<filename>init</filename> process. This setting corresponds to the <option>--boot</option> switch on the
<command>systemd-nspawn</command> command line. This option may not be combined with
<varname>ProcessTwo=yes</varname>. This option is specified by default in the
- <filename>systemd-nspawn@.service</filename> template unit.</para></listitem>
+ <filename>systemd-nspawn@.service</filename> template unit.</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
a temporary snapshot of its file system that is removed immediately when the container terminates.
This is equivalent to the <option>--ephemeral</option> command line switch. See
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for details
- about the specific options supported.</para></listitem>
+ about the specific options supported.</para>
+
+ <xi:include href="version-info.xml" xpointer="v240"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Takes a boolean argument, which defaults to off. If enabled, the specified program is run as
PID 2. A stub init process is run as PID 1. This setting corresponds to the <option>--as-pid2</option> switch
on the <command>systemd-nspawn</command> command line. This option may not be combined with
- <varname>Boot=yes</varname>.</para></listitem>
+ <varname>Boot=yes</varname>.</para>
+
+ <xi:include href="version-info.xml" xpointer="v229"/></listitem>
</varlistentry>
<varlistentry>
<para>Note: <option>Boot=no</option>, <option>Parameters=a b "c c"</option> is the same as
<command>systemd-nspawn a b "c c"</command>, and <option>Boot=yes</option>, <option>Parameters=b 'c c'</option>
- is the same as <command>systemd-nspawn --boot b 'c c'</command>.</para></listitem>
+ is the same as <command>systemd-nspawn --boot b 'c c'</command>.</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
main process invoked in the container. This setting may be
used multiple times to set multiple environment variables. It
corresponds to the <option>--setenv=</option> command line
- switch.</para></listitem>
+ switch.</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
name to invoke the main process of the container as. This user
must be known in the container's user database. This
corresponds to the <option>--user=</option> command line
- switch.</para></listitem>
+ switch.</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Selects the working directory for the process invoked in the container. Expects an absolute
path in the container's file system namespace. This corresponds to the <option>--chdir=</option> command line
- switch.</para></listitem>
+ switch.</para>
+
+ <xi:include href="version-info.xml" xpointer="v229"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Selects a directory to pivot to <filename>/</filename> inside the container when starting up.
Takes a single path, or a pair of two paths separated by a colon. Both paths must be absolute, and are resolved
in the container's file system namespace. This corresponds to the <option>--pivot-root=</option> command line
- switch.</para></listitem>
+ switch.</para>
+
+ <xi:include href="version-info.xml" xpointer="v233"/></listitem>
</varlistentry>
<varlistentry>
capabilities are retained (or dropped).</para>
<para>These settings change the bounding set of capabilities which
also limits the ambient capabilities as given with the
- <varname>AmbientCapability=</varname>.</para></listitem>
+ <varname>AmbientCapability=</varname>.</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
</para>
<para>Note that <varname>AmbientCapability=</varname> is a privileged
- setting (see above).</para></listitem>
+ setting (see above).</para>
+
+ <xi:include href="version-info.xml" xpointer="v248"/></listitem>
</varlistentry>
<varlistentry>
<option>--no-new-privileges=</option> command line switch. See
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
details.</para>
+
+ <xi:include href="version-info.xml" xpointer="v239"/>
</listitem>
</varlistentry>
Defaults to SIGRTMIN+3 if <option>Boot=</option> is used
(on systemd-compatible init systems SIGRTMIN+3 triggers an
orderly shutdown). For a list of valid signals, see
- <citerefentry project='man-pages'><refentrytitle>signal</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para></listitem>
+ <citerefentry project='man-pages'><refentrytitle>signal</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
+
+ <xi:include href="version-info.xml" xpointer="v230"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Configures the kernel personality for the
container. This is equivalent to the
- <option>--personality=</option> switch.</para></listitem>
+ <option>--personality=</option> switch.</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Configures the 128-bit machine ID (UUID) to pass to
the container. This is equivalent to the
<option>--uuid=</option> command line switch. This option is
- privileged (see above). </para></listitem>
+ privileged (see above). </para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Configures support for usernamespacing. This is equivalent to the
