Merge pull request #21010 from edsantiago/docs_formatting

[CI:DOCS] doc cleanup
2025-06-20 09:03:43 +08:00 · 2023-12-15 12:41:12 +00:00
parent 077b000996 e4ecd7cca3
commit b132c025db
5 changed files with 108 additions and 101 deletions
--- a/docs/source/markdown/options/device-cgroup-rule.md
+++ b/docs/source/markdown/options/device-cgroup-rule.md
@ -4,7 +4,9 @@
 ####> are applicable to all of those.
 #### **--device-cgroup-rule**=*"type major:minor mode"*
-Add a rule to the cgroup allowed devices list. The rule is expected to be in the format specified in the Linux kernel documentation (Documentation/cgroup-v1/devices.txt):
+Add a rule to the cgroup allowed devices list. The rule is expected to be
-       - type: a (all), c (char), or b (block);
+in the format specified in the Linux kernel documentation
-       - major and minor: either a number, or * for all;
+[admin-guide/cgroup-v1/devices](https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v1/devices.html):
-       - mode: a composition of r (read), w (write), and m (mknod(2)).
+- *type*: `a` (all), `c` (char), or `b` (block);
 - *major* and *minor*: either a number, or `*` for all;
 - *mode*: a composition of `r` (read), `w` (write), and `m` (mknod(2)).
--- a/docs/source/markdown/options/mount.md
+++ b/docs/source/markdown/options/mount.md
@ -6,34 +6,14 @@
 Attach a filesystem mount to the container
-Current supported mount TYPEs are **bind**, **devpts**, **glob**, **image**, **ramfs**, **tmpfs** and **volume**. <sup>[[1]](#Footnote1)</sup>
+Current supported mount TYPEs are **bind**, **devpts**, **glob**, **image**, **ramfs**, **tmpfs** and **volume**.
-       e.g.
+Options common to all mount types:
       type=bind,source=/path/on/host,destination=/path/in/container
-       type=bind,src=/path/on/host,dst=/path/in/container,relabel=shared
+- *src*, *source*: mount source spec for **bind**, **glob**, and **volume**.
  Mandatory for **bind** and **glob**.
-       type=bind,src=/path/on/host,dst=/path/in/container,relabel=shared,U=true
+- *dst*, *destination*, *target*: mount destination spec.
       type=devpts,destination=/dev/pts
       type=glob,src=/usr/lib/libfoo*,destination=/usr/lib,ro=true
       type=image,source=fedora,destination=/fedora-image,rw=true
       type=ramfs,tmpfs-size=512M,destination=/path/in/container
       type=tmpfs,tmpfs-size=512M,destination=/path/in/container
       type=tmpfs,destination=/path/in/container,noswap
       type=volume,source=vol1,destination=/path/in/container,ro=true
       Common Options:
 	      · src, source: mount source spec for bind, glob, and volume. Mandatory for bind and glob.
 	      · dst, destination, target: mount destination spec.
 When source globs are specified without the destination directory,
 the files and directories are mounted with their complete path
@ -44,59 +24,81 @@ Current supported mount TYPEs are **bind**, **devpts**, **glob**, **image**, **r
 to mount host files matching /foo* to the /tmp/bar/
 directory in the container.
-       Options specific to volume:
+Options specific to type=**volume**:
-	      · ro, readonly: true or false (default).
+- *ro*, *readonly*: *true* or *false* (default if unspecified: *false*).
-	      . U, chown: true or false (default). Change recursively the owner and group of the source volume based on the UID and GID of the container.
+- *U*, *chown*: *true* or *false* (default if unspecified: *false*). Recursively change the owner and group of the source volume based on the UID and GID of the container.
-	      · idmap: true or false (default).  If specified, create an idmapped mount to the target user namespace in the container.
+- *idmap*: If specified, create an idmapped mount to the target user namespace in the container.
  The idmap option supports a custom mapping that can be different than the user namespace used by the container.
  The mapping can be specified after the idmap option like: `idmap=uids=0-1-10#10-11-10;gids=0-100-10`.  For each triplet, the first value is the
  start of the backing file system IDs that are mapped to the second value on the host.  The length of this mapping is given in the third value.
  Multiple ranges are separated with #.  If the specified mapping is prepended with a '@' then the mapping is considered relative to the container
  user namespace. The host ID for the mapping is changed to account for the relative position of the container user in the container user namespace.
-       Options specific to image:
+Options specific to type=**image**:
-	      · rw, readwrite: true or false (default).
+- *rw*, *readwrite*: *true* or *false* (default if unspecified: *false*).
