]> git.ipfire.org Git - thirdparty/lxc.git/commitdiff
add manpages for lxc-user-nic
authorSerge Hallyn <serge.hallyn@ubuntu.com>
Tue, 17 Dec 2013 17:02:44 +0000 (11:02 -0600)
committerSerge Hallyn <serge.hallyn@ubuntu.com>
Tue, 17 Dec 2013 17:15:57 +0000 (11:15 -0600)
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
configure.ac
doc/Makefile.am
doc/lxc-user-nic.sgml.in [new file with mode: 0644]
doc/lxc-usernet.sgml.in [new file with mode: 0644]

index c8a08a9c55f921ec018d8076c5f8836f51fc9e64..cd200b03c6807bbc7136ce1d16c4257292991321 100644 (file)
@@ -498,10 +498,12 @@ AC_CONFIG_FILES([
        doc/lxc-top.sgml
        doc/lxc-unfreeze.sgml
        doc/lxc-unshare.sgml
+       doc/lxc-user-nic.sgml
        doc/lxc-version.sgml
        doc/lxc-wait.sgml
 
        doc/lxc.conf.sgml
+       doc/lxc-usernet.sgml
        doc/lxc.sgml
        doc/common_options.sgml
        doc/see_also.sgml
index 033a80ca1efe841d3285d6271ca14b7a49ec5086..e327a46506a7d624e9deebed6585299aee629347 100644 (file)
@@ -35,10 +35,12 @@ man_MANS = \
        lxc-stop.1 \
        lxc-unfreeze.1 \
        lxc-unshare.1 \
+       lxc-user-nic.1 \
        lxc-version.1 \
        lxc-wait.1 \
        \
        lxc.conf.5 \
+       lxc-usernet.5 \
        \
        lxc.7
 
