1
.\" This manpage has been automatically generated by docbook2man
2
.\" from a DocBook document. This tool can be found at:
3
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
4
.\" Please send any bug reports, improvements, comments, patches,
5
.\" etc. to Steve Cheng <steve@ggi-project.org>.
6
.TH "LXC-ATTACH" "1" "02 March 2012" "" ""
9
lxc-attach \- start a process inside a running container.
19
\fBlxc-attach\fR runs the specified
20
\fIcommand\fR inside the container
21
specified by \fIname\fR\&. The container
22
has to be running already.
24
If no \fIcommand\fR is specified, the
25
current default shell of the user running
26
\fBlxc-attach\fR will be looked up inside the
27
container and executed. This will fail if no such user exists
28
inside the container or the container does not have a working
32
\fB -a, --arch \fIarch\fB \fR
33
Specify the architecture which the kernel should appear to be
34
running as to the command executed. This option will accept the
35
same settings as the \fBlxc.arch\fR option in
36
container configuration files, see
37
\fB\fIlxc.conf\fB\fR(5)\&. By default, the current archictecture of the
38
running container will be used.
40
\fB -e, --elevated-privileges \fR
41
Do not drop privileges when running
42
\fIcommand\fR inside the container. If
43
this option is specified, the new process will
44
\fBnot\fR be added to the container's cgroup(s)
45
and it will not drop its capabilities before executing.
47
\fBWarning:\fR This may leak privileges into the
48
container if the command starts subprocesses that remain active
49
after the main process that was attached is terminated. The
50
(re-)starting of daemons inside the container is problematic,
51
especially if the daemon starts a lot of subprocesses such as
52
\fBcron\fR or \fBsshd\fR\&.
53
\fBUse with great care.\fR
56
These options are common to most of lxc commands.
59
Print a longer usage message than normal.
62
Give the usage message
67
\fB-o, --logfile=\fIFILE\fB\fR
68
Output to an alternate log
69
\fIFILE\fR\&. The default is no log.
71
\fB-l, --logpriority=\fILEVEL\fB\fR
73
\fILEVEL\fR\&. The default log
74
priority is ERROR\&. Possible values are :
80
Note that this option is setting the priority of the events
81
log in the alternate log file. It do not have effect on the
82
ERROR events log on stderr.
84
\fB-n, --name=\fINAME\fB\fR
85
Use container identifier \fINAME\fR\&.
86
The container identifier format is an alphanumeric string.
89
To spawn a new shell running inside an existing container, use
92
lxc-attach -n container
96
To restart the cron service of a running Debian container, use
99
lxc-attach -n container -- /etc/init.d/cron restart
103
To deactivate the network link eth1 of a running container that
104
does not have the NET_ADMIN capability, use the \fB-e\fR
105
option to use increased capabilities:
108
lxc-attach -n container -e -- /sbin/ip link delete eth1
113
The \fB-e\fR should be used with care, as it may break
114
the isolation of the containers if used improperly.
119
\fBlxc-destroy\fR(1),
122
\fBlxc-execute\fR(1),
124
\fBlxc-console\fR(1),
125
\fBlxc-monitor\fR(1),
132
\fBlxc-unfreeze\fR(1),
137
Daniel Lezcano <daniel.lezcano@free.fr>
added
removed
doc/lxc-attach.1
