From 6979d140f1c531fd32e885542be27407105ebf90 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Tue, 28 Jul 2020 10:25:14 -0400 Subject: Add podman image mount There are many use cases where you want to just mount an image without creating a container on it. For example you might want to just examine the content in an image after you pull it for security analysys. Or you might want to just use the executables on the image without running it in a container. The image is mounted readonly since we do not want people changing images. Signed-off-by: Daniel J Walsh --- docs/source/markdown/links/podman-image-umount.1 | 1 + docs/source/markdown/podman-image-mount.1.md | 76 ++++++++++++++++++++++++ docs/source/markdown/podman-image-unmount.1.md | 43 ++++++++++++++ docs/source/markdown/podman-image.1.md | 32 +++++----- 4 files changed, 137 insertions(+), 15 deletions(-) create mode 100644 docs/source/markdown/links/podman-image-umount.1 create mode 100644 docs/source/markdown/podman-image-mount.1.md create mode 100644 docs/source/markdown/podman-image-unmount.1.md (limited to 'docs') diff --git a/docs/source/markdown/links/podman-image-umount.1 b/docs/source/markdown/links/podman-image-umount.1 new file mode 100644 index 000000000..129212aab --- /dev/null +++ b/docs/source/markdown/links/podman-image-umount.1 @@ -0,0 +1 @@ +.so man1/podman-image-unmount.1 diff --git a/docs/source/markdown/podman-image-mount.1.md b/docs/source/markdown/podman-image-mount.1.md new file mode 100644 index 000000000..f98b46571 --- /dev/null +++ b/docs/source/markdown/podman-image-mount.1.md @@ -0,0 +1,76 @@ +% podman-image-mount(1) + +## NAME +podman\-image\-mount - Mount an image's root filesystem + +## SYNOPSIS +**podman image mount** [*options*] [*image* ...] + +## DESCRIPTION +Mounts the specified images' root file system in a location which can be +accessed from the host, and returns its location. + +If you execute the command without any arguments, Podman will list all of the +currently mounted images. + +Rootless mode only supports mounting VFS driver, unless you enter the user namespace +via the `podman unshare` command. All other storage drivers will fail to mount. + +## RETURN VALUE +The location of the mounted file system. On error an empty string and errno is +returned. + +## OPTIONS + +**--all**, **-a** + +Mount all images. + +**--format**=*format* + +Print the mounted images in specified format (json). + +## EXAMPLE + +``` +podman image mount fedora ubi8-init + +/var/lib/containers/storage/overlay/f3ac502d97b5681989dff84dfedc8354239bcecbdc2692f9a639f4e080a02364/merged +/var/lib/containers/storage/overlay/0ff7d7ca68bed1ace424f9df154d2dd7b5a125c19d887f17653cbcd5b6e30ba1/merged +``` + +``` +podman mount + +registry.fedoraproject.org/fedora:latest /var/lib/containers/storage/overlay/f3ac502d97b5681989dff84dfedc8354239bcecbdc2692f9a639f4e080a02364/merged +registry.access.redhat.com/ubi8-init:latest /var/lib/containers/storage/overlay/0ff7d7ca68bed1ace424f9df154d2dd7b5a125c19d887f17653cbcd5b6e30ba1/merged +``` + +``` +podman image mount --format json +[ + { + "id": "00ff39a8bf19f810a7e641f7eb3ddc47635913a19c4996debd91fafb6b379069", + "Names": [ + "sha256:58de585a231aca14a511347bc85b912a6f000159b49bc2b0582032911e5d3a6c" + ], + "Repositories": [ + "registry.fedoraproject.org/fedora:latest" + ], + "mountpoint": "/var/lib/containers/storage/overlay/0ccfac04663bbe8813b5f24502ee0b7371ce5bf3c5adeb12e4258d191c2cf7bc/merged" + }, + { + "id": "bcc2dc9a261774ad25a15e07bb515f9b77424266abf2a1252ec7bcfed1dd0ac2", + "Names": [ + "sha256:d5f260b2e51b3ee9d05de1c31d261efc9af28e7d2d47cedf054c496d71424d63" + ], + "Repositories": [ + "registry.access.redhat.com/ubi8-init:latest" + ], + "mountpoint": "/var/lib/containers/storage/overlay/d66b58e3391ea8ce4c81316c72e22b332618f2a28b461a32ed673e8998cdaeb8/merged" + } +] +``` + +## SEE ALSO +podman(1), podman-image-umount(1), mount(8), podman-unshare(1) diff --git a/docs/source/markdown/podman-image-unmount.1.md b/docs/source/markdown/podman-image-unmount.1.md new file mode 100644 index 000000000..c026c49ac --- /dev/null +++ b/docs/source/markdown/podman-image-unmount.1.md @@ -0,0 +1,43 @@ +% podman-image-unmount(1) + +## NAME +podman\-image\-unmount - Unmount an image's root filesystem + +## SYNOPSIS +**podman image unmount** [*options*] *image* [...] + +**podman image umount** [*options*] *image* [...] + +## DESCRIPTION +Unmounts the specified images' root file system, if no other processes +are using it. + +Image storage increments a mount counter each time a image is mounted. +When