diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/source/markdown/podman-create.1.md | 4 | ||||
| -rw-r--r-- | docs/source/markdown/podman-run.1.md | 4 | ||||
| -rw-r--r-- | docs/source/markdown/podman.1.md | 8 | ||||
| -rw-r--r-- | docs/tutorials/rootless_tutorial.md | 2 |
4 files changed, 17 insertions, 1 deletions
diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md index 4a8b311f0..28c340d2f 100644 --- a/docs/source/markdown/podman-create.1.md +++ b/docs/source/markdown/podman-create.1.md @@ -215,6 +215,10 @@ Note: if the user only has access rights via a group, accessing the device from inside a rootless container will fail. The **crun**(1) runtime offers a workaround for this by adding the option **--annotation run.oci.keep_original_groups=1**. +Podman may load kernel modules required for using the specified +device. The devices that podman will load modules when necessary are: +/dev/fuse. + **--device-cgroup-rule**="type major:minor mode" Add a rule to the cgroup allowed devices list. The rule is expected to be in the format specified in the Linux kernel documentation (Documentation/cgroup-v1/devices.txt): diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md index 47aa8827f..a27b1b175 100644 --- a/docs/source/markdown/podman-run.1.md +++ b/docs/source/markdown/podman-run.1.md @@ -231,6 +231,10 @@ Note: if the user only has access rights via a group, accessing the device from inside a rootless container will fail. The **crun**(1) runtime offers a workaround for this by adding the option **--annotation run.oci.keep_original_groups=1**. +Podman may load kernel modules required for using the specified +device. The devices that podman will load modules when necessary are: +/dev/fuse. + **--device-cgroup-rule**=rule Add a rule to the cgroup allowed devices list diff --git a/docs/source/markdown/podman.1.md b/docs/source/markdown/podman.1.md index 555486562..87337fa3c 100644 --- a/docs/source/markdown/podman.1.md +++ b/docs/source/markdown/podman.1.md @@ -160,6 +160,14 @@ Print the version Podman can set up environment variables from env of [engine] table in containers.conf. These variables can be overridden by passing environment variables before the `podman` commands. +## Remote Access + +The Podman command can be used with remote services using the `--remote` flag. Connections can +be made using local unix domain sockets, ssh or directly to tcp sockets. When specifying the +podman --remote flag, only the global options `--url`, `--identity`, `--log-level`, `--connection` are used. + +Connection information can also be managed using the containers.conf file. + ## Exit Status The exit code from `podman` gives information about why the container diff --git a/docs/tutorials/rootless_tutorial.md b/docs/tutorials/rootless_tutorial.md index 6b83f18d9..3b9cbd2d0 100644 --- a/docs/tutorials/rootless_tutorial.md +++ b/docs/tutorials/rootless_tutorial.md @@ -95,7 +95,7 @@ If this is required, the administrator must verify that the UID of the user is p To change its value the administrator can use a call similar to: `sysctl -w "net.ipv4.ping_group_range=0 2000000"`. -To make the change persistent, the administrator will need to add a file in `/etc/sysctl.d` that contains `net.ipv4.ping_group_range=0 $MAX_UID`. +To make the change persist, the administrator will need to add a file with the `.conf` file extension in `/etc/sysctl.d` that contains `net.ipv4.ping_group_range=0 $MAX_GID`, where `$MAX_GID` is the highest assignable GID of the user running the container. ## User Actions |