diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2020-12-07 14:02:22 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-07 14:02:22 -0500 |
| commit | 51166d08983378f57d270fe8ac814372684cdd50 (patch) | |
| tree | 5a4cc49a3174e8b11bbcede5a6b5b614815b8629 /docs | |
| parent | 3569e24df8c3f774def37d99b7e23158349e92cf (diff) | |
| parent | cf8f2342a1cdbd821fec217af75c2438c00a9b4d (diff) | |
| download | podman-51166d08983378f57d270fe8ac814372684cdd50.tar.gz podman-51166d08983378f57d270fe8ac814372684cdd50.tar.bz2 podman-51166d08983378f57d270fe8ac814372684cdd50.zip | |
Merge pull request #7357 from QiWang19/rootless-sign
image sign using per user registries.d
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/source/markdown/podman-image-sign.1.md | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/docs/source/markdown/podman-image-sign.1.md b/docs/source/markdown/podman-image-sign.1.md index 1bd6e5b9d..7a924b80b 100644 --- a/docs/source/markdown/podman-image-sign.1.md +++ b/docs/source/markdown/podman-image-sign.1.md @@ -9,7 +9,9 @@ podman-image-sign - Create a signature for an image ## DESCRIPTION **podman image sign** will create a local signature for one or more local images that have been pulled from a registry. The signature will be written to a directory -derived from the registry configuration files in /etc/containers/registries.d. By default, the signature will be written into /var/lib/containers/sigstore directory. +derived from the registry configuration files in `$HOME/.config/containers/registries.d` if it exists, +otherwise `/etc/containers/registries.d` (unless overridden at compile-time), see **containers-registries.d(5)** for more information. +By default, the signature will be written into `/var/lib/containers/sigstore` for root and `$HOME/.local/share/containers/sigstore` for non-root users ## OPTIONS @@ -38,7 +40,8 @@ Sign the busybox image with the identify of foo@bar.com with a user's keyring an ## RELATED CONFIGURATION The write (and read) location for signatures is defined in YAML-based -configuration files in /etc/containers/registries.d/. When you sign +configuration files in /etc/containers/registries.d/ for root, +or $HOME/.config/containers/registries.d for non-root users. When you sign an image, Podman will use those configuration files to determine where to write the signature based on the the name of the originating registry or a default storage value unless overridden with the --directory @@ -53,5 +56,8 @@ the signature will be written into sub-directories of /var/lib/containers/sigstore/privateregistry.example.com. The use of 'sigstore' also means the signature will be 'read' from that same location on a pull-related function. +## SEE ALSO +containers-registries.d(5) + ## HISTORY November 2018, Originally compiled by Qi Wang (qiwan at redhat dot com) |