diff options
Diffstat (limited to 'docs')
28 files changed, 738 insertions, 61 deletions
diff --git a/docs/podman-build.1.md b/docs/podman-build.1.md index 1a04f8224..567d0ead3 100644 --- a/docs/podman-build.1.md +++ b/docs/podman-build.1.md @@ -1,23 +1,25 @@ % podman-build(1) ## NAME -podman\-build - Build a container image using a Dockerfile +podman\-build - Build a container image using a Containerfile ## SYNOPSIS -**podman build** [*options*] *context* +**podman build** [*options*] [*context*] -**podman image build** [*options*] *context* +**podman image build** [*options*] [*context*] ## DESCRIPTION -**podman build** Builds an image using instructions from one or more Dockerfiles and a specified build context directory. +**podman build** Builds an image using instructions from one or more Containerfiles or Dockerfiles and a specified build context directory. A Containerfile uses the same syntax as a Dockerfile internally. For this document, a file referred to as a Containerfile can be a file named either 'Containerfile' or 'Dockerfile'. -The build context directory can be specified as the http(s) URL of an archive, git repository or Dockerfile. +The build context directory can be specified as the http(s) URL of an archive, git repository or Containerfile. -Dockerfiles ending with a ".in" suffix will be preprocessed via CPP(1). This can be useful to decompose Dockerfiles into several reusable parts that can be used via CPP's **#include** directive. Notice, a Dockerfile.in file can still be used by other tools when manually preprocessing them via `cpp -E`. +If no context directory is specified, then Podman will assume the current working directory as the build context, which should contain the Containerfile. + +Containerfiles ending with a ".in" suffix will be preprocessed via CPP(1). This can be useful to decompose Containerfiles into several reusable parts that can be used via CPP's **#include** directive. Notice, a Containerfile.in file can still be used by other tools when manually preprocessing them via `cpp -E`. When the URL is an archive, the contents of the URL is downloaded to a temporary location and extracted before execution. -When the URL is an Dockerfile, the Dockerfile is downloaded to a temporary location. +When the URL is an Containerfile, the Containerfile is downloaded to a temporary location. When a Git repository is set as the URL, the repository is cloned locally and then set as the context. @@ -46,7 +48,7 @@ environment variable. `export REGISTRY_AUTH_FILE=path` **--build-arg**=*arg=value* Specifies a build argument and its value, which will be interpolated in -instructions read from the Dockerfiles in the same way that environment +instructions read from the Containerfiles in the same way that environment variables are, but which will not be added to environment variable list in the resulting image's configuration. @@ -170,6 +172,10 @@ The [username[:password]] to use to authenticate with the registry if required. If one or both values are not supplied, a command line prompt will appear and the value can be entered. The password is entered without echo. +**--device**=*device* + +Add a host device to the container. The format is `<device-on-host>[:<device-on-container>][:<permissions>]` (e.g. --device=/dev/sdc:/dev/xvdc:rwm) + **--disable-compression, -D** Don't compress filesystem layers when building the image unless it is required @@ -201,22 +207,22 @@ Set custom DNS options Set custom DNS search domains -**--file**, **-f**=*Dockerfile* +**--file**, **-f**=*Containerfile* -Specifies a Dockerfile which contains instructions for building the image, +Specifies a Containerfile which contains instructions for building the image, either a local file or an **http** or **https** URL. If more than one -Dockerfile is specified, *FROM* instructions will only be accepted from the +Containerfile is specified, *FROM* instructions will only be accepted from the first specified file. -If a build context is not specified, and at least one Dockerfile is a +If a build context is not specified, and at least one Containerfile is a local file, the directory in which it resides will be used as the build context. -If you specify `-f -`, the Dockerfile contents will be read from stdin. +If you specify `-f -`, the Containerfile contents will be read from stdin. **--force-rm**=*true|false* -Always remove intermediate containers after a build, even if the build is unsuccessful. +Always remove intermediate containers after a build, even if the build fails (default false). **--format** @@ -368,7 +374,8 @@ environment variable. `export BUILDAH_RUNTIME=/usr/local/bin/runc` Adds global flags for the container runtime. To list the supported flags, please consult the manpages of the selected container runtime (`runc` is the default -runtime, the manpage to consult is `runc(8)`). +runtime, the manpage to consult is `runc(8)`. When the machine is configured +for cgroup V2, the default runtime is `crun`, the manpage to consult is `crun(8)`.). Note: Do not pass the leading `--` to the flag. To pass the runc flag `--log-format json` to podman build, the option given would be `--runtime-flag log-format=json`. @@ -398,6 +405,11 @@ If you omit the unit, the system uses bytes. If you omit the size entirely, the **--squash** +Squash all of the image's new layers into a single new layer; any preexisting layers +are not squashed. + +**--squash-all** + Squash all of the new image's layers (including those inherited from a base image) into a single new layer. **--tag**, **-t**=*imageName* @@ -408,7 +420,7 @@ If _imageName_ does not include a registry name, the registry name *localhost* w **--target**=*stageName* -Set the target build stage to build. When building a Dockerfile with multiple build stages, --target +Set the target build stage to build. When building a Containerfile with multiple build stages, --target can be used to specify an intermediate build stage by name as the final stage for the resulting image. Commands after the target stage will be skipped. @@ -526,7 +538,7 @@ process. container. The `OPTIONS` are a comma delimited list and can be: * [rw|ro] - * [z|Z] + * [z|Z|O] * [`[r]shared`|`[r]slave`|`[r]private`] The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The `HOST-DIR` @@ -559,7 +571,7 @@ Only the current container can use a private volume. `Overlay Volume Mounts` - The `:O` flag tells Buildah to mount the directory from the host as a temporary storage using the Overlay file system. The `RUN` command containers are allowed to modify contents within the mountpoint and are stored in the container storage in a separate directory. In Overlay FS terms the source directory will be the lower, and the