-       Options specific to bind and glob:
+Options specific to **bind** and **glob**:
-	      · ro, readonly: true or false (default).
+- *ro*, *readonly*: *true* or *false* (default if unspecified: *false*).
-	      · bind-propagation: shared, slave, private, unbindable, rshared, rslave, runbindable, or rprivate(default). See also mount(2).
+- *bind-propagation*: *shared*, *slave*, *private*, *unbindable*, *rshared*, *rslave*, *runbindable*, or **rprivate** (default).<sup>[[1]](#Footnote1)</sup> See also mount(2).
-	      . bind-nonrecursive: do not set up a recursive bind mount. By default it is recursive.
+- *bind-nonrecursive*: do not set up a recursive bind mount. By default it is recursive.
-	      . relabel: shared, private.
+- *relabel*: *shared*, *private*.
-	      · idmap: true or false (default).  If specified, create an idmapped mount to the target user namespace in the container.
+- *idmap*: *true* or *false* (default if unspecified: *false*).  If true, create an idmapped mount to the target user namespace in the container.
-	      . U, chown: true or false (default). Change recursively the owner and group of the source volume based on the UID and GID of the container.
+- *U*, *chown*: *true* or *false* (default if unspecified: *false*). Recursively change the owner and group of the source volume based on the UID and GID of the container.
-	      . no-dereference: do not dereference symlinks but copy the link source into the mount destination.
+- *no-dereference*: do not dereference symlinks but copy the link source into the mount destination.
-       Options specific to tmpfs and ramfs:
+Options specific to type=**tmpfs** and **ramfs**:
-	      · ro, readonly: true or false (default).
+- *ro*, *readonly*: *true* or *false* (default if unspecified: *false*).
-	      · tmpfs-size: Size of the tmpfs/ramfs mount in bytes. Unlimited by default in Linux.
+- *tmpfs-size*: Size of the tmpfs/ramfs mount, in bytes. Unlimited by default in Linux.
-	      · tmpfs-mode: File mode of the tmpfs/ramfs in octal (e.g. 700 or 0700.).
+- *tmpfs-mode*: Octal file mode of the tmpfs/ramfs (e.g. 700 or 0700.).
-	      · tmpcopyup: Enable copyup from the image directory at the same location to the tmpfs/ramfs. Used by default.
+- *tmpcopyup*: Enable copyup from the image directory at the same location to the tmpfs/ramfs. Used by default.
-	      · notmpcopyup: Disable copying files from the image to the tmpfs/ramfs.
+- *notmpcopyup*: Disable copying files from the image to the tmpfs/ramfs.
-	      . U, chown: true or false (default). Change recursively the owner and group of the source volume based on the UID and GID of the container.
+- *U*, *chown*: *true* or *false* (default if unspecified: *false*). Recursively change the owner and group of the source volume based on the UID and GID of the container.
-       Options specific to devpts:
+Options specific to type=**devpts**:
-	      · uid: UID of the file owner (default 0).
+- *uid*: numeric UID of the file owner (default: 0).
-	      · gid: GID of the file owner (default 0).
+- *gid*: numeric GID of the file owner (default: 0).
-	      · mode: permission mask for the file (default 600).
+- *mode*: octal permission mask for the file (default: 600).
-	      · max: maximum number of PTYs (default 1048576).
+- *max*: maximum number of PTYs (default: 1048576).
 Examples:
 - `type=bind,source=/path/on/host,destination=/path/in/container`
 - `type=bind,src=/path/on/host,dst=/path/in/container,relabel=shared`
 - `type=bind,src=/path/on/host,dst=/path/in/container,relabel=shared,U=true`
 - `type=devpts,destination=/dev/pts`
 - `type=glob,src=/usr/lib/libfoo*,destination=/usr/lib,ro=true`
 - `type=image,source=fedora,destination=/fedora-image,rw=true`
 - `type=ramfs,tmpfs-size=512M,destination=/path/in/container`
 - `type=tmpfs,tmpfs-size=512M,destination=/path/in/container`
 - `type=tmpfs,destination=/path/in/container,noswap`
 - `type=volume,source=vol1,destination=/path/in/container,ro=true`
--- a/docs/source/markdown/options/network.md
+++ b/docs/source/markdown/options/network.md
@ -15,10 +15,11 @@ Valid _mode_ values are:
  - **mac=MAC**: Specify a static mac address for this container.
  - **interface_name**: Specify a name for the created network interface inside the container.
-    For example to set a static ipv4 address and a static mac address, use `--network bridge:ip=10.88.0.10,mac=44:33:22:11:00:99`.
