runc-exec - execute new process inside the container

       If the container can run ps(1) command, the following will output a list  of  processes  running  in  the
       container:

       # runc exec <container-id> ps

       Exits with a status of command (unless -d is used), or 255 if an error occurred.

runc-exec - execute new process inside the container

--console-socketpath
              Path  to an AF_UNIX  socket which will receive a file descriptor referencing the master end of the
              console's                  pseudoterminal.                    See                   docs/terminals
              ⟨https://github.com/opencontainers/runc/blob/master/docs/terminals.md⟩.

       --cwdpath
              Change to path in the container before executing the command.

       --env|-ename=value
              Set an environment variable name to value. Can be specified multiple times.

       --tty|-t
              Allocate a pseudo-TTY.

       --user|-uuid[:gid]
              Run the command as a user (and, optionally, group) specified by uid (and gid).

       --additional-gids|-ggid
              Add additional group IDs. Can be specified multiple times.

       --process|-pprocess.json
              Instead  of  specifying  all  the  exec  parameters  directly on the command line, get them from a
              process.json, a JSON file containing the process specification as defined by the OCI runtime  spec
              ⟨https://github.com/opencontainers/runtime-spec/blob/master/config.md#process⟩.

       --detach|-d
              Detach from the container's process.

       --pid-filepath
              Specify the file to write the container process' PID to.

       --process-labellabel
              Set the asm process label for the process commonly used with selinux(7).

       --apparmorprofile
              Set the apparmor(7) profile for the process.

       --no-new-privs
              Set the "no new privileges" value for the process.

       --capcap
              Add a capability to the bounding set for the process. Can be specified multiple times.

       --preserve-fdsN
              Pass N additional file descriptors to the container (stdio + $LISTEN_FDS + N in total). Default is
              0.

       --ignore-paused
              Allow exec in a paused container. By default, if a container is paused, runcexec errors out; this
              option  can  be  used  to  override  it.   A  paused container needs to be resumed for the exec to
              complete.

       --cgrouppath | controller[,controller...]:path
              Execute a process in a sub-cgroup. If the specified cgroup does not exist, an error  is  returned.
              Default is empty path, which means to use container's top level cgroup.

              For  cgroup  v1  only,  a  particular  controller (or multiple comma-separated controllers) can be
              specified, and the option can be  used  multiple  times  to  set  different  paths  for  different
              controllers.

              Note  for cgroup v2, in case the process can't join the top level cgroup, runcexec fallback is to
              try joining the cgroup of container's init.  This fallback can be disabled by using --cgroup/.

runc(8).

                                                                                                    runc-exec(8)

runcexec [option ...] container-id [--] command [arg ...]

       runcexec [option ...] -pprocess.jsoncontainer-id