f88c1a43bd
* Add note about volume-mounts being cumulative with base-image * Fix register & run labels to use (correct) base image's `/home/podman/.local/share/containers/` instead of defining a new (wrong/useless) `storage` volume. * Fix register & run labels to mask over `/var/lib/containers` with a read-only tmpfs to block any nested rootful use of podman as a security precaution. Signed-off-by: Chris Evich <chris_gitlab@icuc.me>
6.5 KiB
6.5 KiB