1podman-exec(1)              General Commands Manual             podman-exec(1)
2
3
4

NAME

6       podman-exec - Execute a command in a running container
7
8

SYNOPSIS

10       podman exec [options] container [command [arg ...]]
11
12
13       podman container exec [options] container [command [arg ...]]
14
15

DESCRIPTION

17       podman exec executes a command in a running container.
18
19

OPTIONS

21   --detach, -d
22       Start  the  exec session, but do not attach to it. The command will run
23       in the background and the exec session will  be  automatically  removed
24       when  it  completes.  The  podman exec command will print the ID of the
25       exec session and exit immediately after it starts.
26
27
28   --detach-keys=sequence
29       Specify the key sequence for detaching a container. Format is a  single
30       character [a-Z] or one or more ctrl-<value> characters where <value> is
31       one of: a-z, @, ^, [, , or _. Specifying "" will disable this  feature.
32       The default is ctrl-p,ctrl-q.
33
34
35       This option can also be set in containers.conf(5) file.
36
37
38   --env, -e=env
39       Set environment variables.
40
41
42       This  option  allows arbitrary environment variables that are available
43       for the process to be launched inside of the container. If an  environ‐
44       ment  variable is specified without a value, Podman will check the host
45       environment for a value and set the variable only if it is set  on  the
46       host.  As  a  special  case,  if an environment variable ending in * is
47       specified without a value, Podman will search the host environment  for
48       variables  starting with the prefix and will add those variables to the
49       container.
50
51
52   --env-file=file
53       Read in a line-delimited file of environment variables.
54
55
56   --interactive, -i
57       When set to true, keep stdin open even if not attached. The default  is
58       false.
59
60
61   --latest, -l
62       Instead  of  providing  the  container name or ID, use the last created
63       container. If you use methods other than Podman to run containers  such
64       as  CRI-O,  the  last  started  container could be from either of those
65       methods. (This option is not available with the remote  Podman  client,
66       including Mac and Windows (excluding WSL2) machines)
67
68
69   --preserve-fds=N
70       Pass  down to the process N additional file descriptors (in addition to
71       0, 1, 2).  The total FDs will be 3+N.  (This option  is  not  available
72       with  the  remote  Podman  client, including Mac and Windows (excluding
73       WSL2) machines)
74
75
76   --privileged
77       Give extended privileges to this container. The default is false.
78
79
80       By default, Podman containers are unprivileged (=false) and cannot, for
81       example,  modify  parts of the operating system. This is because by de‐
82       fault a container is only allowed limited access to devices. A  "privi‐
83       leged"  container  is  given  the  same  access  to devices as the user
84       launching the container.
85
86
87       A privileged container turns off the security features that isolate the
88       container  from  the host. Dropped Capabilities, limited devices, read-
89       only mount points, Apparmor/SELinux separation, and Seccomp filters are
90       all disabled.
91
92
93       Rootless  containers  cannot have more privileges than the account that
94       launched them.
95
96
97   --tty, -t
98       Allocate a pseudo-TTY. The default is false.
99
100
101       When set to true, Podman will allocate a pseudo-tty and attach  to  the
102       standard  input of the container. This can be used, for example, to run
103       a throwaway interactive shell.
104
105
106       NOTE: The --tty flag prevents redirection of standard output.  It  com‐
107       bines  STDOUT  and STDERR, it can insert control characters, and it can
108       hang pipes. This option should only be used when run interactively in a
109       terminal. When feeding input to Podman, use -i only, not -it.
110
111
112   --user, -u=user[:group]
113       Sets the username or UID used and, optionally, the groupname or GID for
114       the specified command. Both user and group may be symbolic or numeric.
115
116
117       Without this argument, the command will run as the  user  specified  in
118       the  container  image.  Unless overridden by a USER command in the Con‐
119       tainerfile or by a value passed to this option, this user generally de‐
120       faults to root.
121
122
123       When  a  user  namespace is not in use, the UID and GID used within the
124       container and on the host will match. When user namespaces are in  use,
125       however, the UID and GID in the container may correspond to another UID
126       and GID on the host. In rootless containers, for example, a user  name‐
127       space  is always used, and root in the container will by default corre‐
128       spond to the UID and GID of the user invoking Podman.
129
130
131   --workdir, -w=dir
132       Working directory inside the container.
133
134
135       The default working directory for running binaries within  a  container
136       is the root directory (/).  The image developer can set a different de‐
137       fault with the WORKDIR instruction. The operator can override the work‐
138       ing directory by using the -w option.
139
140

Exit Status

142       The  exit code from podman exec gives information about why the command
143       within the container failed to run or why it exited.  When podman  exec
144       exits  with a non-zero code, the exit codes follow the chroot standard,
145       see below:
146
147
148       125 The error is with Podman itself
149
150
151              $ podman exec --foo ctrID /bin/sh; echo $?
152              Error: unknown flag: --foo
153              125
154
155
156
157       126 The contained command cannot be invoked
158
159
160              $ podman exec ctrID /etc; echo $?
161              Error: container_linux.go:346: starting container process caused "exec: \"/etc\": permission denied": OCI runtime error
162              126
163
164
165
166       127 The contained command cannot be found
167
168
169              $ podman exec ctrID foo; echo $?
170              Error: container_linux.go:346: starting container process caused "exec: \"foo\": executable file not found in $PATH": OCI runtime error
171              127
172
173
174
175       Exit code The contained command exit code
176
177
178              $ podman exec ctrID /bin/sh -c 'exit 3'; echo $?
179              3
180
181
182

EXAMPLES

184              $ podman exec -it ctrID ls
185              $ podman exec -it -w /tmp myCtr pwd
186              $ podman exec --user root ctrID ls
187
188
189

SEE ALSO

191       podman(1), podman-run(1)
192
193

HISTORY

195       December 2017,  Originally  compiled  by  Brent  Baudebbaude@redhat.com
196       ⟨mailto:bbaude@redhat.com⟩
197
198
199
200                                                                podman-exec(1)
Impressum