summaryrefslogtreecommitdiff
path: root/pkg/secrets
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2018-07-16 11:48:59 +0200
committerGiuseppe Scrivano <gscrivan@redhat.com>2018-07-20 11:00:53 +0200
commitd4f14be3a7aa7b5b884906d764db3214e51b3e67 (patch)
tree7e198c5a0b9f07a1dc8537b5f172aee54563832a /pkg/secrets
parent45a92f8357de75d06c137e48ce61ab8054d5bc8e (diff)
downloadpodman-d4f14be3a7aa7b5b884906d764db3214e51b3e67.tar.gz
podman-d4f14be3a7aa7b5b884906d764db3214e51b3e67.tar.bz2
podman-d4f14be3a7aa7b5b884906d764db3214e51b3e67.zip
rootless: support a per-user mounts.conf
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'pkg/secrets')
-rw-r--r--pkg/secrets/secrets.go7
1 files changed, 7 insertions, 0 deletions
diff --git a/pkg/secrets/secrets.go b/pkg/secrets/secrets.go
index f245b9512..bc63ece00 100644
--- a/pkg/secrets/secrets.go
+++ b/pkg/secrets/secrets.go
@@ -10,6 +10,7 @@ import (
rspec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/selinux/go-selinux/label"
"github.com/pkg/errors"
+ "github.com/projectatomic/libpod/pkg/rootless"
"github.com/sirupsen/logrus"
)
@@ -20,6 +21,9 @@ var (
// OverrideMountsFile holds the default mount paths in the form
// "host_path:container_path" overridden by the user
OverrideMountsFile = "/etc/containers/mounts.conf"
+ // UserOverrideMountsFile holds the default mount paths in the form
+ // "host_path:container_path" overridden by the rootless user
+ UserOverrideMountsFile = filepath.Join(os.Getenv("HOME"), ".config/containers/mounts.conf")
)
// secretData stores the name of the file and the content read from it
@@ -143,6 +147,9 @@ func SecretMountsWithUIDGID(mountLabel, containerWorkingDir, mountFile, mountPre
// Note for testing purposes only
if mountFile == "" {
mountFiles = append(mountFiles, []string{OverrideMountsFile, DefaultMountsFile}...)
+ if rootless.IsRootless() {
+ mountFiles = append([]string{UserOverrideMountsFile}, mountFiles...)
+ }
} else {
mountFiles = append(mountFiles, mountFile)
}