1podman-exec(1)() podman-exec(1)()
2
6 podman-exec - Execute a command in a running container
7
10 podman exec [options] container [command [arg ...]]
11 podman container exec [options] container [command [arg ...]]
14
17 podman exec executes a command in a running container.
18
21 --detach, -d
22 Start the exec session, but do not attach to it. The command will run
23 in the background and the exec session will be automatically removed
24 when it completes. The podman exec command will print the ID of the
25 exec session and exit immediately after it starts.
26 --detach-keys=sequence
29 Specify the key sequence for detaching a container. Format is a single
30 character [a-Z] or one or more ctrl-<value> characters where <value> is
31 one of: a-z, @, ^, [, , or _. Specifying "" will disable this feature.
32 The default is ctrl-p,ctrl-q.
33 --env, -e
36 You may specify arbitrary environment variables that are available for
37 the command to be executed.
38 --env-file=file
41 Read in a line delimited file of environment variables.
42 --interactive, -i=true|false
45 When set to true, keep stdin open even if not attached. The default is
46 false.
47 --latest, -l
50 Instead of providing the container name or ID, use the last created
51 container. If you use methods other than Podman to run containers such
52 as CRI-O, the last started container could be from either of those
53 methods. (This option is not available with the remote Podman client)
54 --preserve-fds=N
57 Pass down to the process N additional file descriptors (in addition to
58 0, 1, 2). The total FDs will be 3+N.
59 --privileged
62 Give extended privileges to this container. The default is false.
63 By default, Podman containers are "unprivileged" and cannot, for exam‐
66 ple, modify parts of the operating system. This is because by default
67 a container is only allowed limited access to devices. A "privileged"
68 container is given the same access to devices as the user launching the
69 container.
70 A privileged container turns off the security features that isolate the
73 container from the host. Dropped Capabilities, limited devices,
74 read/only mount points, Apparmor/SELinux separation, and Seccomp fil‐
75 ters are all disabled.
76 Rootless containers cannot have more privileges than the account that
79 launched them.
80 --tty, -t
83 Allocate a pseudo-TTY.
84 --user, -u
87 Sets the username or UID used and optionally the groupname or GID for
88 the specified command. The following examples are all valid: --user
89 [user | user:group | uid | uid:gid | user:gid | uid:group ]
90 --workdir, -w=path
93 Working directory inside the container
94 The default working directory for running binaries within a container
97 is the root directory (/). The image developer can set a different de‐
98 fault with the WORKDIR instruction, which can be overridden when creat‐
99 ing the container.
100
103 The exit code from podman exec gives information about why the command
104 within the container failed to run or why it exited. When podman exec
105 exits with a non-zero code, the exit codes follow the chroot standard,
106 see below:
107 125 The error is with Podman itself
110 $ podman exec --foo ctrID /bin/sh; echo $?
113 Error: unknown flag: --foo
114 125
115 126 The contained command cannot be invoked
119 $ podman exec ctrID /etc; echo $?
122 Error: container_linux.go:346: starting container process caused "exec: \"/etc\": permission denied": OCI runtime error
123 126
124 127 The contained command cannot be found
128 $ podman exec ctrID foo; echo $?
131 Error: container_linux.go:346: starting container process caused "exec: \"foo\": executable file not found in $PATH": OCI runtime error
132 127
133 Exit code The contained command exit code
137 $ podman exec ctrID /bin/sh -c 'exit 3'; echo $?
140 3
141
145 $ podman exec -it ctrID ls
146 $ podman exec -it -w /tmp myCtr pwd
147 $ podman exec --user root ctrID ls
148
152 podman(1), podman-run(1)
153
156 December 2017, Originally compiled by Brent Baudebbaude@redhat.com
157 ⟨mailto:bbaude@redhat.com⟩
158 podman-exec(1)()