aboutsummaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2020-08-21 12:58:55 +0200
committerGitHub <noreply@github.com>2020-08-21 12:58:55 +0200
commit11372c4c4d75d731f346c6be06e41bfe9600ce81 (patch)
tree79a8f85f2f8ac32613ce86db3601b355595cf852 /docs
parent84180d99bc808795a1f91747436a42745ddececb (diff)
parent7fc3c25410bd5ee053473ffd5df2209f41840ec0 (diff)
downloadpodman-11372c4c4d75d731f346c6be06e41bfe9600ce81.tar.gz
podman-11372c4c4d75d731f346c6be06e41bfe9600ce81.tar.bz2
podman-11372c4c4d75d731f346c6be06e41bfe9600ce81.zip
Merge pull request #7363 from mheon/lets_try_this_again
Lets try this again: v2.0.5 backports, round 2
Diffstat (limited to 'docs')
-rw-r--r--docs/source/markdown/podman-create.1.md18
-rw-r--r--docs/source/markdown/podman-remote.1.md2
-rw-r--r--docs/source/markdown/podman-run.1.md23
-rw-r--r--docs/source/markdown/podman-system-connection-add.1.md46
-rw-r--r--docs/source/markdown/podman-system-connection-default.1.md20
-rw-r--r--docs/source/markdown/podman-system-connection-list.1.md24
-rw-r--r--docs/source/markdown/podman-system-connection-remove.1.md20
-rw-r--r--docs/source/markdown/podman-system-connection-rename.1.md20
-rw-r--r--docs/source/markdown/podman-system-connection.1.md34
-rw-r--r--docs/source/markdown/podman-system.1.md20
-rw-r--r--docs/source/markdown/podman.1.md3
11 files changed, 200 insertions, 30 deletions
diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md
index 715d6c1c9..00f16d0a3 100644
--- a/docs/source/markdown/podman-create.1.md
+++ b/docs/source/markdown/podman-create.1.md
@@ -336,7 +336,7 @@ value can be expressed in a time format such as `1m22s`. The default value is `
Container host name
-Sets the container host name that is available inside the container.
+Sets the container host name that is available inside the container. Can only be used with a private UTS namespace `--uts=private` (default). If `--pod` is specified and the pod shares the UTS namespace (default) the pods hostname will be used.
**--help**
@@ -777,8 +777,8 @@ Run container in systemd mode. The default is *true*.
The value *always* enforces the systemd mode is enforced without
looking at the executable name. Otherwise, if set to true and the
-command you are running inside the container is systemd, /usr/sbin/init
-or /sbin/init.
+command you are running inside the container is systemd, /usr/sbin/init,
+/sbin/init or /usr/local/sbin/init.
If the command you are running inside of the container is systemd,
Podman will setup tmpfs mount points in the following directories:
@@ -862,12 +862,14 @@ Set the user namespace mode for the container. It defaults to the **PODMAN_USER
This option is incompatible with --gidmap, --uidmap, --subuid and --subgid
-**--uts**=*host*
+**--uts**=*mode*
-Set the UTS mode for the container
- **host**: use the host's UTS namespace inside the container.
- **ns**: specify the user namespace to use.
- Note: the host mode gives the container access to changing the host's hostname and is therefore considered insecure.
+Set the UTS namespace mode for the container. The following values are supported:
+
+- **host**: use the host's UTS namespace inside the container.
+- **private**: create a new namespace for the container (default).
+- **ns:[path]**: run the container in the given existing UTS namespace.
+- **container:[container]**: join the UTS namespace of the specified container.
**--volume**, **-v**[=*[[SOURCE-VOLUME|HOST-DIR:]CONTAINER-DIR[:OPTIONS]]*]
diff --git a/docs/source/markdown/podman-remote.1.md b/docs/source/markdown/podman-remote.1.md
index 0d7be1e5d..23ccaf0e6 100644
--- a/docs/source/markdown/podman-remote.1.md
+++ b/docs/source/markdown/podman-remote.1.md
@@ -23,7 +23,7 @@ Podman-remote provides a local client interacting with a Podman backend node thr
## GLOBAL OPTIONS
-**--connection**=*name*
+**--connection**=*name*, **-c**
Remote connection name
diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md
index fab648593..5febf1c66 100644
--- a/docs/source/markdown/podman-run.1.md
+++ b/docs/source/markdown/podman-run.1.md
@@ -356,7 +356,7 @@ Print usage statement
Container host name
-Sets the container host name that is available inside the container.
+Sets the container host name that is available inside the container. Can only be used with a private UTS namespace `--uts=private` (default). If `--pod` is specified and the pod shares the UTS namespace (default) the pods hostname will be used.
