1podman-exec(1)() podman-exec(1)()
2
6 podman-exec - Execute a command in a running container
7
10 podman exec [options] container [command [arg ...]]
11 podman container exec [options] container [command [arg ...]]
14
17 podman exec executes a command in a running container.
18
21 --detach, -d
22 Start the exec session, but do not attach to it. The command will run
23 in the background and the exec session will be automatically removed
24 when it completes. The podman exec command will print the ID of the
25 exec session and exit immediately after it starts.
26 --detach-keys=sequence
29 Specify the key sequence for detaching a container. Format is a single
30 character [a-Z] or one or more ctrl-<value> characters where <value> is
31 one of: a-z, @, ^, [, , or _. Specifying "" will disable this feature.
32 The default is ctrl-p,ctrl-q.
33 --env, -e
36 You may specify arbitrary environment variables that are available for
37 the command to be executed.
38 --env-file=file
41 Read in a line delimited file of environment variables.
42 --interactive, -i=true|false
45 When set to true, keep stdin open even if not attached. The default is
46 false.
47 --latest, -l
50 Instead of providing the container name or ID, use the last created
51 container. If you use methods other than Podman to run containers such
52 as CRI-O, the last started container could be from either of those
53 methods.
54 The latest option is not supported on the remote client.
57 --preserve-fds=N
60 Pass down to the process N additional file descriptors (in addition to
61 0, 1, 2). The total FDs will be 3+N.
62 --privileged
65 Give extended privileges to this container. The default is false.
66 By default, Podman containers are "unprivileged" and cannot, for exam‐
69 ple, modify parts of the operating system. This is because by default
70 a container is only allowed limited access to devices. A "privileged"
71 container is given the same access to devices as the user launching the
72 container.
73 A privileged container turns off the security features that isolate the
76 container from the host. Dropped Capabilities, limited devices,
77 read/only mount points, Apparmor/SELinux separation, and Seccomp fil‐
78 ters are all disabled.
79 Rootless containers cannot have more privileges than the account that
82 launched them.
83 --tty, -t
86 Allocate a pseudo-TTY.
87 --user, -u
90 Sets the username or UID used and optionally the groupname or GID for
91 the specified command. The following examples are all valid: --user
92 [user | user:group | uid | uid:gid | user:gid | uid:group ]
93 --workdir, -w=path
96 Working directory inside the container
97 The default working directory for running binaries within a container
100 is the root directory (/). The image developer can set a different
101 default with the WORKDIR instruction, which can be overridden when cre‐
102 ating the container.
103
106 The exit code from podman exec gives information about why the command
107 within the container failed to run or why it exited. When podman exec
108 exits with a non-zero code, the exit codes follow the chroot standard,
109 see below:
110 125 The error is with Podman itself
113 $ podman exec --foo ctrID /bin/sh; echo $?
116 Error: unknown flag: --foo
117 125
118 126 The contained command cannot be invoked
122 $ podman exec ctrID /etc; echo $?
125 Error: container_linux.go:346: starting container process caused "exec: \"/etc\": permission denied": OCI runtime error
126 126
127 127 The contained command cannot be found
131 $ podman exec ctrID foo; echo $?
134 Error: container_linux.go:346: starting container process caused "exec: \"foo\": executable file not found in $PATH": OCI runtime error
135 127
136 Exit code The contained command exit code
140 $ podman exec ctrID /bin/sh -c 'exit 3'; echo $?
143 3
144
148 $ podman exec -it ctrID ls
149 $ podman exec -it -w /tmp myCtr pwd
150 $ podman exec --user root ctrID ls
151
155 podman(1), podman-run(1)
156
159 December 2017, Originally compiled by Brent Baudebbaude@redhat.com
160 ⟨mailto:bbaude@redhat.com⟩
161 podman-exec(1)()