summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2016-10-09 11:48:01 -0400
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2016-10-09 18:24:56 -0400
commit6265bde205663644249b7c86286f49618031e382 (patch)
tree11cb7d5912e3e8343f0d9f5a85f9b61e89c2c48e
parentbfd292ec35c7b768f9fb5cff4d921f3133e62b19 (diff)
man: describe how to reverse systemd-nspawn -U
Now that systemd-nspawn@.service includes -U, more users might be interested in this tidbit ;)
-rw-r--r--man/systemd-nspawn.xml28
1 files changed, 17 insertions, 11 deletions
diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml
index bf3860604c..4439d554a7 100644
--- a/man/systemd-nspawn.xml
+++ b/man/systemd-nspawn.xml
@@ -454,17 +454,6 @@
</varlistentry>
<varlistentry>
- <term><option>-U</option></term>
-
- <listitem><para>If the kernel supports the user namespaces feature, equivalent to
- <option>--private-users=pick</option>, otherwise equivalent to
- <option>--private-users=no</option>.</para>
-
- <para>Note that <option>-U</option> is the default if the <filename>systemd-nspawn@.service</filename> template unit
- file is used.</para></listitem>
- </varlistentry>
-
- <varlistentry>
<term><option>--private-users-chown</option></term>
<listitem><para>If specified, all files and directories in the container's directory tree will adjusted so that
@@ -477,6 +466,23 @@
</varlistentry>
<varlistentry>
+ <term><option>-U</option></term>
+
+ <listitem><para>If the kernel supports the user namespaces feature, equivalent to
+ <option>--private-users=pick --private-users-chown</option>, otherwise equivalent to
+ <option>--private-users=no</option>.</para>
+
+ <para>Note that <option>-U</option> is the default if the
+ <filename>systemd-nspawn@.service</filename> template unit file is used.</para>
+
+ <para>Note: it is possible to undo the effect of <option>--private-users-chown</option> (or
+ <option>-U</option>) on the file system by redoing the operation with the first UID of 0:</para>
+
+ <programlisting>systemd-nspawn … --private-users=0 --private-users-chown</programlisting>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term><option>--private-network</option></term>
<listitem><para>Disconnect networking of the container from