Update man pages
This commit is contained in:
Daniel J Walsh
parent
e92aef9f96
commit
f2075073ab
@ -5,15 +5,16 @@ containers-auth.json - syntax for the registry authentication file
|
||||
|
||||
# DESCRIPTION
|
||||
|
||||
A credentials file stored at `${XDG_RUNTIME_DIR}/containers/auth.json` in
|
||||
json format used to authenticate against container image registries.
|
||||
A credentials file in JSON format used to authenticate against container image registries.
|
||||
On Linux it is stored at `${XDG_RUNTIME_DIR}/containers/auth.json`;
|
||||
on Windows and macOS, at `$HOME/.config/containers/auth.json`
|
||||
|
||||
## FORMAT
|
||||
|
||||
The auth.json file stores encrypted authentication information for the
|
||||
user to container image registries. The file can have zero to many entries and
|
||||
is created by a `login` command from a container tool such as `podman login` or
|
||||
`buildah login`. Each entry includes the name of the registry and then an auth
|
||||
is created by a `login` command from a container tool such as `podman login`,
|
||||
`buildah login` or `skopeo login`. Each entry includes the name of the registry and then an auth
|
||||
token in the form of a base64 encoded string from the concatenation of the
|
||||
username, a colon, and the password.
|
||||
|
||||
@ -36,8 +37,28 @@ their accounts on quay.io and docker.io:
|
||||
An entry can be removed by using a `logout` command from a container
|
||||
tool such as `podman logout` or `buildah logout`.
|
||||
|
||||
In addition, credential helpers can be configured for specific registries and the credentials-helper
|
||||
software can be used to manage the credentials in a more secure way than depending on the base64 encoded authentication
|
||||
provided by `login`. If the credential helpers are configured for specific registries, the base64 encoded authentication will not be used
|
||||
for operations concerning credentials of the specified registries.
|
||||
|
||||
When the credential helper is in use on a Linux platform, the auth.json file would contain keys that specify the registry domain, and values that specify the suffix of the program to use (i.e. everything after docker-credential-). For example:
|
||||
|
||||
```
|
||||
{
|
||||
"auths": {
|
||||
"localhost:5001": {}
|
||||
},
|
||||
"credHelpers": {
|
||||
"registry.example.com": "secretservice"
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
For more information on credential helpers, please reference the [GitHub docker-credential-helpers project](https://github.com/docker/docker-credential-helpers/releases).
|
||||
|
||||
# SEE ALSO
|
||||
buildah-login(1), buildah-logout(1), podman-login(1), podman-logout(1)
|
||||
buildah-login(1), buildah-logout(1), podman-login(1), podman-logout(1), skopeo-login(1), skopeo-logout(1)
|
||||
|
||||
# HISTORY
|
||||
Feb 2020, Originally compiled by Tom Sweeney <tsweeney@redhat.com>
|
||||
|
||||
@ -10,8 +10,7 @@ containers-policy.json - syntax for the signature verification policy file
|
||||
Signature verification policy files are used to specify policy, e.g. trusted keys,
|
||||
applicable when deciding whether to accept an image, or individual signatures of that image, as valid.
|
||||
|
||||
The default policy is stored (unless overridden at compile-time) at `/etc/containers/policy.json`;
|
||||
applications performing verification may allow using a different policy instead.
|
||||
By default, the policy is read from `$HOME/.config/containers/policy.json`, if it exists, otherwise from `/etc/containers/policy.json`; applications performing verification may allow using a different policy instead.
|
||||
|
||||
## FORMAT
|
||||
|
||||
|
||||
@ -198,6 +198,9 @@ The `storage.options.zfs` table supports the following options:
|
||||
**mountopt**=""
|
||||
Comma separated list of default options to be used to mount container images. Suggested value "nodev". Mount options are documented in the mount(8) man page.
|
||||
|
||||
**skip_mount_home=""**
|
||||
Tell storage drivers to not create a PRIVATE bind mount on their home directory.
|
||||
|
||||
**size**=""
|
||||
Maximum size of a container image. This flag can be used to set quota on the size of container images. (format: <number>[<unit>], where unit = b (bytes), k (kilobytes), m (megabytes), or g (gigabytes))
|
||||
|
||||
|
||||
@ -92,7 +92,7 @@
|
||||
# Ulimits has limits for non privileged container engines.
|
||||
#
|
||||
# default_ulimits = [
|
||||
# “nofile”=”1280:2560”,
|
||||
# "nofile"="1280:2560",
|
||||
# ]
|
||||
|
||||
# List of default DNS options to be added to /etc/resolv.conf inside of the container.
|
||||
@ -105,7 +105,7 @@
|
||||
|
||||
# Set default DNS servers.
|
||||
# This option can be used to override the DNS configuration passed to the
|
||||
# container. The special value “none” can be specified to disable creation of
|
||||
# container. The special value "none" can be specified to disable creation of
|
||||
# /etc/resolv.conf in the container.
|
||||
# The /etc/resolv.conf file in the image will be used without changes.
|
||||
#
|
||||
@ -125,7 +125,7 @@
|
||||
# Path to OCI hooks directories for automatically executed hooks.
|
||||
#
|
||||
# hooks_dir = [
|
||||
# “/usr/share/containers/oci/hooks.d”,
|
||||
# "/usr/share/containers/oci/hooks.d",
|
||||
# ]
|
||||
|
||||
# Default proxy environment variables passed into the container.
|
||||
@ -220,7 +220,7 @@
|
||||
# userns = "host"
|
||||
|
||||
# Number of UIDs to allocate for the automatic container creation.
|
||||
# UIDs are allocated from the “container” UIDs listed in
|
||||
# UIDs are allocated from the "container" UIDs listed in
|
||||
# /etc/subuid & /etc/subgid
|
||||
#
|
||||
# userns_size=65536
|
||||
@ -241,7 +241,7 @@
|
||||
[engine]
|
||||
|
||||
# Cgroup management implementation used for the runtime.
|
||||
# Valid options “systemd” or “cgroupfs”
|
||||
# Valid options "systemd" or "cgroupfs"
|
||||
#
|
||||
# cgroup_manager = "systemd"
|
||||
|
||||
|
||||
@ -66,6 +66,13 @@ The default profile name is "container-default".
|
||||
`private` Create private Cgroup Namespace for the container.
|
||||
`host` Share host Cgroup Namespace with the container.
|
||||
|
||||
**cgroups**="enabled"
|
||||
Determines whether the container will create CGroups.
|
||||
Options are:
|
||||
`enabled` Enable cgroup support within container
|
||||
`disabled` Disable cgroup support, will inherit cgroups from parent
|
||||
`no-conmon` Container engine runs run without conmon
|
||||
|
||||
**default_capabilities**=[]
|
||||
List of default capabilities for containers.
|
||||
|
||||
|
||||
@ -46,7 +46,7 @@ Epoch: 1
|
||||
Epoch: 2
|
||||
%endif
|
||||
Version: 1.0.1
|
||||
Release: 10.dev.git%{shortcommit0}%{?dist}
|
||||
Release: 11.dev.git%{shortcommit0}%{?dist}
|
||||
Summary: Inspect container images and repositories on registries
|
||||
License: ASL 2.0
|
||||
URL: %{git0}
|
||||
@ -436,6 +436,9 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath}
|
||||
%{_datadir}/%{name}/test
|
||||
|
||||
%changelog
|
||||
* Thu Jun 11 2020 Dan Walsh <dwalsh@fedoraproject.org> - 1:1.0.1-11.dev.git161ef5a
|
||||
- Update man pages
|
||||
|
||||
* Wed Jun 10 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 1:1.0.1-10.dev.git161ef5a
|
||||
- autobuilt 161ef5a
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user