+  For example, to set a static ipv4 address and a static mac address, use `--network bridge:ip=10.88.0.10,mac=44:33:22:11:00:99`.
 - \<network name or ID\>[:OPTIONS,...]: Connect to a user-defined network; this is the network name or ID from a network created by **[podman network create](podman-network-create.1.md)**. Using the network name implies the bridge network mode. It is possible to specify the same options described under the bridge mode above. Use the **--network** option multiple times to specify additional networks.
-For backwards compatibility it is also possible to specify networks comma separated on the first **--network** argument, however this prevents you from using the options described under the bridge section above.
+
  For backwards compatibility it is also possible to specify comma-separated networks on the first **--network** argument, however this prevents you from using the options described under the bridge section above.
 - **none**: Create a network namespace for the container but do not configure network interfaces for it, thus the container has no network connectivity.
 - **container:**_id_: Reuse another container's network stack.
 - **host**: Do not create a network namespace, the container uses the host's network. Note: The host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.
--- a/docs/source/markdown/options/volume.image.md
+++ b/docs/source/markdown/options/volume.image.md
@ -7,12 +7,12 @@
 Mount a host directory into containers when executing RUN instructions during
 the build.
-The `OPTIONS` are a comma-separated list and can be: <sup>[[1]](#Footnote1)</sup>
+The `OPTIONS` are a comma-separated list and can be one or more of:
   * [rw|ro]
   * [z|Z|O]
   * [U]
-   * [`[r]shared`|`[r]slave`|`[r]private`]
+   * [`[r]shared`|`[r]slave`|`[r]private`]<sup>[[1]](#Footnote1)</sup>
 The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The `HOST-DIR`
 must be an absolute path as well. Podman bind-mounts the `HOST-DIR` to the
--- a/docs/source/markdown/options/volume.md
+++ b/docs/source/markdown/options/volume.md
@ -15,7 +15,7 @@ the `podman rm --volumes` command.
 (Note when using the remote client, including Mac and Windows (excluding WSL2) machines, the volumes are mounted from the remote server, not necessarily the client machine.)
-The _OPTIONS_ is a comma-separated list and can be: <sup>[[1]](#Footnote1)</sup>
+The _OPTIONS_ is a comma-separated list and can be one or more of:
 * **rw**|**ro**
 * **z**|**Z**
@ -26,7 +26,7 @@ The _OPTIONS_ is a comma-separated list and can be: <sup>[[1]](#Footnote1)</sup>
 * [**no**]**exec**
 * [**no**]**suid**
 * [**r**]**bind**
-* [**r**]**shared**|[**r**]**slave**|[**r**]**private**[**r**]**unbindable**
+* [**r**]**shared**|[**r**]**slave**|[**r**]**private**[**r**]**unbindable** <sup>[[1]](#Footnote1)</sup>
 * **idmap**[=**options**]
 The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The volume
@ -127,17 +127,19 @@ by the <<|pod infra>> container label. Usually containers can read/execute `cont
 and can read/write `container_file_t`. If unable to change the labels on a
 source volume, SELinux container separation must be disabled for the <<|pod or infra>> container
 to work.
-     - Do not modify the source directory mounted into the <<container|pod>> with an overlay mount, it can cause unexpected failures. Only modify the directory after the container finishes running.
+
 Do not modify the source directory mounted into the <<container|pod>> with an overlay mount,
 it can cause unexpected failures. Only modify the directory after the container finishes running.
 `Mounts propagation`
-By default bind mounted volumes are `private`. That means any mounts done
+By default, bind-mounted volumes are `private`. That means any mounts done
-inside the <<container|pod>> is not visible on host and vice versa. One can change
+inside the <<container|pod>> are not visible on the host and vice versa.
-this behavior by specifying a volume mount propagation property. Making a
+One can change this behavior by specifying a volume mount propagation property.
-volume shared mounts done under that volume inside the <<container|pod>> is
+When a volume is `shared`, mounts done under that volume inside the <<container|pod>>
-visible on host and vice versa. Making a volume **slave** enables only one
+are visible on host and vice versa. Making a volume **slave**<sup>[[1]](#Footnote1)</sup>
-way mount propagation and that is mounts done on host under that volume
+enables only one-way mount propagation: mounts done on the host under that volume
-is visible inside container but not the other way around. <sup>[[1]](#Footnote1)</sup>
+are visible inside the container but not the other way around.
 To control mount propagation property of a volume one can use the [**r**]**shared**,
 [**r**]**slave**, [**r**]**private** or the [**r**]**unbindable** propagation flag.