summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2018-05-18 16:28:51 -0400
committerAtomic Bot <atomic-devel@projectatomic.io>2018-05-19 07:47:03 +0000
commit9d7c50aa030ee70d507c414bb02f0add8ffa2835 (patch)
treeb4151e582e3e123be0dd55505ef3984073b579bf /docs
parent4b804e85165a29f9d712f1ec4f289040f942f459 (diff)
downloadpodman-9d7c50aa030ee70d507c414bb02f0add8ffa2835.tar.gz
podman-9d7c50aa030ee70d507c414bb02f0add8ffa2835.tar.bz2
podman-9d7c50aa030ee70d507c414bb02f0add8ffa2835.zip
Tighten the security on the podman varlink socket
We only want root to be allowed to access this socket. Also move socket to /run/podman directory. This requires us to drop a podman.conf tmpfiles.d file. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #806 Approved by: mheon
Diffstat (limited to 'docs')
-rw-r--r--docs/podman-varlink.1.md10
1 files changed, 9 insertions, 1 deletions
diff --git a/docs/podman-varlink.1.md b/docs/podman-varlink.1.md
index 6cfa8c84a..68a0f08a2 100644
--- a/docs/podman-varlink.1.md
+++ b/docs/podman-varlink.1.md
@@ -31,8 +31,16 @@ More will go here as the docs and api firm up.
as well.
-->
+## CONFIGURATION
+
+Users of the podman varlink service should enable the io.projectatomic.podman.socket and io.projectatomic.podman.service.
+
+You can do this via systemctl
+
+systemctl enable --now io.projectatomic.podman.socket
+
## SEE ALSO
-podman(1)
+podman(1), systemctl(1)
## HISTORY
April 2018, Originally compiled by Brent Baude<bbaude@redhat.com>