aboutsummaryrefslogtreecommitdiff
path: root/docs/source
diff options
context:
space:
mode:
Diffstat (limited to 'docs/source')
-rw-r--r--docs/source/Tutorials.rst1
-rw-r--r--docs/source/markdown/podman-create.1.md9
-rw-r--r--docs/source/markdown/podman-generate-systemd.1.md4
-rw-r--r--docs/source/markdown/podman-image-sign.1.md2
-rw-r--r--docs/source/markdown/podman-play-kube.1.md12
-rw-r--r--docs/source/markdown/podman-run.1.md13
-rw-r--r--docs/source/markdown/podman-system-connection.1.md2
7 files changed, 36 insertions, 7 deletions
diff --git a/docs/source/Tutorials.rst b/docs/source/Tutorials.rst
index e3e869d5b..e48d1e853 100644
--- a/docs/source/Tutorials.rst
+++ b/docs/source/Tutorials.rst
@@ -11,3 +11,4 @@ Here are a number of useful tutorials to get you up and running with Podman. If
* `Podman remote-client tutorial <https://github.com/containers/podman/blob/master/docs/tutorials/remote_client.md>`_: A brief how-to on using the Podman remote-client.
* `How to use libpod for custom/derivative projects <https://github.com/containers/podman/blob/master/docs/tutorials/podman-derivative-api.md>`_: How the libpod API can be used within your own project.
* `How to use Podman's Go bindings <https://github.com/containers/podman/blob/master/docs/tutorials/podman-go-bindings.md>`_: A brief how-to on using Podman's Go bindings in external applications.
+* `Common network setups <https://github.com/containers/podman/blob/master/docs/tutorials/basic_networking.md>`_: A basic guide to common network setups for Podman.
diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md
index 7782949a9..30cadf703 100644
--- a/docs/source/markdown/podman-create.1.md
+++ b/docs/source/markdown/podman-create.1.md
@@ -1036,6 +1036,7 @@ The _options_ is a comma delimited list and can be:
* [**no**]**dev**
* [**no**]**suid**
* [**O**]
+* [**U**]
The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The volume
will be mounted into the container at this directory.
@@ -1065,6 +1066,14 @@ You can add `:ro` or `:rw` suffix to a volume to mount it read-only or
read-write mode, respectively. By default, the volumes are mounted read-write.
See examples.
+ `Chowning Volume Mounts`
+
+By default, Podman does not change the owner and group of source volume directories mounted into containers. If a container is created in a new user namespace, the UID and GID in the container may correspond to another UID and GID on the host.
+
+The `:U` suffix tells Podman to use the correct host UID and GID based on the UID and GID within the container, to change recursively the owner and group of the source volume.
+
+**Warning** use with caution since this will modify the host filesystem.
+
`Labeling Volume Mounts`
Labeling systems like SELinux require that proper labels are placed on volume
diff --git a/docs/source/markdown/podman-generate-systemd.1.md b/docs/source/markdown/podman-generate-systemd.1.md
index a59dbc7f0..f75f77d79 100644
--- a/docs/source/markdown/podman-generate-systemd.1.md
+++ b/docs/source/markdown/podman-generate-systemd.1.md
@@ -32,6 +32,10 @@ Use the name of the container for the start, stop, and description in the unit f
Using this flag will yield unit files that do not expect containers and pods to exist. Instead, new containers and pods are created based on their configuration files. The unit files are created best effort and may need to be further edited; please review the generated files carefully before using them in production.
+#### **--no-header**
+
+Do not generate the header including meta data such as the Podman version and the timestamp.
+
#### **--time**, **-t**=*value*
Override the default stop timeout for the container with the given value.
diff --git a/docs/source/markdown/podman-image-sign.1.md b/docs/source/markdown/podman-image-sign.1.md
index 3e52bde30..fc0f55e44 100644
--- a/docs/source/markdown/podman-image-sign.1.md
+++ b/docs/source/markdown/podman-image-sign.1.md
@@ -37,7 +37,7 @@ Store the signatures in the specified directory. Default: /var/lib/containers/s
Override the default identity of the signature.
## EXAMPLES
-Sign the busybox image with the identify of foo@bar.com with a user's keyring and save the signature in /tmp/signatures/.