container storage directory will be the upper. Modifications to the mount point are destroyed when the `RUN` command finishes executing, similar to a tmpfs mount point. + The `:O` flag tells Podman to mount the directory from the host as a temporary storage using the Overlay file system. The `RUN` command containers are allowed to modify contents within the mountpoint and are stored in the container storage in a separate directory. In Overlay FS terms the source directory will be the lower, and the container storage directory will be the upper. Modifications to the mount point are destroyed when the `RUN` command finishes executing, similar to a tmpfs mount point. Any subsequent execution of `RUN` commands sees the original source directory content, any changes from previous RUN commands no longer exists. @@ -605,16 +617,16 @@ mount can be changed directly. For instance if `/` is the source mount for ## EXAMPLES -### Build an image using local Dockerfiles +### Build an image using local Containerfiles ``` $ podman build . -$ podman build -f Dockerfile.simple . +$ podman build -f Containerfile.simple . $ cat ~/Dockerfile | podman build -f - . -$ podman build -f Dockerfile.simple -f Dockerfile.notsosimple . +$ podman build -f Dockerfile.simple -f Containerfile.notsosimple . $ podman build -f Dockerfile.in ~ @@ -649,19 +661,19 @@ $ podman build --no-cache --rm=false -t imageName . ### Building an image using a URL, Git repo, or archive - The build context directory can be specified as a URL to a Dockerfile, a Git repository, or URL to an archive. If the URL is a Dockerfile, it is downloaded to a temporary location and used as the context. When a Git repository is set as the URL, the repository is cloned locally to a temporary location and then used as the context. Lastly, if the URL is an archive, it is downloaded to a temporary location and extracted before being used as the context. + The build context directory can be specified as a URL to a Containerfile, a Git repository, or URL to an archive. If the URL is a Containerfile, it is downloaded to a temporary location and used as the context. When a Git repository is set as the URL, the repository is cloned locally to a temporary location and then used as the context. Lastly, if the URL is an archive, it is downloaded to a temporary location and extracted before being used as the context. -#### Building an image using a URL to a Dockerfile +#### Building an image using a URL to a Containerfile - Podman will download the Dockerfile to a temporary location and then use it as the build context. + Podman will download the Containerfile to a temporary location and then use it as the build context. ``` -$ podman build https://10.10.10.1/podman/Dockerfile +$ podman build https://10.10.10.1/podman/Containerfile ``` #### Building an image using a Git repository - Podman will clone the specified GitHub repository to a temporary location and use it as the context. The Dockerfile at the root of the repository will be used and it only works if the GitHub repository is a dedicated repository. + Podman will clone the specified GitHub repository to a temporary location and use it as the context. The Containerfile at the root of the repository will be used and it only works if the GitHub repository is a dedicated repository. ``` $ podman build git://github.com/scollier/purpletest @@ -669,10 +681,10 @@ $ podman build git://github.com/scollier/purpletest #### Building an image using a URL to an archive - Podman will fetch the archive file, decompress it, and use its contents as the build context. The Dockerfile at the root of the archive and the rest of the archive will get used as the context of the build. If you pass `-f PATH/Dockerfile` option as well, the system will look for that file inside the contents of the archive. + Podman will fetch the archive file, decompress it, and use its contents as the build context. The Containerfile at the root of the archive and the rest of the archive will get used as the context of the build. If you pass `-f PATH/Containerfile` option as well, the system will look for that file inside the contents of the archive. ``` -$ podman build -f dev/Dockerfile https://10.10.10.1/podman/context.tar.gz +$ podman build -f dev/Containerfile https://10.10.10.1/podman/context.tar.gz ``` Note: supported compression formats are 'xz', 'bzip2', 'gzip' and 'identity' (no compression). @@ -685,14 +697,14 @@ registries.conf is the configuration file which specifies which container regist ## Troubleshooting -If you are using a useradd command within a Dockerfile with a large UID/GID, it will create a large sparse file `/var/log/lastlog`. This can cause the build to hang forever. Go language does not support sparse files correctly, which can lead to some huge files being created in your container image. +If you are using a useradd command within a Containerfile with a large UID/GID, it will create a large sparse file `/var/log/lastlog`. This can cause the build to hang forever. Go language does not support sparse files correctly, which can lead to some huge files being created in your container image. ### Solution If you are using `useradd` within your build script, you should pass the `--no-log-init or -l` option to the `useradd` command. This option tells useradd to stop creating the lastlog file. ## SEE ALSO -podman(1), buildah(1), containers-registries.conf(5), useradd(8) +podman(1), buildah(1), containers-registries.conf(5), crun(8), runc(8), useradd(8) ## HISTORY May 2018, Minor revisions added by Joe Doss <joe@solidadmin.com> diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md index 46fa4fcd4..6617850fd 100644 --- a/docs/podman-create.1.md +++ b/docs/podman-create.1.md @@ -515,13 +515,16 @@ This works for both background and foreground containers. **--network**, **--net**="*bridge*" Set the Network mode for the container. Invalid if using **--dns**, **--dns-option**, or **--dns-search** with **--network** that is set to 'none' or 'container:<name|id>'. - 'bridge': create a network stack on the default bridge - 'none': no networking - 'container:<name|id>': reuse another container's network stack - 'host': use the Podman host network stack. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure. - '<network-name>|<network-id>': connect to a user-defined network - 'ns:<path>': path to a network namespace to join - 'slirp4netns': use slirp4netns to create a user network stack. This is the default for rootless containers + +Valid values are: + +- `bridge`: create a network stack on the default bridge +- `none`: no networking +- `container:<name|id>`: reuse another container's network stack +- `host`: use the Podman host network stack. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure. +- `<network-name>|<network-id>`: connect to a user-defined network, multiple networks should be comma separated +- `ns:<path>`: path to a network namespace to join +- `slirp4netns`: use slirp4netns to create a user network stack. This is the default for rootless containers **--network-alias**=*alias* @@ -626,6 +629,7 @@ If container is running in --read-only mode, then mount a read-write tmpfs on /r Restart policy to follow when containers exit. Restart policy will not take effect if a container is stopped via the `podman kill` or `podman stop` commands. + Valid values are: - `no` : Do not restart containers on exit @@ -710,12 +714,17 @@ Network Namespace - current sysctls allowed: Note: if you use the --network=host option these sysctls will not be allowed. -**--systemd**=*true|false* +**--systemd**=*true|false|always* Run container in systemd mode. The default is *true*. -If the command you running inside of the container is systemd or init, podman -will setup tmpfs mount points in the following directories: +The value *always* enforces the systemd mode is enforced without +looking at the executable name. Otherwise, if set to true and the +command you are running inside the container is systemd, /usr/sbin/init +or /sbin/init. + +If the command you are running inside of the container is systemd, +Podman will setup tmpfs mount points in the following directories: /run, /run/lock, /tmp, /sys/fs/cgroup/systemd, /var/lib/journal @@ -795,7 +804,7 @@ Set the UTS mode for the container **ns**: specify the user namespace to use. Note: the host mode gives the container access to changing the host's hostname and is therefore considered insecure. -**--volume**, **-v**[=*[HOST-DIR:CONTAINER-DIR[:OPTIONS]]*] +**--volume**, **-v**[=*[[SOURCE-VOLUME|HOST-DIR:]CONTAINER-DIR[:OPTIONS]]*] Create a bind mount. If you specify, ` -v /HOST-DIR:/CONTAINER-DIR`, podman bind mounts `/HOST-DIR` in the host to `/CONTAINER-DIR` in the podman @@ -805,11 +814,23 @@ container. The `OPTIONS` are a comma delimited list and can be: * [z|Z] * [`[r]shared`|`[r]slave`|`[r]private`] -The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The `HOST-DIR` -must be an absolute path as well. Podman bind-mounts the `HOST-DIR` to the -path you specify. For example, if you supply the `/foo` value, Podman creates a bind-mount. +The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The volume +will be mounted into the container at this directory. + +Volumes may specify a source as well, as either a directory on the host or the +name of a named volume. If no source is given, the volume will be created as an +anonymous named volume with a randomly generated name, and will be removed when +the container is removed via the `--rm` flag or `podman rm --volumes`. + +If a volume source is specified, it must be a path on the host or the name of a +named volume. Host paths are allowed to be absolute or relative; relative paths +are resolved relative to the directory Podman is run in. Any source that does +not begin with a `.` or `/` it will be treated as the name of a named volume. +If a volume with that name does not exist, it will be created. Volumes created +with names are not anonymous and are not removed by `--rm` and +`podman rm --volumes`. -You can specify multiple **-v** options to mount one or more mounts to a +You can specify multiple **-v** options to mount one or more volumes into a container. You can add `:ro` or `:rw` suffix to a volume to mount it read-only or diff --git a/docs/podman-derivative-api b/docs/podman-derivative-api new file mode 100644 index 000000000..1b6153df5 --- /dev/null +++ b/docs/podman-derivative-api @@ -0,0 +1,64 @@ +.TH How to use libpod for custom/derivative projects +.PP +libpod today is a Golang library and a CLI. The choice of interface you make has advantages and disadvantages. + +.SH Running as a subprocess +.PP +Advantages: + +.RS +.IP \(bu 2 +Many commands output JSON +.IP \(bu 2 +Works with languages other than Golang +.IP \(bu 2 +Easy to get started + +.RE + +.PP +Disadvantages: + +.RS +.IP \(bu 2 +Error handling is harder +.IP \(bu 2 +May be slower +.IP \(bu 2 +Can't hook into or control low\-level things like how images are pulled + +.RE + +.SH Vendoring into a Go project +.PP +Advantages: + +.RS +.IP \(bu 2 +Significant power and control + +.RE + +.PP +Disadvantages: + +.RS +.IP \(bu 2 +You are now on the hook for container runtime security updates (partially, \fB\fCrunc\fR/\fB\fCcrun\fR are separate) +.IP \(bu 2 +Binary size +.IP \(bu 2 +Potential skew between multiple libpod versions operating on the same storage can cause problems + +.RE + +.SH Varlink +.PP +Some code exists for this; splits the difference. Future uncertain. + +.SH Making the choice +.PP +A good question to ask first is: Do you want users to be able to use \fB\fCpodman\fR to manipulate the containers created by your project? +If so, that makes it more likely that you want to run \fB\fCpodman\fR as a subprocess. If you want a separate image store and a fundamentally +different experience; if what you're doing with containers is quite different from those created by the \fB\fCpodman\fR CLI, +that may drive you towards vendoring. diff --git a/docs/podman-network-create.1.md b/docs/podman-network-create.1.md index 0679d8ee2..c281d50d9 100644 --- a/docs/podman-network-create.1.md +++ b/docs/podman-network-create.1.md @@ -15,6 +15,11 @@ If no options are provided, Podman will assign a free subnet and name for your n Upon completion of creating the network, Podman will display the path to the newly added network file. ## OPTIONS +**--disable-dns** + +Disables the DNS plugin for this network which if enabled, can perform container to container name +resolution. + **-d**, , **--driver** Driver to manage the network (default "bridge"). Currently on `bridge` is supported. diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md index dfc634288..d6d8f4c1e 100644 --- a/docs/podman-run.1.md +++ b/docs/podman-run.1.md @@ -289,7 +289,7 @@ on the host system. Run the container in a new user namespace using the supplied mapping. This option conflicts with the --userns and --subgidname flags. This option can be passed several times to map different ranges. If calling Podman run as an unprivileged user, the user needs to have the right to use the mapping. See `subuid(5)`. -The example maps gids 0-2000 in the container to the gids 30000-31999 on the host. `--gidmap=0:30000:2000` +The example maps gids 0-1999 in the container to the gids 30000-31999 on the host. `--gidmap=0:30000:2000` **--group-add**=*group* @@ -526,11 +526,14 @@ This works for both background and foreground containers. **--network**, **--net**=*node* Set the Network mode for the container. Invalid if using **--dns**, **--dns-option**, or **--dns-search** with **--network** that is set to 'none' or 'container:<name|id>'. + +Valid values are: + - `bridge`: create a network stack on the default bridge - `none`: no networking - `container:<name|id>`: reuse another container's network stack - `host`: use the Podman host network stack. