% podman-container-inspect 1 ## NAME podman\-container\-inspect - Display a container's configuration ## SYNOPSIS **podman container inspect** [*options*] *container* [*container* ...] ## DESCRIPTION This displays the low-level information on containers identified by name or ID. By default, this renders all results in a JSON array. If a format is specified, the given template is executed for each result. ## OPTIONS #### **--format**, **-f**=*format* Format the output using the given Go template. The keys of the returned JSON can be used as the values for the --format flag (see examples below). Valid placeholders for the Go template are listed below: | **Placeholder** | **Description** | | ------------------------ | -------------------------------------------------- | | .AppArmorProfile | AppArmor profile (string) | | .Args | Command-line arguments (array of strings) | | .BoundingCaps | Bounding capability set (array of strings) | | .Config ... | Structure with config info | | .ConmonPidFile | Path to file containing conmon pid (string) | | .Created ... | Container creation time (string, ISO3601) | | .Dependencies | Dependencies (array of strings) | | .Driver | Storage driver (string) | | .EffectiveCaps | Effective capability set (array of strings) | | .ExecIDs | Exec IDs (array of strings) | | .GraphDriver ... | Further details of graph driver (struct) | | .HostConfig ... | Host config details (struct) | | .HostnamePath | Path to file containing hostname (string) | | .HostsPath | Path to container /etc/hosts file (string) | | .ID | Container ID (full 64-char hash) | | .Image | Container image ID (64-char hash) | | .ImageDigest | Container image digest (sha256:+64-char hash) | | .ImageName | Container image name (string) | | .IsInfra | Is this an infra container? (string: true/false) | | .IsService | Is this a service container? (string: true/false) | | .KubeExitCodePropagation | Kube exit-code propagation (string) | | .LockNumber | Number of the container's Libpod lock | | .MountLabel | SELinux label of mount (string) | | .Mounts | Mounts (array of strings) | | .Name | Container name (string) | | .Namespace | Container namespace (string) | | .NetworkSettings ... | Network settings (struct) | | .OCIConfigPath | Path to OCI config file (string) | | .OCIRuntime | OCI runtime name (string) | | .Path | Path to container command (string) | | .PidFile | Path to file containing container PID (string) | | .Pod | Parent pod (string) | | .ProcessLabel | SELinux label of process (string) | | .ResolvConfPath | Path to container's resolv.conf file (string) | | .RestartCount | Number of times container has been restarted (int) | | .Rootfs | Container rootfs (string) | | .SizeRootFs | Size of rootfs, in bytes [1] | | .SizeRw | Size of upper (R/W) container layer, in bytes [1] | | .State ... | Container state info (struct) | | .StaticDir | Path to container metadata dir (string) | [1] This format specifier requires the **--size** option [//]: # (BEGIN included file options/latest.md) #### **--latest**, **-l** Instead of providing the container name or ID, use the last created container. Note: the last started container can be from other users of Podman on the host machine. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines) [//]: # (END included file options/latest.md) #### **--size**, **-s** In addition to normal output, display the total file size if the type is a container. ## EXAMPLE Inspect the specified container and print its information in json format. ``` $ podman container inspect foobar [ { "Id": "99f66530fe9c7249f7cf29f78e8661669d5831cbe4ee80ea757d5e922dd6a8a6", "Created": "2021-09-16T06:09:08.936623325-04:00", "Path": "echo", "Args": [ "hi" ], "State": { "OciVersion": "1.0.2-dev", "Status": "exited", "Running": false, "Paused": false, "Restarting": false, "OOMKilled": false, "Dead": false, "Pid": 0, "ExitCode": 0, "Error": "", "StartedAt": "2021-09-16T06:09:09.033564436-04:00", "FinishedAt": "2021-09-16T06:09:09.036184314-04:00", "Healthcheck": { "Status": "", "FailingStreak": 0, "Log": null } }, "Image": "14119a10abf4669e8cdbdff324a9f9605d99697215a0d21c360fe8dfa8471bab", "ImageName": "docker.io/library/alpine:latest", "Rootfs": "", "Pod": "", "ResolvConfPath": "/run/user/3267/containers/overlay-containers/99f66530fe9c7249f7cf29f78e8661669d5831cbe4ee80ea757d5e922dd6a8a6/userdata/resolv.conf", "HostnamePath": "/run/user/3267/containers/overlay-containers/99f66530fe9c7249f7cf29f78e8661669d5831cbe4ee80ea757d5e922dd6a8a6/userdata/hostname", "HostsPath": "/run/user/3267/containers/overlay-containers/99f66530fe9c7249f7cf29f78e8661669d5831cbe4ee80ea757d5e922dd6a8a6/userdata/hosts", "StaticDir": "/home/dwalsh/.local/share/containers/storage/overlay-containers/99f66530fe9c7249f7cf29f78e8661669d5831cbe4ee80ea757d5e922dd6a8a6/userdata", "OCIConfigPath": "/home/dwalsh/.local/share/containers/storage/overlay-containers/99f66530fe9c7249f7cf29f78e8661669d5831cbe4ee80ea757d5e922dd6a8a6/userdata/config.json", "OCIRuntime": "crun", "ConmonPidFile": "/run/user/3267/containers/overlay-containers/99f66530fe9c7249f7cf29f78e8661669d5831cbe4ee80ea757d5e922dd6a8a6/userdata/conmon.pid", "PidFile": "/run/user/3267/containers/overlay-containers/99f66530fe9c7249f7cf29f78e8661669d5831cbe4ee80ea757d5e922dd6a8a6/userdata/pidfile", "Name": "foobar", "RestartCount": 