diff options
Diffstat (limited to 'man/machinectl.xml')
-rw-r--r-- | man/machinectl.xml | 88 |
1 files changed, 48 insertions, 40 deletions
diff --git a/man/machinectl.xml b/man/machinectl.xml index 5a6ec294d2..7a159aecdc 100644 --- a/man/machinectl.xml +++ b/man/machinectl.xml @@ -292,7 +292,7 @@ Defaults to 1. All addresses can be requested with <literal>all</literal> as argument to <option>--max-addresses</option> . If the argument to <option>--max-addresses</option> is less than the actual number - of addresses,<literal>...</literal>follows the last address. + of addresses, <literal>...</literal>follows the last address. If multiple addresses are to be written for a given machine, every address except the first one is on a new line and is followed by <literal>,</literal> if another address will be output afterwards. </para></listitem> @@ -327,7 +327,7 @@ </varlistentry> <varlistentry> - <term><command>status</command> <replaceable>NAME</replaceable>...</term> + <term><command>status</command> <replaceable>NAME</replaceable>…</term> <listitem><para>Show runtime status information about one or more virtual machines and containers, followed by the @@ -341,7 +341,7 @@ </varlistentry> <varlistentry> - <term><command>show</command> [<replaceable>NAME</replaceable>...]</term> + <term><command>show</command> [<replaceable>NAME</replaceable>…]</term> <listitem><para>Show properties of one or more registered virtual machines or containers or the manager itself. If no argument is specified, properties of the manager will be shown. If a NAME is specified, @@ -353,7 +353,7 @@ </varlistentry> <varlistentry> - <term><command>start</command> <replaceable>NAME</replaceable>...</term> + <term><command>start</command> <replaceable>NAME</replaceable>…</term> <listitem><para>Start a container as a system service, using <citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>. @@ -410,7 +410,7 @@ </varlistentry> <varlistentry> - <term><command>shell</command> [[<replaceable>NAME</replaceable>@]<replaceable>NAME</replaceable> [<replaceable>PATH</replaceable> [<replaceable>ARGUMENTS</replaceable>...]]] </term> + <term><command>shell</command> [[<replaceable>NAME</replaceable>@]<replaceable>NAME</replaceable> [<replaceable>PATH</replaceable> [<replaceable>ARGUMENTS</replaceable>…]]] </term> <listitem><para>Open an interactive shell session in a container or on the local host. The first argument refers to @@ -428,6 +428,9 @@ user may be selected. Use <option>--setenv=</option> to set environment variables for the executed process.</para> + <para>Note that <command>machinectl shell</command> does not propagate the exit code/status of the invoked + shell process. Use <command>systemd-run</command> instead if that information is required (see below).</para> + <para>When using the <command>shell</command> command without arguments, (thus invoking the executed shell or command on the local host), it is in many ways similar to a <citerefentry @@ -440,17 +443,20 @@ environment variables or resource limits, among other properties.</para> - <para>Note that - <citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry> - may be used in place of the <command>shell</command> command, - and allows more detailed, low-level configuration of the - invoked unit. However, it is frequently more privileged than - the <command>shell</command> command.</para></listitem> + <para>Note that <citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry> + with its <option>--machine=</option> switch may be used in place of the <command>machinectl shell</command> + command, and allows non-interactive operation, more detailed and low-level configuration of the invoked unit, + as well as access to runtime and exit code/status information of the invoked shell process. In particular, use + <command>systemd-run</command>'s <option>--wait</option> switch to propagate exit status information of the + invoked process. Use <command>systemd-run</command>'s <option>--pty</option> switch for acquiring an + interactive shell, similar to <command>machinectl shell</command>. In general, <command>systemd-run</command> + is preferable for scripting purposes. However, note that <command>systemd-run</command> might require higher + privileges than <command>machinectl shell</command>.</para></listitem> </varlistentry> <varlistentry> - <term><command>enable</command> <replaceable>NAME</replaceable>...</term> - <term><command>disable</command> <replaceable>NAME</replaceable>...</term> + <term><command>enable</command> <replaceable>NAME</replaceable>…</term> + <term><command>disable</command> <replaceable>NAME</replaceable>…</term> <listitem><para>Enable or disable a container as a system service to start at system boot, using @@ -463,7 +469,7 @@ </varlistentry> <varlistentry> - <term><command>poweroff</command> <replaceable>NAME</replaceable>...</term> + <term><command>poweroff</command> <replaceable>NAME</replaceable>…</term> <listitem><para>Power off one or more containers. This will trigger a reboot by sending SIGRTMIN+4 to the container's init @@ -478,7 +484,7 @@ </varlistentry> <varlistentry> - <term><command>reboot</command> <replaceable>NAME</replaceable>...</term> + <term><command>reboot</command> <replaceable>NAME</replaceable>…</term> <listitem><para>Reboot one or more containers. This will trigger a reboot by sending SIGINT to the container's init @@ -488,7 +494,7 @@ </varlistentry> <varlistentry> - <term><command>terminate</command> <replaceable>NAME</replaceable>...</term> + <term><command>terminate</command> <replaceable>NAME</replaceable>…</term> <listitem><para>Immediately terminates a virtual machine or container, without cleanly shutting it down. This kills all @@ -499,7 +505,7 @@ </varlistentry> <varlistentry> - <term><command>kill</command> <replaceable>NAME</replaceable>...