README: add note on lsign-key
This commit is contained in:
parent
96bb688fb7
commit
be068a16d3
|
@ -16,6 +16,15 @@ While the images are regularly kept up to date it is strongly recommended runnin
|
|||
* `pacman` needs to work out of the box
|
||||
* All installed packages have to be kept unmodified
|
||||
|
||||
>>>
|
||||
⚠️⚠️⚠️ NOTE: For Security Reasons, these images strip the pacman lsign key.
|
||||
This is because the same key would be spread to all containers of the same
|
||||
image, allowing for malicious actors to inject packages (via, for example,
|
||||
a man-in-the-middle). In order to create an lsign-key run `pacman-key
|
||||
--init` on the first execution, but be careful to not redistribute that
|
||||
key.⚠️⚠️⚠️
|
||||
>>>
|
||||
|
||||
## Building your own image
|
||||
|
||||
[This repository](https://gitlab.archlinux.org/archlinux/archlinux-docker) contains all scripts and files needed to create a Docker image for Arch Linux.
|
||||
|
|
Loading…
Reference in New Issue