From 0ec9e4daa440c563314f38f88ab6d2855ed5a9a2 Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Sun, 22 Mar 2020 16:47:48 +0100
Subject: [PATCH] ensure userns is disabled and pass env file to docker
 container

---
 templates/etc/systemd/system/tidy.service.j2 | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/templates/etc/systemd/system/tidy.service.j2 b/templates/etc/systemd/system/tidy.service.j2
index f66be93..21799d7 100644
--- a/templates/etc/systemd/system/tidy.service.j2
+++ b/templates/etc/systemd/system/tidy.service.j2
@@ -7,7 +7,6 @@ After=docker.service network-online.target
 
 [Service]
 Type=oneshot
-EnvironmentFile=/etc/sysconfig/tidy
 
 ExecStartPre=/bin/sh -c '/usr/bin/docker ps | /bin/grep %p 1> /dev/null && /usr/bin/docker kill %p || true'
 ExecStartPre=/bin/sh -c '/usr/bin/docker ps -a | /bin/grep %p 1> /dev/null && /usr/bin/docker rm %p || true'
@@ -15,8 +14,10 @@ ExecStartPre=/usr/bin/docker pull {{ dockertidy_image }}
 ExecStart=/usr/bin/docker run --rm \
   --name %p \
   --hostname %p \
+  --env-file /etc/sysconfig/tidy \
   --volume {{ dockertidy_docker_socket_path }}:/var/run/docker.sock \
   --privileged=true \
+  --userns=host \
   {{ dockertidy_image }} \
 
 [Install]