` file in `/usr/share/containers/oci/hooks.d` configures a hook for Podman containers. For more details on the syntax of the JSON files and the semantics of hook injection, see `oci-hooks(5)`. diff --git a/pkg/secrets/secrets.go b/pkg/secrets/secrets.go index f245b9512..bc63ece00 100644 --- a/pkg/secrets/secrets.go +++ b/pkg/secrets/secrets.go @@ -10,6 +10,7 @@ import ( rspec "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/selinux/go-selinux/label" "github.com/pkg/errors" + "github.com/projectatomic/libpod/pkg/rootless" "github.com/sirupsen/logrus" ) @@ -20,6 +21,9 @@ var ( // OverrideMountsFile holds the default mount paths in the form // "host_path:container_path" overridden by the user OverrideMountsFile = "/etc/containers/mounts.conf" + // UserOverrideMountsFile holds the default mount paths in the form + // "host_path:container_path" overridden by the rootless user + UserOverrideMountsFile = filepath.Join(os.Getenv("HOME"), ".config/containers/mounts.conf") ) // secretData stores the name of the file and the content read from it @@ -143,6 +147,9 @@ func SecretMountsWithUIDGID(mountLabel, containerWorkingDir, mountFile, mountPre // Note for testing purposes only if mountFile == "" { mountFiles = append(mountFiles, []string{OverrideMountsFile, DefaultMountsFile}...) + if rootless.IsRootless() { + mountFiles = append([]string{UserOverrideMountsFile}, mountFiles...) + } } else { mountFiles = append(mountFiles, mountFile) } |