chiark / gitweb /
~ianmdlvl / elogind.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
man/sd_journal_get_data: fix variable naming in example
[elogind.git] / man / systemd-nspawn.xml
diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml
index 0a661c9257c035499867b6f929c82bd0d26e8154..950558feec085c53193ab3c2f933a09fa9af51c9 100644 (file)
--- a/man/systemd-nspawn.xml
+++ b/man/systemd-nspawn.xml
@@ -136,8 +136,9 @@
 
                 <para>As a safety check
                 <command>systemd-nspawn</command> will verify the
 
                 <para>As a safety check
                 <command>systemd-nspawn</command> will verify the
-                existence of <filename>/etc/os-release</filename> in
-                the container tree before starting the container (see
+                existence of <filename>/usr/lib/os-release</filename>
+                or <filename>/etc/os-release</filename> in the
+                container tree before starting the container (see
                 <citerefentry><refentrytitle>os-release</refentrytitle><manvolnum>5</manvolnum></citerefentry>). It
                 might be necessary to add this file to the container
                 tree manually if the OS of the container is too old to
                 <citerefentry><refentrytitle>os-release</refentrytitle><manvolnum>5</manvolnum></citerefentry>). It
                 might be necessary to add this file to the container
                 tree manually if the OS of the container is too old to
@@ -164,10 +165,39 @@
                                 <term><option>--directory=</option></term>
 
                                 <listitem><para>Directory to use as
                                 <term><option>--directory=</option></term>
 
                                 <listitem><para>Directory to use as
-                                file system root for the namespace
-                                container. If omitted, the current
-                                directory will be
-                                used.</para></listitem>
+                                file system root for the container. If
+                                neither <option>--directory=</option>
+                                nor <option>--image=</option> are
+                                specified, the current directory will
+                                be used. May not be specified together with
+                                <option>--image=</option>.</para></listitem>
+                        </varlistentry>
+
+                        <varlistentry>
+                                <term><option>-i</option></term>
+                                <term><option>--image=</option></term>
+
+                                <listitem><para>Disk image to mount
+                                the root directory for the container
+                                from. Takes a path to a regular file
+                                or to a block device node. The file or
+                                block device must contain a GUID
+                                Partition Table with a root partition
+                                which is mounted as the root directory
+                                of the container. Optionally, it may
+                                contain a home and/or a server data
+                                partition which are mounted to the
+                                appropriate places in the
+                                container. All these partitions must
+                                be identified by the partition types
+                                defined by the <ulink
+                                url="http://www.freedesktop.org/wiki/Specifications/DiscoverablePartitionsSpec/">Discoverable
+                                Partitions Specification</ulink>. Any
+                                other partitions, such as foreign
+                                partitions, swap partitions or EFI
+                                system partitions are not mounted. May
+                                not be specified together with
+                                <option>--directory=</option>.</para></listitem>
                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>
@@ -190,13 +220,15 @@
                                 <term><option>-u</option></term>
                                 <term><option>--user=</option></term>
 
                                 <term><option>-u</option></term>
                                 <term><option>--user=</option></term>
 
-                                <listitem><para>Run the command
-                                under specified user, create home
-                                directory and cd into it. As rest
-                                of systemd-nspawn, this is not
-                                the security feature and limits
-                                against accidental changes only.
-                                </para></listitem>
+                                <listitem><para>After transitioning
+                                into the container, change to the
+                                specified user-defined in the
+                                container's user database. Like all
+                                other systemd-nspawn features, this is
+                                not a security feature and provides
+                                protection against accidental
+                                destructive operations
+                                only.</para></listitem>
                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>
@@ -260,7 +292,7 @@
 
                                 <listitem><para>Assign the specified
                                 network interface to the
 
                                 <listitem><para>Assign the specified
                                 network interface to the
-                                container. This will move the
+                                container. This will remove the
                                 specified interface from the calling
                                 namespace and place it in the
                                 container. When the container
                                 specified interface from the calling
                                 namespace and place it in the
                                 container. When the container
@@ -274,18 +306,42 @@
                                 container.</para></listitem>
                         </varlistentry>
 
