mirror of
https://github.com/containers/podman
synced 2024-10-19 08:44:11 +00:00
Merge pull request #4557 from rhatdan/man
Document other bind options on --volumes flag
This commit is contained in:
commit
f5ef3d59bc
|
@ -817,6 +817,10 @@ container. The `OPTIONS` are a comma delimited list and can be:
|
|||
* [rw|ro]
|
||||
* [z|Z]
|
||||
* [`[r]shared`|`[r]slave`|`[r]private`]
|
||||
* [`[r]bind`]
|
||||
* [`noexec`|`exec`]
|
||||
* [`nodev`|`dev`]
|
||||
* [`nosuid`|`suid`]
|
||||
|
||||
The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The volume
|
||||
will be mounted into the container at this directory.
|
||||
|
@ -870,6 +874,25 @@ where source dir is mounted on) has to have right propagation properties. For
|
|||
shared volumes, source mount point has to be shared. And for slave volumes,
|
||||
source mount has to be either shared or slave.
|
||||
|
||||
If you want to recursively mount a volume and all of it's submounts into a
|
||||
container, then you can use the `rbind` option. By default the bind option is
|
||||
used, and submounts of the source directory will not be mounted into the
|
||||
container.
|
||||
|
||||
Mounting the volume with the `nosuid` options means that SUID applications on
|
||||
the volume will not be able to change their privilege. By default volumes
|
||||
are mounted with `nosuid`.
|
||||
|
||||
Mounting the volume with the noexec option means that no executables on the
|
||||
volume will be able to executed within the container.
|
||||
|
||||
Mounting the volume with the nodev option means that no devices on the volume
|
||||
will be able to be used by processes within the container. By default volumes
|
||||
are mounted with `nodev`.
|
||||
|
||||
If the <source-dir> is a mount point, then "dev", "suid", and "exec" options are
|
||||
ignored by the kernel.
|
||||
|
||||
Use `df <source-dir>` to figure out the source mount and then use
|
||||
`findmnt -o TARGET,PROPAGATION <source-mount-dir>` to figure out propagation
|
||||
properties of source mount. If `findmnt` utility is not available, then one
|
||||
|
|
|
@ -860,6 +860,10 @@ create one.
|
|||
* [`rw`|`ro`]
|
||||
* [`z`|`Z`]
|
||||
* [`[r]shared`|`[r]slave`|`[r]private`]
|
||||
* [`[r]bind`]
|
||||
* [`noexec`|`exec`]
|
||||
* [`nodev`|`dev`]
|
||||
* [`nosuid`|`suid`]
|
||||
|
||||
The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The volume
|
||||
will be mounted into the container at this directory.
|
||||
|
@ -913,6 +917,25 @@ where source dir is mounted on) has to have right propagation properties. For
|
|||
shared volumes, source mount point has to be shared. And for slave volumes,
|
||||
source mount has to be either shared or slave.
|
||||
|
||||
If you want to recursively mount a volume and all of it's submounts into a
|
||||
container, then you can use the `rbind` option. By default the bind option is
|
||||
used, and submounts of the source directory will not be mounted into the
|
||||
container.
|
||||
|
||||
Mounting the volume with the `nosuid` options means that SUID applications on
|
||||
the volume will not be able to change their privilege. By default volumes
|
||||
are mounted with `nosuid`.
|
||||
|
||||
Mounting the volume with the noexec option means that no executables on the
|
||||
volume will be able to executed within the container.
|
||||
|
||||
Mounting the volume with the nodev option means that no devices on the volume
|
||||
will be able to be used by processes within the container. By default volumes
|
||||
are mounted with `nodev`.
|
||||
|
||||
If the <source-dir> is a mount point, then "dev", "suid", and "exec" options are
|
||||
ignored by the kernel.
|
||||
|
||||
Use `df <source-dir>` to figure out the source mount and then use
|
||||
`findmnt -o TARGET,PROPAGATION <source-mount-dir>` to figure out propagation
|
||||
properties of source mount. If `findmnt` utility is not available, then one
|
||||
|
|
Loading…
Reference in a new issue