From ce22f70742348101b9526a8c2b961b358b252886 Mon Sep 17 00:00:00 2001
From: konsthol <konsthol@konsthol.eu>
Date: Tue, 5 Sep 2023 17:30:49 +0300
Subject: [PATCH] things occurred

---
 harden | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/harden b/harden
index 6a2e489..cb61662 100755
--- a/harden
+++ b/harden
@@ -383,7 +383,10 @@ EOF
     # which will be installed and run on port 9443 by default to make it easier to manage docker
     # url to follow after the installation is complete: https://vps_ip:9443
     # the https:// part is important as portainer will not work without it
-    sudo -E runuser - secdep -c 'docker run -d -p 8000:8000 -p 9443:9443 --name=portainer --restart=always -v /run/user/$UID/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce'
+    # For portainer, we will be using the --runtime=runc option to run it with runc because
+    # it doesn't work with runsc as it is not exposing the docker socket to the container
+    # but containers downloaded from it will still use runsc
+    sudo -E runuser - secdep -c 'docker run --runtime=runc -d -p 8000:8000 -p 9443:9443 --name=portainer --restart=always -v /run/user/$UID/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce'
     # Check if the dockerImages array is empty and return 0 if it is
     [[ "${#dockerImages[@]}" -eq 0 ]] && return 0
     # Loop through the dockerImages array