From fba494de8e3ac9c5b5d316d1cd3041f461e89ef2 Mon Sep 17 00:00:00 2001
From: Matthew Heon <matthew.heon@gmail.com>
Date: Thu, 18 Oct 2018 16:20:26 -0400
Subject: Use more reliable check for rootless for firewall init

We probably won't be able to initialize a firewall plugin when we
are not running as root, so we shouldn't even try. Replace the
less-effect EUID check with the rootless package's better check
to make sure we don't accidentally set up the firewall in these
cases.

Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
---
 libpod/runtime.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libpod/runtime.go b/libpod/runtime.go
index f012d66c2..1b26f851f 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -508,7 +508,7 @@ func makeRuntime(runtime *Runtime) (err error) {
 
 	// Set up a firewall backend
 	backendType := ""
-	if os.Geteuid() != 0 {
+	if rootless.IsRootless() {
 		backendType = "none"
 	}
 	fwBackend, err := firewall.GetBackend(backendType)
-- 
cgit v1.2.3-54-g00ecf