From 57df71092a10d1e1aed5ab285b0a0e470e3d7010 Mon Sep 17 00:00:00 2001
From: Vadim Rutkovsky <vadim@vrutkovs.eu>
Date: Mon, 28 Jul 2025 09:45:25 +0200
Subject: [PATCH] pkg/configflags: write default audit policy file to absolute
 dir

Instead of using relative directory we should specify absolute path, so that container root could be
read-only
---
 pkg/configflags/audit.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/configflags/audit.go b/pkg/configflags/audit.go
index f7d378daf..814f17149 100644
--- a/pkg/configflags/audit.go
+++ b/pkg/configflags/audit.go
@@ -11,7 +11,7 @@ import (
 	configv1 "github.com/openshift/api/config/v1"
 )
 
-const defaultAuditPolicyFilePath = "openshift.local.audit/policy.yaml"
+const defaultAuditPolicyFilePath = "/tmp/openshift.local.audit/policy.yaml"
 
 func AuditFlags(c *configv1.AuditConfig, args map[string][]string) map[string][]string {
 	if !c.Enabled {