Fix permission on secrets directory

This directory needs to be world searchable so users can access it from different user namespaces. Fixes: https://github.com/containers/podman/issues/12779 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
author: Daniel J Walsh <dwalsh@redhat.com> 2022-01-11 13:51:10 -0500
committer: Daniel J Walsh <dwalsh@redhat.com> 2022-01-11 16:19:50 -0500
commit: 83b0fb4696fc9db304365eb16720c26bad93e474 (patch)
tree: a81b08cd8b843930676082bb0bc796410883fa92 /libpod/runtime_ctr.go
parent: 3404ad042def1c02872f66836feae19c814901a4 (diff)
download: podman-83b0fb4696fc9db304365eb16720c26bad93e474.tar.gz
podman-83b0fb4696fc9db304365eb16720c26bad93e474.tar.bz2
podman-83b0fb4696fc9db304365eb16720c26bad93e474.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go
index 2891eb783..53ccb9139 100644
--- a/libpod/runtime_ctr.go
+++ b/libpod/runtime_ctr.go
@@ -429,7 +429,7 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai
 	}()
 
 	ctr.config.SecretsPath = filepath.Join(ctr.config.StaticDir, "secrets")
-	err = os.MkdirAll(ctr.config.SecretsPath, 0644)
+	err = os.MkdirAll(ctr.config.SecretsPath, 0755)
 	if err != nil {
 		return nil, err
 	}
author	Daniel J Walsh <dwalsh@redhat.com>	2022-01-11 13:51:10 -0500
committer	Daniel J Walsh <dwalsh@redhat.com>	2022-01-11 16:19:50 -0500
commit	83b0fb4696fc9db304365eb16720c26bad93e474 (patch)
tree	a81b08cd8b843930676082bb0bc796410883fa92 /libpod/runtime_ctr.go
parent	3404ad042def1c02872f66836feae19c814901a4 (diff)
download	podman-83b0fb4696fc9db304365eb16720c26bad93e474.tar.gz podman-83b0fb4696fc9db304365eb16720c26bad93e474.tar.bz2 podman-83b0fb4696fc9db304365eb16720c26bad93e474.zip