#!/usr/bin/env bash set -ox pipefail spectool -fg containers-common.spec if [[ $(git rev-parse --abbrev-ref HEAD) == "rawhide" ]]; then sed -i -e 's/^driver.*=.*/driver = "overlay"/' -e 's/^mountopt.*=.*/mountopt = "nodev,metacopy=on"/' \ -e 's/^pull_options.*=.*/pull_options = {enable_partial_images = \"true\", use_hard_links = \"false\", ostree_repos=""}/' \ storage.conf else sed -i -e 's/^driver.*=.*/driver = "overlay"/' -e 's/^mountopt.*=.*/mountopt = "nodev,metacopy=on"/' \ -e '/additionalimage.*/a "/usr/lib/containers/storage",' \ storage.conf fi [ `grep "keyctl" seccomp.json | wc -l` == 0 ] && sed -i '/\"kill\",/i \ "keyctl",' seccomp.json sed -i '/\"socketcall\",/i \ "socket",' seccomp.json sed -i 's/^#.*unqualified-search-registries.*=.*/unqualified-search-registries = ["registry.fedoraproject.org", "registry.access.redhat.com", "docker.io", "quay.io"]/g' \ registries.conf grep '^short-name-mode="enforcing"' registries.conf if [[ $? == 1 ]]; then echo -e '\nshort-name-mode="enforcing"' >> registries.conf fi sed -i -e 's/^#.*log_driver.*=.*/log_driver = "journald"/' \ containers.conf git checkout origin default-policy.json