summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2018-09-18 09:06:40 -0400
committerAtomic Bot <atomic-devel@projectatomic.io>2018-09-20 16:01:29 +0000
commitfbfcc7842e0e3361c53bc607411c200824c111b4 (patch)
tree206996ea536a26ed17a8f79326a1e51041c4147f /docs
parent2cbb8c216a2f8e7160cdf88ef6ef50ee75559d96 (diff)
downloadpodman-fbfcc7842e0e3361c53bc607411c200824c111b4.tar.gz
podman-fbfcc7842e0e3361c53bc607411c200824c111b4.tar.bz2
podman-fbfcc7842e0e3361c53bc607411c200824c111b4.zip
Add new field to libpod to indicate whether or not to use labelling
Also update some missing fields libpod.conf obtions in man pages. Fix sort order of security options and add a note about disabling labeling. When a process requests a new label. libpod needs to reserve all labels to make sure that their are no conflicts. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1406 Approved by: mheon
Diffstat (limited to 'docs')
-rw-r--r--docs/libpod.conf.5.md3
-rw-r--r--docs/podman-create.1.md4
-rw-r--r--docs/podman-run.1.md4
3 files changed, 9 insertions, 2 deletions
diff --git a/docs/libpod.conf.5.md b/docs/libpod.conf.5.md
index e881c4296..198e927ee 100644
--- a/docs/libpod.conf.5.md
+++ b/docs/libpod.conf.5.md
@@ -59,6 +59,9 @@ libpod to manage containers.
The default namespace is "", which corresponds to no namespace. When no namespace is set, all
containers and pods are visible.
+**label**="true|false"
+ Indicates whether the containers should use label separation.
+
## FILES
`/usr/share/containers/libpod.conf`, default libpod configuration path
diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md
index 8cbe64a3e..01e072005 100644
--- a/docs/podman-create.1.md
+++ b/docs/podman-create.1.md
@@ -506,6 +506,8 @@ Security Options
"seccomp=unconfined" : Turn off seccomp confinement for the container
"seccomp=profile.json : White listed syscalls seccomp Json file to be used as a seccomp filter
+Note: Labelling can be disabled for all containers by setting label=false in the **libpod.conf** (`/etc/containers/libpod.conf`) file.
+
**--shm-size**=""
Size of `/dev/shm`. The format is `<number><unit>`. `number` must be greater than `0`.
@@ -736,7 +738,7 @@ $ podman create --uidmap 0:30000:7000 --gidmap 0:30000:7000 fedora echo hello
**/etc/subgid**
## SEE ALSO
-subgid(5), subuid(5)
+subgid(5), subuid(5), libpod.conf(5)
## HISTORY
October 2017, converted from Docker documentation to podman by Dan Walsh for podman <dwalsh@redhat.com>
diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md
index 0960125a3..a4c47f5de 100644
--- a/docs/podman-run.1.md
+++ b/docs/podman-run.1.md
@@ -528,6 +528,8 @@ Security Options
- `seccomp=unconfined` : Turn off seccomp confinement for the container
- `seccomp=profile.json` : White listed syscalls seccomp Json file to be used as a seccomp filter
+Note: Labelling can be disabled for all containers by setting label=false in the **libpod.conf** (`/etc/containers/libpod.conf`) file.
+
**--shm-size**=""
Size of `/dev/shm`. The format is `<number><unit>`. `number` must be greater than `0`.
@@ -1025,7 +1027,7 @@ $ podman run --uidmap 0:30000:7000 --gidmap 0:30000:7000 fedora echo hello
**/etc/subgid**
## SEE ALSO
-subgid(5), subuid(5)
+subgid(5), subuid(5), libpod.conf(5)
## HISTORY
October 2017, converted from Docker documentation to podman by Dan Walsh for podman <dwalsh@redhat.com>