From 9d7c50aa030ee70d507c414bb02f0add8ffa2835 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@redhat.com>
Date: Fri, 18 May 2018 16:28:51 -0400
Subject: Tighten the security on the podman varlink socket

We only want root to be allowed to access this socket.
Also move socket to /run/podman directory.  This requires
us to drop a podman.conf tmpfiles.d file.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

Closes: #806
Approved by: mheon
---
 docs/podman-varlink.1.md | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'docs')

diff --git a/docs/podman-varlink.1.md b/docs/podman-varlink.1.md
index 6cfa8c84a..68a0f08a2 100644
--- a/docs/podman-varlink.1.md
+++ b/docs/podman-varlink.1.md
@@ -31,8 +31,16 @@ More will go here as the docs and api firm up.
     as well.
 -->
 
+## CONFIGURATION
+
+Users of the podman varlink service should enable the  io.projectatomic.podman.socket and io.projectatomic.podman.service.
+
+You can do this via systemctl
+
+systemctl enable --now io.projectatomic.podman.socket
+
 ## SEE ALSO
-podman(1)
+podman(1), systemctl(1)
 
 ## HISTORY
 April 2018, Originally compiled by Brent Baude<bbaude@redhat.com>
-- 
cgit v1.2.3-54-g00ecf