Add --read-only-tmpfs options

The --read-only-tmpfs option caused podman to mount tmpfs on /run, /tmp, /var/tmp if the container is running int read-only mode. The default is true, so you would need to execute a command like --read-only --read-only-tmpfs=false to turn off this behaviour. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
author: Daniel J Walsh <dwalsh@redhat.com> 2019-04-26 10:51:59 -0400
committer: Daniel J Walsh <dwalsh@redhat.com> 2019-04-26 12:29:10 -0400
commit: 3a4be4b66ca22d87446c37218b300b8f31a84b92 (patch)
tree: dcd3430bb191a145aa386679fb7f9fcf366411ac /cmd/podman/common.go
parent: 135c8bef223d32f553659cbdfd5eb99f948a6c84 (diff)
download: podman-3a4be4b66ca22d87446c37218b300b8f31a84b92.tar.gz
podman-3a4be4b66ca22d87446c37218b300b8f31a84b92.tar.bz2
podman-3a4be4b66ca22d87446c37218b300b8f31a84b92.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/cmd/podman/common.go b/cmd/podman/common.go
index ba4a3f519..eac96d3ba 100644
--- a/cmd/podman/common.go
+++ b/cmd/podman/common.go
@@ -434,6 +434,10 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
 		"read-only", false,
 		"Make containers root filesystem read-only",
 	)
+	createFlags.Bool(
+		"read-only-tmpfs", true,
+		"When running containers in read-only mode mount a read-write tmpfs on /run, /tmp and /var/tmp",
+	)
 	createFlags.String(
 		"restart", "",
 		"Restart is not supported.  Please use a systemd unit file for restart",
author	Daniel J Walsh <dwalsh@redhat.com>	2019-04-26 10:51:59 -0400
committer	Daniel J Walsh <dwalsh@redhat.com>	2019-04-26 12:29:10 -0400
commit	3a4be4b66ca22d87446c37218b300b8f31a84b92 (patch)
tree	dcd3430bb191a145aa386679fb7f9fcf366411ac /cmd/podman/common.go
parent	135c8bef223d32f553659cbdfd5eb99f948a6c84 (diff)
download	podman-3a4be4b66ca22d87446c37218b300b8f31a84b92.tar.gz podman-3a4be4b66ca22d87446c37218b300b8f31a84b92.tar.bz2 podman-3a4be4b66ca22d87446c37218b300b8f31a84b92.zip