Skip to content

Commit

Permalink
docs: add containers-mounts.conf(5)
Browse files Browse the repository at this point in the history
Add a containers-mounts.conf(5) manpage.  The mounts.conf is used by
other tools (e.g., CRI-O) as well.  A dedicated manpage reduces
redundancy.

Signed-off-by: Valentin Rothberg <[email protected]>

Closes: #1350
Approved by: rhatdan
  • Loading branch information
vrothberg authored and rh-atomic-bot committed Aug 27, 2018
1 parent 3b91c5e commit 90e93e6
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 12 deletions.
16 changes: 16 additions & 0 deletions docs/containers-mounts.conf.5.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
% containers-mounts.conf(5)

# NAME
containers-mounts.conf - configuration file for default mounts in containers

# DESCRIPTION
The mounts.conf file specifies volume mount directories that are automatically mounted inside containers. Container processes can then use this content. Usually these directories are used for passing secrets or credentials required by the package software to access remote package repositories. Note that for security reasons, tools adhering to the mounts.conf are expected to copy the contents instead of bind mounting the paths from the host.

# FORMAT
The format of the mounts.conf is the volume format `/SRC:/DEST`, one mount per line. For example, a mounts.conf with the line `/usr/share/secrets:/run/secrets` would cause the contents of the `/usr/share/secrets` directory on the host to be mounted on the `/run/secrets` directory inside the container. Setting mountpoints allows containers to use the files of the host, for instance, to use the host's subscription to some enterprise Linux distribution.

# FILES
Some distributions may provide a `/usr/share/containers/mounts.conf` file to provide default mounts, but users can create a `/etc/containers/mounts.conf`, to specify their own special volumes to mount in the container.

# HISTORY
Aug 2018, Originally compiled by Valentin Rothberg <[email protected]>
14 changes: 2 additions & 12 deletions docs/podman.1.md
Original file line number Diff line number Diff line change
Expand Up @@ -137,17 +137,7 @@ When Podman runs in rootless mode, the file `$HOME/.config/containers/storage.co

**mounts.conf** (`/usr/share/containers/mounts.conf` and optionally `/etc/containers/mounts.conf`)

The mounts.conf files specify volume mount directories that are automatically mounted inside containers when executing the `podman run` or `podman start` commands. Container processes can then use this content. The volume mount content does not get committed to the final image if you do a `podman commit`.

Usually these directories are used for passing secrets or credentials required by the package software to access remote package repositories.

For example, a mounts.conf with the line "`/usr/share/rhel/secrets:/run/secrets`", the content of `/usr/share/rhel/secrets` directory is mounted on `/run/secrets` inside the container. This mountpoint allows Red Hat Enterprise Linux subscriptions from the host to be used within the container.

The format of the mounts.conf is the volume format /SRC:/DEST, one mount per line. Users can create an `/etc/containers/mounts.conf`, to specify their own special volumes to mount in the container. Podman by default reads /usr/share/containers/mounts.conf and the /etc/containers/mounts.conf if it exists.

Note this is not a volume mount. The content of the volumes is copied into container storage, not bind mounted directly from the host.

When Podman runs in rootless mode, the file `$HOME/.config/containers/mounts.conf` is also used.
The mounts.conf files specify volume mount directories that are automatically mounted inside containers when executing the `podman run` or `podman start` commands. When Podman runs in rootless mode, the file `$HOME/.config/containers/mounts.conf` is also used. Please refer to containers-mounts.conf(5) for further details.

**hook JSON** (`/usr/share/containers/oci/hooks.d/*.json`)

Expand Down Expand Up @@ -191,7 +181,7 @@ Currently it is not possible to create a network device, so rootless containers
then only the loopback device will be available.

## SEE ALSO
`oci-hooks(5)`, `containers-registries.conf(5)`, `containers-storage.conf(5)`, `crio(8)`
`oci-hooks(5)`, `containers-mounts.conf(5)`, `containers-registries.conf(5)`, `containers-storage.conf(5)`, `crio(8)`

## HISTORY
Dec 2016, Originally compiled by Dan Walsh <[email protected]>

0 comments on commit 90e93e6

Please sign in to comment.