aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--docs/containers-mounts.conf.5.md16
-rw-r--r--docs/podman.1.md14
2 files changed, 18 insertions, 12 deletions
diff --git a/docs/containers-mounts.conf.5.md b/docs/containers-mounts.conf.5.md
new file mode 100644
index 000000000..5372dd8ab
--- /dev/null
+++ b/docs/containers-mounts.conf.5.md
@@ -0,0 +1,16 @@
+% containers-mounts.conf(5)
+
+# NAME
+containers-mounts.conf - configuration file for default mounts in containers
+
+# DESCRIPTION
+The mounts.conf file specifies volume mount directories that are automatically mounted inside containers. Container processes can then use this content. Usually these directories are used for passing secrets or credentials required by the package software to access remote package repositories. Note that for security reasons, tools adhering to the mounts.conf are expected to copy the contents instead of bind mounting the paths from the host.
+
+# FORMAT
+The format of the mounts.conf is the volume format `/SRC:/DEST`, one mount per line. For example, a mounts.conf with the line `/usr/share/secrets:/run/secrets` would cause the contents of the `/usr/share/secrets` directory on the host to be mounted on the `/run/secrets` directory inside the container. Setting mountpoints allows containers to use the files of the host, for instance, to use the host's subscription to some enterprise Linux distribution.
+
+# FILES
+Some distributions may provide a `/usr/share/containers/mounts.conf` file to provide default mounts, but users can create a `/etc/containers/mounts.conf`, to specify their own special volumes to mount in the container.
+
+# HISTORY
+Aug 2018, Originally compiled by Valentin Rothberg <vrothberg@suse.com>
diff --git a/docs/podman.1.md b/docs/podman.1.md
index 095ccf961..8b9621115 100644
--- a/docs/podman.1.md
+++ b/docs/podman.1.md
@@ -137,17 +137,7 @@ When Podman runs in rootless mode, the file `$HOME/.config/containers/storage.co
**mounts.conf** (`/usr/share/containers/mounts.conf` and optionally `/etc/containers/mounts.conf`)
-The mounts.conf files specify volume mount directories that are automatically mounted inside containers when executing the `podman run` or `podman start` commands. Container processes can then use this content. The volume mount content does not get committed to the final image if you do a `podman commit`.
-
-Usually these directories are used for passing secrets or credentials required by the package software to access remote package repositories.
-
-For example, a mounts.conf with the line "`/usr/share/rhel/secrets:/run/secrets`", the content of `/usr/share/rhel/secrets` directory is mounted on `/run/secrets` inside the container. This mountpoint allows Red Hat Enterprise Linux subscriptions from the host to be used within the container.
-
-The format of the mounts.conf is the volume format /SRC:/DEST, one mount per line. Users can create an `/etc/containers/mounts.conf`, to specify their own special volumes to mount in the container. Podman by default reads /usr/share/containers/mounts.conf and the /etc/containers/mounts.conf if it exists.
-
-Note this is not a volume mount. The content of the volumes is copied into container storage, not bind mounted directly from the host.
-
-When Podman runs in rootless mode, the file `$HOME/.config/containers/mounts.conf` is also used.
+The mounts.conf files specify volume mount directories that are automatically mounted inside containers when executing the `podman run` or `podman start` commands. When Podman runs in rootless mode, the file `$HOME/.config/containers/mounts.conf` is also used. Please refer to containers-mounts.conf(5) for further details.
**hook JSON** (`/usr/share/containers/oci/hooks.d/*.json`)
@@ -191,7 +181,7 @@ Currently it is not possible to create a network device, so rootless containers
then only the loopback device will be available.
## SEE ALSO
-`oci-hooks(5)`, `containers-registries.conf(5)`, `containers-storage.conf(5)`, `crio(8)`
+`oci-hooks(5)`, `containers-mounts.conf(5)`, `containers-registries.conf(5)`, `containers-storage.conf(5)`, `crio(8)`
## HISTORY
Dec 2016, Originally compiled by Dan Walsh <dwalsh@redhat.com>