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure. -- `<network-name>|<network-id>`: connect to a user-defined network +- `<network-name>|<network-id>`: connect to a user-defined network, multiple networks should be comma separated - `ns:<path>`: path to a network namespace to join - `slirp4netns`: use slirp4netns to create a user network stack. This is the default for rootless containers @@ -645,6 +648,7 @@ If container is running in --read-only mode, then mount a read-write tmpfs on /r Restart policy to follow when containers exit. Restart policy will not take effect if a container is stopped via the `podman kill` or `podman stop` commands. + Valid values are: - `no` : Do not restart containers on exit @@ -747,12 +751,17 @@ Network Namespace - current sysctls allowed: Note: if you use the `--network=host` option these sysctls will not be allowed. -**--systemd**=*true|false* +**--systemd**=*true|false|always* Run container in systemd mode. The default is *true*. -If the command you are running inside of the container is systemd or init, Podman -will setup tmpfs mount points in the following directories: +The value *always* enforces the systemd mode is enforced without +looking at the executable name. Otherwise, if set to true and the +command you are running inside the container is systemd, /usr/sbin/init +or /sbin/init. + +If the command you are running inside of the container is systemd +Podman will setup tmpfs mount points in the following directories: /run, /run/lock, /tmp, /sys/fs/cgroup/systemd, /var/lib/journal @@ -794,7 +803,7 @@ standard input. Run the container in a new user namespace using the supplied mapping. This option conflicts with the --userns and --subuidname flags. This option can be passed several times to map different ranges. If calling Podman run as an unprivileged user, the user needs to have the right to use the mapping. See `subuid(5)`. -The example maps uids 0-2000 in the container to the uids 30000-31999 on the host. `--uidmap=0:30000:2000` +The example maps uids 0-1999 in the container to the uids 30000-31999 on the host. `--uidmap=0:30000:2000` **--ulimit**=*option* @@ -834,7 +843,7 @@ Set the UTS mode for the container **NOTE**: the host mode gives the container access to changing the host's hostname and is therefore considered insecure. -**--volume**, **-v**[=*[HOST-DIR-OR-VOUME-NAME:CONTAINER-DIR[:OPTIONS]]*] +**--volume**, **-v**[=*[[SOURCE-VOLUME|HOST-DIR:]CONTAINER-DIR[:OPTIONS]]*] Create a bind mount. If you specify, ` -v /HOST-DIR:/CONTAINER-DIR`, Podman bind mounts `/HOST-DIR` in the host to `/CONTAINER-DIR` in the Podman @@ -848,11 +857,23 @@ create one. * [`z`|`Z`] * [`[r]shared`|`[r]slave`|`[r]private`] -The `/CONTAINER-DIR` must be an absolute path such as `/src/docs`. The `/HOST-DIR` -must be an absolute path as well. Podman bind-mounts the `HOST-DIR` to the -path you specify. For example, if you supply the `/foo` value, Podman creates a bind-mount. +The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The volume +will be mounted into the container at this directory. + +Volumes may specify a source as well, as either a directory on the host or the +name of a named volume. If no source is given, the volume will be created as an +anonymous named volume with a randomly generated name, and will be removed when +the container is removed via the `--rm` flag or `podman rm --volumes`. + +If a volume source is specified, it must be a path on the host or the name of a +named volume. Host paths are allowed to be absolute or relative; relative paths +are resolved relative to the directory Podman is run in. Any source that does +not begin with a `.` or `/` it will be treated as the name of a named volume. +If a volume with that name does not exist, it will be created. Volumes created +with names are not anonymous and are not removed by `--rm` and +`podman rm --volumes`. -You can specify multiple **-v** options to mount one or more mounts to a +You can specify multiple **-v** options to mount one or more volumes into a container. You can add `:ro` or `:rw` suffix to a volume to mount it read-only or diff --git a/docs/podman-stats.1.md b/docs/podman-stats.1.md index e0cff0dc2..741873c3f 100644 --- a/docs/podman-stats.1.md +++ b/docs/podman-stats.1.md @@ -15,6 +15,9 @@ Note: Podman stats will not work in rootless environments that use CGroups V1. Podman stats relies on CGroup information for statistics, and CGroup v1 is not supported for rootless use cases. +Note: Rootless environments that use CGroups V2 are not able to report statistics +about their networking usage. + ## OPTIONS **--all**, **-a** diff --git a/docs/podman-system-migrate.1.md b/docs/podman-system-migrate.1.md index d175d0344..d5e3bcb95 100644 --- a/docs/podman-system-migrate.1.md +++ b/docs/podman-system-migrate.1.md @@ -24,6 +24,14 @@ pause process. The `/etc/subuid` and `/etc/subgid` files can then be edited or changed with usermod to recreate the user namespace with the newly configured mappings. +## OPTIONS + +**--new-runtime**=*runtime* + +Set a new OCI runtime for all containers. +This can be used after a system upgrade which changes the default OCI runtime to move all containers to the new runtime. +There are no guarantees that the containers will continue to work under the new runtime, as some runtimes support differing options and configurations. + ## SYNOPSIS **podman system migrate** diff --git a/docs/podman-volume-create.1.md b/docs/podman-volume-create.1.md index 6612b0ad2..b354f396f 100644 --- a/docs/podman-volume-create.1.md +++ b/docs/podman-volume-create.1.md @@ -30,6 +30,13 @@ Set metadata for a volume (e.g., --label mykey=value). **-o**, **--opt**=*option* Set driver specific options. +For the default driver, `local`, this allows a volume to be configured to mount a filesystem on the host. +For the `local` driver the following options are supported: `type`, `device`, and `o`. +The `type` option sets the type of the filesystem to be mounted, and is equivalent to the `-t` flag to **mount(8)**. +The `device` option sets the device to be mounted, and is equivalent to the `device` argument to **mount(8)**. +The `o` option sets options for the mount, and is equivalent to the `-o` flag to **mount(8)** with two exceptions. +The `o` option supports `uid` and `gid` options to set the UID and