From e458cf1afc14f610443f67aa4cf2238932b31ab8 Mon Sep 17 00:00:00 2001 From: Ben Bodenmiller Date: Tue, 21 Jun 2022 23:13:23 -0700 Subject: [PATCH] Improve doc code formatting Signed-off-by: Ben Bodenmiller --- docs/reference/run.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/reference/run.md b/docs/reference/run.md index 0ea20a3d65..8861e78efc 100644 --- a/docs/reference/run.md +++ b/docs/reference/run.md @@ -1241,7 +1241,7 @@ uid=0(root) gid=0(root) groups=10(wheel),29(audio),99(nogroup),777 | `--cap-add` | Add Linux capabilities | | `--cap-drop` | Drop Linux capabilities | | `--privileged` | Give extended privileges to this container | -| `--device=[]` | Allows you to run devices inside the container without the --privileged flag. | +| `--device=[]` | Allows you to run devices inside the container without the `--privileged` flag. | By default, Docker containers are "unprivileged" and cannot, for example, run a Docker daemon inside a Docker container. This is because @@ -1249,7 +1249,7 @@ by default a container is not allowed to access any devices, but a "privileged" container is given access to all devices (see the documentation on [cgroups devices](https://www.kernel.org/doc/Documentation/cgroup-v1/devices.txt)). -The --privileged flag gives all capabilities to the container. When the operator +The `--privileged` flag gives all capabilities to the container. When the operator executes `docker run --privileged`, Docker will enable access to all devices on the host as well as set some configuration in AppArmor or SELinux to allow the container nearly all the same access to the host as processes running outside