diff options
Diffstat (limited to 'docs/source/markdown/podman-create.1.md')
| -rw-r--r-- | docs/source/markdown/podman-create.1.md | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md index 0e641f3a3..ca38be6a1 100644 --- a/docs/source/markdown/podman-create.1.md +++ b/docs/source/markdown/podman-create.1.md @@ -207,7 +207,14 @@ Add a host device to the container. The format is `<device-on-host>[:<device-on- Note: if the user only has access rights via a group then accessing the device from inside a rootless container will fail. The `crun` runtime offers a -workaround for this by adding the option `--annotation io.crun.keep_original_groups=1`. +workaround for this by adding the option `--annotation run.oci.keep_original_groups=1`. + +**--device-cgroup-rule**="type major:minor mode" + +Add a rule to the cgroup allowed devices list. The rule is expected to be in the format specified in the Linux kernel documentation (Documentation/cgroup-v1/devices.txt): + - type: a (all), c (char), or b (block); + - major and minor: either a number, or * for all; + - mode: a composition of r (read), w (write), and m (mknod(2)). **--device-read-bps**=*path* |