GID of the created volume that are not normally supported by **mount(8)**. +Using volume options with the `local` driver requires root privileges. ## EXAMPLES @@ -40,11 +47,13 @@ $ podman volume create $ podman volume create --label foo=bar myvol -$ podman volume create --opt device=tmpfs --opt type=tmpfs --opt o=nodev,noexec myvol +# podman volume create --opt device=tmpfs --opt type=tmpfs --opt o=nodev,noexec myvol + +# podman volume create --opt device=tmpfs --opt type=tmpfs --opt o=uid=1000,gid=1000 testvol ``` ## SEE ALSO -podman-volume(1) +podman-volume(1), mount(8) ## HISTORY November 2018, Originally compiled by Urvashi Mohnani <umohnani@redhat.com> diff --git a/docs/podman.1.md b/docs/podman.1.md index 742d94bd5..f6fa1a457 100644 --- a/docs/podman.1.md +++ b/docs/podman.1.md @@ -137,7 +137,7 @@ the exit codes follow the `chroot` standard, see below: | Command | Description | | ------------------------------------------------ | --------------------------------------------------------------------------- | | [podman-attach(1)](podman-attach.1.md) | Attach to a running container. | -| [podman-build(1)](podman-build.1.md) | Build a container image using a Dockerfile. | +| [podman-build(1)](podman-build.1.md) | Build a container image using a Containerfile. | | [podman-commit(1)](podman-commit.1.md) | Create new image based on the changed container. | | [podman-container(1)](podman-container.1.md) | Manage containers. | | [podman-cp(1)](podman-cp.1.md) | Copy files/folders between a container and the local filesystem. | diff --git a/docs/rtd/Makefile b/docs/rtd/Makefile new file mode 100644 index 000000000..50af6490a --- /dev/null +++ b/docs/rtd/Makefile @@ -0,0 +1,123 @@ +# Minimal makefile for Sphinx documentation +# + +# You can set these variables from the command line, and also +# from the environment for the first two. +SPHINXOPTS ?= +SPHINXBUILD ?= sphinx-build +SOURCEDIR = source +BUILDDIR = build + +# Put it first so that "make" without argument is like "make help". +help: + @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) + +clean: + rm -fr build/ + rm -f source/man/podman-*.1.md + +copy: + cp -v ../podman-attach.1.md source/man/ + cp -v ../podman-build.1.md source/man/ + cp -v ../podman-commit.1.md source/man/ + # container + cp -v ../podman-container-checkpoint.1.md source/man/ + cp -v ../podman-container-exists.1.md source/man/ + cp -v ../podman-container-restore.1.md source/man/ + cp -v ../podman-container-cleanup.1.md source/man/ + cp -v ../podman-container-prune.1.md source/man/ + cp -v ../podman-container-runlabel.1.md source/man/ + cp -v ../podman-cp.1.md source/man/ + cp -v ../podman-create.1.md source/man/ + cp -v ../podman-diff.1.md source/man/ + cp -v ../podman-events.1.md source/man/ + cp -v ../podman-exec.1.md source/man/ + cp -v ../podman-export.1.md source/man/ + # generate + cp -v ../podman-generate-systemd.1.md source/man/ + cp -v ../podman-generate-kube.1.md source/man/ + # healthcheck + cp -v ../podman-healthcheck-run.1.md source/man/ + #cp -v ../podman-help.1.md source/ + cp -v ../podman-history.1.md source/man/ + # image + cp -v ../podman-image-prune.1.md source/man/ + cp -v ../podman-image-tree.1.md source/man/ + cp -v ../podman-image-trust.1.md source/man/ + cp -v ../podman-image-exists.1.md source/man/ + cp -v ../podman-image-sign.1.md source/man/ + cp -v ../podman-images.1.md source/man/ + cp -v ../podman-import.1.md source/man/ + cp -v ../podman-info.1.md source/man/ + cp -v ../podman-init.1.md source/man/ + cp -v ../podman-inspect.1.md source/man/ + cp -v ../podman-kill.1.md source/man/ + cp -v ../podman-load.1.md source/man/ + cp -v ../podman-login.1.md source/man/ + cp -v ../podman-logout.1.md source/man/ + cp -v ../podman-logs.1.md source/man/ + cp -v ../podman-mount.1.md source/man/ + # network + cp -v ../podman-network-create.1.md source/man/ + cp -v ../podman-network-ls.1.md source/man/ + cp -v ../podman-network-inspect.1.md source/man/ + cp -v ../podman-network-rm.1.md source/man/ + cp -v ../podman-pause.1.md source/man/ + # play + cp -v ../podman-play-kube.1.md source/man/ + # pod + cp -v ../podman-pod-create.1.md source/man/ + cp -v ../podman-pod-pause.1.md source/man/ + cp -v ../podman-pod-rm.1.md source/man/ + cp -v ../podman-pod-top.1.md source/man/ + cp -v ../podman-pod-exists.1.md source/man/ + cp -v ../podman-pod-prune.1.md source/man/ + cp -v ../podman-pod-start.1.md source/man/ + cp -v ../podman-pod-unpause.1.md source/man/ + cp -v ../podman-pod-inspect.1.md source/man/ + cp -v ../podman-pod-ps.1.md source/man/ + cp -v ../podman-pod-stats.1.md source/man/ + cp -v ../podman-pod-kill.1.md source/man/ + cp -v ../podman-pod-restart.1.md source/man/ + cp -v ../podman-pod-stop.1.md source/man/ + cp -v ../podman-port.1.md source/man/ + cp -v ../podman-ps.1.md source/man/ + cp -v ../podman-pull.1.md source/man/ + cp -v ../podman-push.1.md source/man/ + cp -v ../podman-restart.1.md source/man/ + cp -v ../podman-rm.1.md source/man/ + cp -v ../podman-rmi.1.md source/man/ + cp -v ../podman-run.1.md source/man/ + cp -v ../podman-save.1.md source/man/ + cp -v ../podman-search.1.md source/man/ + cp -v ../podman-start.1.md source/man/ + cp -v ../podman-stats.1.md source/man/ + cp -v ../podman-stop.1.md source/man/ + # system + cp -v ../podman-system-migrate.1.md source/man/ + cp -v ../podman-system-renumber.1.md source/man/ + cp -v ../podman-system-df.1.md source/man/ + cp -v ../podman-system-prune.1.md source/man/ + cp -v ../podman-top.1.md source/man/ + cp -v ../podman-umount.1.md source/man/ + cp -v ../podman-unpause.1.md source/man/ + cp -v ../podman-unshare.1.md source/man/ + cp -v ../podman-varlink.1.md source/man/ + cp -v ../podman-version.1.md source/man/ + # volume + cp -v ../podman-volume-inspect.1.md source/man/ + cp -v ../podman-volume-prune.1.md source/man/ + cp -v ../podman-volume-create.1.md source/man/ + cp -v ../podman-volume-ls.1.md source/man/ + cp -v ../podman-volume-rm.1.md source/man/ + cp -v ../podman-wait.1.md source/man/ + +.PHONY: help Makefile copy + +html: copy + @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) + +# Catch-all target: route all unknown targets to Sphinx using the new +# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). +%: Makefile + @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) diff --git a/docs/rtd/make.bat b/docs/rtd/make.bat new file mode 100644 index 000000000..6247f7e23 --- /dev/null +++ b/docs/rtd/make.bat @@ -0,0 +1,35 @@ +@ECHO OFF
+
+pushd %~dp0
+
+REM Command file for Sphinx documentation
+
+if "%SPHINXBUILD%" == "" (
+ set SPHINXBUILD=sphinx-build
+)
+set SOURCEDIR=source
+set BUILDDIR=build
+
+if "%1" == "" goto help
+
+%SPHINXBUILD% >NUL 2>NUL
+if errorlevel 9009 (
+ echo.
