man: nspawn fixes
This commit is contained in:
parent
a41fe3a293
commit
4f755fc6ab
|
@ -69,11 +69,12 @@
|
||||||
to various kernel interfaces in the container to
|
to various kernel interfaces in the container to
|
||||||
read-only, such as <filename>/sys</filename>,
|
read-only, such as <filename>/sys</filename>,
|
||||||
<filename>/proc/sys</filename> or
|
<filename>/proc/sys</filename> or
|
||||||
<filename>/selinux</filename>. Network interfaces and
|
<filename>/sys/fs/selinux</filename>. Network
|
||||||
the system clock may not be changed from within the
|
interfaces and the system clock may not be changed
|
||||||
container. Device nodes may not be created. The host
|
from within the container. Device nodes may not be
|
||||||
system cannot be rebooted and kernel modules may not
|
created. The host system cannot be rebooted and kernel
|
||||||
be loaded from within the container.</para>
|
modules may not be loaded from within the
|
||||||
|
container.</para>
|
||||||
|
|
||||||
<para>Note that even though these security precautions
|
<para>Note that even though these security precautions
|
||||||
are taken <command>systemd-nspawn</command> is not
|
are taken <command>systemd-nspawn</command> is not
|
||||||
|
@ -142,7 +143,7 @@
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><option>--user=</option></term>
|
<term><option>--user=</option></term>
|
||||||
<term><option>--u</option></term>
|
<term><option>-u</option></term>
|
||||||
|
|
||||||
<listitem><para>Run the command
|
<listitem><para>Run the command
|
||||||
under specified user, create home
|
under specified user, create home
|
||||||
|
|
Loading…
Reference in New Issue