From 4f4af7bfdedd1304f779e9e85dd0ac9743f40edd Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asarai@suse.de>
Date: Mon, 19 Mar 2018 10:59:57 +1100
Subject: [PATCH] rootless: set sticky bit if using XDG_RUNTIME_DIR

According to the XDG specification[1], in order to avoid the possibility of
our container states being auto-pruned every 6 hours we need to set the
sticky bit. Rather than handling all of the users of --root, we just
create the directory and set the sticky bit during detection, as it's
not expensive.

[1]: https://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html

Signed-off-by: Aleksa Sarai <asarai@suse.de>
---
 main.go | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/main.go b/main.go
index 4642335e..1b9728c5 100644
--- a/main.go
+++ b/main.go
@@ -67,6 +67,15 @@ func main() {
 		runtimeDir := os.Getenv("XDG_RUNTIME_DIR")
 		if runtimeDir != "" {
 			root = runtimeDir + "/runc"
+			// According to the XDG specification, we need to set anything in
+			// XDG_RUNTIME_DIR to have a sticky bit if we don't want it to get
+			// auto-pruned.
+			if err := os.MkdirAll(root, 0700); err != nil {
+				fatal(err)
+			}
+			if err := os.Chmod(root, 0700|os.ModeSticky); err != nil {
+				fatal(err)
+			}
 		}
 	}