containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7352 from Luap99/uts-pod 

fix podman create/run UTS NS docs
This commit is contained in:
OpenShift Merge Robot 2020-08-18 20:44:11 +02:00 committed by GitHub
parent c1fef2af3e 02e0d4ab38
commit c3c902f831
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
docs/source/markdown/podman-create.1.md
View File

@ -339,7 +339,7 @@ value can be expressed in a time format such as `1m22s`. The default value is `
Container host name
Sets the container host name that is available inside the container.
Sets the container host name that is available inside the container. Can only be used with a private UTS namespace `--uts=private` (default). If `--pod` is specified and the pod shares the UTS namespace (default) the pods hostname will be used.
**--help**
@ -898,12 +898,14 @@ Set the user namespace mode for the container. It defaults to the **PODMAN_USER
This option is incompatible with --gidmap, --uidmap, --subuid and --subgid
**--uts**=*host*
**--uts**=*mode*
Set the UTS mode for the container
**host**: use the host's UTS namespace inside the container.
**ns**: specify the user namespace to use.
Note: the host mode gives the container access to changing the host's hostname and is therefore considered insecure.
Set the UTS namespace mode for the container. The following values are supported:
- **host**: use the host's UTS namespace inside the container.
- **private**: create a new namespace for the container (default).
- **ns:[path]**: run the container in the given existing UTS namespace.
- **container:[container]**: join the UTS namespace of the specified container.
**--volume**, **-v**[=*[[SOURCE-VOLUME|HOST-DIR:]CONTAINER-DIR[:OPTIONS]]*]

9
docs/source/markdown/podman-run.1.md
View File

@ -358,7 +358,7 @@ Print usage statement
Container host name
Sets the container host name that is available inside the container.
Sets the container host name that is available inside the container. Can only be used with a private UTS namespace `--uts=private` (default). If `--pod` is specified and the pod shares the UTS namespace (default) the pods hostname will be used.
**--http-proxy**=**true**|**false**
@ -938,10 +938,9 @@ This option is incompatible with **--gidmap**, **--uidmap**, **--subuid** and **
Set the UTS namespace mode for the container. The following values are supported:
- **host**: use the host's UTS namespace inside the container.
- **private**: create a new namespace for the container (default)
- **ns**: use own UTS namespace.
**NOTE**: the host mode gives the container access to changing the host's hostname and is therefore considered insecure.
- **private**: create a new namespace for the container (default).
- **ns:[path]**: run the container in the given existing UTS namespace.
- **container:[container]**: join the UTS namespace of the specified container.
**--volume**, **-v**[=[[_source-volume_|_host-dir_:]_container-dir_[:_options_]]]

3
pkg/specgen/container_validate.go
View File

@ -46,6 +46,9 @@ func (s *SpecGenerator) Validate() error {
}
// Cannot set hostname and utsns
if len(s.ContainerBasicConfig.Hostname) > 0 && !s.ContainerBasicConfig.UtsNS.IsPrivate() {
if s.ContainerBasicConfig.UtsNS.IsPod() {
return errors.Wrap(ErrInvalidSpecConfig, "cannot set hostname when joining the pod UTS namespace")
}
return errors.Wrap(ErrInvalidSpecConfig, "cannot set hostname when running in the host UTS namespace")
}
// systemd values must be true, false, or always