summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/nspawn/nspawn.c15
1 files changed, 12 insertions, 3 deletions
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index c330456ff9..3e32f59f75 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -212,9 +212,10 @@ static void help(void) {
" --uuid=UUID Set a specific machine UUID for the container\n"
" -S --slice=SLICE Place the container in the specified slice\n"
" --property=NAME=VALUE Set scope unit property\n"
+ " -U --private-users=pick Run within user namespace, pick UID/GID range automatically\n"
" --private-users[=UIDBASE[:NUIDS]]\n"
- " Run within user namespace\n"
- " --private-user-chown Adjust OS tree file ownership for private user range\n"
+ " Run within user namespace, user configured UID/GID range\n"
+ " --private-user-chown Adjust OS tree file ownership for private UID/GID range\n"
" --private-network Disable network in container\n"
" --network-interface=INTERFACE\n"
" Assign an existing network interface to the\n"
@@ -425,7 +426,7 @@ static int parse_argv(int argc, char *argv[]) {
assert(argc >= 0);
assert(argv);
- while ((c = getopt_long(argc, argv, "+hD:u:abL:M:jS:Z:qi:xp:n", options, NULL)) >= 0)
+ while ((c = getopt_long(argc, argv, "+hD:u:abL:M:jS:Z:qi:xp:nU", options, NULL)) >= 0)
switch (c) {
@@ -860,6 +861,14 @@ static int parse_argv(int argc, char *argv[]) {
arg_userns_chown = true;
break;
+ case 'U':
+ arg_userns = true;
+ arg_userns_chown = true;
+ arg_uid_shift = UID_INVALID;
+ arg_uid_range = 0x10000U;
+ arg_uid_shift_pick = true;
+ break;
+
case ARG_KILL_SIGNAL:
arg_kill_signal = signal_from_string_try_harder(optarg);
if (arg_kill_signal < 0) {