Guest24897
/
DockerCLI
mirror of https://github.com/docker/cli.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docs: add description and link for --userns flag 

Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
This commit is contained in:
David Karlsson 2024-03-05 15:29:56 +01:00
parent 4bb2abaa54
commit 3da26a5e79
1 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
docs/reference/commandline/container_run.md
View File

@ -108,7 +108,7 @@ Create and run a new container from an image
| [`-t`](#tty), [`--tty`](#tty) | | | Allocate a pseudo-TTY |
| [`--ulimit`](#ulimit) | `ulimit` | | Ulimit options |
| `-u`, `--user` | `string` | | Username or UID (format: <name\|uid>[:<group\|gid>]) |
| `--userns` | `string` | | User namespace to use |
| [`--userns`](#userns) | `string` | | User namespace to use |
| [`--uts`](#uts) | `string` | | UTS namespace to use |
| [`-v`](#volume), [`--volume`](#volume) | `list` | | Bind mount a volume |
| `--volume-driver` | `string` | | Optional volume driver for the container |
@ -271,6 +271,21 @@ container.
strace: Process 1 attached
```
### <a name="userns"></a> Disable namespace remapping for a container (--userns)
If you enable user namespaces on the daemon,
all containers are started with user namespaces enabled by default.
To disable user namespace remapping for a specific container,
you can set the `--userns` flag to `host`.
```console
docker run --userns=host hello-world
```
`host` is the only valid value for the `--userns` flag.
For more information, refer to [Isolate containers with a user namespace](https://docs.docker.com/engine/security/userns-remap/).
### <a name="uts"></a> UTS settings (--uts)
```text