Good catch, I had meant to include this in the configuration package and forgot.
This is now staged on master-next. Bruce In message: [meta-virtualization][master-next][PATCH 2/3] container-host-config: provide /etc/containers/policy.json on 19/02/2023 Chen Qi wrote: > The /etc/containers/policy.json[1] file is used to specify verification > policy. For now, we can see it's used by both cri-o and skopeo. To avoid > conflict, we use container-host-config to provide this file and make both > skopeo and cri-o depend on it. > > [1] > https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md > > Signed-off-by: Chen Qi <[email protected]> > --- > .../container-host-config/container-host-config.bb | 2 ++ > .../container-host-config/policy.json | 7 +++++++ > recipes-containers/cri-o/cri-o_git.bb | 1 + > recipes-containers/skopeo/skopeo_git.bb | 1 - > 4 files changed, 10 insertions(+), 1 deletion(-) > create mode 100755 > recipes-containers/container-host-config/container-host-config/policy.json > > diff --git > a/recipes-containers/container-host-config/container-host-config.bb > b/recipes-containers/container-host-config/container-host-config.bb > index c762dea..c2f17bf 100644 > --- a/recipes-containers/container-host-config/container-host-config.bb > +++ b/recipes-containers/container-host-config/container-host-config.bb > @@ -8,6 +8,7 @@ LIC_FILES_CHKSUM = > "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384 > SRC_URI = " \ > file://storage.conf \ > file://registries.conf \ > + file://policy.json \ > " > > do_install() { > @@ -15,4 +16,5 @@ do_install() { > > install ${WORKDIR}/storage.conf > ${D}/${sysconfdir}/containers/storage.conf > install ${WORKDIR}/registries.conf > ${D}/${sysconfdir}/containers/registries.conf > + install ${WORKDIR}/policy.json ${D}/${sysconfdir}/containers/policy.json > } > diff --git > a/recipes-containers/container-host-config/container-host-config/policy.json > b/recipes-containers/container-host-config/container-host-config/policy.json > new file mode 100755 > index 0000000..bb26e57 > --- /dev/null > +++ > b/recipes-containers/container-host-config/container-host-config/policy.json > @@ -0,0 +1,7 @@ > +{ > + "default": [ > + { > + "type": "insecureAcceptAnything" > + } > + ] > +} > diff --git a/recipes-containers/cri-o/cri-o_git.bb > b/recipes-containers/cri-o/cri-o_git.bb > index 9467cf1..2ae3303 100644 > --- a/recipes-containers/cri-o/cri-o_git.bb > +++ b/recipes-containers/cri-o/cri-o_git.bb > @@ -57,6 +57,7 @@ inherit systemd > inherit go > inherit goarch > inherit pkgconfig > +inherit container-host > > EXTRA_OEMAKE="BUILDTAGS=''" > > diff --git a/recipes-containers/skopeo/skopeo_git.bb > b/recipes-containers/skopeo/skopeo_git.bb > index 66168ca..4d062ed 100644 > --- a/recipes-containers/skopeo/skopeo_git.bb > +++ b/recipes-containers/skopeo/skopeo_git.bb > @@ -82,7 +82,6 @@ do_install() { > install -d ${D}/${sysconfdir}/containers > > install ${S}/src/import/bin/skopeo ${D}/${sbindir}/ > - install ${S}/src/import/default-policy.json > ${D}/${sysconfdir}/containers/policy.json > } > > do_install:append:class-native() { > -- > 2.37.1 > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#7886): https://lists.yoctoproject.org/g/meta-virtualization/message/7886 Mute This Topic: https://lists.yoctoproject.org/mt/97080776/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/leave/6693005/21656/1014668956/xyzzy [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
