mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
rootless: fix "x509: certificate signed by unknown authority" on openSUSE Tumbleweed
openSUSE Tumbleweed was facing "x509: certificate signed by unknown authority" error, as `/etc/ssl/ca-bundle.pem` is provided as a symlink to `../../var/lib/ca-certificates/ca-bundle.pem`, which was not supported by `rootlesskit --copy-up=/etc` . See rootless-containers/rootlesskit issues 225 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
This commit is contained in:
parent
ceac2ef2e2
commit
8610d8ce4c
1 changed files with 10 additions and 0 deletions
|
@ -118,5 +118,15 @@ else
|
|||
# https://github.com/moby/moby/issues/41230
|
||||
chcon system_u:object_r:iptables_var_run_t:s0 /run
|
||||
fi
|
||||
|
||||
if [ "$(stat -c %T -f /etc)" = "tmpfs" ] && [ -L "/etc/ssl" ]; then
|
||||
# Workaround for "x509: certificate signed by unknown authority" on openSUSE Tumbleweed.
|
||||
# https://github.com/rootless-containers/rootlesskit/issues/225
|
||||
realpath_etc_ssl=$(realpath /etc/ssl)
|
||||
rm -f /etc/ssl
|
||||
mkdir /etc/ssl
|
||||
mount --rbind ${realpath_etc_ssl} /etc/ssl
|
||||
fi
|
||||
|
||||
exec dockerd $@
|
||||
fi
|
||||
|
|
Loading…
Reference in a new issue