opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-08-06 03:19:52 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #13583 from rhatdan/ipc

Browse Source 
Add support for ipc namespace modes "none, private, sharable"
This commit is contained in:
OpenShift Merge Robot
2022-04-16 12:30:01 -04:00
committed by GitHub
parent 25eeaec219 3987c529f4
commit 8d3075e332
15 changed files with 177 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/source/markdown/podman-container-inspect.1.md
View File

@ -219,7 +219,7 @@ $ podman container inspect foobar
"DnsSearch": [],
"ExtraHosts": [],
"GroupAdd": [],
"IpcMode": "private",
"IpcMode": "shareable",
"Cgroup": "",
"Cgroups": "default",
"Links": null,

14
docs/source/markdown/podman-create.1.md
View File

@ -504,10 +504,16 @@ To specify multiple static IPv6 addresses per container, set multiple networks u
#### **--ipc**=*ipc*
Default is to create a private IPC namespace (POSIX SysV IPC) for the container
`container:<name|id>`: reuses another container shared memory, semaphores and message queues
`host`: use the host shared memory,semaphores and message queues inside the container. Note: the host mode gives the container full access to local shared memory and is therefore considered insecure.
`ns:<path>` path to an IPC namespace to join.
Set the IPC namespace mode for a container. The default is to create
a private IPC namespace.
- "": Use Podman's default, defined in containers.conf.
- **container:**_id_: reuses another container's shared memory, semaphores, and message queues
- **host**: use the host's shared memory, semaphores, and message queues inside the container. Note: the host mode gives the container full access to local shared memory and is therefore considered insecure.
- **none**: private IPC namespace, with /dev/shm not mounted.
- **ns:**_path_: path to an IPC namespace to join.
- **private**: private IPC namespace.
= **shareable**: private IPC namespace with a possibility to share it with other containers.
#### **--label**, **-l**=*label*

4
docs/source/markdown/podman-run.1.md
View File

@ -528,9 +528,13 @@ To specify multiple static IPv6 addresses per container, set multiple networks u
Set the IPC namespace mode for a container. The default is to create
a private IPC namespace.
- "": Use Podman's default, defined in containers.conf.
- **container:**_id_: reuses another container shared memory, semaphores and message queues
- **host**: use the host shared memory,semaphores and message queues inside the container. Note: the host mode gives the container full access to local shared memory and is therefore considered insecure.
- **none**: private IPC namespace, with /dev/shm not mounted.
- **ns:**_path_: path to an IPC namespace to join.
- **private**: private IPC namespace.
= **shareable**: private IPC namespace with a possibility to share it with other containers.
#### **--label**, **-l**=*key*=*value*