From 9b3ddaf6fce08f1b051f192cddf7f460d331347d Mon Sep 17 00:00:00 2001
From: Jia Zhang <zhang.jia@linux.alibaba.com>
Date: Fri, 3 Jul 2020 10:20:32 +0000
Subject: [PATCH] rune/libcontainer: Mount aesm.socket from /var/run/aesmd/

/run is usally a symbol link to /var/run but it is not always true.

Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
---
 rune/libcontainer/specconv/example.go    | 4 ++--
 rune/libcontainer/specconv/spec_linux.go | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/rune/libcontainer/specconv/example.go b/rune/libcontainer/specconv/example.go
index 3a3b3d4..647b08f 100644
--- a/rune/libcontainer/specconv/example.go
+++ b/rune/libcontainer/specconv/example.go
@@ -175,9 +175,9 @@ func Example() *specs.Spec {
 		}
 		spec.Mounts = append(spec.Mounts,
 			specs.Mount{
-				Destination: "/run/aesmd",
+				Destination: "/var/run/aesmd",
 				Type:        "bind",
-				Source:      "/run/aesmd",
+				Source:      "/var/run/aesmd",
 				Options:     []string{"rbind", "rprivate"},
 			})
 	}
diff --git a/rune/libcontainer/specconv/spec_linux.go b/rune/libcontainer/specconv/spec_linux.go
index 69c56dd..0d96282 100644
--- a/rune/libcontainer/specconv/spec_linux.go
+++ b/rune/libcontainer/specconv/spec_linux.go
@@ -461,8 +461,8 @@ func createLibcontainerMount(cwd string, m specs.Mount) *configs.Mount {
 func createLibenclaveMount(cwd string) *configs.Mount {
 	return &configs.Mount{
 		Device:           "bind",
-		Source:           "/run/aesmd",
-		Destination:      "/run/aesmd",
+		Source:           "/var/run/aesmd",
+		Destination:      "/var/run/aesmd",
 		Flags:            unix.MS_BIND | unix.MS_REC,
 		PropagationFlags: []int{unix.MS_PRIVATE | unix.MS_REC},
 	}
-- 
GitLab