From 60295e3fd1d5eb35c8079b81516407650b8c9f77 Mon Sep 17 00:00:00 2001 From: Mike Holloway Date: Fri, 20 Sep 2024 02:52:05 -0400 Subject: [PATCH] Rootless Podman Socket work --- tasks/main.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/tasks/main.yml b/tasks/main.yml index aa71b5a..a68955a 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,6 +1,6 @@ - name: Install podman, podman networking plugins, and python support packages dnf: - name: ['podman', 'containernetworking-plugins', 'podman-plugins', 'python3-pip'] + name: ['podman', 'containernetworking-plugins', 'podman-plugins', 'python3-pip', 'systemd-containers'] state: present - name: Install podman-compose pip Package pip: @@ -11,6 +11,7 @@ name: "{{ item }}" loop: "{{ service_users }}" + - name: Enable systemd-user session initialization over ssh lineinfile: dest: /etc/pam.d/sshd @@ -22,6 +23,13 @@ loop: "{{ service_users }}" +- name: Create machinectl bash alias + lineinfile: + path: "/home/{{ item }}/.bashrc" + regexp: '^alias su=' + line: "alias su=\"machinectl shell --uid\"" + loop: "{{ service_users}}" + - name: Enable permissive_container_t SELinux Context selinux_permissive: name: container_t