diff options
| author | openshift-ci[bot] <75433959+openshift-ci[bot]@users.noreply.github.com> | 2022-07-11 12:56:29 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-07-11 12:56:29 +0000 |
| commit | 0af75a74d27c1d37009ba49f7fce11ff188954eb (patch) | |
| tree | 4c1c66141d984673d8aa273de8b5ce79eb42512d /docs/source/markdown/podman-run.1.md | |
| parent | 0df8c6e1572c30fed45d96a4761060d3d440d69d (diff) | |
| parent | 87793b63397807dc8ea98c383bbad6e95004fc74 (diff) | |
| download | podman-0af75a74d27c1d37009ba49f7fce11ff188954eb.tar.gz podman-0af75a74d27c1d37009ba49f7fce11ff188954eb.tar.bz2 podman-0af75a74d27c1d37009ba49f7fce11ff188954eb.zip | |
Merge pull request #14889 from eriksjolund/rewrite_gidmap_option_docs
[CI:DOCS] Rewrite the --gidmap option docs
Diffstat (limited to 'docs/source/markdown/podman-run.1.md')
| -rw-r--r-- | docs/source/markdown/podman-run.1.md | 16 |
1 files changed, 5 insertions, 11 deletions
diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md index 84e93efbe..e628a806a 100644 --- a/docs/source/markdown/podman-run.1.md +++ b/docs/source/markdown/podman-run.1.md @@ -404,16 +404,10 @@ on the host system. #### **--gidmap**=*container_gid*:*host_gid*:*amount* -Run the container in a new user namespace using the supplied mapping. This option conflicts with the **--userns** and **--subgidname** flags. -This option can be passed several times to map different ranges. If calling **podman run** as an unprivileged user, the user needs to have the right to use the mapping. See **subuid**(5). -The example maps gids **0-1999** in the container to the gids **30000-31999** on the host: **--gidmap=0:30000:2000**. - -**Important note:** The new user namespace mapping based on **--gidmap** is based on the initial mapping made in the _/etc/subgid_ file. -Assuming there is a _/etc/subgid_ mapping **groupname:100000:65536**, then **groupname** is initially mapped to a namespace starting with -gid **100000** for **65536** ids. From here the **--gidmap** mapping to the new namespace starts from **0** again, but is based on the initial mapping. -Meaning **groupname** is initially mapped to gid **100000** which is referenced as **0** in the following **--gidmap** mapping. In terms of the example -above: The group **groupname** is mapped to group **100000** of the initial namespace then the -**30000**st id of this namespace (which is gid 130000 in this namespace) is mapped to container namespace group id **0**. (groupname -> 100000 / 30000 -> 0) +Run the container in a new user namespace using the supplied GID mapping. This +option conflicts with the **--userns** and **--subgidname** options. This +option provides a way to map host GIDs to container GIDs in the same way as +__--uidmap__ maps host UIDs to container UIDs. For details see __--uidmap__. Note: the **--gidmap** flag cannot be called in conjunction with the **--pod** flag as a gidmap cannot be set on the container level when in a pod. @@ -1188,7 +1182,7 @@ Remote connections use local containers.conf for defaults #### **--uidmap**=*container_uid*:*from_uid*:*amount* -Run the container in a new user namespace using the supplied mapping. This +Run the container in a new user namespace using the supplied UID mapping. This option conflicts with the **--userns** and **--subuidname** options. This option provides a way to map host UIDs to container UIDs. It can be passed several times to map different ranges. |