| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
| |
Most network commands/features work with both netavark and CNI. When
we added added netavark most docs were not vetted and thus still use CNI
network, it should just say network.
Fixes #14990
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Followup to #14906, in which a nonexistent option was found
in a man page. The xref script was designed to catch that,
but I was too lax in my parsing: the option was documented
using wrong syntax, and the script didn't catch it.
Solution: do not allow *any* unrecognized cruft in the
option description lines. And fix all improperly-written
entries to conform to the rule:
**--option**=*value(s)*
Two asterisks around option, which must have two dashes. One
asterisk around value(s).
This is going to cause headaches for some people adding new
options, but I don't think I can fix that: there are many
factors that make an unparseable line. Adding 'hint' code
would make the script even more complex than it is. I have
to assume that our contributors are smart enough to look
at surrounding context and figure out the right way to
specify options.
Signed-off-by: Ed Santiago <santiago@redhat.com>
<MH: Fixed cherry-pick conflicts>
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
|
|
| |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
|
|
|
| |
Add support for -c as an alias for --cpu-shares to be compatible with
Docker.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
* Correct spelling and typos.
* Improve language.
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
|
|
|
|
| |
* Reference --uidmap in --gidmap docs for additional information
* Remove --gidmap example "groupname -> 100000 / 30000 -> 0"
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Make sure that the docs for pull policies is consistent with Buildah and
reflects the implementation.
Further improve the help messages and auto completions.
[NO NEW TESTS NEEDED]
Fixes: #14846
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
| |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
add two new options to the volume create command: copy and nocopy.
When nocopy is specified, the files from the container image are not
copied up to the volume.
Closes: https://github.com/containers/podman/issues/14722
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
* Replace "setup", "lookup", "cleanup", "backup" with
"set up", "look up", "clean up", "back up"
when used as verbs. Replace also variations of those.
* Improve language in a few places.
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
* Add docs about trailing * functionality in podman-exec.1.md
* Rewrite --env description in podman-create.1.md and podman-run.1.md
* Rewrite the --env examples in podman-create.1.md and podman-run.1.md
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |\
| |
| | |
[CI:DOCS] Mount propagation works with named volumes
|
| | |
| |
| |
| |
| |
| | |
Fixes: https://github.com/containers/podman/issues/13939
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
In podman run --help, the message said megabyte, gigabyte, etc. In reality podman takes mebibytes, gibibytes, etc.
[CI:DOCS]
Signed-off-by: Karthik Elango <kelango@redhat.com>
|
| |/
|
|
|
|
| |
This also unifies the documentation of `--publish` for `podman create`, `podman run`, and `podman pod create`.
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
|
| |
|
|
|
|
|
|
|
|
| |
The init binary until now has been bind-mounted to /dev/init which
breaks when bind-mounting to /dev. Instead mount the init to
/run/podman-init. The reasoning for using /run is that it is already
used for other runtime data such as secrets.
Fixes: #14251
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
|
|
|
|
| |
Some docs say roofull. Change to rootful.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |\
| |
| | |
use etchosts package from c/common
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Update the documentation for /etc/hosts options --add-host and
--no-hosts. Also make sure that all references use the same text for
consistency.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
| |
From a security point of view, it would be nice to be able to map a
rootless usernamespace that does not use your own UID within the
container.
This would add protection against a hostile process escapping the
container and reading content in your homedir.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We already have ipv6 enabled as default via the containers.conf setting.
However the documentation did not reflect this. Also if no options were
set in contianers.conf it would have ipv6 disabled.
We can now remove the extra option from containers.conf.
Also fix another outdated option description for host.containers.internal
and add that the options can also be set in contianers.conf.
[NO NEW TESTS NEEDED]
Fixes #13914
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\
| |
| | |
Add support for ipc namespace modes "none, private, sharable"
|
| | |
| |
| |
| |
| |
| | |
Fixes: #13265
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
|
|
|
| |
It allows to customize the entry that is written to the `/etc/passwd`
file when --passwd is used.
Closes: https://github.com/containers/podman/issues/13185
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
* Remove the statement that rootless --userns=auto does not work.
* Mention that --userns=keep-id consumes all subuids and subgids.
