diff --git a/dangerzone/container.py b/dangerzone/container.py index 20717bf..487578e 100644 --- a/dangerzone/container.py +++ b/dangerzone/container.py @@ -11,7 +11,7 @@ if platform.system() == "Darwin": elif platform.system() == "Windows": container_runtime = shutil.which("docker.exe") else: - container_runtime = shutil.which("docker") + container_runtime = shutil.which("podman") # Define startupinfo for subprocesses if platform.system() == "Windows": @@ -51,7 +51,7 @@ def container_main(): @container_main.command() -@click.option("--container-name", default="flmcode/dangerzone") +@click.option("--container-name", default="docker.io/flmcode/dangerzone") def ls(container_name): """docker image ls [container_name]""" sys.exit(exec_container(["image", "ls", container_name])) @@ -60,37 +60,36 @@ def ls(container_name): @container_main.command() def pull(): """docker pull flmcode/dangerzone""" - sys.exit(exec_container(["pull", "flmcode/dangerzone"])) + sys.exit(exec_container(["pull", "docker.io/flmcode/dangerzone"])) @container_main.command() @click.option("--document-filename", required=True) @click.option("--pixel-dir", required=True) -@click.option("--container-name", default="flmcode/dangerzone") +@click.option("--container-name", default="docker.io/flmcode/dangerzone") def documenttopixels(document_filename, pixel_dir, container_name): """docker run --network none -v [document_filename]:/tmp/input_file -v [pixel_dir]:/dangerzone [container_name] document-to-pixels""" - sys.exit( - exec_container( - [ - "run", - "--network", - "none", - "--security-opt=no-new-privileges:true", - "-v", - f"{document_filename}:/tmp/input_file", - "-v", - f"{pixel_dir}:/dangerzone", - container_name, - "document-to-pixels", - ] - ) - ) + args = ["run", "--network", "none"] + + # Linux uses podman instead of docker, and only docker uses --security-opt + if platform.system() != "Linux": + args += ["--security-opt=no-new-privileges:true"] + + args += [ + "-v", + f"{document_filename}:/tmp/input_file", + "-v", + f"{pixel_dir}:/dangerzone", + container_name, + "document-to-pixels", + ] + sys.exit(exec_container(args)) @container_main.command() @click.option("--pixel-dir", required=True) @click.option("--safe-dir", required=True) -@click.option("--container-name", default="flmcode/dangerzone") +@click.option("--container-name", default="docker.io/flmcode/dangerzone") @click.option("--ocr", required=True) @click.option("--ocr-lang", required=True) def pixelstopdf(pixel_dir, safe_dir, container_name, ocr, ocr_lang): diff --git a/dangerzone/global_common.py b/dangerzone/global_common.py index ba473bc..842957e 100644 --- a/dangerzone/global_common.py +++ b/dangerzone/global_common.py @@ -384,7 +384,7 @@ class GlobalCommon(object): if self.custom_container: return self.custom_container else: - return "flmcode/dangerzone" + return "docker.io/flmcode/dangerzone" def get_resource_path(self, filename): if getattr(sys, "dangerzone_dev", False): @@ -439,18 +439,11 @@ class GlobalCommon(object): return "/usr/bin/dangerzone-container" def exec_dangerzone_container(self, args): - # Prefix the args with the retainer runtime, and in the case linux when the user isn't in the docker group, pkexec - if platform.system() == "Linux": - if self.settings.get("linux_prefers_typing_password"): - args = ["/usr/bin/pkexec", self.dz_container_path] + args - else: - args = [self.dz_container_path] + args - else: - args = [self.dz_container_path] + args - - # Execute dangerzone-container + args = [self.dz_container_path] + args args_str = " ".join(pipes.quote(s) for s in args) print(Fore.YELLOW + "> " + Fore.CYAN + args_str) + + # Execute dangerzone-container return subprocess.Popen( args, startupinfo=self.get_subprocess_startupinfo(),