<option>--private-users=</option> command line switch, and takes the same options. This option is privileged
(see above). This option is the default if the <filename>systemd-nspawn@.service</filename> template unit file
- is used.</para></listitem>
+ is used.</para>
+
+ <xi:include href="version-info.xml" xpointer="v230"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Configures support for notifications from the container's init process. This is equivalent to
the <option>--notify-ready=</option> command line switch, and takes the same parameters. See
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for details
- about the specific options supported.</para></listitem>
+ about the specific options supported.</para>
+
+ <xi:include href="version-info.xml" xpointer="v231"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Configures the system call filter applied to containers. This is equivalent to the
<option>--system-call-filter=</option> command line switch, and takes the same list parameter. See
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
- details.</para></listitem>
+ details.</para>
+
+ <xi:include href="version-info.xml" xpointer="v235"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Configures various types of resource limits applied to containers. This is equivalent to the
<option>--rlimit=</option> command line switch, and takes the same arguments. See
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
- details.</para></listitem>
+ details.</para>
+
+ <xi:include href="version-info.xml" xpointer="v239"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Configures the OOM score adjustment value. This is equivalent to the
<option>--oom-score-adjust=</option> command line switch, and takes the same argument. See
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
- details.</para></listitem>
+ details.</para>
+
+ <xi:include href="version-info.xml" xpointer="v239"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Configures the CPU affinity. This is equivalent to the <option>--cpu-affinity=</option> command
line switch, and takes the same argument. See
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
- details.</para></listitem>
+ details.</para>
+
+ <xi:include href="version-info.xml" xpointer="v239"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Configures the kernel hostname set for the container. This is equivalent to the
<option>--hostname=</option> command line switch, and takes the same argument. See
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
- details.</para></listitem>
+ details.</para>
+
+ <xi:include href="version-info.xml" xpointer="v239"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Configures how <filename>/etc/resolv.conf</filename> in the container shall be handled. This is
equivalent to the <option>--resolv-conf=</option> command line switch, and takes the same argument. See
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
- details.</para></listitem>
+ details.</para>
+
+ <xi:include href="version-info.xml" xpointer="v239"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Configures how <filename>/etc/localtime</filename> in the container shall be handled. This is
equivalent to the <option>--timezone=</option> command line switch, and takes the same argument. See
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
- details.</para></listitem>
+ details.</para>
+
+ <xi:include href="version-info.xml" xpointer="v239"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Configures how to link host and container journal setups. This is equivalent to the
<option>--link-journal=</option> command line switch, and takes the same parameter. See
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
- details.</para></listitem>
+ details.</para>
+
+ <xi:include href="version-info.xml" xpointer="v239"/></listitem>
</varlistentry>
<varlistentry>
is equivalent to the <option>--suppress-sync=</option> command line switch, and takes the same
parameter. See
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>
- for details.</para></listitem>
+ for details.</para>
+
+ <xi:include href="version-info.xml" xpointer="v250"/></listitem>
</varlistentry>
</variablelist>
specified, the container will be run with a read-only file
system. This setting corresponds to the
<option>--read-only</option> command line
- switch.</para></listitem>
+ switch.</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
option is equivalent to <option>--volatile=</option>, see
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>
for details about the specific options
- supported.</para></listitem>
+ supported.</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
<option>--bind-ro=</option>, see
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>
for details about the specific options supported. This setting
- is privileged (see above).</para></listitem>
+ is privileged (see above).</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
command line switch <option>--bind-user=</option>, see