+Sign the busybox image with the identity of foo@bar.com with a user's keyring and save the signature in /tmp/signatures/.
sudo podman image sign --sign-by foo@bar.com --directory /tmp/signatures docker://privateregistry.example.com/foobar
diff --git a/docs/source/markdown/podman-play-kube.1.md b/docs/source/markdown/podman-play-kube.1.md
index 2de261f66..3795e954c 100644
--- a/docs/source/markdown/podman-play-kube.1.md
+++ b/docs/source/markdown/podman-play-kube.1.md
@@ -4,12 +4,10 @@
podman-play-kube - Create pods and containers based on Kubernetes YAML
## SYNOPSIS
-**podman play kube** [*options*] *file*__.yml__
+**podman play kube** [*options*] *file.yml|-*
## DESCRIPTION
-**podman play kube** will read in a structured file of Kubernetes YAML. It will then recreate
-the pod and containers described in the YAML. The containers within the pod are then started and
-the ID of the new Pod is output.
+**podman play kube** will read in a structured file of Kubernetes YAML. It will then recreate the pod and containers described in the YAML. The containers within the pod are then started and the ID of the new Pod is output. If the yaml file is specified as "-" then `podman play kube` with read the yaml file from stdin.
Ideally the input file would be one created by Podman (see podman-generate-kube(1)). This would guarantee a smooth import and expected results.
@@ -82,6 +80,12 @@ $ podman play kube demo.yml
52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6
```
+Recreate the pod and containers as described in a file `demo.yml` sent to stdin
+```
+$ cat demo.yml | podman play kube -
+52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6
+```
+
Provide `configmap-foo.yml` and `configmap-bar.yml` as sources for environment variables within the containers.
```
$ podman play kube demo.yml --configmap configmap-foo.yml,configmap-bar.yml
diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md
index 49b45f4f8..a633df94e 100644
--- a/docs/source/markdown/podman-run.1.md
+++ b/docs/source/markdown/podman-run.1.md
@@ -714,7 +714,7 @@ Override the OS, defaults to hosts, of the image to be pulled. For example, `win
#### **--pid**=*mode*
Set the PID namespace mode for the container.
-The efault is to create a private PID namespace for the container.
+The default is to create a private PID namespace for the container.
- **container:**_id_: join another container's PID namespace;
- **host**: use the host's PID namespace for the container. Note the host mode gives the container full access to local PID and is therefore considered insecure;
@@ -1111,6 +1111,7 @@ The _options_ is a comma delimited list and can be: <sup>[[1]](#Footnote1)</sup>
* [**no**]**dev**
* [**no**]**suid**
* [**O**]
+* [**U**]
The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The volume
will be mounted into the container at this directory.
@@ -1139,6 +1140,14 @@ container.
You can add **:ro** or **:rw** option to mount a volume in read-only or
read-write mode, respectively. By default, the volumes are mounted read-write.
+ `Chowning Volume Mounts`
+
+By default, Podman does not change the owner and group of source volume directories mounted into containers. If a container is created in a new user namespace, the UID and GID in the container may correspond to another UID and GID on the host.
+
+The `:U` suffix tells Podman to use the correct host UID and GID based on the UID and GID within the container, to change recursively the owner and group of the source volume.
+
+**Warning** use with caution since this will modify the host filesystem.
+
`Labeling Volume Mounts`
Labeling systems like SELinux require that proper labels are placed on volume
@@ -1450,6 +1459,8 @@ $ podman run -v /var/db:/data1 -i -t fedora bash
$ podman run -v data:/data2 -i -t fedora bash
$ podman run -v /var/cache/dnf:/var/cache/dnf:O -ti fedora dnf -y update
+
+$ podman run -d -e MYSQL_ROOT_PASSWORD=root --user mysql --userns=keep-id -v ~/data:/var/lib/mysql:z,U mariadb
```
Using **--mount** flags to mount a host directory as a container folder, specify
diff --git a/docs/source/markdown/podman-system-connection.1.md b/docs/source/markdown/podman-system-connection.1.md
index 0673aaee1..6cd4a5fa8 100644
--- a/docs/source/markdown/podman-system-connection.1.md
+++ b/docs/source/markdown/podman-system-connection.1.md
@@ -3,7 +3,7 @@
## NAME
podman\-system\-connection - Manage the destination(s) for Podman service(s)
-## SYNOPSISManage the destination(s) for Podman service(s)
+## SYNOPSIS
**podman system connection** *subcommand*
## DESCRIPTION
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-04-25 14:48:22 +0000