nspawn: catch config mistake of specifying -b and args

[elogind.git] / man / systemd-nspawn.xml
diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml

index 554637d5f1919b0fc223860a3e47fe854c42fffb..8396def003e59b3b61f793938ec6a7ab0108804b 100644 (file)
--- a/man/systemd-nspawn.xml
+++ b/man/systemd-nspawn.xml
@@ -49,7 +49,10 @@
  
          <refsynopsisdiv>
                  <cmdsynopsis>
  
          <refsynopsisdiv>
                  <cmdsynopsis>
-                        <command>systemd-nspawn <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="opt">COMMAND</arg> <arg choice="opt" rep="repeat">ARGS</arg></command>
+                        <command>systemd-nspawn</command>
+                        <arg choice="opt" rep="repeat">OPTIONS</arg>
+                        <arg choice="opt">COMMAND</arg>
+                        <arg choice="opt" rep="repeat">ARGS</arg>
                  </cmdsynopsis>
          </refsynopsisdiv>
  
                  </cmdsynopsis>
          </refsynopsisdiv>
  
@@ -114,7 +117,10 @@
                  see each other. The PID namespace separation of the
                  two containers is complete and the containers will
                  share very few runtime objects except for the
                  see each other. The PID namespace separation of the
                  two containers is complete and the containers will
                  share very few runtime objects except for the
-                underlying file system.</para>
+                underlying file system. It is however possible to
+                enter an existing container, see
+                <link linkend='example-nsenter'>Example 4</link> below.
+                </para>
  
                  <para><command>systemd-nspawn</command> implements the
                  <ulink
  
                  <para><command>systemd-nspawn</command> implements the
                  <ulink
@@ -132,8 +138,8 @@
  
                  <variablelist>
                          <varlistentry>
  
                  <variablelist>
                          <varlistentry>
-                                <term><option>--help</option></term>
                                  <term><option>-h</option></term>
                                  <term><option>-h</option></term>
+                                <term><option>--help</option></term>
  
                                  <listitem><para>Prints a short help
                                  text and exits.</para></listitem>
  
                                  <listitem><para>Prints a short help
                                  text and exits.</para></listitem>
@@ -147,8 +153,8 @@
                          </varlistentry>
  
                          <varlistentry>
                          </varlistentry>
  
                          <varlistentry>
-                                <term><option>--directory=</option></term>
                                  <term><option>-D</option></term>
                                  <term><option>-D</option></term>
+                                <term><option>--directory=</option></term>
  
                                  <listitem><para>Directory to use as
                                  file system root for the namespace
  
                                  <listitem><para>Directory to use as
                                  file system root for the namespace
@@ -158,18 +164,20 @@
                          </varlistentry>
  
                          <varlistentry>
                          </varlistentry>
  
                          <varlistentry>
-                                <term><option>--boot</option></term>
                                  <term><option>-b</option></term>
                                  <term><option>-b</option></term>
+                                <term><option>--boot</option></term>
  
                                  <listitem><para>Automatically search
                                  for an init binary and invoke it
                                  instead of a shell or a user supplied
  
                                  <listitem><para>Automatically search
                                  for an init binary and invoke it
                                  instead of a shell or a user supplied
-                                program.</para></listitem>
+                                program. A command to execute cannot
+                                be specified in this case.
+                                </para></listitem>
                          </varlistentry>
  
                          <varlistentry>
                          </varlistentry>
  
                          <varlistentry>
-                                <term><option>--user=</option></term>
                                  <term><option>-u</option></term>
                                  <term><option>-u</option></term>
+                                <term><option>--user=</option></term>
  
                                  <listitem><para>Run the command
                                  under specified user, create home
  
                                  <listitem><para>Run the command
                                  under specified user, create home
@@ -192,8 +200,8 @@
                          </varlistentry>
  
                          <varlistentry>
                          </varlistentry>
  
                          <varlistentry>
-                                <term><option>--controllers=</option></term>
                                  <term><option>-C</option></term>
                                  <term><option>-C</option></term>
+                                <term><option>--controllers=</option></term>
  
                                  <listitem><para>Makes the container appear in
                                  other hierarchies than the name=systemd:/ one.
  
                                  <listitem><para>Makes the container appear in
                                  other hierarchies than the name=systemd:/ one.
@@ -262,13 +270,13 @@
                                  not linked. If <literal>host</literal>,
                                  the journal files are stored on the
                                  host file system (beneath
                                  not linked. If <literal>host</literal>,
                                  the journal files are stored on the
                                  host file system (beneath
-                                <filename>/var/log/journal/&lt;machine-id&gt;</filename>)
+                                <filename>/var/log/journal/<replaceable>machine-id</replaceable></filename>)
                                  and the subdirectory is bind-mounted
                                  into the container at the same
                                  location. If <literal>guest</literal>,
                                  the journal files are stored on the
                                  guest file system (beneath
                                  and the subdirectory is bind-mounted
                                  into the container at the same
                                  location. If <literal>guest</literal>,
                                  the journal files are stored on the
                                  guest file system (beneath
-                                <filename>/var/log/journal/&lt;machine-id&gt;</filename>)
+                                <filename>/var/log/journal/<replaceable>machine-id</replaceable></filename>)
                                  and the subdirectory is symlinked into the host
                                  at the same location. If
                                  <literal>auto</literal> (the default),
                                  and the subdirectory is symlinked into the host
                                  at the same location. If
                                  <literal>auto</literal> (the default),
@@ -318,7 +326,6 @@
                  distribution into the directory
                  <filename>~/debian-tree/</filename> and then spawns a
                  shell in a namespace container in it.</para>
                  distribution into the directory
                  <filename>~/debian-tree/</filename> and then spawns a
                  shell in a namespace container in it.</para>
-
          </refsect1>
  
          <refsect1>
          </refsect1>
  
          <refsect1>
@@ -332,6 +339,24 @@
                  boots an OS in a namespace container in it.</para>
          </refsect1>
  
                  boots an OS in a namespace container in it.</para>
          </refsect1>
  
+        <refsect1 id='example-nsenter'>
+                <title>Example 4</title>
+
+                <para>To enter the container, PID of one of the
+                processes sharing the new namespaces must be used.
+                <command>systemd-nspawn</command> prints the PID
+                (as viewed from the outside) of the launched process,
+                and it can be used to enter the container.</para>
+
+                <programlisting># nsenter -muinpt $PID</programlisting>
+
+                <para><citerefentry><refentrytitle>nsenter</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+                is part of
+                <ulink url="https://github.com/karelzak/util-linux">util-linux</ulink>.
+                Kernel support for entering namespaces was added in
+                Linux 3.8.</para>
+        </refsect1>
+
          <refsect1>
                  <title>Exit status</title>
  
          <refsect1>
                  <title>Exit status</title>
  
@@ -344,6 +369,7 @@
                  <para>
                          <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
                          <citerefentry><refentrytitle>chroot</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
                  <para>
                          <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
                          <citerefentry><refentrytitle>chroot</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+                        <citerefentry><refentrytitle>unshare</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
                          <citerefentry><refentrytitle>yum</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
                          <citerefentry><refentrytitle>debootstrap</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
                          <citerefentry><refentrytitle>pacman</refentrytitle><manvolnum>8</manvolnum></citerefentry>
                          <citerefentry><refentrytitle>yum</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
                          <citerefentry><refentrytitle>debootstrap</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
                          <citerefentry><refentrytitle>pacman</refentrytitle><manvolnum>8</manvolnum></citerefentry>