From 3a4be4b66ca22d87446c37218b300b8f31a84b92 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@redhat.com>
Date: Fri, 26 Apr 2019 10:51:59 -0400
Subject: Add --read-only-tmpfs options

The --read-only-tmpfs option caused podman to mount tmpfs on /run, /tmp, /var/tmp
if the container is running int read-only mode.

The default is true, so you would need to execute a command like

--read-only --read-only-tmpfs=false to turn off this behaviour.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
---
 cmd/podman/common.go | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'cmd/podman/common.go')

diff --git a/cmd/podman/common.go b/cmd/podman/common.go
index ba4a3f519..eac96d3ba 100644
--- a/cmd/podman/common.go
+++ b/cmd/podman/common.go
@@ -434,6 +434,10 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
 		"read-only", false,
 		"Make containers root filesystem read-only",
 	)
+	createFlags.Bool(
+		"read-only-tmpfs", true,
+		"When running containers in read-only mode mount a read-write tmpfs on /run, /tmp and /var/tmp",
+	)
 	createFlags.String(
 		"restart", "",
 		"Restart is not supported.  Please use a systemd unit file for restart",
-- 
cgit v1.2.3-54-g00ecf