</term> + <term><command>kill</command> <replaceable>NAME</replaceable>…</term> <listitem><para>Send a signal to one or more processes of the virtual machine or container. This means processes as seen by @@ -512,19 +518,14 @@ <varlistentry> <term><command>bind</command> <replaceable>NAME</replaceable> <replaceable>PATH</replaceable> [<replaceable>PATH</replaceable>]</term> - <listitem><para>Bind mounts a directory from the host into the - specified container. The first directory argument is the - source directory on the host, the second directory argument - is the destination directory in the container. When the - latter is omitted, the destination path in the container is - the same as the source path on the host. When combined with - the <option>--read-only</option> switch, a ready-only bind - mount is created. When combined with the - <option>--mkdir</option> switch, the destination path is first - created before the mount is applied. Note that this option is - currently only supported for - <citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> - containers.</para></listitem> + <listitem><para>Bind mounts a directory from the host into the specified container. The first directory + argument is the source directory on the host, the second directory argument is the destination directory in the + container. When the latter is omitted, the destination path in the container is the same as the source path on + the host. When combined with the <option>--read-only</option> switch, a ready-only bind mount is created. When + combined with the <option>--mkdir</option> switch, the destination path is first created before the mount is + applied. Note that this option is currently only supported for + <citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> containers, + and only if user namespacing (<option>--private-users</option>) is not used.</para></listitem> </varlistentry> <varlistentry> @@ -534,9 +535,12 @@ system into a running container. Takes a container name, followed by the source path on the host and the destination path in the container. If the destination path is omitted, the - same as the source path is used.</para></listitem> - </varlistentry> + same as the source path is used.</para> + <para>If host and container share the same user and group namespace, file ownership by numeric user ID and + group ID is preserved for the copy, otherwise all files and directories in the copy will be owned by the root + user and group (UID/GID 0).</para></listitem> + </varlistentry> <varlistentry> <term><command>copy-from</command> <replaceable>NAME</replaceable> <replaceable>PATH</replaceable> [<replaceable>PATH</replaceable>]</term> @@ -545,7 +549,11 @@ into the host system. Takes a container name, followed by the source path in the container the destination path on the host. If the destination path is omitted, the same as the source path - is used.</para></listitem> + is used.</para> + + <para>If host and container share the same user and group namespace, file ownership by numeric user ID and + group ID is preserved for the copy, otherwise all files and directories in the copy will be owned by the root + user and group (UID/GID 0).</para></listitem> </varlistentry> </variablelist></refsect2> @@ -568,7 +576,7 @@ </varlistentry> <varlistentry> - <term><command>image-status</command> [<replaceable>NAME</replaceable>...]</term> + <term><command>image-status</command> [<replaceable>NAME</replaceable>…]</term> <listitem><para>Show terse status information about one or more container or VM images. This function is intended to @@ -578,7 +586,7 @@ </varlistentry> <varlistentry> - <term><command>show-image</command> [<replaceable>NAME</replaceable>...]</term> + <term><command>show-image</command> [<replaceable>NAME</replaceable>…]</term> <listitem><para>Show properties of one or more registered virtual machine or container images, or the manager itself. If @@ -599,8 +607,8 @@ <listitem><para>Clones a container or VM image. The arguments specify the name of the image to clone and the name of the newly cloned image. Note that plain directory container images are cloned into btrfs subvolume images with this command, if the underlying file system supports this. Note that cloning a container or VM - image is optimized for btrfs file systems, and might not be efficient on others, due to file system - limitations.</para> + image is optimized for file systems that support copy-on-write, and might not be efficient on others, due to + file system limitations.</para> <para>Note that this command leaves host name, machine ID and all other settings that could identify the instance @@ -630,7 +638,7 @@ </varlistentry> <varlistentry> - <term><command>remove</command> <replaceable>NAME</replaceable>...</term> + <term><command>remove</command> <replaceable>NAME</replaceable>…</term> <listitem><para>Removes one or more container or VM images. The special image <literal>.host</literal>, which refers to @@ -849,7 +857,7 @@ </varlistentry> <varlistentry> - <term><command>cancel-transfers</command> <replaceable>ID</replaceable>...</term> + <term><command>cancel-transfers</command> <replaceable>ID</replaceable>…</term> <listitem><para>Aborts a download, import or export of the container or VM image with the specified ID. To list ongoing @@ -910,7 +918,7 @@ <filename>/var/lib/machines/</filename> to make them available for control with <command>machinectl</command>.</para> - <para>Note that many image operations are only supported, + <para>Note that some image operations are only supported, efficient or atomic on btrfs file systems. Due to this, if the <command>pull-tar</command>, <command>pull-raw</command>, <command>import-tar</command>, <command>import-raw</command> and |