summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorDivyansh Kamboj <kambojdivyansh2000@gmail.com>2019-04-21 16:22:50 +0530
committerDivyansh Kamboj <kambojdivyansh2000@gmail.com>2019-05-16 13:38:31 +0530
commit2a961a711312375273aa17f784d795b9c13b9e6e (patch)
tree81b6537364b2eb25a97c9c85df513abc25593148 /docs
parent5445d7d104087974f57f1c9c7d9774d83427895e (diff)
downloadpodman-2a961a711312375273aa17f784d795b9c13b9e6e.tar.gz
podman-2a961a711312375273aa17f784d795b9c13b9e6e.tar.bz2
podman-2a961a711312375273aa17f784d795b9c13b9e6e.zip
Add unshare to podman
This command lets the user run a command in a new user namespace like `unshare -u`. It uses the implementation of unshare in buildah. ( fixes #1388 ) Signed-off-by: Divyansh Kamboj <kambojdivyansh2000@gmail.com>
Diffstat (limited to 'docs')
-rw-r--r--docs/podman-unshare.1.md37
-rw-r--r--docs/podman.1.md105
2 files changed, 90 insertions, 52 deletions
diff --git a/docs/podman-unshare.1.md b/docs/podman-unshare.1.md
new file mode 100644
index 000000000..a7f018ce1
--- /dev/null
+++ b/docs/podman-unshare.1.md
@@ -0,0 +1,37 @@
+% podman-unshare "1"
+
+## NAME
+podman\-unshare - Run a command inside of a modified user namespace.
+
+## SYNOPSIS
+**podman unshare** [*options*] [**--**] [*command*]
+
+## DESCRIPTION
+Launches a process (by default, *$SHELL*) in a new user namespace. The user
+namespace is configured so that the invoking user's UID and primary GID appear
+to be UID 0 and GID 0, respectively. Any ranges which match that user and
+group in /etc/subuid and /etc/subgid are also mapped in as themselves with the
+help of the *newuidmap(1)* and *newgidmap(1)* helpers.
+
+podman unshare is useful for troubleshooting unprivileged operations and for
+manually clearing storage and other data related to images and containers.
+
+It is also useful if you want to use the `podman mount` command. If an unprivileged users wants to mount and work with a container, then they need to execute
+podman unshare. Executing `podman mount` fails for unprivileged users unless the user is running inside a `podman unshare` session.
+
+## EXAMPLE
+
+```
+$ podman unshare id
+uid=0(root) gid=0(root) groups=0(root),65534(nobody)
+
+$ podman unshare cat /proc/self/uid_map /proc/self/gid_map
+ 0 1000 1
+ 1 10000 65536
+ 0 1000 1
+ 1 10000 65536
+```
+
+
+## SEE ALSO
+podman(1), podman-mount(1), namespaces(7), newuidmap(1), newgidmap(1), user\_namespaces(7) \ No newline at end of file
diff --git a/docs/podman.1.md b/docs/podman.1.md
index ef12cf1cc..ff942a3c4 100644
--- a/docs/podman.1.md
+++ b/docs/podman.1.md
@@ -128,58 +128,59 @@ the exit codes follow the `chroot` standard, see below:
## COMMANDS
-| Command | Description |
-| ----------------------------------------- | ------------------------------------------------------------------------------ |
-| [podman-attach(1)](podman-attach.1.md) | Attach to a running container. |
-| [podman-build(1)](podman-build.1.md) | Build a container image using a Dockerfile. |
-| [podman-commit(1)](podman-commit.1.md) | Create new image based on the changed container. |
-| [podman-container(1)](podman-container.1.md) | Manage containers. |
-| [podman-cp(1)](podman-cp.1.md) | Copy files/folders between a container and the local filesystem. |
-| [podman-create(1)](podman-create.1.md) | Create a new container. |
-| [podman-diff(1)](podman-diff.1.md) | Inspect changes on a container or image's filesystem. |
-| [podman-events(1)](podman-events.1.md) | Monitor Podman events |
-| [podman-exec(1)](podman-exec.1.md) | Execute a command in a running container. |
-| [podman-export(1)](podman-export.1.md) | Export a container's filesystem contents as a tar archive. |
-| [podman-generate(1)](podman-generate.1.md)| Generate structured data based for a containers and pods. |
