diff options
| author | Lennart Poettering <lennart@poettering.net> | 2016-11-30 18:57:42 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2016-12-01 12:41:18 +0100 |
| commit | c7a4890ce42b6c074ba622c4b82bfd3f738df736 (patch) | |
| tree | 02ef1b441379969c4b0a96ddfd38be3d26f43e32 /man | |
| parent | 86c0dd4a71c29d300632d39cf56ddb0fd0facb24 (diff) | |
nspawn: optionally, automatically allocated --bind=/--overlay source from /var/tmp
This extends the --bind= and --overlay= syntax so that an empty string as source/upper
directory is taken as request to automatically allocate a temporary directory
below /var/tmp, whose lifetime is bound to the nspawn runtime. In combination
with the "+" path extension this permits a switch "--overlay=+/var::/var" in
order to use the container's shipped /var, combine it with a writable temporary
directory and mount it to the runtime /var of the container.
Diffstat (limited to 'man')
| -rw-r--r-- | man/systemd-nspawn.xml | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml index 84fa9cadef..cd0a90d82f 100644 --- a/man/systemd-nspawn.xml +++ b/man/systemd-nspawn.xml @@ -741,16 +741,18 @@ <term><option>--bind-ro=</option></term> <listitem><para>Bind mount a file or directory from the host into the container. Takes one of: a path - argument — in which case the specified path will be mounted from the host to the same path in the container —, - or a colon-separated pair of paths — in which case the first specified path is the source in the host, and the - second path is the destination in the container —, or a colon-separated triple of source path, destination path + argument — in which case the specified path will be mounted from the host to the same path in the container, or + a colon-separated pair of paths — in which case the first specified path is the source in the host, and the + second path is the destination in the container, or a colon-separated triple of source path, destination path and mount options. The source path may optionally be prefixed with a <literal>+</literal> character. If so, the - source path is taken relative to the images root directory. This permits setting up bind mounts within the - container image. Mount options are comma-separated and currently, only "rbind" and "norbind" are allowed, - controlling whether to create a recursive or a regular bind mount. Defaults to "rbind". Backslash escapes are - interpreted, so <literal>\:</literal> may be used to embed colons in either path. This option may be specified - multiple times for creating multiple independent bind mount points. The <option>--bind-ro=</option> option - creates read-only bind mounts.</para></listitem> + source path is taken relative to the image's root directory. This permits setting up bind mounts within the + container image. The source path may be specified as empty string, in which case a temporary directory below + the host's <filename>/var/tmp</filename> directory is used. It is automatically removed when the container is + shut down. Mount options are comma-separated and currently, only <option>rbind</option> and + <option>norbind</option> are allowed, controlling whether to create a recursive or a regular bind + mount. Defaults to "rbind". Backslash escapes are interpreted, so <literal>\:</literal> may be used to embed + colons in either path. This option may be specified multiple times for creating multiple independent bind + mount points. The <option>--bind-ro=</option> option creates read-only bind mounts.</para></listitem> </varlistentry> <varlistentry> @@ -805,7 +807,12 @@ two paths have to be specified.</para> <para>The source paths may optionally be prefixed with <literal>+</literal> character. If so they are taken - relative to the image's root directory.</para> + relative to the image's root directory. The uppermost source path may also be specified as empty string, in + which case a temporary directory below the host's <filename>/var/tmp</filename> is used. The directory is + removed automatically when the container is shut down. This behaviour is useful in order to make read-only + container directories writable while the container is running. For example, use the + <literal>--overlay=+/var::/var</literal> option in order to automatically overlay a writable temporary + directory on a read-only <filename>/var</filename> directory.</para> <para>For details about overlay file systems, see <ulink url="https://www.kernel.org/doc/Documentation/filesystems/overlayfs.txt">overlayfs.txt</ulink>. Note |