From 0805bd7410a84d296f071ad053d5335c0ba561f7 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Wed, 5 Oct 2022 06:13:29 -0400 Subject: [PATCH] local build --- containers-storage.conf.5.md | 2 +- default.yaml | 14 ++++++++------ storage.conf | 2 +- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/containers-storage.conf.5.md b/containers-storage.conf.5.md index ce6032b..877c6ea 100644 --- a/containers-storage.conf.5.md +++ b/containers-storage.conf.5.md @@ -91,7 +91,7 @@ containers/storage supports four keys **remap-uids=**"" **remap-gids=**"" - Remap-UIDs/GIDs is the mapping from UIDs/GIDs as they should appear inside of a container, to the UIDs/GIDs outside of the container, and the length of the range of UIDs/GIDs. Additional mapped sets can be listed and will be needed by libraries, but there are limits to the number of mappings which the kernel will allow when you later attempt to run a container. + Remap-UIDs/GIDs is the mapping from UIDs/GIDs as they should appear inside of a container, to the UIDs/GIDs outside of the container, and the length of the range of UIDs/GIDs. Additional mapped sets can be listed and will be heeded by libraries, but there are limits to the number of mappings which the kernel will allow when you later attempt to run a container. Example remap-uids = 0:1668442479:65536 diff --git a/default.yaml b/default.yaml index c7a70a4..a7f3d28 100644 --- a/default.yaml +++ b/default.yaml @@ -1,8 +1,8 @@ # This is a default registries.d configuration file. You may # add to this file or create additional files in registries.d/. # -# lookaside: indicates a location that is read and write -# lookaside-staging: indicates a location that is only for write +# lookaside: for reading/writing simple signing signatures +# lookaside-staging: for writing simple signing signatures, preferred over lookaside # # lookaside and lookaside-staging take a value of the following: # lookaside: {schema}://location @@ -10,10 +10,12 @@ # For reading signatures, schema may be http, https, or file. # For writing signatures, schema may only be file. -# This is the default signature write location for docker registries. +# The default locations are built-in, for both reading and writing: +# /var/lib/containers/sigstore for root, or +# ~/.local/share/containers/sigstore for non-root users. default-docker: -# lookaside: file:///var/lib/containers/sigstore -# lookaside-staging: file:///var/lib/containers/sigstore +# lookaside: https://… +# lookaside-staging: file:///… # The 'docker' indicator here is the start of the configuration # for docker registries. @@ -21,6 +23,6 @@ default-docker: # docker: # # privateregistry.com: -# lookaside: http://privateregistry.com/sigstore/ +# lookaside: https://privateregistry.com/sigstore/ # lookaside-staging: /mnt/nfs/privateregistry/sigstore diff --git a/storage.conf b/storage.conf index 41ee2bc..806af8f 100644 --- a/storage.conf +++ b/storage.conf @@ -65,7 +65,7 @@ pull_options = {enable_partial_images = "false", use_hard_links = "false", ostre # Remap-UIDs/GIDs is the mapping from UIDs/GIDs as they should appear inside of # a container, to the UIDs/GIDs as they should appear outside of the container, # and the length of the range of UIDs/GIDs. Additional mapped sets can be -# listed and will be needed by libraries, but there are limits to the number of +# listed and will be heeded by libraries, but there are limits to the number of # mappings which the kernel will allow when you later attempt to run a # container. #