Respect XDG_CONFIG_HOME for policy.json

The default path for (rootless) policy.json should respect XDG_CONFIG_HOME if present, as the paths for other configuration files like storage.conf and containers.conf do. Signed-off-by: David Scherer <david.scherer@antithesis.com>
containers · Aug 8, 2020 · ed0c7be · ed0c7be
1 parent a0bdc7f
commit ed0c7be
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 3 deletions.
diff --git a/signature/policy_config.go b/signature/policy_config.go
@@ -37,7 +37,9 @@ var systemDefaultPolicyPath = builtinDefaultPolicyPath
 const builtinDefaultPolicyPath = "/etc/containers/policy.json"
 
 // userPolicyFile is the path to the per user policy path.
-var userPolicyFile = filepath.FromSlash(".config/containers/policy.json")
+var userPolicyFile = filepath.FromSlash("containers/policy.json")
+
+const defaultConfigHomeDir = ".config"
 
 // InvalidPolicyFormatError is returned when parsing an invalid policy configuration.
 type InvalidPolicyFormatError string
@@ -61,7 +63,11 @@ func defaultPolicyPath(sys *types.SystemContext) string {
 	if sys != nil && sys.SignaturePolicyPath != "" {
 		return sys.SignaturePolicyPath
 	}
-	userPolicyFilePath := filepath.Join(homedir.Get(), userPolicyFile)
+	configHomeDir := os.Getenv("XDG_CONFIG_HOME")
+	if configHomeDir == "" {
+		configHomeDir = filepath.Join( homedir.Get(), defaultConfigHomeDir )
+	}
+	userPolicyFilePath := filepath.Join(configHomeDir, userPolicyFile)
 	if _, err := os.Stat(userPolicyFilePath); err == nil {
 		return userPolicyFilePath
 	}

diff --git a/signature/policy_config_test.go b/signature/policy_config_test.go
@@ -107,7 +107,7 @@ func TestDefaultPolicyPath(t *testing.T) {
 			os.Unsetenv("HOME")
 		}
 	}()
-	userDefaultPolicyPath := filepath.Join(tempHome, userPolicyFile)
+	userDefaultPolicyPath := filepath.Join(tempHome, defaultConfigHomeDir, userPolicyFile)
 
 	for _, c := range []struct {
 		sys             *types.SystemContext