summaryrefslogtreecommitdiff
path: root/docs/source/markdown
diff options
context:
space:
mode:
Diffstat (limited to 'docs/source/markdown')
-rw-r--r--docs/source/markdown/podman-create.1.md7
-rw-r--r--docs/source/markdown/podman-network-reload.1.md62
-rw-r--r--docs/source/markdown/podman-network.1.md17
3 files changed, 78 insertions, 8 deletions
diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md
index 843e2b22f..64bfdb377 100644
--- a/docs/source/markdown/podman-create.1.md
+++ b/docs/source/markdown/podman-create.1.md
@@ -845,11 +845,18 @@ Security Options
- `label=filetype:TYPE` : Set the label file type for the container files
- `label=disable` : Turn off label separation for the container
+- `mask=/path/1:/path/2` : The paths to mask separated by a colon. A masked path
+ cannot be accessed inside the container.
+
- `no-new-privileges` : Disable container processes from gaining additional privileges
- `seccomp=unconfined` : Turn off seccomp confinement for the container
- `seccomp=profile.json` : White listed syscalls seccomp Json file to be used as a seccomp filter
+- `unmask=ALL or /path/1:/path/2` : Paths to unmask separated by a colon. If set to **ALL**, it will
+ unmask all the paths that are masked by default.
+ The default masked paths are **/proc/acpi, /proc/kcore, /proc/keys, /proc/latency_stats, /proc/sched_debug, /proc/scsi, /proc/timer_list, /proc/timer_stats, /sys/firmware, and /sys/fs/selinux.**
+
- `proc-opts=OPTIONS` : Comma separated list of options to use for the /proc mount. More details for the
possible mount options are specified at **proc(5)** man page.
diff --git a/docs/source/markdown/podman-network-reload.1.md b/docs/source/markdown/podman-network-reload.1.md
new file mode 100644
index 000000000..dd8047297
--- /dev/null
+++ b/docs/source/markdown/podman-network-reload.1.md
@@ -0,0 +1,62 @@
+% podman-network-reload(1)
+
+## NAME
+podman\-network\-reload - Reload network configuration for containers
+
+## SYNOPSIS
+**podman network reload** [*options*] [*container...*]
+
+## DESCRIPTION
+Reload one or more container network configurations.
+
+Rootful Podman relies on iptables rules in order to provide network connectivity. If the iptables rules are deleted,
+this happens for example with `firewall-cmd --reload`, the container loses network connectivity. This command restores
+the network connectivity.
+
+This command is not available for rootless users since rootless containers are not affected by such connectivity problems.
+
+## OPTIONS
+#### **--all**, **-a**
+
+Reload network configuration of all containers.
+
+#### **--latest**, **-l**
+
+Instead of providing the container name or ID, use the last created container. If you use methods other than Podman
+to run containers such as CRI-O, the last started container could be from either of those methods.
+
+The latest option is not supported on the remote client.
+
+## EXAMPLE
+
+Reload the network configuration after a firewall reload.
+
+```
+# podman run -p 80:80 -d nginx
+b1b538e8bc4078fc3ee1c95b666ebc7449b9a97bacd15bcbe464a29e1be59c1c
+# curl 127.0.0.1
+works
+# sudo firewall-cmd --reload
+success
+# curl 127.0.0.1
+hangs
+# podman network reload b1b538e8bc40
+b1b538e8bc4078fc3ee1c95b666ebc7449b9a97bacd15bcbe464a29e1be59c1c
+# curl 127.0.0.1
+works
+```
+
+Reload the network configuration for all containers.
+
+```
+# podman network reload --all
+b1b538e8bc4078fc3ee1c95b666ebc7449b9a97bacd15bcbe464a29e1be59c1c
+fe7e8eca56f844ec33af10f0aa3b31b44a172776e3277b9550a623ed5d96e72b
+```
+
+
+## SEE ALSO
+podman(1), podman-network(1)
+
+## HISTORY
+December 2020, Originally compiled by Paul Holzinger <paul.holzinger@web.de>
diff --git a/docs/source/markdown/podman-network.1.md b/docs/source/markdown/podman-network.1.md
index bc161659a..41e2ae885 100644
--- a/docs/source/markdown/podman-network.1.md
+++ b/docs/source/markdown/podman-network.1.md
@@ -11,14 +11,15 @@ The network command manages CNI networks for Podman.
## COMMANDS
-| Command | Man Page | Description |
-| ------- | --------------------------------------------------- | ---------------------------------------------------------------------------- |
-| connect | [podman-network-connect(1)](podman-network-connect.1.md)| Connect a container to a network|
-| create | [podman-network-create(1)](podman-network-create.1.md)| Create a Podman CNI network|
-| disconnect | [podman-network-disconnect(1)](podman-network-disconnect.1.md)| Disconnect a container from a network|
-| inspect | [podman-network-inspect(1)](podman-network-inspect.1.md)| Displays the raw CNI network configuration for one or more networks|
-| ls | [podman-network-ls(1)](podman-network-ls.1.md)| Display a summary of CNI networks |
-| rm | [podman-network-rm(1)](podman-network-rm.1.md)| Remove one or more CNI networks |
+| Command | Man Page | Description |
+| ---------- | -------------------------------------------------------------- | ------------------------------------------------------------------- |
+| connect | [podman-network-connect(1)](podman-network-connect.1.md) | Connect a container to a network |
+| create | [podman-network-create(1)](podman-network-create.1.md) | Create a Podman CNI network |
+| disconnect | [podman-network-disconnect(1)](podman-network-disconnect.1.md) | Disconnect a container from a network |
+| inspect | [podman-network-inspect(1)](podman-network-inspect.1.md) | Displays the raw CNI network configuration for one or more networks |
+| ls | [podman-network-ls(1)](podman-network-ls.1.md) | Display a summary of CNI networks |
+| reload | [podman-network-reload(1)](podman-network-reload.1.md) | Reload network configuration for containers |
+| rm | [podman-network-rm(1)](podman-network-rm.1.md) | Remove one or more CNI networks |
## SEE ALSO
podman(1)