Page MenuHomeFreeBSD
Differential D55339

sysutils/podman: Allow setting ownership on auto-created socket
ClosedPublic
Actions

Authored by dch on Tue, Feb 17, 11:29 PM.
Tags
None
Referenced Files
F147985013: D55339.diff
Sun, Mar 15, 12:47 AM
Unknown Object (File)
Wed, Mar 11, 12:46 PM
Unknown Object (File)
Wed, Mar 11, 11:42 AM
Unknown Object (File)
Wed, Mar 11, 10:18 AM
Unknown Object (File)
Mon, Mar 9, 3:47 PM
Unknown Object (File)
Thu, Mar 5, 11:32 PM
Unknown Object (File)
Sun, Mar 1, 6:17 PM
Unknown Object (File)
Sun, Mar 1, 4:45 AM
View All 19 Files
Subscribers
None

Details

Reviewers
dfr
arrowd
Commits
R11:2c53428ae117: sysutils/podman: Allow setting ownership on auto-created socket
Summary

The podman daemon auto-creates a socket on startup, along with parent
directory, and
is always run as root. It is often useful to have another proxy like
haproxy or nginx
provide more sophisticed security, and these daemons do not need root
privileges.

Diff Detail

Repository
R11 FreeBSD ports repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

dch requested review of this revision.Tue, Feb 17, 11:29 PM
dch created this revision.
Harbormaster completed remote builds in B70739: Diff 172109.Tue, Feb 17, 11:29 PM
dch added reviewers: dfr, arrowd.Tue, Feb 17, 11:30 PM

NB I would eventually like to fix this upstream too, but I have need of this functionality already.

arrowd added a comment.Wed, Feb 18, 5:59 AM

After applying this patch to /usr/local/etc/rc.d/podman_service I can now run Podman Desktop without the need to do chmod on the socket. Yay!

dfr accepted this revision.Wed, Feb 18, 10:50 AM

Looks good, apart from a tiny style nit.

sysutils/podman/files/podman.in
42–45

Change indentation to line up with other functions below

This revision is now accepted and ready to land.Wed, Feb 18, 10:50 AM
dch updated this revision to Diff 172152.Wed, Feb 18, 2:43 PM

update after go port bump, reflow commit text

This revision now requires review to proceed.Wed, Feb 18, 2:43 PM
Harbormaster completed remote builds in B70750: Diff 172152.Wed, Feb 18, 2:43 PM
dfr added a comment.Wed, Feb 18, 4:50 PM

Still looks good (apart from the indentation mismatch for podman_prestart)

arrowd added a comment.Wed, Feb 18, 6:26 PM

What about the podman_service rc script? I guess it should get the same change?

This revision was not accepted when it landed; it landed in state Needs Review.Sun, Feb 22, 7:48 PM
Closed by commit R11:2c53428ae117: sysutils/podman: Allow setting ownership on auto-created socket (authored by dch). · Explain Why
This revision was automatically updated to reflect the committed changes.
dch added a commit: R11:2c53428ae117: sysutils/podman: Allow setting ownership on auto-created socket.
dch added a reverting change: R11:0882ac8e21b3: sysutils/podman: Revert "Allow setting ownership on auto-created socket".Mon, Feb 23, 11:40 AM

Revision Contents
Changeset List

PathSize
sysutils/
podman/
2 lines
files/
32 lines

Diff 172466

View Options

sysutils/podman/Makefile

Loading...
View Options

sysutils/podman/files/podman.in

Loading...