|
|
1c29603 |
#!/usr/bin/env bash
|
|
|
1c29603 |
|
|
|
1c29603 |
set -eox pipefail
|
|
|
dc5d922 |
|
|
|
dc5d922 |
spectool -fg containers-common.spec
|
|
|
dc5d922 |
|
|
|
f64e67a |
if [[ $(git rev-parse --abbrev-ref HEAD) == "rawhide" ]]; then
|
|
|
1c29603 |
sed -i -e 's/^driver.*=.*/driver = "overlay"/' -e 's/^mountopt.*=.*/mountopt = "nodev,metacopy=on"/' \
|
|
|
1c29603 |
-e 's/^pull_options.*=.*/pull_options = {enable_partial_images = \"true\", use_hard_links = \"false\", ostree_repos=""}/' \
|
|
|
1c29603 |
storage.conf
|
|
|
1c29603 |
else
|
|
|
1c29603 |
sed -i -e 's/^driver.*=.*/driver = "overlay"/' -e 's/^mountopt.*=.*/mountopt = "nodev,metacopy=on"/' \
|
|
|
1c29603 |
-e '/additionalimage.*/a "/usr/lib/containers/storage",' \
|
|
|
1c29603 |
storage.conf
|
|
|
1c29603 |
fi
|
|
|
dc5d922 |
|
|
|
dc5d922 |
[ `grep "keyctl" seccomp.json | wc -l` == 0 ] && sed -i '/\"kill\",/i \
|
|
|
dc5d922 |
"keyctl",' seccomp.json
|
|
|
dc5d922 |
sed -i '/\"socketcall\",/i \
|
|
|
dc5d922 |
"socket",' seccomp.json
|
|
|
dc5d922 |
|
|
|
e066d16 |
sed -i 's/^#.*unqualified-search-registries.*=.*/unqualified-search-registries = ["registry.fedoraproject.org", "registry.access.redhat.com", "docker.io", "quay.io"]/g' \
|
|
|
dc5d922 |
registries.conf
|
|
|
dc5d922 |
|
|
|
0a797de |
grep 'short-name-mode="enforcing"' registries.conf
|
|
|
575d270 |
if [[ $? == 1 ]]; then
|
|
|
575d270 |
echo -e '\nshort-name-mode="enforcing"' >> registries.conf
|
|
|
575d270 |
fi
|
|
|
ef305af |
|
|
|
2488e6c |
sed -i -e 's/^#.*log_driver.*=.*/log_driver = "journald"/' \
|
|
|
2488e6c |
containers.conf
|
|
|
2488e6c |
|
|
|
043d6c2 |
git checkout origin default-policy.json
|