summaryrefslogtreecommitdiff
path: root/Makefile
diff options
context:
space:
mode:
authorMatthew Heon <mheon@redhat.com>2020-07-13 16:22:24 -0400
committerMatthew Heon <mheon@redhat.com>2020-07-13 16:35:04 -0400
commit237fe441b373ea129ca45421056fca4532112851 (patch)
tree34d1081febb9b57f69d907a5131b8411eff27331 /Makefile
parentd86acf2caea68d1dbf349c54d0532b3ce92dcb85 (diff)
downloadpodman-237fe441b373ea129ca45421056fca4532112851.tar.gz
podman-237fe441b373ea129ca45421056fca4532112851.tar.bz2
podman-237fe441b373ea129ca45421056fca4532112851.zip
Remove outdated seccomp policy
Some time ago, we moved the Seccomp policy (and related setup code) to a place where all our tools could share it [1]. We did not, however, remove the in-repo seccomp.json file. Over the last year or so, the in-repo seccomp policy has become progressively more and more outdated, with no effort made to maintain it (because what sense is there in keeping a duplicate?). Today, a friend came to me and asked if a Podman container could access keyctl, assuming it could not because he was reading the outdated Seccomp policy which does not allow it. Since it's becoming clear that this file is doing no good and actively causing confusion, let's just drop it. [1] https://github.com/seccomp/containers-golang Signed-off-by: Matthew Heon <mheon@redhat.com>
Diffstat (limited to 'Makefile')
-rw-r--r--Makefile8
1 files changed, 1 insertions, 7 deletions
diff --git a/Makefile b/Makefile
index 5c813dac5..3f626d359 100644
--- a/Makefile
+++ b/Makefile
@@ -443,7 +443,7 @@ swagger-check:
.PHONY: codespell
codespell:
- codespell -S bin,vendor,.git,go.sum,changelog.txt,seccomp.json,.cirrus.yml,"*.xz,*.gz,*.tar,*.tgz,bin2img,*ico,*.png,*.1,*.5,copyimg,*.orig,apidoc.go" -L uint,iff,od,seeked,splitted,marge,ERRO,hist -w
+ codespell -S bin,vendor,.git,go.sum,changelog.txt,.cirrus.yml,"*.xz,*.gz,*.tar,*.tgz,bin2img,*ico,*.png,*.1,*.5,copyimg,*.orig,apidoc.go" -L uint,iff,od,seeked,splitted,marge,ERRO,hist -w
# When publishing releases include critical build-time details
.PHONY: release.txt
@@ -540,12 +540,6 @@ install.man-nobuild:
.PHONY: install.man
install.man: docs install.man-nobuild
-.PHONY: install.seccomp
-install.seccomp:
- # TODO: we should really be using the upstream one from github.com/seccomp
- install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(SHAREDIR_CONTAINERS)
- install ${SELINUXOPT} -m 644 seccomp.json $(DESTDIR)$(SHAREDIR_CONTAINERS)/seccomp.json
-
.PHONY: install.completions
install.completions:
install ${SELINUXOPT} -d -m 755 ${DESTDIR}${BASHINSTALLDIR}