-| [podman-healthcheck(1)](podman-healthcheck.1.md)| Manage healthchecks for containers |
-| [podman-history(1)](podman-history.1.md) | Show the history of an image. |
-| [podman-image(1)](podman-image.1.md) | Manage images. |
-| [podman-images(1)](podman-images.1.md) | List images in local storage. |
-| [podman-import(1)](podman-import.1.md) | Import a tarball and save it as a filesystem image. |
-| [podman-info(1)](podman-info.1.md) | Displays Podman related system information. |
-| [podman-init(1)](podman-init.1.md) | Initialize a container |
-| [podman-inspect(1)](podman-inspect.1.md) | Display a container or image's configuration. |
-| [podman-kill(1)](podman-kill.1.md) | Kill the main process in one or more containers. |
-| [podman-load(1)](podman-load.1.md) | Load an image from a container image archive into container storage. |
-| [podman-login(1)](podman-login.1.md) | Login to a container registry. |
-| [podman-logout(1)](podman-logout.1.md) | Logout of a container registry. |
-| [podman-logs(1)](podman-logs.1.md) | Display the logs of a container. |
-| [podman-mount(1)](podman-mount.1.md) | Mount a working container's root filesystem. |
-| [podman-pause(1)](podman-pause.1.md) | Pause one or more containers. |
-| [podman-play(1)](podman-play.1.md) | Play pods and containers based on a structured input file. |
-| [podman-pod(1)](podman-pod.1.md) | Management tool for groups of containers, called pods. |
-| [podman-port(1)](podman-port.1.md) | List port mappings for a container. |
-| [podman-ps(1)](podman-ps.1.md) | Prints out information about containers. |
-| [podman-pull(1)](podman-pull.1.md) | Pull an image from a registry. |
-| [podman-push(1)](podman-push.1.md) | Push an image from local storage to elsewhere. |
-| [podman-restart(1)](podman-restart.1.md) | Restart one or more containers. |
-| [podman-rm(1)](podman-rm.1.md) | Remove one or more containers. |
-| [podman-rmi(1)](podman-rmi.1.md) | Removes one or more locally stored images. |
-| [podman-run(1)](podman-run.1.md) | Run a command in a new container. |
-| [podman-save(1)](podman-save.1.md) | Save an image to a container archive. |
-| [podman-search(1)](podman-search.1.md) | Search a registry for an image. |
-| [podman-start(1)](podman-start.1.md) | Start one or more containers. |
-| [podman-stats(1)](podman-stats.1.md) | Display a live stream of one or more container's resource usage statistics. |
-| [podman-stop(1)](podman-stop.1.md) | Stop one or more running containers. |
-| [podman-system(1)](podman-system.1.md) | Manage podman. |
-| [podman-tag(1)](podman-tag.1.md) | Add an additional name to a local image. |
-| [podman-top(1)](podman-top.1.md) | Display the running processes of a container. |
-| [podman-umount(1)](podman-umount.1.md) | Unmount a working container's root filesystem. |
-| [podman-unpause(1)](podman-unpause.1.md) | Unpause one or more containers. |
-| [podman-version(1)](podman-varlink.1.md) | Runs the varlink backend interface. |
-| [podman-varlink(1)](podman-version.1.md) | Display the Podman version information. |
-| [podman-volume(1)](podman-volume.1.md) | Manage Volumes. |
-| [podman-wait(1)](podman-wait.1.md) | Wait on one or more containers to stop and print their exit codes. |
+| Command | Description |
+| ------------------------------------------------ | --------------------------------------------------------------------------- |
+| [podman-attach(1)](podman-attach.1.md) | Attach to a running container. |
+| [podman-build(1)](podman-build.1.md) | Build a container image using a Dockerfile. |
+| [podman-commit(1)](podman-commit.1.md) | Create new image based on the changed container. |
+| [podman-container(1)](podman-container.1.md) | Manage containers. |
+| [podman-cp(1)](podman-cp.1.md) | Copy files/folders between a container and the local filesystem. |
+| [podman-create(1)](podman-create.1.md) | Create a new container. |
