opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-31 15:42:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

Tighten the security on the podman varlink socket

Browse Source 
We only want root to be allowed to access this socket.
Also move socket to /run/podman directory.  This requires
us to drop a podman.conf tmpfiles.d file.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

Closes: #806
Approved by: mheon
This commit is contained in:
Daniel J Walsh
2018-05-18 16:28:51 -04:00
committed by Atomic Bot
parent 4b804e8516
commit 9d7c50aa03
6 changed files with 20 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
docs/podman-varlink.1.md
View File

@ -31,8 +31,16 @@ More will go here as the docs and api firm up.
as well.
-->
## CONFIGURATION
Users of the podman varlink service should enable the io.projectatomic.podman.socket and io.projectatomic.podman.service.
You can do this via systemctl
systemctl enable --now io.projectatomic.podman.socket
## SEE ALSO
podman(1)
podman(1), systemctl(1)
## HISTORY
April 2018, Originally compiled by Brent Baude<bbaude@redhat.com>