summaryrefslogtreecommitdiff
path: root/docs/source/markdown/podman-run.1.md
diff options
context:
space:
mode:
Diffstat (limited to 'docs/source/markdown/podman-run.1.md')
-rw-r--r--docs/source/markdown/podman-run.1.md14
1 files changed, 7 insertions, 7 deletions
diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md
index b96abeaa2..241cb6d95 100644
--- a/docs/source/markdown/podman-run.1.md
+++ b/docs/source/markdown/podman-run.1.md
@@ -341,7 +341,7 @@ Set custom DNS servers. Invalid if using **--dns** with **--network** that is se
This option can be used to override the DNS
configuration passed to the container. Typically this is necessary when the
host DNS configuration is invalid for the container (e.g., **127.0.0.1**). When this
-is the case the **--dns** flags is necessary for every run.
+is the case the **--dns** flag is necessary for every run.
The special value **none** can be specified to disable creation of _/etc/resolv.conf_ in the container by Podman.
The _/etc/resolv.conf_ file in the image will be used without changes.
@@ -411,7 +411,7 @@ Note: the **--gidmap** flag cannot be called in conjunction with the **--pod** f
#### **--group-add**=*group|keep-groups*
-Add additional groups to assign to primary user running within the container process.
+Assign additional groups to the primary user running within the container process.
- `keep-groups` is a special flag that tells Podman to keep the supplementary group access.
@@ -722,7 +722,7 @@ Valid _mode_ values are:
- **alias=name**: Add network-scoped alias for the container.
- **ip=IPv4**: Specify a static ipv4 address for this container.
- **ip=IPv6**: Specify a static ipv6 address for this container.
- - **mac=MAC**: Specify a static mac address address for this container.
+ - **mac=MAC**: Specify a static mac address for this container.
- **interface_name**: Specify a name for the created network interface inside the container.
For example to set a static ipv4 address and a static mac address, use `--network bridge:ip=10.88.0.10,mac=44:33:22:11:00:99`.
@@ -742,7 +742,7 @@ Valid _mode_ values are:
- **outbound_addr6=INTERFACE**: Specify the outbound interface slirp should bind to (ipv6 traffic only).
- **outbound_addr6=IPv6**: Specify the outbound ipv6 address slirp should bind to.
- **port_handler=rootlesskit**: Use rootlesskit for port forwarding. Default.
- Note: Rootlesskit changes the source IP address of incoming packets to a IP address in the container network namespace, usually `10.0.2.100`. If your application requires the real source IP address, e.g. web server logs, use the slirp4netns port handler. The rootlesskit port handler is also used for rootless containers when connected to user-defined networks.
+ Note: Rootlesskit changes the source IP address of incoming packets to an IP address in the container network namespace, usually `10.0.2.100`. If your application requires the real source IP address, e.g. web server logs, use the slirp4netns port handler. The rootlesskit port handler is also used for rootless containers when connected to user-defined networks.
- **port_handler=slirp4netns**: Use the slirp4netns port forwarding, it is slower than rootlesskit but preserves the correct source IP address. This port handler cannot be used for user-defined networks.
#### **--network-alias**=*alias*
@@ -1377,7 +1377,7 @@ The **Z** option tells Podman to label the content with a private unshared label
Note: Do not relabel system files and directories. Relabeling system content
might cause other confined services on your machine to fail. For these types
-of containers we recommend that disable SELinux separation. The option
+of containers we recommend disabling SELinux separation. The option
`--security-opt label=disable` disables SELinux separation for the container.
For example if a user wanted to volume mount their entire home directory into a
container, they need to disable SELinux separation.
@@ -1444,7 +1444,7 @@ the volume will not be able to change their privilege. By default volumes
are mounted with **nosuid**.
Mounting the volume with the **noexec** option means that no executables on the
-volume will be able to executed within the container.
+volume will be able to be executed within the container.
Mounting the volume with the **nodev** option means that no devices on the volume
will be able to be used by processes within the container. By default volumes
@@ -1920,7 +1920,7 @@ $ podman run --network net1:ip=10.89.1.5 --network net2:ip=10.89.10.10 alpine ip
### Rootless Containers
-Podman runs as a non root user on most systems. This feature requires that a new enough version of **shadow-utils**
+Podman runs as a non-root user on most systems. This feature requires that a new enough version of **shadow-utils**
be installed. The **shadow-utils** package must include the **newuidmap**(1) and **newgidmap**(1) executables.
Note: RHEL7 and Centos 7 will not have this feature until RHEL7.7 is released.
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-10-04 02:21:37 +0000