From e9cb71acbbe8be9b41803b470a51d13aa7904759 Mon Sep 17 00:00:00 2001 From: Antonio Murdaca Date: Sat, 24 Sep 2016 15:44:25 +0200 Subject: [PATCH] daemon: add --userland-proxy-path flag Signed-off-by: Antonio Murdaca --- docs/reference/commandline/dockerd.md | 2 ++ man/dockerd.8.md | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/docs/reference/commandline/dockerd.md b/docs/reference/commandline/dockerd.md index b558895ea5..d134f6e102 100644 --- a/docs/reference/commandline/dockerd.md +++ b/docs/reference/commandline/dockerd.md @@ -78,6 +78,7 @@ Options: --tlskey=~/.docker/key.pem Path to TLS key file --tlsverify Use TLS and verify the remote --userland-proxy=true Use userland proxy for loopback traffic + --userland-proxy-path="" Path to the userland proxy binary --userns-remap User/Group setting for user namespaces -v, --version Print version information and quit ``` @@ -1149,6 +1150,7 @@ This is a full example of the allowed configuration options on Linux: "ip-forward": false, "ip-masq": false, "userland-proxy": false, + "userland-proxy-path": "/usr/libexec/docker-proxy", "ip": "0.0.0.0", "bridge": "", "bip": "", diff --git a/man/dockerd.8.md b/man/dockerd.8.md index 503b76061e..84ae3df6b4 100644 --- a/man/dockerd.8.md +++ b/man/dockerd.8.md @@ -64,6 +64,7 @@ dockerd - Enable daemon mode [**--tlskey**[=*~/.docker/key.pem*]] [**--tlsverify**] [**--userland-proxy**[=*true*]] +[**--userland-proxy-path**[=*""*]] [**--userns-remap**[=*default*]] # DESCRIPTION @@ -272,6 +273,9 @@ output otherwise. **--userland-proxy**=*true*|*false* Rely on a userland proxy implementation for inter-container and outside-to-container loopback communications. Default is true. +**--userland-proxy-path**="" + Path to the userland proxy binary. + **--userns-remap**=*default*|*uid:gid*|*user:group*|*user*|*uid* Enable user namespaces for containers on the daemon. Specifying "default" will cause a new user and group to be created to handle UID and GID range remapping for the user namespace mappings used for contained processes. Specifying a user (or uid) and optionally a group (or gid) will cause the daemon to lookup the user and group's subordinate ID ranges for use as the user namespace mappings for contained processes.