0, "Driver": "overlay", "MountLabel": "system_u:object_r:container_file_t:s0:c25,c695", "ProcessLabel": "system_u:system_r:container_t:s0:c25,c695", "AppArmorProfile": "", "EffectiveCaps": [ "CAP_CHOWN", "CAP_DAC_OVERRIDE", "CAP_FOWNER", "CAP_FSETID", "CAP_KILL", "CAP_NET_BIND_SERVICE", "CAP_SETFCAP", "CAP_SETGID", "CAP_SETPCAP", "CAP_SETUID", ], "BoundingCaps": [ "CAP_CHOWN", "CAP_DAC_OVERRIDE", "CAP_FOWNER", "CAP_FSETID", "CAP_KILL", "CAP_NET_BIND_SERVICE", "CAP_SETFCAP", "CAP_SETGID", "CAP_SETPCAP", "CAP_SETUID", ], "ExecIDs": [], "GraphDriver": { "Name": "overlay", "Data": { "LowerDir": "/home/dwalsh/.local/share/containers/storage/overlay/e2eb06d8af8218cfec8210147357a68b7e13f7c485b991c288c2d01dc228bb68/diff", "UpperDir": "/home/dwalsh/.local/share/containers/storage/overlay/8f3d70434a3db17410ec4710caf4f251f3e4ed0a96a08124e4b3d4af0a0ea300/diff", "WorkDir": "/home/dwalsh/.local/share/containers/storage/overlay/8f3d70434a3db17410ec4710caf4f251f3e4ed0a96a08124e4b3d4af0a0ea300/work" } }, "Mounts": [], "Dependencies": [], "NetworkSettings": { "EndpointID": "", "Gateway": "", "IPAddress": "", "IPPrefixLen": 0, "IPv6Gateway": "", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "MacAddress": "", "Bridge": "", "SandboxID": "", "HairpinMode": false, "LinkLocalIPv6Address": "", "LinkLocalIPv6PrefixLen": 0, "Ports": {}, "SandboxKey": "" }, "Namespace": "", "IsInfra": false, "Config": { "Hostname": "99f66530fe9c", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "TERM=xterm", "container=podman", "HOME=/root", "HOSTNAME=99f66530fe9c" ], "Cmd": [ "echo", "hi" ], "Image": "docker.io/library/alpine:latest", "Volumes": null, "WorkingDir": "/", "Entrypoint": "", "OnBuild": null, "Labels": null, "Annotations": { "io.container.manager": "libpod", "io.kubernetes.cri-o.Created": "2021-09-16T06:09:08.936623325-04:00", "org.opencontainers.image.stopSignal": "15" }, "StopSignal": 15, "CreateCommand": [ "podman", "run", "--name", "foobar", "alpine", "echo", "hi" ], "Timezone": "local", "Umask": "0022", "Timeout": 0, "StopTimeout": 10 }, "HostConfig": { "Binds": [], "CgroupManager": "systemd", "CgroupMode": "private", "ContainerIDFile": "", "LogConfig": { "Type": "journald", "Config": null, "Path": "", "Tag": "", "Size": "0B" }, "NetworkMode": "slirp4netns", "PortBindings": {}, "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 }, "AutoRemove": false, "VolumeDriver": "", "VolumesFrom": null, "CapAdd": [], "CapDrop": [], "Dns": [], "DnsOptions": [], "DnsSearch": [], "ExtraHosts": [], "GroupAdd": [], "IpcMode": "shareable", "Cgroup": "", "Cgroups": "default", "Links": null, "OomScoreAdj": 0, "PidMode": "private", "Privileged": false, "PublishAllPorts": false, "ReadonlyRootfs": false, "SecurityOpt": [], "Tmpfs": {}, "UTSMode": "private", "UsernsMode": "", "ShmSize": 65536000, "Runtime": "oci", "ConsoleSize": [ 0, 0 ], "Isolation": "", "CpuShares": 0, "Memory": 0, "NanoCpus": 0, "CgroupParent": "user.slice", "BlkioWeight": 0, "BlkioWeightDevice": null, "BlkioDeviceReadBps": null, "BlkioDeviceWriteBps": null, "BlkioDeviceReadIOps": null, "BlkioDeviceWriteIOps": null, "CpuPeriod": 0, "CpuQuota": 0, "CpuRealtimePeriod": 0, "CpuRealtimeRuntime": 0, "CpusetCpus": "", "CpusetMems": "", "Devices": [], "DiskQuota": 0, "KernelMemory": 0, "MemoryReservation": 0, "MemorySwap": 0, "MemorySwappiness": 0, "OomKillDisable": false, "PidsLimit": 2048, "Ulimits": [], "CpuCount": 0, "CpuPercent": 0, "IOMaximumIOps": 0, "IOMaximumBandwidth": 0, "CgroupConf": null } } ] ``` Inspect the specified container for the Image Name it is based on. ``` $ podman container inspect nervous_fermi --format "{{.ImageName}}" registry.access.redhat.com/ubi8:latest ``` Inspect the specified container for the GraphDriver Name it is running with. ``` $ podman container inspect foobar --format "{{.GraphDriver.Name}}" overlay ``` Inspect the latest container created for its EffectiveCaps field. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines) ``` $ podman container inspect --latest --format {{.EffectiveCaps}} [CAP_CHOWN CAP_DAC_OVERRIDE CAP_FOWNER CAP_FSETID CAP_KILL CAP_NET_BIND_SERVICE CAP_SETFCAP CAP_SETGID CAP_SETPCAP CAP_SETUID] ``` ## SEE ALSO **[podman(1)](podman.1.md)**, **[podman-container(1)](podman-container.1.md)**, **[podman-inspect(1)](podman-inspect.1.md)** ## HISTORY Sep 2021, Originally compiled by Dan Walsh