diff options
Diffstat (limited to 'docs/source/markdown/podman-build.1.md.in')
| -rw-r--r-- | docs/source/markdown/podman-build.1.md.in | 50 |
1 files changed, 16 insertions, 34 deletions
diff --git a/docs/source/markdown/podman-build.1.md.in b/docs/source/markdown/podman-build.1.md.in index 693e0d3b9..ab31c492c 100644 --- a/docs/source/markdown/podman-build.1.md.in +++ b/docs/source/markdown/podman-build.1.md.in @@ -1,4 +1,4 @@ -% podman-build(1) +% podman-build 1 ## NAME podman\-build - Build a container image using a Containerfile @@ -156,8 +156,8 @@ more. When executing RUN instructions, run the command specified in the instruction with the specified capability removed from its capability set. -The CAP\_AUDIT\_WRITE, CAP\_CHOWN, CAP\_DAC\_OVERRIDE, CAP\_FOWNER, -CAP\_FSETID, CAP\_KILL, CAP\_MKNOD, CAP\_NET\_BIND\_SERVICE, CAP\_SETFCAP, +The CAP\_CHOWN, CAP\_DAC\_OVERRIDE, CAP\_FOWNER, +CAP\_FSETID, CAP\_KILL, CAP\_NET\_BIND\_SERVICE, CAP\_SETFCAP, CAP\_SETGID, CAP\_SETPCAP, CAP\_SETUID, and CAP\_SYS\_CHROOT capabilities are granted by default; this option can be used to remove them. @@ -205,16 +205,7 @@ keys and/or certificates. Decryption will be tried with all keys. If the key is protected by a passphrase, it is required to be passed in the argument and omitted otherwise. -#### **--device**=*host-device[:container-device][:permissions]* - -Add a host device to the container. Optional *permissions* parameter -can be used to specify device permissions, it is combination of -**r** for read, **w** for write, and **m** for **mknod**(2). - -Example: **--device=/dev/sdc:/dev/xvdc:rwm**. - -Note: if *host-device* is a symbolic link then it will be resolved first. -The container will only store the major and minor numbers of the host device. +@@option device Note: if the user only has access rights via a group, accessing the device from inside a rootless container will fail. The **[crun(1)](https://github.com/containers/crun/tree/main/crun.1.md)** runtime offers a @@ -391,28 +382,9 @@ This option is not supported on the remote client, including Mac and Windows Name of the manifest list to which the image will be added. Creates the manifest list if it does not exist. This option is useful for building multi architecture images. -#### **--memory**, **-m**=*LIMIT* - -Memory limit (format: `<number>[<unit>]`, where unit = b (bytes), k (kibibytes), -m (mebibytes), or g (gibibytes)) - -Allows you to constrain the memory available to a container. If the host -supports swap memory, then the **-m** memory setting can be larger than physical -RAM. If a limit of 0 is specified (not using **-m**), the container's memory is -not limited. The actual limit may be rounded up to a multiple of the operating -system's page size (the value would be very large, that's millions of -trillions). - -#### **--memory-swap**=*LIMIT* +@@option memory -A limit value equal to memory plus swap. Must be used with the **-m** -(**--memory**) option. The swap `LIMIT` should always be larger than **-m** -(**--memory**) value. By default, the swap `LIMIT` will be set to double -the value of --memory. - -The format of `LIMIT` is `<number>[<unit>]`. Unit can be `b` (bytes), -`k` (kibibytes), `m` (mebibytes), or `g` (gibibytes). If you don't specify a -unit, `b` is used. Set LIMIT to `-1` to enable unlimited swap. +@@option memory-swap #### **--network**=*mode*, **--net** @@ -540,6 +512,16 @@ Suppress output messages which indicate which instruction is being processed, and of progress when pulling images from a registry, and when writing the output image. +#### **--retry**=*attempts* + +Number of times to retry in case of failure when performing pull of +images from registry. Default is **3**. + +#### **--retry-delay**=*duration* + +Duration of delay between retry attempts in case of failure when performing +pull of images from registry. Default is **2s**. + #### **--rm** Remove intermediate containers after a successful build (default true). |