Originally posted by **ihatethecloud** July 3, 2024
https://github.com/containers/podman/blob/b5bfd7233b1a3d500f0df1968dfcc2bd5c3c30ce/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go#L347-L395
podman-4.9.4-1 on almalinux 8.10
If the user has a crypto-policy modifier there is no way for him to have it inside the container.
1 - Create a policy modifier
```
/usr/share/crypto-policies/policies/modules/TEST-MOD.pmod
cipher = -AES-256-CBC
```
2 - Activate the policy
```
update-crypto-policies --set FIPS:TEST-MOD
```
3 - Reboot
4 - Check crypto-policy
```
cat /etc/crypto-policies/config
FIPS:TEST-MOD
```
5 - Check inside container
```
podman run --rm --it almalinux:8.9 cat /etc/crypto-policies/config
FIPS
```
6 - Try with bind volume
```
podman run --rm -v /etc/crypto-policies/:/etc/crypto-policies/ --it almalinux:8.9 cat /etc/crypto-policies/config
FIPS
```
Discussed in https://github.com/containers/podman/discussions/23213