Page MenuHomeFreeBSD

sysutils/podman: Allow setting ownership on auto-created socket
ClosedPublic

Authored by dch on Tue, Feb 17, 11:29 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Feb 25, 4:48 PM
Unknown Object (File)
Wed, Feb 25, 3:48 PM
Unknown Object (File)
Wed, Feb 25, 11:19 AM
Unknown Object (File)
Wed, Feb 25, 12:22 AM
Unknown Object (File)
Mon, Feb 23, 2:33 PM
Unknown Object (File)
Sun, Feb 22, 8:39 PM
Unknown Object (File)
Fri, Feb 20, 1:23 AM
Unknown Object (File)
Wed, Feb 18, 2:05 PM
Subscribers
None

Details

Summary

The podman daemon auto-creates a socket on startup, along with parent
directory, and
is always run as root. It is often useful to have another proxy like
haproxy or nginx
provide more sophisticed security, and these daemons do not need root
privileges.

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 70750
Build 67633: arc lint + arc unit

Event Timeline

dch requested review of this revision.Tue, Feb 17, 11:29 PM
dch created this revision.

NB I would eventually like to fix this upstream too, but I have need of this functionality already.

After applying this patch to /usr/local/etc/rc.d/podman_service I can now run Podman Desktop without the need to do chmod on the socket. Yay!

Looks good, apart from a tiny style nit.

sysutils/podman/files/podman.in
42–45

Change indentation to line up with other functions below

This revision is now accepted and ready to land.Wed, Feb 18, 10:50 AM

update after go port bump, reflow commit text

This revision now requires review to proceed.Wed, Feb 18, 2:43 PM

Still looks good (apart from the indentation mismatch for podman_prestart)

What about the podman_service rc script? I guess it should get the same change?

This revision was not accepted when it landed; it landed in state Needs Review.Sun, Feb 22, 7:48 PM
This revision was automatically updated to reflect the committed changes.