Co-authored-by: Tom Sweeney <tsweeney@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
|
|
| |
it was released more than two years ago.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\
| |
| | |
When running systemd in a container set container_uuid
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
systemd expects the container_uuid environment variable be set
when it is running in a container.
Fixes: https://github.com/containers/podman/issues/13187
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
Command flags (OPTIONS) in man pages have to date been in
haphazard order. Sometimes that order is sensible, e.g.,
most-important options first, but more often they're
just in arbitrary places. This makes life hard for users.
Here, I update the man-page-check Makefile script so it
checks and enforces alphabetical order in OPTIONS sections.
Then -- the hard part -- update all existing man pages to
conform to this requirement.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
| |
Signed-off-by: LStandman <65296484+LStandman@users.noreply.github.com>
|
| |\
| |
| | |
Clarify remote client means Mac and Windows
|
| | |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
|
| |
Clarify "--oom-kill-disable" is not supported on cgroups V2 in
documentation.
Signed-off-by: Tsubasa Watanabe <w.tsubasa@fujitsu.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Often users want their overlayed volumes to be `non-volatile` in nature
that means that same `upper` dir can be re-used by one or more
containers but overall of nature of volumes still have to be `overlay`
so work done is still on a overlay not on the actual volume.
Following PR adds support for more advanced options i.e custom `workdir`
and `upperdir` for overlayed volumes. So that users can re-use `workdir`
and `upperdir` across new containers as well.
Usage
```console
$ podman run -it -v myvol:/data:O,upperdir=/path/persistant/upper,workdir=/path/persistant/work alpine sh
```
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |
|
|
| |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
| |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
* Replace https://github.com/containers/podman/blob/master
with https://github.com/containers/podman/blob/main
to match the new default branch "main". Previously
the default branch was "master". The substitutions were
made in the documentation but not the code.
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
| |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
add a check in namespaceOptions() that ensures the user is not setting a new uid/gid map
if entering or creating a pod that has an infra container
resolves #12669
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add the --ipv6 flag to podman create/run and pod create. We support the
--network name:ip6=<ip> syntax now but for docker compat we should also
support the --ip6 flag.
Note that there is no validation if the ip is actually a v6 or v4 address
because the backend does not care either.
Fixes #7511
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\
| |
| | |
Allow users to add host user accounts to /etc/passwd
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Some containers require certain user account(s) to exist within the
container when they are run. This option will allow callers to add a
bunch of passwd entries from the host to the container even if the
entries are not in the local /etc/passwd file on the host.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1935831
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| |/
|/| |
clarify `io.podman.annotations.seccomp`
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Clarify the semantics of the `io.podman.annotations.seccomp` annotation
which is set when a container has been created with a custom seccomp
profile.
Fixes: #12671
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |/
|
|
|
|
|
|
|
| |
document how the host IDs are mapped inside the rootless user
namespace.
Closes: https://github.com/containers/podman/issues/12676
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
added support for a new flag --passwd which, when false prohibits podman from creating entries in
/etc/passwd and /etc/groups allowing users to modify those files in the container entrypoint
resolves #11805
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rework the --network parse logic to support multiple networks with
specific network configuration settings.
--network can now be set multiple times. For bridge network mode the
following options have been added:
- **alias=name**: Add network-scoped alias for the container.
- **ip=IPv4**: Specify a static ipv4 address for this container.
- **ip=IPv6**: Specify a static ipv6 address for this container.
- **mac=MAC**: Specify a static mac address address for this container.
- **interface_name**: Specify a name for the created network interface inside the container.
So now you can set --network bridge:ip=10.88.0.10,mac=44:33:22:11:00:99
for the default bridge network as well as for network names.
This is better than using --ip because we can set the ip per network
without any confusion which network the ip address should be assigned
to.
The --ip, --mac-address and --network-alias options are still supported
but --ip or --mac-address can only be set when only one network is set.
This limitation already existed previously.
The ability to specify a custom network interface name is new
Fixes #11534
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
| |
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Add a note to show how to workaround the `--tz` option
being ignored in the run command.
Related to: https://bugzilla.redhat.com/show_bug.cgi?id=1984251
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
