Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-126643

[RHEL EPIC] Unified configuration for rootless podman rhel 9.8

Linking RHIVOS CVEs to...Migration: Automation ...Sync from "Extern...XMLWordPrintable

    • Unified Configuration For Rootless Podman RHEL 9.8
    • None
    • rhel-container-tools
    • None
    • Dev ack, PXE ack
    • False
    • False
    • Hide

      None

      Show
      None
    • Yes
    • None
    • None
    • None
    • Feature
    • Hide
      Unified Configuration available for Rootless Podman::
      +
      With this update, a unified system-wide configuration file is introduced for rootless Podman, enabling centralized policy management, a consistent security baseline, and operational standardization across all users. This results in a seamless experience for end users, as they can inherit sensible defaults without manual configuration, while still maintaining the flexibility to override system settings through personal configuration files. Additionally, this update ensures backward compatibility, meaning existing user workflows and configurations remain unchanged.
      Show
      Unified Configuration available for Rootless Podman:: + With this update, a unified system-wide configuration file is introduced for rootless Podman, enabling centralized policy management, a consistent security baseline, and operational standardization across all users. This results in a seamless experience for end users, as they can inherit sensible defaults without manual configuration, while still maintaining the flexibility to override system settings through personal configuration files. Additionally, this update ensures backward compatibility, meaning existing user workflows and configurations remain unchanged.
    • In Progress
    • Required
    • Required
    • Unspecified
    • None

       

      Problem Statement

      System administrators currently lack a centralized way to set default configurations for rootless Podman across all users on a system. Each rootless user must configure their individual containers.conf file, making it difficult to set consistent policies, security settings, or operational defaults organization-wide.

      Solution

      Introduce a unified system-wide configuration file (e.g., /etc/containers/containers-rootless.conf) that provides default settings specifically for rootless Podman environments, while maintaining the ability for individual users to override these defaults through their personal configuration files.

      Key Features & Benefits

      For System Administrators

      • Centralized Policy Management: Set organization-wide defaults for rootless containers
      • Security Baseline: Establish consistent security configurations across all users
      • Operational Standardization: Enforce common resource limits, registry settings, and runtime behaviors

      For End Users

      • Seamless Experience: Inherit sensible defaults without manual configuration
      • Flexibility Maintained: Override system defaults through personal config files
      • Backward Compatibility: No changes to existing user workflows or configurations

              ddarrah@redhat.com David Darrah
              rhn-support-mrussell Mark Russell
              Mugdha Soni Mugdha Soni
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: