1podman-exec(1)() podman-exec(1)()
2
6 podman-exec - Execute a command in a running container
7
10 podman exec [options] container [command [arg ...]]
11 podman container exec [options] container [command [arg ...]]
14
17 podman exec executes a command in a running container.
18
21 --detach-keys=sequence
22 Specify the key sequence for detaching a container. Format is a single
25 character [a-Z] or one or more ctrl-<value> characters where <value> is
26 one of: a-z, @, ^, [, , or _. Specifying "" will disable this feature.
27 The default is ctrl-p,ctrl-q.
28 --env, -e
31 You may specify arbitrary environment variables that are available for
34 the command to be executed.
35 --env-file=file
38 Read in a line delimited file of environment variables.
41 --interactive, -i=true|false
44 When set to true, keep stdin open even if not attached. The default is
47 false.
48 --latest, -l
51 Instead of providing the container name or ID, use the last created
54 container. If you use methods other than Podman to run containers such
55 as CRI-O, the last started container could be from either of those
56 methods.
57 The latest option is not supported on the remote client.
60 --preserve-fds=N
63 Pass down to the process N additional file descriptors (in addition to
66 0, 1, 2). The total FDs will be 3+N.
67 --privileged
70 Give extended privileges to this container. The default is false.
73 By default, Podman containers are "unprivileged" and cannot, for exam‐
76 ple, modify parts of the operating system. This is because by default
77 a container is only allowed limited access to devices. A "privileged"
78 container is given the same access to devices as the user launching the
79 container.
80 A privileged container turns off the security features that isolate the
83 container from the host. Dropped Capabilities, limited devices,
84 read/only mount points, Apparmor/SELinux separation, and Seccomp fil‐
85 ters are all disabled.
86 Rootless containers cannot have more privileges than the account that
89 launched them.
90 --tty, -t
93 Allocate a pseudo-TTY.
96 --user, -u
99 Sets the username or UID used and optionally the groupname or GID for
102 the specified command. The following examples are all valid: --user
103 [user | user:group | uid | uid:gid | user:gid | uid:group ]
104 --workdir, -w=path
107 Working directory inside the container
110 The default working directory for running binaries within a container
113 is the root directory (/). The image developer can set a different
114 default with the WORKDIR instruction, which can be overridden when cre‐
115 ating the container.
116
119 The exit code from podman exec gives information about why the command
120 within the container failed to run or why it exited. When podman exec
121 exits with a non-zero code, the exit codes follow the chroot standard,
122 see below:
123 125 The error is with Podman itself
126 $ podman exec --foo ctrID /bin/sh; echo $?
129 Error: unknown flag: --foo
130 125
131 126 The contained command cannot be invoked
135 $ podman exec ctrID /etc; echo $?
138 Error: container_linux.go:346: starting container process caused "exec: \"/etc\": permission denied": OCI runtime error
139 126
140 127 The contained command cannot be found
144 $ podman exec ctrID foo; echo $?
147 Error: container_linux.go:346: starting container process caused "exec: \"foo\": executable file not found in $PATH": OCI runtime error
148 127
149 Exit code The contained command exit code
153 $ podman exec ctrID /bin/sh -c 'exit 3'; echo $?
156 3
157
161 $ podman exec -it ctrID ls
162 $ podman exec -it -w /tmp myCtr pwd
163 $ podman exec --user root ctrID ls
164
168 podman(1), podman-run(1)
169
172 December 2017, Originally compiled by Brent Baudebbaude@redhat.com
173 ⟨mailto:bbaude@redhat.com⟩
174 podman-exec(1)()