-
Notifications
You must be signed in to change notification settings - Fork 2.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add a containers-mounts.conf(5) manpage. The mounts.conf is used by other tools (e.g., CRI-O) as well. A dedicated manpage reduces redundancy. Signed-off-by: Valentin Rothberg <[email protected]> Closes: #1350 Approved by: rhatdan
- Loading branch information
1 parent
3b91c5e
commit 90e93e6
Showing
2 changed files
with
18 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
% containers-mounts.conf(5) | ||
|
||
# NAME | ||
containers-mounts.conf - configuration file for default mounts in containers | ||
|
||
# DESCRIPTION | ||
The mounts.conf file specifies volume mount directories that are automatically mounted inside containers. Container processes can then use this content. Usually these directories are used for passing secrets or credentials required by the package software to access remote package repositories. Note that for security reasons, tools adhering to the mounts.conf are expected to copy the contents instead of bind mounting the paths from the host. | ||
|
||
# FORMAT | ||
The format of the mounts.conf is the volume format `/SRC:/DEST`, one mount per line. For example, a mounts.conf with the line `/usr/share/secrets:/run/secrets` would cause the contents of the `/usr/share/secrets` directory on the host to be mounted on the `/run/secrets` directory inside the container. Setting mountpoints allows containers to use the files of the host, for instance, to use the host's subscription to some enterprise Linux distribution. | ||
|
||
# FILES | ||
Some distributions may provide a `/usr/share/containers/mounts.conf` file to provide default mounts, but users can create a `/etc/containers/mounts.conf`, to specify their own special volumes to mount in the container. | ||
|
||
# HISTORY | ||
Aug 2018, Originally compiled by Valentin Rothberg <[email protected]> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -137,17 +137,7 @@ When Podman runs in rootless mode, the file `$HOME/.config/containers/storage.co | |
|
||
**mounts.conf** (`/usr/share/containers/mounts.conf` and optionally `/etc/containers/mounts.conf`) | ||
|
||
The mounts.conf files specify volume mount directories that are automatically mounted inside containers when executing the `podman run` or `podman start` commands. Container processes can then use this content. The volume mount content does not get committed to the final image if you do a `podman commit`. | ||
|
||
Usually these directories are used for passing secrets or credentials required by the package software to access remote package repositories. | ||
|
||
For example, a mounts.conf with the line "`/usr/share/rhel/secrets:/run/secrets`", the content of `/usr/share/rhel/secrets` directory is mounted on `/run/secrets` inside the container. This mountpoint allows Red Hat Enterprise Linux subscriptions from the host to be used within the container. | ||
|
||
The format of the mounts.conf is the volume format /SRC:/DEST, one mount per line. Users can create an `/etc/containers/mounts.conf`, to specify their own special volumes to mount in the container. Podman by default reads /usr/share/containers/mounts.conf and the /etc/containers/mounts.conf if it exists. | ||
|
||
Note this is not a volume mount. The content of the volumes is copied into container storage, not bind mounted directly from the host. | ||
|
||
When Podman runs in rootless mode, the file `$HOME/.config/containers/mounts.conf` is also used. | ||
The mounts.conf files specify volume mount directories that are automatically mounted inside containers when executing the `podman run` or `podman start` commands. When Podman runs in rootless mode, the file `$HOME/.config/containers/mounts.conf` is also used. Please refer to containers-mounts.conf(5) for further details. | ||
|
||
**hook JSON** (`/usr/share/containers/oci/hooks.d/*.json`) | ||
|
||
|
@@ -191,7 +181,7 @@ Currently it is not possible to create a network device, so rootless containers | |
then only the loopback device will be available. | ||
|
||
## SEE ALSO | ||
`oci-hooks(5)`, `containers-registries.conf(5)`, `containers-storage.conf(5)`, `crio(8)` | ||
`oci-hooks(5)`, `containers-mounts.conf(5)`, `containers-registries.conf(5)`, `containers-storage.conf(5)`, `crio(8)` | ||
|
||
## HISTORY | ||
Dec 2016, Originally compiled by Dan Walsh <[email protected]> |