diff options
| author | Daniel J Walsh <dwalsh@redhat.com> | 2018-09-18 09:06:40 -0400 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-09-20 16:01:29 +0000 |
| commit | fbfcc7842e0e3361c53bc607411c200824c111b4 (patch) | |
| tree | 206996ea536a26ed17a8f79326a1e51041c4147f /docs | |
| parent | 2cbb8c216a2f8e7160cdf88ef6ef50ee75559d96 (diff) | |
| download | podman-fbfcc7842e0e3361c53bc607411c200824c111b4.tar.gz podman-fbfcc7842e0e3361c53bc607411c200824c111b4.tar.bz2 podman-fbfcc7842e0e3361c53bc607411c200824c111b4.zip | |
Add new field to libpod to indicate whether or not to use labelling
Also update some missing fields libpod.conf obtions in man pages.
Fix sort order of security options and add a note about disabling
labeling.
When a process requests a new label. libpod needs to reserve all
labels to make sure that their are no conflicts.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1406
Approved by: mheon
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/libpod.conf.5.md | 3 | ||||
| -rw-r--r-- | docs/podman-create.1.md | 4 | ||||
| -rw-r--r-- | docs/podman-run.1.md | 4 |
3 files changed, 9 insertions, 2 deletions
diff --git a/docs/libpod.conf.5.md b/docs/libpod.conf.5.md index e881c4296..198e927ee 100644 --- a/docs/libpod.conf.5.md +++ b/docs/libpod.conf.5.md @@ -59,6 +59,9 @@ libpod to manage containers. The default namespace is "", which corresponds to no namespace. When no namespace is set, all containers and pods are visible. +**label**="true|false" + Indicates whether the containers should use label separation. + ## FILES `/usr/share/containers/libpod.conf`, default libpod configuration path diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md index 8cbe64a3e..01e072005 100644 --- a/docs/podman-create.1.md +++ b/docs/podman-create.1.md @@ -506,6 +506,8 @@ Security Options "seccomp=unconfined" : Turn off seccomp confinement for the container "seccomp=profile.json : White listed syscalls seccomp Json file to be used as a seccomp filter +Note: Labelling can be disabled for all containers by setting label=false in the **libpod.conf** (`/etc/containers/libpod.conf`) file. + **--shm-size**="" Size of `/dev/shm`. The format is `<number><unit>`. `number` must be greater than `0`. @@ -736,7 +738,7 @@ $ podman create --uidmap 0:30000:7000 --gidmap 0:30000:7000 fedora echo hello **/etc/subgid** ## SEE ALSO -subgid(5), subuid(5) +subgid(5), subuid(5), libpod.conf(5) ## HISTORY October 2017, converted from Docker documentation to podman by Dan Walsh for podman <dwalsh@redhat.com> diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md index 0960125a3..a4c47f5de 100644 --- a/docs/podman-run.1.md +++ b/docs/podman-run.1.md @@ -528,6 +528,8 @@ Security Options - `seccomp=unconfined` : Turn off seccomp confinement for the container - `seccomp=profile.json` : White listed syscalls seccomp Json file to be used as a seccomp filter +Note: Labelling can be disabled for all containers by setting label=false in the **libpod.conf** (`/etc/containers/libpod.conf`) file. + **--shm-size**="" Size of `/dev/shm`. The format is `<number><unit>`. `number` must be greater than `0`. @@ -1025,7 +1027,7 @@ $ podman run --uidmap 0:30000:7000 --gidmap 0:30000:7000 fedora echo hello **/etc/subgid** ## SEE ALSO -subgid(5), subuid(5) +subgid(5), subuid(5), libpod.conf(5) ## HISTORY October 2017, converted from Docker documentation to podman by Dan Walsh for podman <dwalsh@redhat.com> |