+ echo.The 'sphinx-build' command was not found. Make sure you have Sphinx
+ echo.installed, then set the SPHINXBUILD environment variable to point
+ echo.to the full path of the 'sphinx-build' executable. Alternatively you
+ echo.may add the Sphinx directory to PATH.
+ echo.
+ echo.If you don't have Sphinx installed, grab it from
+ echo.http://sphinx-doc.org/
+ exit /b 1
+)
+
+%SPHINXBUILD% -M %1 %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% %O%
+goto end
+
+:help
+%SPHINXBUILD% -M help %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% %O%
+
+:end
+popd
diff --git a/docs/rtd/requirements.txt b/docs/rtd/requirements.txt new file mode 100644 index 000000000..44af373ac --- /dev/null +++ b/docs/rtd/requirements.txt @@ -0,0 +1,4 @@ +# requirements file for readthedocs pip installs + +# use md instead of rst +recommonmark diff --git a/docs/rtd/source/Commands.rst b/docs/rtd/source/Commands.rst new file mode 100644 index 000000000..f6ba5b20d --- /dev/null +++ b/docs/rtd/source/Commands.rst @@ -0,0 +1,107 @@ +Commands +======== + + +:doc:`attach <man/podman-attach.1>` Attach to a running container + +:doc:`build <man/podman-build.1>` Build an image using instructions from Containerfiles + +:doc:`commit <man/podman-commit.1>` Create new image based on the changed container + +:doc:`containers <man/managecontainers>` Manage Containers + +:doc:`cp <man/podman-cp.1>` Copy files/folders between a container and the local filesystem + +:doc:`create <man/podman-create.1>` Create but do not start a container + +:doc:`diff <man/podman-diff.1>` Inspect changes on container's file systems + +:doc:`events <man/podman-events.1>` Show podman events + +:doc:`exec <man/podman-exec.1>` Run a process in a running container + +:doc:`export <man/podman-export.1>` Export container's filesystem contents as a tar archive + +:doc:`generate <man/generate>` Generated structured data + +:doc:`healthcheck <man/healthcheck>` Manage Healthcheck + +:doc:`history <man/podman-history.1>` Show history of a specified image + +:doc:`image <man/image>` Manage images + +:doc:`images <man/podman-images.1>` List images in local storage + +:doc:`import <man/podman-import.1>` Import a tarball to create a filesystem image + +:doc:`info <man/podman-info.1>` Display podman system information + +:doc:`init <man/podman-init.1>` Initialize one or more containers + +:doc:`inspect <man/podman-inspect.1>` Display the configuration of a container or image + +:doc:`kill <man/podman-kill.1>` Kill one or more running containers with a specific signal + +:doc:`load <man/podman-load.1>` Load an image from container archive + +:doc:`login <man/podman-login.1>` Login to a container registry + +:doc:`logout <man/podman-logout.1>` Logout of a container registry + +:doc:`logs <man/podman-logs.1>` Fetch the logs of a container + +:doc:`mount <man/podman-mount.1>` Mount a working container's root filesystem + +:doc:`network <man/network>` Manage Networks + +:doc:`pause <man/podman-pause.1>` Pause all the processes in one or more containers + +:doc:`play <man/play>` Play a pod + +:doc:`pod <man/pod>` Manage pods + +:doc:`port <man/podman-port.1>` List port mappings or a specific mapping for the container + +:doc:`ps <man/podman-ps.1>` List containers + +:doc:`pull <man/podman-pull.1>` Pull an image from a registry + +:doc:`push <man/podman-push.1>` Push an image to a specified destination + +:doc:`restart <man/podman-restart.1>` Restart one or more containers + +:doc:`rm <man/podman-rm.1>` Remove one or more containers + +:doc:`rmi <man/podman-rmi.1>` Removes one or more images from local storage + +:doc:`run <man/podman-run.1>` Run a command in a new container + +:doc:`save <man/podman-save.1>` Save image to an archive + +:doc:`search <man/podman-search.1>` Search registry for image + +:doc:`start <man/podman-start.1>` Start one or more containers + +:doc:`stats <man/podman-stats.1>` Display a live stream of container resource usage statistics + +:doc:`stop <man/podman-stop.1>` Stop one or more containers + +:doc:`system <man/system>` Manage podman + +:doc:`tag <man/podman-tag.1>` Add an additional name to a local image + +:doc:`top <man/podman-top.1>` Display the running processes of a container + +:doc:`umount <man/podman-umount.1>` Unmounts working container's root filesystem + +:doc:`unpause <man/podman-unpause.1>` Unpause the processes in one or more containers + +:doc:`unshare <man/podman-unshare.1>` Run a command in a modified user namespace + +:doc:`varlink <man/podman-varlink.1>` Run varlink interface + +:doc:`version <man/podman-version.1>` Display the Podman Version Information + +:doc:`volume <man/volume>` Manage volumes + +:doc:`wait <man/podman-wait.1>` Block on one or more containers
\ No newline at end of file diff --git a/docs/rtd/source/Introduction.rst b/docs/rtd/source/Introduction.rst new file mode 100644 index 000000000..c516b3317 --- /dev/null +++ b/docs/rtd/source/Introduction.rst @@ -0,0 +1,2 @@ +Introduction +============ diff --git a/docs/rtd/source/Reference.rst b/docs/rtd/source/Reference.rst new file mode 100644 index 000000000..9a771c87f --- /dev/null +++ b/docs/rtd/source/Reference.rst @@ -0,0 +1,2 @@ +Reference +========= diff --git a/docs/rtd/source/Tutorials.rst b/docs/rtd/source/Tutorials.rst new file mode 100644 index 000000000..0c7e28c3b --- /dev/null +++ b/docs/rtd/source/Tutorials.rst @@ -0,0 +1,2 @@ +Tutorials +========= diff --git a/docs/rtd/source/conf.py b/docs/rtd/source/conf.py new file mode 100644 index 000000000..d95290f72 --- /dev/null +++ b/docs/rtd/source/conf.py @@ -0,0 +1,57 @@ +# Configuration file for the Sphinx documentation builder. +# +# This file only contains a selection of the most common options. For a full +# list see the documentation: +# https://www.sphinx-doc.org/en/master/usage/configuration.html + +# -- Path setup -------------------------------------------------------------- + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +# +# import os +# import sys +# sys.path.insert(0, os.path.abspath('.')) + + +# -- Project information ----------------------------------------------------- + +project = 'Podman' +copyright = '2019, team' +author = 'team' + + +# -- General configuration --------------------------------------------------- + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + 'recommonmark', +] + +# Add any paths that contain templates here, relative to this directory. +templates_path = ['_templates'] + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +# This pattern also affects html_static_path and html_extra_path. +exclude_patterns = [] + +master_doc = 'index' + +# -- Options for HTML output ------------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +# +html_theme = 'alabaster' + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ['_static'] + + +# -- Extension configuration ------------------------------------------------- diff --git a/docs/rtd/source/index.rst b/docs/rtd/source/index.rst new file mode 100644 index 000000000..9dd61a6a6 --- /dev/null +++ b/docs/rtd/source/index.rst @@ -0,0 +1,26 @@ +.. Podman documentation master file, created by + sphinx-quickstart on Tue Oct 22 15:20:30 2019. + You can adapt this file completely to your liking, but it should at least + contain the root `toctree` directive. + +Welcome to Podman's documentation! +================================== + +.. toctree:: + :maxdepth: 2 + :caption: Contents: + + Introduction + Commands + Reference + Tutorials + + + + +Indices and tables +================== + +* :ref:`genindex` +* :ref:`modindex` +* :ref:`search` diff --git a/docs/rtd/source/man/generate.rst b/docs/rtd/source/man/generate.rst new file mode 100644 index 000000000..e82a15735 --- /dev/null +++ b/docs/rtd/source/man/generate.rst @@ -0,0 +1,6 @@ +Generate +======== + +:doc:`kube <podman-generate-kube.1>` Generate Kubernetes pod YAML from a container or pod + +:doc:`systemd <podman-generate-systemd.1>` Generate a systemd unit file for a Podman container diff --git a/docs/rtd/source/man/healthcheck.rst b/docs/rtd/source/man/healthcheck.rst new file mode 100644 index 000000000..697c1358b --- /dev/null +++ b/docs/rtd/source/man/healthcheck.rst @@ -0,0 +1,4 @@ +HealthCheck +=========== + +:doc:`run <podman-healthcheck-run.1>` run the health check of a container diff --git a/docs/rtd/source/man/image.rst b/docs/rtd/source/man/image.rst new file mode 100644 index 000000000..ad963cd41 --- /dev/null +++ b/docs/rtd/source/man/image.rst @@ -0,0 +1,35 @@ +Image +===== + + +:doc:`build <podman-build.1>` Build an image using instructions from Containerfiles + +:doc:`exists <podman-image-exists.1>` Check if an image exists in local storage + +:doc:`history <podman-history.1>` Show history of a specified image + +:doc:`import <podman-import.1>` Import a tarball to create a filesystem image + +:doc:`inspect <podman-inspect.1>` Display the configuration of an image + +:doc:`list <podman-images.1>` List images in local storage + +:doc:`load <podman-load.1>` Load an image from container archive + +:doc:`prune <podman-image-prune.1>` Remove unused images + +:doc:`pull <podman-pull.1>` Pull an image from a registry + +:doc:`push <podman-push.1>` Push an image to a specified destination + +:doc:`rm <podman-rmi.1>` Removes one or more images from local storage + +:doc:`save <podman-save.1>` Save image to an archive + +:doc:`sign <podman-image-sign.1>` Sign an image + +:doc:`tag <podman-tag.1>` Add an additional name to a local image + +:doc:`tree <podman-image-tree.1>` Prints layer hierarchy of an image in a tree format + +:doc:`trust <podman-image-trust.1>` Manage container image trust policy diff --git a/docs/rtd/source/man/managecontainers.rst b/docs/rtd/source/man/managecontainers.rst new file mode 100644 index 000000000..20e8c0679 --- /dev/null +++ b/docs/rtd/source/man/managecontainers.rst @@ -0,0 +1,64 @@ +Manage Containers +================= + +:doc:`attach <podman-attach.1>` Attach to a running container + +:doc:`checkpoint <podman-container-checkpoint.1>` Checkpoints one or more containers + +:doc:`cleanup <podman-container-cleanup.1>` Cleanup network and mountpoints of one or more containers + +:doc:`commit <podman-commit.1>` Create new image based on the changed container + +:doc:`cp <podman-cp.1>` Copy files/folders between a container and the local filesystem + +:doc:`create <podman-create.1>` Create but do not start a container + +:doc:`diff <podman-diff.1>` Inspect changes on container's file systems + +:doc:`exec <podman-exec.1>` Run a process in a running container + +:doc:`exists <podman-exists.1>` Check if a container exists in local storage + +:doc:`export <podman-export.1>` Export container's filesystem contents as a tar archive + +:doc:`init <podman-init.1>` Initialize one or more containers + +:doc:`inspect <podman-inspect.1>` Display the configuration of a container or image + +:doc:`kill <podman-kill.1>` Kill one or more running containers with a specific signal + +:doc:`list <podman-ps.1>` List containers + +:doc:`logs <podman-logs.1>` Fetch the logs of a container + +:doc:`mount <podman-mount.1>` Mount a working container's root filesystem + +:doc:`pause <podman-pause.1>` Pause all the processes in one or more containers + +:doc:`port <podman-port.1>` List port mappings or a specific mapping for the container + +:doc:`restart <podman-restart.1>` Restart one or more containers + +:doc:`prune <podman-container-prune.1>` Remove all stopped containers + +:doc:`restore <podman-container-restore.1>` Restores one or more containers from a checkpoint + +:doc:`rm <podman-rm.1>` Remove one or more containers + +:doc:`run <podman-run.1>` Run a command in a new container + +:doc:`runlabel <podman-container-runlabel.1>` Execute the command described by an image label + +:doc:`start <podman-start.1>` Start one or more containers + +:doc:`stats <podman-stats.1>` Display a live stream of container resource usage statistics + +:doc:`stop <podman-stop.1>` Stop one or more containers + +:doc:`top <podman-top.1>` Display the running processes of a container + +:doc:`umount <podman-umount.1>` Unmounts working container's root filesystem + +:doc:`unpause <podman-unpause.1>` Unpause the processes in one or more containers + +:doc:`wait <podman-wait.1>` Block on one or more containers diff --git a/docs/rtd/source/man/network.rst b/docs/rtd/source/man/network.rst new file mode 100644 index 000000000..6d6a4c022 --- /dev/null +++ b/docs/rtd/source/man/network.rst @@ -0,0 +1,10 @@ +Network +===== + +:doc:`create <podman-network-create.1>` network create + +:doc:`inspect <podman-network-inspect.1>` network inspect + +:doc:`ls <podman-network-ls.1>` network list + +:doc:`rm <podman-network-rm.1>` network rm
\ No newline at end of file diff --git a/docs/rtd/source/man/play.rst b/docs/rtd/source/man/play.rst new file mode 100644 index 000000000..93e1a9a1e --- /dev/null +++ b/docs/rtd/source/man/play.rst @@ -0,0 +1,4 @@ +Play +==== + +:doc:`kube <podman-play-kube.1>` Play a pod based on Kubernetes YAML diff --git a/docs/rtd/source/man/pod.rst b/docs/rtd/source/man/pod.rst new file mode 100644 index 000000000..13c1740f8 --- /dev/null +++ b/docs/rtd/source/man/pod.rst @@ -0,0 +1,30 @@ +Pod +=== + +:doc:`create <podman-pod-create.1>` Create a new empty pod + +:doc:`exists <podman-pod-exists.1>` Check if a pod exists in local storage + +:doc:`inspect <podman-pod-inspect.1>` Displays a pod configuration + +:doc:`kill <podman-pod-kill.1>` Send the specified signal or SIGKILL to containers in pod + +:doc:`pause <podman-pause.1>` Pause one or more pods + +:doc:`prune <podman-pod-prune.1>` Remove all stopped pods + +:doc:`ps <podman-pod-ps.1>` List pods + +:doc:`restart <podman-pod-restart.1>` Restart one or more pods + +:doc:`rm <podman-pod-rm.1>` Remove one or more pods + +:doc:`start <podman-pod-start.1>` Start one or more pods + +:doc:`stats <podman-pod-stats.1>` Display a live stream of resource usage statistics for the containers in one or more pods + +:doc:`stop <podman-pod-stop.1>` Stop one or more pods + +:doc:`top <podman-pod-top.1>` Display the running processes of containers in a pod + +:doc:`unpause <podman-pod-unpause.1>` Unpause one or more pods diff --git a/docs/rtd/source/man/system.rst b/docs/rtd/source/man/system.rst new file mode 100644 index 000000000..764ec01c1 --- /dev/null +++ b/docs/rtd/source/man/system.rst @@ -0,0 +1,12 @@ +System +====== + +:doc:`df <podman-system-df.1>` Show podman disk usage + +:doc:`info <podman-info.1>` Display podman system information + +:doc:`migrate <podman-system-migrate.1>` Migrate containers + +:doc:`prune <podman-system-prune.1>` Remove unused data + +:doc:`renumber <podman-system-renumber.1>` Migrate lock numbers diff --git a/docs/rtd/source/man/volume.rst b/docs/rtd/source/man/volume.rst new file mode 100644 index 000000000..ee18e4b2e --- /dev/null +++ b/docs/rtd/source/man/volume.rst @@ -0,0 +1,11 @@ +Volume +====== +:doc:`create <podman-volume-create.1>` Create a new volume + +:doc:`inspect <podman-volume-inspect.1>` Display detailed information on one or more volumes + +:doc:`ls <podman-volume-ls.1>` List volumes + +:doc:`prune <podman-volume-prune.1>` Remove all unused volumes + +:doc:`rm <podman-volume-rm.1>` Remove one or more volumes
\ No newline at end of file diff --git a/docs/tutorials/rootless_tutorial.md b/docs/tutorials/rootless_tutorial.md index ed700485a..9a31826bd 100644 --- a/docs/tutorials/rootless_tutorial.md +++ b/docs/tutorials/rootless_tutorial.md @@ -13,7 +13,7 @@ The alternative OCI runtime support for cgroup V2 can be turned on at the comma ``` sudo podman --runtime /usr/bin/crun ``` -or by changing the value for the "Default OCI runtime" in the libpod.conf file either at the system level or at the [#user-configuration-files](user level) from `runtime = "runc"` to `runtime = "crun"`. +or by changing the value for the "Default OCI runtime" in the libpod.conf file either at the system level or at the [user level](#user-configuration-files) from `runtime = "runc"` to `runtime = "crun"`. ## Administrator Actions @@ -59,7 +59,7 @@ The format of this file is USERNAME:UID:RANGE This means the user johndoe is allocated UIDS 100000-165535 as well as their standard UID in the /etc/passwd file. NOTE: this is not currently supported with network installs. These files must be available locally to the host machine. It is not possible to configure this with LDAP or Active Directory. -If you update either the /etc/subuid or the /etc/subgid file, you need to stop all the running containers owned by the user and kill the pause process that is running on the system for that user. This can be done automatically by using the `[podman system migrate](https://github.com/containers/libpod/blob/master/docs/podman-system-migrate.1.md)` command which will stop all the containers for the user and will kill the pause process. +If you update either the /etc/subuid or the /etc/subgid file, you need to stop all the running containers owned by the user and kill the pause process that is running on the system for that user. This can be done automatically by using the [`podman system migrate`](https://github.com/containers/libpod/blob/master/docs/podman-system-migrate.1.md) command which will stop all the containers for the user and will kill the pause process. Rather than updating the files directly, the usermod program can be used to assign UIDs and GIDs to a user. |