diff --git a/doc/lxc-user-nic.sgml.in b/doc/lxc-user-nic.sgml.in
new file mode 100644 (file)
index 0000000..8d404bc
--- /dev/null
@@ -0,0 +1,184 @@
+<!--
+
+lxc: linux Container library
+
+(C) Copyright Canonical Ltd. 2013
+
+Authors:
+Serge Hallyn <serge.hallyn@ubuntu.com>
+
+This library is free software; you can redistribute it and/or
+modify it under the terms of the GNU Lesser General Public
+License as published by the Free Software Foundation; either
+version 2.1 of the License, or (at your option) any later version.
+
+This library is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+Lesser General Public License for more details.
+
+You should have received a copy of the GNU Lesser General Public
+License along with this library; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+
+-->
+
+<!DOCTYPE refentry PUBLIC @docdtd@ [
+
+<!ENTITY commonoptions SYSTEM "@builddir@/common_options.sgml">
+<!ENTITY seealso SYSTEM "@builddir@/see_also.sgml">
+]>
+
+<refentry>
+
+  <docinfo><date>@LXC_GENERATE_DATE@</date></docinfo>
+
+  <refmeta>
+    <refentrytitle>lxc-user-nic</refentrytitle>
+    <manvolnum>1</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>lxc-user-nic</refname>
+
+    <refpurpose>
+      Create and attach a nic to another network namespace.
+    </refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <cmdsynopsis>
+      <command>lxc-user-nic</command>
+      <arg choice="req"><replaceable>pid</replaceable></arg>
+      <arg choice="req"><replaceable>type</replaceable></arg>
+      <arg choice="req"><replaceable>bridge</replaceable></arg>
+      <arg choice="opt"><replaceable>nicname</replaceable></arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para>
+      <command>lxc-user-nic</command> is a setuid-root program with which
+      unprivileged users may create network interfaces for use by a lxc container.
+    </para>
+    <para>
+      It will consult the configuration file <filename>@LXC_USERNIC_CONF@</filename>
+      to determine number of interfaces which the calling user is allowed to
+      create, and which bridge he may attach them to.  It tracks the
+      number of interfaces each user has created using the file
+      <filename>@LXC_USERNIC_DB@</filename>.  It ensures that the calling
+      user is privileged over the network namespace to which the interface
+      will be attached.
+    </para>
+
+  </refsect1>
+
+  <refsect1>
+
+    <title>Options</title>
+
+    <variablelist>
+
+      <varlistentry>
+       <term>
+         <option><replaceable>pid</replaceable></option>
+       </term>
+       <listitem>
+         <para>
+         The process id for the task to whose network namespace the interface
+         should be attached.
+         </para>
+       </listitem>
+      </varlistentry>
+
+      <varlistentry>
+       <term>
+         <option><replaceable>type</replaceable></option>
+       </term>
+       <listitem>
+         <para>
+         The network interface type to attach.  Currently only veth is
+         supported.  With this type, two interfaces representing each
+         tunnel endpoint are created.  One endpoint will be attached
+         to the specified bridge, while the other will be passed into
+         the container.
+         </para>
+       </listitem>
+      </varlistentry>
+
+      <varlistentry>
+       <term>
+         <option><replaceable>bridge</replaceable></option>
+       </term>
+       <listitem>
+         <para>
+         The bridge to which to attach the network interface, for
+         instance <filename>lxcbr0</filename>.
+         </para>
+       </listitem>
+      </varlistentry>
+
+      <varlistentry>
+       <term>
+         <option><replaceable>nicname</replaceable></option>
+       </term>
+       <listitem>
+         <para>
+         The desired interface name in the container.  This will be
+         <filename>eth0</filename> if unspecified.
+         </para>
+       </listitem>
+      </varlistentry>
+
+    </variablelist>
+
+  </refsect1>
+
+  &commonoptions;
+
+  <refsect1>
+    <title>See Also</title>
+
+    <simpara>
+      <citerefentry>
+       <refentrytitle><command>lxc</command></refentrytitle>
+       <manvolnum>1</manvolnum>
+      </citerefentry>,
+
+      <citerefentry>
+       <refentrytitle><command>lxc-start</command></refentrytitle>
+       <manvolnum>1</manvolnum>
+      </citerefentry>,
+
+      <citerefentry>
+       <refentrytitle><command>lxc-usernet.conf</command></refentrytitle>
+       <manvolnum>5</manvolnum>
+      </citerefentry>
+    </simpara>
+   </refsect1>
+
+  <refsect1>
+    <title>Author</title>
+    <para>Daniel Lezcano <email>daniel.lezcano@free.fr</email></para>
+  </refsect1>
+
+</refentry>
+
+<!-- Keep this comment at the end of the file
+Local variables:
+mode: sgml
+sgml-omittag:t
+sgml-shorttag:t
+sgml-minimize-attributes:nil
+sgml-always-quote-attributes:t
+sgml-indent-step:2
+sgml-indent-data:t
+sgml-parent-document:nil
+sgml-default-dtd-file:nil
+sgml-exposed-tags:nil
+sgml-local-catalogs:nil
+sgml-local-ecat-files:nil
+End:
+-->
diff --git a/doc/lxc-usernet.sgml.in b/doc/lxc-usernet.sgml.in
new file mode 100644 (file)
index 0000000..8565238
--- /dev/null
@@ -0,0 +1,159 @@
+<!--
+
+lxc: linux Container library
+
+(C) Copyright Canonical Ltd. 2013
+
+Authors:
+Serge Hallyn <serge.hallyn@ubuntu.com>
+
+This library is free software; you can redistribute it and/or
+modify it under the terms of the GNU Lesser General Public
+License as published by the Free Software Foundation; either
+version 2.1 of the License, or (at your option) any later version.
+
+This library is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+Lesser General Public License for more details.
+
+You should have received a copy of the GNU Lesser General Public
+License along with this library; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+
+-->
+
+<!DOCTYPE refentry PUBLIC @docdtd@ [
+
+<!ENTITY seealso SYSTEM "@builddir@/see_also.sgml">
+]>
+
+<refentry>
+
+  <docinfo><date>@LXC_GENERATE_DATE@</date></docinfo>
+
+  <refmeta>
+    <refentrytitle>lxc-usernet</refentrytitle>
+    <manvolnum>5</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>lxc-usernet</refname>
+
+    <refpurpose>
+      unprivileged user network administration file.
+    </refpurpose>
+  </refnamediv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para>
+      <filename>@LXC_USERNIC_CONF@</filename> controls the limits which the
+      program <command>lxc-user-nic</command> places on network interfaces
+      which an unprivileged user may create.
+    </para>
+
+    <refsect2>
+      <title>Configuration</title>
+      <para>
+      This file consists of multiple entries, one per line, of the form:
+      </para>
+
+      <para>
+      <command>user</command> <command>type</command> <command>bridge</command> <command>number</command>
+      </para>
+      <para>
+      Where
+      </para>
+
+      <variablelist>
+
+       <varlistentry>
+         <term>
+           <option>user</option>
+         </term>
+         <listitem>
+           <para>
+             is the username to whom this entry applies.
+            </para>
+         </listitem>
+       </varlistentry>
+
+       <varlistentry>
+         <term>
+           <option>type</option>
+         </term>
+         <listitem>
+           <para>
+             is the type of network interface being allowed.  Only veth
+             is currently supported.
+            </para>
+         </listitem>
+       </varlistentry>
+
+       <varlistentry>
+         <term>
+           <option>bridge</option>
+         </term>
+         <listitem>
+           <para>
+             is the bridge to which the network interfaces may be attached, for
+             instance <filename>lxcbr0</filename>.
+            </para>
+         </listitem>
+       </varlistentry>
+
+       <varlistentry>
+         <term>
+           <option>number</option>
+         </term>
+         <listitem>
+           <para>
+             is the number of network interfaces of the given type which the
+             given user may attach to the given bridge, for instance <filename>2</filename>.
+            </para>
+         </listitem>
+       </varlistentry>
+      </variablelist>
+    </refsect2>
+
+  </refsect1>
+
+  <refsect1>
+    <title>See Also</title>
+    <simpara>
+      <citerefentry>
+       <refentrytitle><command>lxc</command></refentrytitle>
+       <manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+       <refentrytitle><command>lxc-user-nic</command></refentrytitle>
+       <manvolnum>1</manvolnum>
+      </citerefentry>
+    </simpara>
+  </refsect1>
+
+  <refsect1>
+    <title>Author</title>
+    <para>Daniel Lezcano <email>daniel.lezcano@free.fr</email></para>
+  </refsect1>
+
+</refentry>
+
+<!-- Keep this comment at the end of the file
+Local variables:
+mode: sgml
+sgml-omittag:t
+sgml-shorttag:t
+sgml-minimize-attributes:nil
+sgml-always-quote-attributes:t
+sgml-indent-step:2
+sgml-indent-data:t
+sgml-parent-document:nil
+sgml-default-dtd-file:nil
+sgml-exposed-tags:nil
+sgml-local-catalogs:nil
+sgml-local-ecat-files:nil
+End:
+-->