From 0d69ca6637b30a3370529b3e272f27f6fafdb0c3 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@redhat.com>
Date: Wed, 17 Jan 2018 11:03:07 -0500
Subject: Fix seccomp support

If user does not specify seccomp file or seccomp file does not exist,
then use the default seccomp settings.

Still need to not hard code /etc/crio/seccomp.json, should move this to
/usr/share/seccomp/seccomp.json

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

Closes: #233
Approved by: baude
---
 libpod/runtime.go | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'libpod')

diff --git a/libpod/runtime.go b/libpod/runtime.go
index d0362ec79..804f69c9e 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -27,6 +27,10 @@ const (
 	InMemoryStateStore RuntimeStateStore = iota
 	// SQLiteStateStore is a state backed by a SQLite database
 	SQLiteStateStore RuntimeStateStore = iota
+	// SeccompDefaultPath defines the default seccomp path
+	SeccompDefaultPath = "/usr/share/containers/seccomp.json"
+	// SeccompOverridePath if this exists it overrides the default seccomp path
+	SeccompOverridePath = "/etc/crio/seccomp.json"
 )
 
 // A RuntimeOption is a functional option which alters the Runtime created by
-- 
cgit v1.2.3-54-g00ecf