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>
for details about the specific options supported. This setting is privileged (see
- above).</para></listitem>
+ above).</para>
+
+ <xi:include href="version-info.xml" xpointer="v249"/></listitem>
</varlistentry>
<varlistentry>
<option>--tmpfs=</option>, see
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>
for details about the specific options supported. This setting
- is privileged (see above).</para></listitem>
+ is privileged (see above).</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
may be used multiple times to mask multiple files or directories. This option is equivalent to the command line
switch <option>--inaccessible=</option>, see
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for details
- about the specific options supported. This setting is privileged (see above).</para></listitem>
+ about the specific options supported. This setting is privileged (see above).</para>
+
+ <xi:include href="version-info.xml" xpointer="v242"/></listitem>
</varlistentry>
<varlistentry>
multiple times to configure multiple overlay mounts. This option is equivalent to the command line switches
<option>--overlay=</option> and <option>--overlay-ro=</option>, see
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for details
- about the specific options supported. This setting is privileged (see above).</para></listitem>
+ about the specific options supported. This setting is privileged (see above).</para>
+
+ <xi:include href="version-info.xml" xpointer="v233"/></listitem>
</varlistentry>
<varlistentry>
<listitem><para>Configures whether the ownership of the files and directories in the container tree
shall be adjusted to the UID/GID range used, if necessary and user namespacing is enabled. This is
equivalent to the <option>--private-users-ownership=</option> command line switch. This option is
- privileged (see above).</para></listitem>
+ privileged (see above).</para>
+
+ <xi:include href="version-info.xml" xpointer="v249"/></listitem>
</varlistentry>
</variablelist>
and not share network interfaces and configuration with the
host. This setting corresponds to the
<option>--private-network</option> command line
- switch.</para></listitem>
+ switch.</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
(<literal>veth</literal>) between host and the container. This setting implies
<varname>Private=yes</varname>. This setting corresponds to the <option>--network-veth</option> command line
switch. This option is privileged (see above). This option is the default if the
- <filename>systemd-nspawn@.service</filename> template unit file is used.</para></listitem>
+ <filename>systemd-nspawn@.service</filename> template unit file is used.</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
independent of <varname>VirtualEthernet=</varname>. Note that this option is unrelated to the
<varname>Bridge=</varname> setting below, and thus any connections created this way are not
automatically added to any bridge device on the host side. This option is privileged (see
- above).</para></listitem>
+ above).</para>
+
+ <xi:include href="version-info.xml" xpointer="v228"/></listitem>
</varlistentry>
<varlistentry>
This option corresponds to the
<option>--network-interface=</option> command line switch and
implies <varname>Private=yes</varname>. This option is
- privileged (see above).</para></listitem>
+ privileged (see above).</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
<option>--network-macvlan=</option> and
<option>--network-ipvlan=</option> command line switches and
imply <varname>Private=yes</varname>. These options are
- privileged (see above).</para></listitem>
+ privileged (see above).</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
host side of the created virtual Ethernet link is connected to
the specified bridge interface. This option corresponds to the
<option>--network-bridge=</option> command line switch. This
- option is privileged (see above).</para></listitem>
+ option is privileged (see above).</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
<varlistentry>
<varname>Private=yes</varname> and has the effect that the host side of the created virtual Ethernet link is
connected to an automatically managed bridge interface named after the passed argument, prefixed with
<literal>vz-</literal>. This option corresponds to the <option>--network-zone=</option> command line
- switch. This option is privileged (see above).</para></listitem>
+ switch. This option is privileged (see above).</para>
+
+ <xi:include href="version-info.xml" xpointer="v230"/></listitem>
</varlistentry>
<varlistentry>
<option>--port=</option> command line switch, see
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>
for the precise syntax of the argument this option takes. This
- option is privileged (see above).</para></listitem>
+ option is privileged (see above).</para>
+
+ <xi:include href="version-info.xml" xpointer="v226"/></listitem>
</varlistentry>
</variablelist>
</refsect1>
projects / thirdparty / systemd.git / blobdiff