**--http-proxy**=**true**|**false**
@@ -809,8 +809,8 @@ Run container in systemd mode. The default is **true**.
The value *always* enforces the systemd mode is enforced without
looking at the executable name. Otherwise, if set to **true** and the
-command you are running inside the container is systemd, _/usr/sbin/init_
-or _/sbin/init_.
+command you are running inside the container is systemd, _/usr/sbin/init_,
+_/sbin/init_ or _/usr/local/sbin/init_.
If the command you are running inside of the container is systemd
Podman will setup tmpfs mount points in the following directories:
@@ -875,20 +875,22 @@ Ulimit options. You can use **host** to copy the current configuration from the
Sets the username or UID used and optionally the groupname or GID for the specified command.
-Without this argument the command will be run as root in the container.
+Without this argument, the command will run as the user specified in the container image. Unless overridden by a `USER` command in the Containerfile or by a value passed to this option, this user generally defaults to root.
+
+When a user namespace is not in use, the UID and GID used within the container and on the host will match. When user namespaces are in use, however, the UID and GID in the container may correspond to another UID and GID on the host. In rootless containers, for example, a user namespace is always used, and root in the container will by default correspond to the UID and GID of the user invoking Podman.
**--userns**=**auto**|**host**|**keep-id**|**container:**_id_|**ns:**_namespace_
-Set the user namespace mode for the container. It defaults to the **PODMAN_USERNS** environment variable. An empty value means user namespaces are disabled.
+Set the user namespace mode for the container. It defaults to the **PODMAN_USERNS** environment variable. An empty value ("") means user namespaces are disabled unless an explicit mapping is set with they `--uidmapping` and `--gidmapping` options.
- **auto**: automatically create a namespace. It is possible to specify other options to `auto`. The supported options are
**size=SIZE** to specify an explicit size for the automatic user namespace. e.g. `--userns=auto:size=8192`. If `size` is not specified, `auto` will guess a size for the user namespace.
**uidmapping=HOST_UID:CONTAINER_UID:SIZE** to force a UID mapping to be present in the user namespace.
**gidmapping=HOST_UID:CONTAINER_UID:SIZE** to force a GID mapping to be present in the user namespace.
-- **host**: run in the user namespace of the caller. This is the default if no user namespace options are set. The processes running in the container will have the same privileges on the host as any other process launched by the calling user.
+- **host**: run in the user namespace of the caller. The processes running in the container will have the same privileges on the host as any other process launched by the calling user (default).
- **keep-id**: creates a user namespace where the current rootless user's UID:GID are mapped to the same values in the container. This option is ignored for containers created by the root user.
- **ns**: run the container in the given existing user namespace.
-- **private**: create a new namespace for the container (default)
+- **private**: create a new namespace for the container.
- **container**: join the user namespace of the specified container.
This option is incompatible with **--gidmap**, **--uidmap**, **--subuid** and **--subgid**.
@@ -898,10 +900,9 @@ This option is incompatible with **--gidmap**, **--uidmap**, **--subuid** and **
Set the UTS namespace mode for the container. The following values are supported:
- **host**: use the host's UTS namespace inside the container.
-- **private**: create a new namespace for the container (default)
-- **ns**: use own UTS namespace.
-
-**NOTE**: the host mode gives the container access to changing the host's hostname and is therefore considered insecure.
+- **private**: create a new namespace for the container (default).
+- **ns:[path]**: run the container in the given existing UTS namespace.
+- **container:[container]**: join the UTS namespace of the specified container.
**--volume**, **-v**[=[[_source-volume_|_host-dir_:]_container-dir_[:_options_]]]
diff --git a/docs/source/markdown/podman-system-connection-add.1.md b/docs/source/markdown/podman-system-connection-add.1.md
new file mode 100644
index 000000000..5059803a2
--- /dev/null
+++ b/docs/source/markdown/podman-system-connection-add.1.md
@@ -0,0 +1,46 @@
+% podman-system-connection-add(1)
+
+## NAME
+podman\-system\-connection\-add - Record destination for the Podman service
+
+## SYNOPSIS
+**podman system connection add** [*options*] *name* *destination*
+
+## DESCRIPTION
+Record ssh destination for remote podman service(s). The ssh destination is given as one of:
+ - [user@]hostname[:port]
+ - ssh://[user@]hostname[:port]
+
+The user will be prompted for the remote ssh login password or key file pass phrase as required. The `ssh-agent` is supported if it is running.
+
+## OPTIONS
+
+**-d**, **--default**=*false*
+
+Make the new destination the default for this user.