a image is unmounted, the mount counter is decremented, and the +image's root filesystem is physically unmounted only when the mount +counter reaches zero indicating no other processes are using the mount. +An unmount can be forced with the --force flag. + +## OPTIONS +**--all**, **-a** + +All of the currently mounted images will be unmounted. + +**--force**, **-f** + +Force the unmounting of specified images' root file system, even if other +processes have mounted it. + +Note: This could cause other processes that are using the file system to fail, +as the mount point could be removed without their knowledge. + +## EXAMPLE + +podman image unmount imageID + +podman image unmount imageID1 imageID2 imageID3 + +podman image unmount --all + +## SEE ALSO +podman(1), podman-image-mount(1), podman-container-mount(1) diff --git a/docs/source/markdown/podman-image.1.md b/docs/source/markdown/podman-image.1.md index dfff57b31..55e95d032 100644 --- a/docs/source/markdown/podman-image.1.md +++ b/docs/source/markdown/podman-image.1.md @@ -17,21 +17,23 @@ The image command allows you to manage images | diff | [podman-image-diff(1)](podman-image-diff.1.md) | Inspect changes on an image's filesystem. | | exists | [podman-image-exists(1)](podman-image-exists.1.md) | Check if an image exists in local storage. | | history | [podman-history(1)](podman-history.1.md) | Show the history of an image. | -| import | [podman-import(1)](podman-import.1.md) | Import a tarball and save it as a filesystem image. | -| inspect | [podman-inspect(1)](podman-inspect.1.md) | Display a image or image's configuration. | -| list | [podman-images(1)](podman-images.1.md) | List the container images on the system.(alias ls) | -| load | [podman-load(1)](podman-load.1.md) | Load an image from the docker archive. | -| prune | [podman-image-prune(1)](podman-image-prune.1.md)| Remove all unused images from the local store. | -| pull | [podman-pull(1)](podman-pull.1.md) | Pull an image from a registry. | -| push | [podman-push(1)](podman-push.1.md) | Push an image from local storage to elsewhere. | -| rm | [podman-rmi(1)](podman-rmi.1.md) | Removes one or more locally stored images. | -| save | [podman-save(1)](podman-save.1.md) | Save an image to docker-archive or oci. | -| search | [podman-search(1)](podman-search.1.md) | Search a registry for an image. | -| sign | [podman-image-sign(1)](podman-image-sign.1.md) | Create a signature for an image. | -| tag | [podman-tag(1)](podman-tag.1.md) | Add an additional name to a local image. | -| untag | [podman-untag(1)](podman-untag.1.md) | Removes one or more names from a locally-stored image. | -| tree | [podman-image-tree(1)](podman-image-tree.1.md) | Prints layer hierarchy of an image in a tree format. | -| trust | [podman-image-trust(1)](podman-image-trust.1.md)| Manage container registry image trust policy. | +| import | [podman-import(1)](podman-import.1.md) | Import a tarball and save it as a filesystem image. | +| inspect | [podman-inspect(1)](podman-inspect.1.md) | Display a image or image's configuration. | +| list | [podman-images(1)](podman-images.1.md) | List the container images on the system.(alias ls) | +| mount | [podman-image-mount(1)](podman-image-mount.1.md) | Mount an image's root filesystem. | +| load | [podman-load(1)](podman-load.1.md) | Load an image from the docker archive. | +| prune | [podman-image-prune(1)](podman-image-prune.1.md) | Remove all unused images from the local store. | +| pull | [podman-pull(1)](podman-pull.1.md) | Pull an image from a registry. | +| push | [podman-push(1)](podman-push.1.md) | Push an image from local storage to elsewhere. | +| rm | [podman-rmi(1)](podman-rmi.1.md) | Removes one or more locally stored images. | +| save | [podman-save(1)](podman-save.1.md) | Save an image to docker-archive or oci. | +| search | [podman-search(1)](podman-search.1.md) | Search a registry for an image. | +| sign | [podman-image-sign(1)](podman-image-sign.1.md) | Create a signature for an image. | +| tag | [podman-tag(1)](podman-tag.1.md) | Add an additional name to a local image. | +| untag | [podman-untag(1)](podman-untag.1.md) | Removes one or more names from a locally-stored image. | +| unmount | [podman-image-unmount(1)](podman-image-unmount.1.md) | Unmount an image's root filesystem. | +| tree | [podman-image-tree(1)](podman-image-tree.1.md) | Prints layer hierarchy of an image in a tree format. | +| trust | [podman-image-trust(1)](podman-image-trust.1.md) | Manage container registry image trust policy. | ## SEE ALSO podman -- cgit v1.2.3-54-g00ecf