1 files changed, 23 insertions, 17 deletions

diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md
index efd60b46d..239cf3b83 100644
--- a/docs/source/markdown/podman-run.1.md
+++ b/docs/source/markdown/podman-run.1.md
@@ -43,7 +43,7 @@ pages.
 ## IMAGE
 
   The image is specified using transport:path format. If no transport is specified, the `docker` (container registry)
-transport will be used by default. For remote Podman, `docker` is the only allowed transport.
+transport will be used by default. For remote Podman, including Mac and Windows (excluding WSL2) machines, `docker` is the only allowed transport.
 
   **dir:**_path_
   An existing local directory _path_ storing the manifest, layer tarballs and signatures as individual files. This
@@ -167,7 +167,7 @@ Write the container ID to *file*.
 #### **--conmon-pidfile**=*file*
 
 Write the pid of the **conmon** process to a file. As **conmon** runs in a separate process than Podman, this is necessary when using systemd to restart Podman containers.
-(This option is not available with the remote Podman client)
+(This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
 
 #### **--cpu-period**=*limit*
 
@@ -341,7 +341,7 @@ Set custom DNS servers. Invalid if using **--dns** with **--network** that is se
 This option can be used to override the DNS
 configuration passed to the container. Typically this is necessary when the
 host DNS configuration is invalid for the container (e.g., **127.0.0.1**). When this
-is the case the **--dns** flags is necessary for every run.
+is the case the **--dns** flag is necessary for every run.
 
 The special value **none** can be specified to disable creation of _/etc/resolv.conf_ in the container by Podman.
 The _/etc/resolv.conf_ file in the image will be used without changes.
@@ -383,7 +383,7 @@ See [**Environment**](#environment) note below for precedence and examples.
 
 #### **--env-host**
 
-Use host environment inside of the container. See **Environment** note below for precedence. (This option is not available with the remote Podman client)
+Use host environment inside of the container. See **Environment** note below for precedence. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
 
 #### **--env-file**=*file*
 
@@ -411,7 +411,7 @@ Note: the **--gidmap** flag cannot be called in conjunction with the **--pod** f
 
 #### **--group-add**=*group|keep-groups*
 
-Add additional groups to assign to primary user running within the container process.
+Assign additional groups to the primary user running within the container process.
 
 - `keep-groups` is a special flag that tells Podman to keep the supplementary group access.
 
@@ -419,7 +419,7 @@ Allows container to use the user's supplementary group access. If file systems o
 devices are only accessible by the rootless user's group, this flag tells the OCI
 runtime to pass the group access into the container. Currently only available
 with the `crun` OCI runtime. Note: `keep-groups` is exclusive, you cannot add any other groups
-with this flag. (Not available for remote commands)
+with this flag. (Not available for remote commands, including Mac and Windows (excluding WSL2) machines)
 
 #### **--health-cmd**=*"command"* | *'["command", "arg1", ...]'*
 
@@ -474,7 +474,7 @@ the container should not use any proxy. Proxy environment variables specified
 for the container in any other way will override the values that would have
 been passed through from the host. (Other ways to specify the proxy for the
 container include passing the values with the **--env** flag, or hard coding the
-proxy environment at container build time.) (This option is not available with the remote Podman client)
+proxy environment at container build time.) (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
 
 Defaults to **true**.
 