                                 container.</para></listitem>
                         </varlistentry>
 
+                        <varlistentry>
+                                <term><option>--network-macvlan=</option></term>
+
+                                <listitem><para>Create a
+                                <literal>macvlan</literal> interface
+                                of the specified Ethernet network
+                                interface and add it to the
+                                container. A
+                                <literal>macvlan</literal> interface
+                                is a virtual interface that adds a
+                                second MAC address to an existing
+                                physical Ethernet link. The interface
+                                in the container will be named after
+                                the interface on the host, prefixed
+                                with <literal>mv-</literal>. Note that
+                                <option>--network-macvlan=</option>
+                                implies
+                                <option>--private-network</option>. This
+                                option may be used more than once to
+                                add multiple network interfaces to the
+                                container.</para></listitem>
+                        </varlistentry>
+
                         <varlistentry>
                                 <term><option>--network-veth</option></term>
 
                                 <listitem><para>Create a virtual
                         <varlistentry>
                                 <term><option>--network-veth</option></term>
 
                                 <listitem><para>Create a virtual
-                                Ethernet link between host and
-                                container. The host side of the
+                                Ethernet link
+                                (<literal>veth</literal>) between host
+                                and container. The host side of the
                                 Ethernet link will be available as a
                                 network interface named after the
                                 container's name (as specified with
                                 <option>--machine=</option>), prefixed
                                 with <literal>ve-</literal>. The
                                 Ethernet link will be available as a
                                 network interface named after the
                                 container's name (as specified with
                                 <option>--machine=</option>), prefixed
                                 with <literal>ve-</literal>. The
-                                container side of the the Ethernet
+                                container side of the Ethernet
                                 link will be named
                                 <literal>host0</literal>. Note that
                                 <option>--network-veth</option>
                                 link will be named
                                 <literal>host0</literal>. Note that
                                 <option>--network-veth</option>
@@ -303,7 +359,7 @@
                                 <option>--network-bridge=</option>
                                 implies
                                 <option>--network-veth</option>. If
                                 <option>--network-bridge=</option>
                                 implies
                                 <option>--network-veth</option>. If
-                                this option is used the host side of
+                                this option is used, the host side of
                                 the Ethernet link will use the
                                 <literal>vb-</literal> prefix instead
                                 of <literal>ve-</literal>.</para></listitem>
                                 the Ethernet link will use the
                                 <literal>vb-</literal> prefix instead
                                 of <literal>ve-</literal>.</para></listitem>
@@ -448,6 +504,30 @@
                                 mounts.</para></listitem>
                         </varlistentry>
 
                                 mounts.</para></listitem>
                         </varlistentry>
 
+                        <varlistentry>
+                                <term><option>--tmpfs=</option></term>
+
+                                <listitem><para>Mount a tmpfs file
+                                system into the container. Takes a
+                                single absolute path argument that
+                                specifies where to mount the tmpfs
+                                instance to (in which case the
+                                directory access mode will be chosen
+                                as 0755, owned by root/root), or
+                                optionally a colon-separated pair of
+                                path and mount option string, that is
+                                used for mounting (in which case the
+                                kernel default for access mode and
+                                owner will be chosen, unless otherwise
+                                specified). This option is
+                                particularly useful for mounting
+                                directories such as
+                                <filename>/var</filename> as tmpfs, to
+                                allow state-less systems, in
+                                particular when combined with
+                                <option>--read-only</option>.</para></listitem>
+                        </varlistentry>
+
                         <varlistentry>
                                 <term><option>--setenv=</option></term>
 
                         <varlistentry>
                                 <term><option>--setenv=</option></term>
 
@@ -545,8 +625,8 @@
                                 <literal>x86</literal> and
                                 <literal>x86-64</literal> are
                                 supported. This is useful when running
                                 <literal>x86</literal> and
                                 <literal>x86-64</literal> are
                                 supported. This is useful when running
-                                a 32bit container on a 64bit
-                                host. If this setting is not used
+                                a 32-bit container on a 64-bit
+                                host. If this setting is not used,
                                 the personality reported in the
                                 container is the same as the one
                                 reported on the
                                 the personality reported in the
                                 container is the same as the one
                                 reported on the
Unnamed repository; edit this file 'description' to name the repository.