From 27024a015807180c0e22d7f67589b8c46d5716bc Mon Sep 17 00:00:00 2001
From: Job79 <job@plabble.org>
Date: Wed, 27 Aug 2025 21:03:38 +0200
Subject: [PATCH] refactor: restrict container host access

---
 containers/go/config.sh   | 2 +-
 containers/kube/config.sh | 2 +-
 enter.sh                  | 3 ++-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/containers/go/config.sh b/containers/go/config.sh
index 923eea6..32ff678 100644
--- a/containers/go/config.sh
+++ b/containers/go/config.sh
@@ -1,3 +1,3 @@
-for dir in "Code" "Documents" "Downloads" ".config/devcontainer"; do
+for dir in "Code" "Downloads" ".config/devcontainer"; do
   arg "-v $HOME/$dir:/home/user/$dir"
 done
diff --git a/containers/kube/config.sh b/containers/kube/config.sh
index 923eea6..32ff678 100644
--- a/containers/kube/config.sh
+++ b/containers/kube/config.sh
@@ -1,3 +1,3 @@
-for dir in "Code" "Documents" "Downloads" ".config/devcontainer"; do
+for dir in "Code" "Downloads" ".config/devcontainer"; do
   arg "-v $HOME/$dir:/home/user/$dir"
 done
diff --git a/enter.sh b/enter.sh
index ab0fb02..62af9b1 100755
--- a/enter.sh
+++ b/enter.sh
@@ -23,6 +23,7 @@ run_args() {
   # container.
   [ -e "/run/user/$UID/bus" ] && arg "-v /run/user/$UID/bus:/tmp/bus" # Use host dbus.
   arg "-e HOST_HOME=$HOME"                                            # Used to translate container path to host.
+  arg "-e CONTAINER_NAME=$name"
 
   # Use host networking.
   arg "--net=host"
@@ -82,4 +83,4 @@ if [ "$pull" = true ] || [ "$(podman container inspect "$name" -f {{.State.Runni
 fi
 
 podman start "$name" 1>/dev/null
-podman exec -e CONTAINER_NAME="$name" -e ENTER_DIR="${PWD/#$HOME/\~}" --detach-keys "ctrl-@" -it "$name" bash -l
+podman exec -e ENTER_DIR="${PWD/#$HOME/\~}" --detach-keys "ctrl-@" -it "$name" bash -l