opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-23 01:57:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #16374 from rhatdan/man

Browse Source 
[CI:DOCS] Fix documentation on read-only-tmpfs
This commit is contained in:
OpenShift Merge Robot
2022-11-03 08:02:16 -04:00
committed by GitHub
parent 774e950374 8e55abafde
commit a1fe0cd662
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/source/markdown/podman-run.1.md.in
View File

@ -470,9 +470,10 @@ content. Installing packages into _/usr_, for example. In production,
applications seldom need to write to the image. Container applications write applications seldom need to write to the image. Container applications write
to volumes if they need to write to file systems at all. Applications can be to volumes if they need to write to file systems at all. Applications can be
made more secure by running them in read-only mode using the **--read-only** switch. made more secure by running them in read-only mode using the **--read-only** switch.
This protects the container's image from modification. Read-only containers may This protects the container's image from modification. By default read-only
still need to write temporary data. The best way to handle this is to mount containers can write to temporary data. Podman mounts a tmpfs on _/run_ and
tmpfs directories on _/run_ and _/tmp_. _/tmp_ within the container. If the container should not write to any file
system within the container, including tmpfs, set --read-only-tmpfs=false.
``` ```
$ podman run --read-only -i -t fedora /bin/bash $ podman run --read-only -i -t fedora /bin/bash