Sure that is much safer, especially where there could be conflicting config files.

I was going for easy and quick test.  But yours is better from a security as well as a supportablity point of view.

On 3/23/20 15:50, Scott McCarty wrote:
I always have a bad feeling about mounting /etc :-( Personally, I prefer creating a directory in /src for everything. This is what I use for my wiki:


Best Regards
Scott M

On Mon, Mar 23, 2020 at 8:48 AM Daniel Walsh <dwalsh@redhat.com> wrote:
On 3/22/20 23:23, Philip Rhoades wrote:
> People,
>
>
> On 2020-03-23 12:16, Philip Rhoades wrote:
>> People,
>>
>> I want to have a MTA running from a container but is it possible for
>> the containerised MTA:
>>
>> 1. to deliver mails to users on the host's file system dir (eg
>> /home/user/Maildir)?
>>
>> 2. to have access to the host's:
>>
>>    /etc/passwd
>>    /etc/shadow
>>    /etc/group
>>    /etc/gshadow
>>
>> files for users who are logging in to the host to look at their mails?
>
>
> I worked out that I could use the run "-v" switch to answer Q #1
>
> Thanks,
>
> Phil.
>
Something like


# podman run --security-opt label:disable -v /etc:/etc:ro -v /home/home
... MTAIMAGE ...

Might work.  

Or you would have to get more fine grained on /etc mounts.
_______________________________________________
Podman mailing list -- podman@lists.podman.io
To unsubscribe send an email to podman-leave@lists.podman.io


--
-- 
Scott McCarty, RHCA
Product Management - Containers, Red Hat Enterprise Linux & OpenShift
Email: smccarty@redhat.com
Phone: 312-660-3535
Cell: 330-807-1043
Web: http://crunchtools.com
Using Azure Pipelines with Red Hat Universal Base Image and Quay.io: https://red.ht/2TvYo3Y

_______________________________________________
Podman mailing list -- podman@lists.podman.io
To unsubscribe send an email to podman-leave@lists.podman.io