<listitem><para>Turns off any status
output by the tool itself. When this
- switch is used, then the only output
- by nspawn will be the console output
+ switch is used, the only output
+ from nspawn will be the console output
of the container OS itself.</para></listitem>
</varlistentry>
exception of the loopback device and
those specified with
<option>--network-interface=</option>
- and configured ith
+ and configured with
<option>--network-veth</option>. If
- this option is specified the
+ this option is specified, the
CAP_NET_ADMIN capability will be added
to the set of capabilities the
container retains. The latter may be
specified interface from the calling
namespace and place it in the
container. When the container
- terminates it is moved back to the
+ terminates, it is moved back to the
host namespace. Note that
<option>--network-interface=</option>
implies
<term><option>--network-veth</option></term>
<listitem><para>Create a virtual
- ethernet link between host and
+ Ethernet link between host and
container. The host side of the
- ethernet link will be available as
+ Ethernet link will be available as a
network interface named after the
container's name (as specified with
<option>--machine=</option>), prefixed
with <literal>ve-</literal>. The
- container side of the the ethernet
+ container side of the the Ethernet
link will be named
<literal>host0</literal>. Note that
<option>--network-veth</option>
<option>--private-network</option>.</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><option>--network-bridge=</option></term>
+
+ <listitem><para>Adds the host side of the
+ Ethernet link created with
+ <option>--network-veth</option>
+ to the specified bridge. Note that
+ <option>--network-bridge</option>
+ implies
+ <option>--network-veth</option>.</para></listitem>
+ </varlistentry>
+
<varlistentry>
<term><option>-Z</option></term>
<term><option>--selinux-context=</option></term>
is retained if
<option>--private-network</option> is
specified. If the special value
- <literal>all</literal> is passed all
+ <literal>all</literal> is passed, all
capabilities are
retained.</para></listitem>
</varlistentry>
and shown by tools such as
<citerefentry><refentrytitle>ps</refentrytitle><manvolnum>1</manvolnum></citerefentry>. If
the container does not run an init
- system it is recommended to set this
+ system, it is recommended to set this
option to <literal>no</literal>. Note
that <option>--share-system</option>
implies
container in, simply register the
service or scope unit
<command>systemd-nspawn</command> has
- been invoked in in
+ been invoked in with
<citerefentry><refentrytitle>systemd-machined</refentrytitle><manvolnum>8</manvolnum></citerefentry>. This
has no effect if
<option>--register=no</option> is
used. This switch should be used if
<command>systemd-nspawn</command> is
- invoked from within an a service unit,
+ invoked from within a service unit,
and the service unit's sole purpose
is to run a single
<command>systemd-nspawn</command>
session.</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><option>--personality=</option></term>
+
+ <listitem><para>Control the
+ architecture ("personality") reported
+ by
+ <citerefentry><refentrytitle>uname</refentrytitle><manvolnum>2</manvolnum></citerefentry>
+ in the container. Currently, only
+ <literal>x86</literal> and
+ <literal>x86-64</literal> are
+ supported. This is useful when running
+ a 32bit container on a 64bit
+ host. If this setting is not used
+ the personality reported in the
+ container is the same as the one
+ reported on the
+ host.</para></listitem>
+ </varlistentry>
</variablelist>
</refsect1>
~ianmdlvl / elogind.git / blobdiff