1podman-system-service(1)    General Commands Manual   podman-system-service(1)
2
3
4

NAME

6       podman-system-service - Run an API service
7
8

SYNOPSIS

10       podman system service [options]
11
12

DESCRIPTION

14       The podman system service command creates a listening service that will
15       answer API calls for Podman.  You may optionally  provide  an  endpoint
16       for  the  API  in  URI  form.   For example, unix:///tmp/foobar.sock or
17       tcp://localhost:8080.  If no endpoint is  provided,  defaults  will  be
18       used.   The  default endpoint for a rootful service is unix:///run/pod‐
19       man/podman.sock  and  rootless  is  unix://$XDG_RUNTIME_DIR/podman/pod‐
20       man.sock (for example unix:///run/user/1000/podman/podman.sock)
21
22
23       To  access  the API service inside a container: - mount the socket as a
24       volume - run the container with --security-opt label=disable
25
26
27       The REST API provided by podman system service is split into two parts:
28       a  compatibility layer offering support for the Docker v1.40 API, and a
29       Podman-native Libpod layer.  Documentation for the latter is  available
30       at  https://docs.podman.io/en/latest/_static/api.html.   Both  APIs are
31       versioned, but the server will not reject requests with an  unsupported
32       version set.
33
34
35       Please  note  that the API grants full access to Podman's capabilities,
36       and as such should be treated as allowing arbitrary code  execution  as
37       the  user running the API.  As such, we strongly recommend against mak‐
38       ing the API socket available via the network.  The  default  configura‐
39       tion (a Unix socket with permissions set to only allow the user running
40       Podman) is the most secure way of running the API.
41
42
43       Note: The default systemd unit files (system and user) change the  log-
44       level option to info from error. This change provides additional infor‐
45       mation on each API call.
46
47

OPTIONS

49   --cors
50       CORS headers to inject to the HTTP response. The default value is empty
51       string which disables CORS headers.
52
53
54   --help, -h
55       Print usage statement.
56
57
58   --time, -t
59       The  time  until  the session expires in seconds. The default is 5 sec‐
60       onds. A value of 0 means no timeout, therefore the session will not ex‐
61       pire.
62
63
64       The  default timeout can be changed via the service_timeout=VALUE field
65       in containers.conf.  See containers.conf(5) for more information.
66
67

EXAMPLES

69       Run an API listening for 5 seconds using the default socket.
70
71
72              podman system service --time 5
73
74
75

SEE ALSO

77       podman(1), podman-system-connection(1), containers.conf(5)
78
79

HISTORY

81       January 2020, Originally compiled by  Brent  Baude  <bbaude@redhat.com>
82       November 2020, Updated by Jhon Honce (jhonce at redhat dot com)
83
84
85
86                                                      podman-system-service(1)
Impressum