+| [podman-diff(1)](podman-diff.1.md) | Inspect changes on a container or image's filesystem. |
+| [podman-events(1)](podman-events.1.md) | Monitor Podman events |
+| [podman-exec(1)](podman-exec.1.md) | Execute a command in a running container. |
+| [podman-export(1)](podman-export.1.md) | Export a container's filesystem contents as a tar archive. |
+| [podman-generate(1)](podman-generate.1.md) | Generate structured data based for a containers and pods. |
+| [podman-healthcheck(1)](podman-healthcheck.1.md) | Manage healthchecks for containers |
+| [podman-history(1)](podman-history.1.md) | Show the history of an image. |
+| [podman-image(1)](podman-image.1.md) | Manage images. |
+| [podman-images(1)](podman-images.1.md) | List images in local storage. |
+| [podman-import(1)](podman-import.1.md) | Import a tarball and save it as a filesystem image. |
+| [podman-info(1)](podman-info.1.md) | Displays Podman related system information. |
+| [podman-init(1)](podman-init.1.md) | Initialize a container |
+| [podman-inspect(1)](podman-inspect.1.md) | Display a container or image's configuration. |
+| [podman-kill(1)](podman-kill.1.md) | Kill the main process in one or more containers. |
+| [podman-load(1)](podman-load.1.md) | Load an image from a container image archive into container storage. |
+| [podman-login(1)](podman-login.1.md) | Login to a container registry. |
+| [podman-logout(1)](podman-logout.1.md) | Logout of a container registry. |
+| [podman-logs(1)](podman-logs.1.md) | Display the logs of a container. |
+| [podman-mount(1)](podman-mount.1.md) | Mount a working container's root filesystem. |
+| [podman-pause(1)](podman-pause.1.md) | Pause one or more containers. |
+| [podman-play(1)](podman-play.1.md) | Play pods and containers based on a structured input file. |
+| [podman-pod(1)](podman-pod.1.md) | Management tool for groups of containers, called pods. |
+| [podman-port(1)](podman-port.1.md) | List port mappings for a container. |
+| [podman-ps(1)](podman-ps.1.md) | Prints out information about containers. |
+| [podman-pull(1)](podman-pull.1.md) | Pull an image from a registry. |
+| [podman-push(1)](podman-push.1.md) | Push an image from local storage to elsewhere. |
+| [podman-restart(1)](podman-restart.1.md) | Restart one or more containers. |
+| [podman-rm(1)](podman-rm.1.md) | Remove one or more containers. |
+| [podman-rmi(1)](podman-rmi.1.md) | Removes one or more locally stored images. |
+| [podman-run(1)](podman-run.1.md) | Run a command in a new container. |
+| [podman-save(1)](podman-save.1.md) | Save an image to a container archive. |
+| [podman-search(1)](podman-search.1.md) | Search a registry for an image. |
+| [podman-start(1)](podman-start.1.md) | Start one or more containers. |
+| [podman-stats(1)](podman-stats.1.md) | Display a live stream of one or more container's resource usage statistics. |
+| [podman-stop(1)](podman-stop.1.md) | Stop one or more running containers. |
+| [podman-system(1)](podman-system.1.md) | Manage podman. |
+| [podman-tag(1)](podman-tag.1.md) | Add an additional name to a local image. |
+| [podman-top(1)](podman-top.1.md) | Display the running processes of a container. |
+| [podman-umount(1)](podman-umount.1.md) | Unmount a working container's root filesystem. |
+| [podman-unpause(1)](podman-unpause.1.md) | Unpause one or more containers. |
+| [podman-unshare(1)](podman-unshare.1.md) | Run a command inside of a modified user namespace. |
+| [podman-version(1)](podman-varlink.1.md) | Runs the varlink backend interface. |
+| [podman-varlink(1)](podman-version.1.md) | Display the Podman version information. |
+| [podman-volume(1)](podman-volume.1.md) | Manage Volumes. |
+| [podman-wait(1)](podman-wait.1.md) | Wait on one or more containers to stop and print their exit codes. |
## FILES