summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2019-04-26 10:51:59 -0400
committerDaniel J Walsh <dwalsh@redhat.com>2019-04-26 12:29:10 -0400
commit3a4be4b66ca22d87446c37218b300b8f31a84b92 (patch)
treedcd3430bb191a145aa386679fb7f9fcf366411ac /docs
parent135c8bef223d32f553659cbdfd5eb99f948a6c84 (diff)
downloadpodman-3a4be4b66ca22d87446c37218b300b8f31a84b92.tar.gz
podman-3a4be4b66ca22d87446c37218b300b8f31a84b92.tar.bz2
podman-3a4be4b66ca22d87446c37218b300b8f31a84b92.zip
Add --read-only-tmpfs options
The --read-only-tmpfs option caused podman to mount tmpfs on /run, /tmp, /var/tmp if the container is running int read-only mode. The default is true, so you would need to execute a command like --read-only --read-only-tmpfs=false to turn off this behaviour. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'docs')
-rw-r--r--docs/podman-create.1.md3
-rw-r--r--docs/podman-run.1.md9
2 files changed, 11 insertions, 1 deletions
diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md
index f61deebd2..52c965293 100644
--- a/docs/podman-create.1.md
+++ b/docs/podman-create.1.md
@@ -542,6 +542,9 @@ By default a container will have its root filesystem writable allowing processes
to write files anywhere. By specifying the `--read-only` flag the container will have
its root filesystem mounted as read only prohibiting any writes.
+**--read-only-tmpfs**=*true*|*false*
+If container is running in --read-only mode, then mount a read-write tmpfs on /run, /tmp, and /var/tmp. The default is *true*
+
**--restart=""**
Not implemented.
diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md
index 5a311980f..e54e5e691 100644
--- a/docs/podman-run.1.md
+++ b/docs/podman-run.1.md
@@ -534,6 +534,9 @@ By default a container will have its root filesystem writable allowing processes
to write files anywhere. By specifying the `--read-only` flag the container will have
its root filesystem mounted as read only prohibiting any writes.
+**--read-only-tmpfs**=*true*|*false*
+If container is running in --read-only mode, then mount a read-write tmpfs on /run, /tmp, and /var/tmp. The default is *true*
+
**--restart=""**
Not implemented.
@@ -905,7 +908,11 @@ still need to write temporary data. The best way to handle this is to mount
tmpfs directories on /run and /tmp.
```
-$ podman run --read-only --tmpfs /run --tmpfs /tmp -i -t fedora /bin/bash
+$ podman run --read-only -i -t fedora /bin/bash
+```
+
+```
+$ podman run --read-only --read-only-tmpfs=false --tmpfs /run -i -t fedora /bin/bash
```
### Exposing log messages from the container to the host's log