1podman-exec(1)() podman-exec(1)()
2
3
4
6 podman-exec - Execute a command in a running container
7
8
10 podman exec [options] container [command [arg ...]]
11
12
13 podman container exec [options] container [command [arg ...]]
14
15
17 podman exec executes a command in a running container.
18
19
21 --detach-keys=sequence
22
23
24 Specify the key sequence for detaching a container. Format is a single
25 character [a-Z] or one or more ctrl-<value> characters where <value> is
26 one of: a-z, @, ^, [, , or _. Specifying "" will disable this feature.
27 The default is ctrl-p,ctrl-q.
28
29
30 --env, -e
31
32
33 You may specify arbitrary environment variables that are available for
34 the command to be executed.
35
36
37 --env-file=file
38
39
40 Read in a line delimited file of environment variables.
41
42
43 --interactive, -i=true|false
44
45
46 When set to true, keep stdin open even if not attached. The default is
47 false.
48
49
50 --latest, -l
51
52
53 Instead of providing the container name or ID, use the last created
54 container. If you use methods other than Podman to run containers such
55 as CRI-O, the last started container could be from either of those
56 methods.
57
58
59 The latest option is not supported on the remote client.
60
61
62 --preserve-fds=N
63
64
65 Pass down to the process N additional file descriptors (in addition to
66 0, 1, 2). The total FDs will be 3+N.
67
68
69 --privileged
70
71
72 Give extended privileges to this container. The default is false.
73
74
75 By default, Podman containers are "unprivileged" and cannot, for exam‐
76 ple, modify parts of the operating system. This is because by default
77 a container is only allowed limited access to devices. A "privileged"
78 container is given the same access to devices as the user launching the
79 container.
80
81
82 A privileged container turns off the security features that isolate the
83 container from the host. Dropped Capabilities, limited devices,
84 read/only mount points, Apparmor/SELinux separation, and Seccomp fil‐
85 ters are all disabled.
86
87
88 Rootless containers cannot have more privileges than the account that
89 launched them.
90
91
92 --tty, -t
93
94
95 Allocate a pseudo-TTY.
96
97
98 --user, -u
99
100
101 Sets the username or UID used and optionally the groupname or GID for
102 the specified command. The following examples are all valid: --user
103 [user | user:group | uid | uid:gid | user:gid | uid:group ]
104
105
106 --workdir, -w=path
107
108
109 Working directory inside the container
110
111
112 The default working directory for running binaries within a container
113 is the root directory (/). The image developer can set a different
114 default with the WORKDIR instruction, which can be overridden when cre‐
115 ating the container.
116
117
119 The exit code from podman exec gives information about why the command
120 within the container failed to run or why it exited. When podman exec
121 exits with a non-zero code, the exit codes follow the chroot standard,
122 see below:
123
124
125 125 The error is with Podman itself
126
127
128 $ podman exec --foo ctrID /bin/sh; echo $?
129 Error: unknown flag: --foo
130 125
131
132
133
134 126 The contained command cannot be invoked
135
136
137 $ podman exec ctrID /etc; echo $?
138 Error: container_linux.go:346: starting container process caused "exec: \"/etc\": permission denied": OCI runtime error
139 126
140
141
142
143 127 The contained command cannot be found
144
145
146 $ podman exec ctrID foo; echo $?
147 Error: container_linux.go:346: starting container process caused "exec: \"foo\": executable file not found in $PATH": OCI runtime error
148 127
149
150
151
152 Exit code The contained command exit code
153
154
155 $ podman exec ctrID /bin/sh -c 'exit 3'; echo $?
156 3
157
158
159
161 $ podman exec -it ctrID ls
162 $ podman exec -it -w /tmp myCtr pwd
163 $ podman exec --user root ctrID ls
164
165
166
168 podman(1), podman-run(1)
169
170
172 December 2017, Originally compiled by Brent Baudebbaude@redhat.com
173 ⟨mailto:bbaude@redhat.com⟩
174
175
176
177 podman-exec(1)()