+
+**--identity**=*path*
+
+Path to ssh identity file. If the identity file has been encrypted, Podman prompts the user for the passphrase.
+If no identity file is provided and no user is given, Podman defaults to the user running the podman command.
+Podman prompts for the login password on the remote server.
+
+**-p**, **--port**=*port*
+
+Port for ssh destination. The default value is `22`.
+
+**--socket-path**=*path*
+
+Path to the Podman service unix domain socket on the ssh destination host
+
+## EXAMPLE
+```
+$ podman system connection add QA podman.example.com
+
+$ podman system connection add --identity ~/.ssh/dev_rsa production ssh://root@server.example.com:2222
+```
+## SEE ALSO
+podman-system(1) , podman-system-connection(1) , containers.conf(5)
+
+## HISTORY
+June 2020, Originally compiled by Jhon Honce (jhonce at redhat dot com)
diff --git a/docs/source/markdown/podman-system-connection-default.1.md b/docs/source/markdown/podman-system-connection-default.1.md
new file mode 100644
index 000000000..f324f8c01
--- /dev/null
+++ b/docs/source/markdown/podman-system-connection-default.1.md
@@ -0,0 +1,20 @@
+% podman-system-connection-default(1)
+
+## NAME
+podman\-system\-connection\-default - Set named destination as default for the Podman service
+
+## SYNOPSIS
+**podman system connection default** *name*
+
+## DESCRIPTION
+Set named ssh destination as default destination for the Podman service.
+
+## EXAMPLE
+```
+$ podman system connection default production
+```
+## SEE ALSO
+podman-system(1) , podman-system-connection(1) , containers.conf(5)
+
+## HISTORY
+July 2020, Originally compiled by Jhon Honce (jhonce at redhat dot com)
diff --git a/docs/source/markdown/podman-system-connection-list.1.md b/docs/source/markdown/podman-system-connection-list.1.md
new file mode 100644
index 000000000..f5fb5c8e3
--- /dev/null
+++ b/docs/source/markdown/podman-system-connection-list.1.md
@@ -0,0 +1,24 @@
+% podman-system-connection-list(1)
+
+## NAME
+podman\-system\-connection\-list - List the destination for the Podman service(s)
+
+## SYNOPSIS
+**podman system connection list**
+
+**podman system connection ls**
+
+## DESCRIPTION
+List ssh destination(s) for podman service(s).
+
+## EXAMPLE
+```
+$ podman system connection list
+Name URI Identity
+devl ssh://root@example.com/run/podman/podman.sock ~/.ssh/id_rsa
+```
+## SEE ALSO
+podman-system(1) , containers.conf(5)
+
+## HISTORY
+July 2020, Originally compiled by Jhon Honce (jhonce at redhat dot com)
diff --git a/docs/source/markdown/podman-system-connection-remove.1.md b/docs/source/markdown/podman-system-connection-remove.1.md
new file mode 100644
index 000000000..faa767176
--- /dev/null
+++ b/docs/source/markdown/podman-system-connection-remove.1.md
@@ -0,0 +1,20 @@
+% podman-system-connection-remove(1)
+
+## NAME
+podman\-system\-connection\-remove - Delete named destination
+
+## SYNOPSIS
+**podman system connection remove** *name*
+
+## DESCRIPTION
+Delete named ssh destination.
+
+## EXAMPLE
+```
+$ podman system connection remove production
+```
+## SEE ALSO
+podman-system(1) , podman-system-connection(1) , containers.conf(5)
+
+## HISTORY
+July 2020, Originally compiled by Jhon Honce (jhonce at redhat dot com)
diff --git a/docs/source/markdown/podman-system-connection-rename.1.md b/docs/source/markdown/podman-system-connection-rename.1.md
new file mode 100644
index 000000000..819cb697f
--- /dev/null
+++ b/docs/source/markdown/podman-system-connection-rename.1.md
@@ -0,0 +1,20 @@
+% podman-system-connection-rename(1)
+
+## NAME
+podman\-system\-connection\-rename - Rename the destination for Podman service
+
+## SYNOPSIS
+**podman system connection rename** *old* *new*
+
+## DESCRIPTION
+Rename ssh destination from *old* to *new*.
+
+## EXAMPLE
+```
+$ podman system connection rename laptop devel
+```
+## SEE ALSO
+podman-system(1) , podman-system-connection(1) , containers.conf(5)
+
+## HISTORY
+July 2020, Originally compiled by Jhon Honce (jhonce at redhat dot com)
diff --git a/docs/source/markdown/podman-system-connection.1.md b/docs/source/markdown/podman-system-connection.1.md
new file mode 100644
index 000000000..86199c6b9
--- /dev/null
+++ b/docs/source/markdown/podman-system-connection.1.md
@@ -0,0 +1,34 @@
+% podman-system-connection(1)
+
+## NAME
+podman\-system\-connection - Manage the destination(s) for Podman service(s)
+
+## SYNOPSISManage the destination(s) for Podman service(s)
+**podman system connection** *subcommand*
+
+## DESCRIPTION
+Manage the destination(s) for Podman service(s).
