summaryrefslogtreecommitdiff
path: root/docs/podman-build.1.md
diff options
context:
space:
mode:
Diffstat (limited to 'docs/podman-build.1.md')
-rw-r--r--docs/podman-build.1.md45
1 files changed, 35 insertions, 10 deletions
diff --git a/docs/podman-build.1.md b/docs/podman-build.1.md
index c4667070d..8deb8811e 100644
--- a/docs/podman-build.1.md
+++ b/docs/podman-build.1.md
@@ -168,6 +168,15 @@ The [username[:password]] to use to authenticate with the registry if required.
If one or both values are not supplied, a command line prompt will appear and the
value can be entered. The password is entered without echo.
+**--disable-compression, -D**
+
+Don't compress filesystem layers when building the image unless it is required
+by the location where the image is being written. This is the default setting,
+because image layers are compressed automatically when they are pushed to
+registries, and images being written to local storage would only need to be
+decompressed again to be stored. Compression can be forced in all cases by
+specifying **--disable-compression=false**.
+
**--disable-content-trust**
This is a Docker specific option to disable image verification to a Docker
@@ -178,6 +187,10 @@ solely for scripting compatibility.
Set custom DNS servers
+This option can be used to override the DNS configuration passed to the container. Typically this is necessary when the host DNS configuration is invalid for the container (e.g., 127.0.0.1). When this is the case the `--dns` flag is necessary for every run.
+
+The special value **none** can be specified to disable creation of /etc/resolv.conf in the container by Podman. The /etc/resolv.conf file in the image will be used without changes.
+
**--dns-option**=*option*
Set custom DNS options
@@ -259,6 +272,12 @@ environment variable. `export BUILDAH_LAYERS=true`
Log output which would be sent to standard output and standard error to the
specified file instead of to standard output and standard error.
+**--loglevel** *number*
+
+Adjust the logging level up or down. Valid option values range from -2 to 3,
+with 3 being roughly equivalent to using the global *--debug* option, and
+values below 0 omitting even error messages which accompany fatal errors.
+
**--memory**, **-m**=*LIMIT*
Memory limit (format: <number>[<unit>], where unit = b, k, m or g)
@@ -301,6 +320,12 @@ that the PID namespace in which `podman` itself is being run should be reused,
or it can be the path to a PID namespace which is already in use by another
process.
+**--platform**="Linux"
+
+This option has no effect on the build. Other container engines use this option
+to control the execution platform for the build (e.g., Windows, Linux) which is
+not required for Buildah as it supports only Linux.
+
**--pull**
When the flag is enabled, attempt to pull the latest image from the registries
@@ -350,18 +375,18 @@ to podman build, the option given would be `--runtime-flag log-format=json`.
Security Options
- "label=user:USER" : Set the label user for the container
- "label=role:ROLE" : Set the label role for the container
- "label=type:TYPE" : Set the label type for the container
- "label=level:LEVEL" : Set the label level for the container
- "label=disable" : Turn off label confinement for the container
- "no-new-privileges" : Not supported
+- `apparmor=unconfined` : Turn off apparmor confinement for the container
+- `apparmor=your-profile` : Set the apparmor confinement profile for the container
- "seccomp=unconfined" : Turn off seccomp confinement for the container
- "seccomp=profile.json : White listed syscalls seccomp Json file to be used as a seccomp filter
+- `label=user:USER` : Set the label user for the container processes
+- `label=role:ROLE` : Set the label role for the container processes
+- `label=type:TYPE` : Set the label process type for the container processes
+- `label=level:LEVEL` : Set the label level for the container processes
+- `label=filetype:TYPE` : Set the label file type for the container files
+- `label=disable` : Turn off label separation for the container
- "apparmor=unconfined" : Turn off apparmor confinement for the container
- "apparmor=your-profile" : Set the apparmor confinement profile for the container
+- `seccomp=unconfined` : Turn off seccomp confinement for the container
+- `seccomp=profile.json` : White listed syscalls seccomp Json file to be used as a seccomp filter
**--shm-size**=*size*
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-01-11 22:51:04 +0000