github.com/opencontainers/runc@v1.2.0-rc.1.0.20240520010911-492dc558cdd6/man/runc-exec.8.md

github.com/opencontainers/runc@v1.2.0-rc.1.0.20240520010911-492dc558cdd6/man/runc-exec.8.md (about)

     1  % runc-exec "8"
     2  
     3  # NAME
     4  **runc-exec** - execute new process inside the container
     5  
     6  # SYNOPSIS
     7  **runc exec** [_option_ ...] _container-id_ [--] _command_ [_arg_ ...]
     8  
     9  **runc exec** [_option_ ...] **-p** _process.json_ _container-id_
    10  
    11  # OPTIONS
    12  **--console-socket** _path_
    13  : Path to an **AF_UNIX**  socket which will receive a file descriptor
    14  referencing the master end of the console's pseudoterminal.  See
    15  [docs/terminals](https://github.com/opencontainers/runc/blob/master/docs/terminals.md).
    16  
    17  **--cwd** _path_
    18  : Change to _path_ in the container before executing the command.
    19  
    20  **--env**|**-e** _name_=_value_
    21  : Set an environment variable _name_ to _value_. Can be specified multiple times.
    22  
    23  **--tty**|**-t**
    24  : Allocate a pseudo-TTY.
    25  
    26  **--user**|**-u** _uid_[:_gid_]
    27  : Run the _command_ as a user (and, optionally, group) specified by _uid_ (and
    28  _gid_).
    29  
    30  **--additional-gids**|**-g** _gid_
    31  : Add additional group IDs. Can be specified multiple times.
    32  
    33  **--process**|**-p** _process.json_
    34  : Instead of specifying all the exec parameters directly on the command line,
    35  get them from a _process.json_, a JSON file containing the process
    36  specification as defined by the
    37  [OCI runtime spec](https://github.com/opencontainers/runtime-spec/blob/master/config.md#process).
    38  
    39  **--detach**|**-d**
    40  : Detach from the container's process.
    41  
    42  **--pid-file** _path_
    43  : Specify the file to write the container process' PID to.
    44  
    45  **--process-label** _label_
    46  : Set the asm process label for the process commonly used with **selinux**(7).
    47  
    48  **--apparmor** _profile_
    49  : Set the **apparmor**(7) _profile_ for the process.
    50  
    51  **--no-new-privs**
    52  : Set the "no new privileges" value for the process.
    53  
    54  **--cap** _cap_
    55  : Add a capability to the bounding set for the process. Can be specified
    56  multiple times.
    57  
    58  **--preserve-fds** _N_
    59  : Pass _N_ additional file descriptors to the container (**stdio** +
    60  **$LISTEN_FDS** + _N_ in total). Default is **0**.
    61  
    62  **--ignore-paused**
    63  : Allow exec in a paused container. By default, if a container is paused,
    64  **runc exec** errors out; this option can be used to override it.
    65  A paused container needs to be resumed for the exec to complete.
    66  
    67  **--cgroup** _path_ | _controller_[,_controller_...]:_path_
    68  : Execute a process in a sub-cgroup. If the specified cgroup does not exist, an
    69  error is returned. Default is empty path, which means to use container's top
    70  level cgroup.
    71  : For cgroup v1 only, a particular _controller_ (or multiple comma-separated
    72  controllers) can be specified, and the option can be used multiple times to set
    73  different paths for different controllers.
    74  : Note for cgroup v2, in case the process can't join the top level cgroup,
    75  **runc exec** fallback is to try joining the cgroup of container's init.
    76  This fallback can be disabled by using **--cgroup /**.
    77  
    78  # EXIT STATUS
    79  
    80  Exits with a status of _command_ (unless **-d** is used), or **255** if
    81  an error occurred.
    82  
    83  # EXAMPLES
    84  If the container can run **ps**(1) command, the following
    85  will output a list of processes running in the container:
    86  
    87  	# runc exec <container-id> ps
    88  
    89  # SEE ALSO
    90  
    91  **runc**(8).