@@ -548,7 +548,7 @@ $ podman info --format '{{ .Host.LogDriver }}'
 journald
 ```
 The **passthrough** driver passes down the standard streams (stdin, stdout, stderr) to the
-container.  It is not allowed with the remote Podman client and on a tty, since it is
+container.  It is not allowed with the remote Podman client, including Mac and Windows (excluding WSL2) machines, and on a tty, since it is
 vulnerable to attacks via TIOCSTI.
 
 
@@ -722,7 +722,7 @@ Valid _mode_ values are:
   - **alias=name**: Add network-scoped alias for the container.
   - **ip=IPv4**: Specify a static ipv4 address for this container.
   - **ip=IPv6**: Specify a static ipv6 address for this container.
-  - **mac=MAC**: Specify a static mac address address for this container.
+  - **mac=MAC**: Specify a static mac address for this container.
   - **interface_name**: Specify a name for the created network interface inside the container.
 
   For example to set a static ipv4 address and a static mac address, use `--network bridge:ip=10.88.0.10,mac=44:33:22:11:00:99`.
@@ -742,7 +742,7 @@ Valid _mode_ values are:
   - **outbound_addr6=INTERFACE**: Specify the outbound interface slirp should bind to (ipv6 traffic only).
   - **outbound_addr6=IPv6**: Specify the outbound ipv6 address slirp should bind to.
   - **port_handler=rootlesskit**: Use rootlesskit for port forwarding. Default.
-  Note: Rootlesskit changes the source IP address of incoming packets to a IP address in the container network namespace, usually `10.0.2.100`. If your application requires the real source IP address, e.g. web server logs, use the slirp4netns port handler. The rootlesskit port handler is also used for rootless containers when connected to user-defined networks.
+  Note: Rootlesskit changes the source IP address of incoming packets to an IP address in the container network namespace, usually `10.0.2.100`. If your application requires the real source IP address, e.g. web server logs, use the slirp4netns port handler. The rootlesskit port handler is also used for rootless containers when connected to user-defined networks.
   - **port_handler=slirp4netns**: Use the slirp4netns port forwarding, it is slower than rootlesskit but preserves the correct source IP address. This port handler cannot be used for user-defined networks.
 
 #### **--network-alias**=*alias*
@@ -767,6 +767,8 @@ This option conflicts with **--add-host**.
 
 Whether to disable OOM Killer for the container or not.
 
+This flag is not supported on cgroups V2 systems.
+
 #### **--oom-score-adj**=*num*
 
 Tune the host's OOM preferences for containers (accepts values from **-1000** to **1000**).
@@ -816,7 +818,7 @@ If a container is run within a pod, and the pod has an infra-container, the infr
 #### **--preserve-fds**=*N*
 
 Pass down to the process N additional file descriptors (in addition to 0, 1, 2).
-The total FDs will be 3+N. (This option is not available with the remote Podman client)
+The total FDs will be 3+N. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
 
 #### **--privileged**
 
@@ -1269,7 +1271,7 @@ The `--userns=auto` flag, requires that the user name `containers` and a range o
 
 Example: `containers:2147483647:2147483648`.
 
-Podman allocates unique ranges of UIDs and GIDs from the `containers` subpordinate user ids. The size of the ranges is based on the number of UIDs required in the image. The number of UIDs and GIDs can be overridden with the `size` option. The `auto` options currently does not work in rootless mode
+Podman allocates unique ranges of UIDs and GIDs from the `containers` subordinate user ids. The size of the ranges is based on the number of UIDs required in the image. The number of UIDs and GIDs can be overridden with the `size` option. The `auto` options currently does not work in rootless mode
 
   Valid `auto` options:
 
@@ -1307,7 +1309,7 @@ Create a bind mount. If you specify _/HOST-DIR_:_/CONTAINER-DIR_, Podman
 bind mounts _host-dir_ in the host to _CONTAINER-DIR_ in the Podman
 container. Similarly, _SOURCE-VOLUME_:_/CONTAINER-DIR_ will mount the volume
 in the host to the container. If no such named volume exists, Podman will
-create one. (Note when using the remote client, the volumes will be mounted from the remote server, not necessarily the client machine.)
+create one. (Note when using the remote client, including Mac and Windows (excluding WSL2) machines, the volumes will be mounted from the remote server, not necessarily the client machine.)
 
 The _options_ is a comma-separated list and can be: <sup>[[1]](#Footnote1)</sup>
 
@@ -1377,7 +1379,7 @@ The **Z** option tells Podman to label the content with a private unshared label
 
 Note: Do not relabel system files and directories. Relabeling system content
 might cause other confined services on your machine to fail.  For these types
-of containers we recommend that disable SELinux separation.  The option
+of containers we recommend disabling SELinux separation.  The option
 `--security-opt label=disable` disables SELinux separation for the container.
 For example if a user wanted to volume mount their entire home directory into a
 container, they need to disable SELinux separation.
@@ -1394,6 +1396,10 @@ directory will be the lower, and the container storage directory will be the
 upper. Modifications to the mount point are destroyed when the container
 finishes executing, similar to a tmpfs mount point being unmounted.
 
+  For advanced users overlay option also supports custom non-volatile `upperdir` and `workdir`
+for the overlay mount. Custom `upperdir` and `workdir` can be fully managed by the users themselves
+and `podman` will not remove it on lifecycle completion. Example `:O,upperdir=/some/upper,workdir=/some/work`
+
   Subsequent executions of the container will see the original source directory
 content, any changes from previous container executions no longer exist.
 
@@ -1444,7 +1450,7 @@ the volume will not be able to change their privilege. By default volumes
 are mounted with **nosuid**.
 
 Mounting the volume with the **noexec** option means that no executables on the
-volume will be able to executed within the container.
+volume will be able to be executed within the container.
 
 Mounting the volume with the **nodev** option means that no devices on the volume
 will be able to be used by processes within the container. By default volumes
@@ -1515,7 +1521,7 @@ can override the working directory by using the **-w** option.
 
 #### **--pidfile**=*path*
 
-When the pidfile location is specified, the container process' PID will be written to the pidfile. (This option is not available with the remote Podman client)
+When the pidfile location is specified, the container process' PID will be written to the pidfile. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
 If the pidfile option is not specified, the container process' PID will be written to /run/containers/storage/${storage-driver}-containers/$CID/userdata/pidfile.
 
 After the container is started, the location for the pidfile can be discovered with the following `podman inspect` command:
@@ -1920,7 +1926,7 @@ $ podman run --network net1:ip=10.89.1.5 --network net2:ip=10.89.10.10 alpine ip
 
 ### Rootless Containers
 
-Podman runs as a non root user on most systems. This feature requires that a new enough version of **shadow-utils**
+Podman runs as a non-root user on most systems. This feature requires that a new enough version of **shadow-utils**
 be installed. The **shadow-utils** package must include the **newuidmap**(1) and **newgidmap**(1) executables.
 
 Note: RHEL7 and Centos 7 will not have this feature until RHEL7.7 is released.