+
+The user will be prompted for the ssh login password or key file pass phrase as required. The `ssh-agent` is supported if it is running.
+
+## COMMANDS
+
+| Command | Man Page | Description |
+| ------- | ---------------------------------------------------------------------------- | ---------------------------------------------------------- |
+| add | [podman-system-connection-add(1)](podman-system-connection-add.1.md) | Record destination for the Podman service |
+| default | [podman-system-connection-default(1)](podman-system-connection-default.1.md) | Set named destination as default for the Podman service |
+| list | [podman-system-connection-list(1)](podman-system-connection-list.1.md) | List the destination for the Podman service(s) |
+| remove | [podman-system-connection-remove(1)](podman-system-connection-remove.1.md) | Delete named destination |
+| rename | [podman-system-connection-rename(1)](podman-system-connection-rename.1.md) | Rename the destination for Podman service |
+
+## EXAMPLE
+```
+$ podman system connection list
+Name URI Identity
+devl ssh://root@example.com/run/podman/podman.sock ~/.ssh/id_rsa
+```
+## SEE ALSO
+podman-system(1) , containers.conf(5)
+
+## HISTORY
+June 2020, Originally compiled by Jhon Honce (jhonce at redhat dot com)
diff --git a/docs/source/markdown/podman-system.1.md b/docs/source/markdown/podman-system.1.md
index 814462ed6..9ac73237e 100644
--- a/docs/source/markdown/podman-system.1.md
+++ b/docs/source/markdown/podman-system.1.md
@@ -11,16 +11,16 @@ The system command allows you to manage the podman systems
## COMMANDS
-| Command | Man Page | Description |
-| ------- | --------------------------------------------------- | ---------------------------------------------------------------------------- |
-| df | [podman-system-df(1)](podman-system-df.1.md) | Show podman disk usage. |
-| info | [podman-system-info(1)](podman-info.1.md) | Displays Podman related system information. |
-| migrate | [podman-system-migrate(1)](podman-system-migrate.1.md) | Migrate existing containers to a new podman version. |
-| prune | [podman-system-prune(1)](podman-system-prune.1.md) | Remove all unused container, image and volume data. |
-| renumber | [podman-system-renumber(1)](podman-system-renumber.1.md) | Migrate lock numbers to handle a change in maximum number of locks. |
-| reset | [podman-system-reset(1)](podman-system-reset.1.md) | Reset storage back to initial state. |
-| service | [podman-service(1)](podman-system-service.1.md) | Run an API service |
-
+| Command | Man Page | Description |
+| ------- | ------------------------------------------------------------ | -------------------------------------------------------------------- |
+| connection | [podman-system-connection(1)](podman-system-connection.1.md) | Manage the destination(s) for Podman service(s) |
+| df | [podman-system-df(1)](podman-system-df.1.md) | Show podman disk usage. |
+| info | [podman-system-info(1)](podman-info.1.md) | Displays Podman related system information. |
+| migrate | [podman-system-migrate(1)](podman-system-migrate.1.md) | Migrate existing containers to a new podman version. |
+| prune | [podman-system-prune(1)](podman-system-prune.1.md) | Remove all unused container, image and volume data. |
+| renumber | [podman-system-renumber(1)](podman-system-renumber.1.md) | Migrate lock numbers to handle a change in maximum number of locks. |
+| reset | [podman-system-reset(1)](podman-system-reset.1.md) | Reset storage back to initial state. |
+| service | [podman-system-service(1)](podman-system-service.1.md) | Run an API service |
## SEE ALSO
podman(1)
diff --git a/docs/source/markdown/podman.1.md b/docs/source/markdown/podman.1.md
index d5c844b8a..325b80af8 100644
--- a/docs/source/markdown/podman.1.md
+++ b/docs/source/markdown/podman.1.md
@@ -31,6 +31,9 @@ Note: CGroup manager is not supported in rootless mode when using CGroups Versio
**--cni-config-dir**
Path of the configuration directory for CNI networks. (Default: `/etc/cni/net.d`)
+**--connection**, **-c**
+Connection to use for remote podman (Default connection is configured in `containers.conf`)
+
**--conmon**
Path of the conmon binary (Default path is configured in `containers.conf`)