Git Product home page Git Product logo

Comments (3)

DrDaveD avatar DrDaveD commented on August 17, 2024

Do you mean that an unprivileged user that starts an instance with a setuid-installation of apptainer will not be able to list the instances with an unprivileged installation of apptainer? That's not what I see when I try it.

I believe the reason for the distinction regarding root in the current documentation is that instance information is stored in $HOME, and running sudo changes $HOME to ~root.

from apptainer-userdocs.

philippfriese avatar philippfriese commented on August 17, 2024

That's interesting! I did some more testing and indeed, the following works:

$ apptainer instance start app.sif app_instance
INFO:    instance started successfully

$ apptainer instance list
INSTANCE NAME    PID     IP    IMAGE
app_instance     8705          /path/to/app.sif

However, my use-case necessitates the --net flag:

$ apptainer instance start --net app.sif app_instance
INFO:    instance started successfully

$ apptainer instance list
INSTANCE NAME    PID     IP    IMAGE

$ sudo apptainer instance list
INSTANCE NAME    PID     IP           IMAGE
app_instance     9757    10.22.0.4    /path/to/app.sif

Looking at top, the parent process Apptainer instance: pfriese [app_instance] is owned by my user pfriese in the first case and by root in the second.
The Network virtualization documentation page mentions that these features are restricted to root, which would explain why launching it as an unprivileged user succeeds in setuid-mode and yields the observed behaviour.

from apptainer-userdocs.

DrDaveD avatar DrDaveD commented on August 17, 2024

I don't see that behavior when I try it; I get an error when I try instance start --net saying that it is a privileged operation. Please instead create an issue at https://github.com/apptainer/apptainer along with complete instructions on how to reproduce it. I don't think that behavior is correct.

Even if I add myself to allow net users and add bridge to allow net networks which allows me to start such an instance, the instance is still owned by me. That was with apptainer-1.1.9 on el7.

from apptainer-userdocs.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.