From 4616a04086c1f9248008add524a9cf74ffecca33 Mon Sep 17 00:00:00 2001 From: "Suren A. Chilingaryan" Date: Thu, 1 Sep 2022 01:34:15 +0200 Subject: CAP_ADD SYS_ADMIN to enable use of perf, etc. --- run/config.sh | 2 ++ run/devel.sh | 2 +- run/run-bash.sh | 2 +- run/run-jupyter.sh | 2 +- run/run-ssh.sh | 2 +- run/run.sh | 2 +- run/test.sh | 2 +- run/update-from-devel.sh | 2 +- 8 files changed, 9 insertions(+), 7 deletions(-) diff --git a/run/config.sh b/run/config.sh index 9685daf..299219c 100644 --- a/run/config.sh +++ b/run/config.sh @@ -8,6 +8,8 @@ web_port="${port}80" image="$1" [ -n "$image" ] || image="localhost/tomo-remote:latest" # tomo-remote:latest tomo-remote:devel tomo-remote:evelina (also ccpi, ufo, tomo) +options="--cap-add SYS_ADMIN --hooks-dir /usr/share/containers/oci/hooks.d" + volumes="-v $home/ccpi/build/setup:/root/setup -v $home/ccpi/data:/ccpi/data -v $home/ccpi/repos:/ccpi/repos -v /mnt/fast:/mnt/fast" [ -d /mnt/fast/$user ] && volumes="$volumes -v /mnt/fast/$user:/ccpi/data/fast" diff --git a/run/devel.sh b/run/devel.sh index fef44e0..a5eb84c 100644 --- a/run/devel.sh +++ b/run/devel.sh @@ -8,4 +8,4 @@ if [ ! -d ../repos ]; then buildah unshare bash ../build/extract.sh ${image} fi -podman run --name "ccpi-devel" -it --rm --hooks-dir /usr/share/containers/oci/hooks.d/ -p $ssh_port:2222/tcp $volumes ${image} bash -c "[ -f /usr/bin/supervisord ] && python /usr/bin/supervisord; bash /root/setup/provision.sh; bash" +podman run --name "ccpi-devel" -it --rm $options -p $ssh_port:2222/tcp $volumes ${image} bash -c "[ -f /usr/bin/supervisord ] && python /usr/bin/supervisord; bash /root/setup/provision.sh; bash" diff --git a/run/run-bash.sh b/run/run-bash.sh index 1e25e8a..118e615 100644 --- a/run/run-bash.sh +++ b/run/run-bash.sh @@ -4,4 +4,4 @@ set -o errexit . config.sh -podman run --name "ccpi-run" -it --rm --hooks-dir /usr/share/containers/oci/hooks.d/ -p ${web_port}:8888/tcp -p $ssh_port:2222/tcp $volumes ${image} bash +podman run --name "ccpi-run" -it --rm $options -p ${web_port}:8888/tcp -p $ssh_port:2222/tcp $volumes ${image} bash diff --git a/run/run-jupyter.sh b/run/run-jupyter.sh index 3858b4e..18a939a 100644 --- a/run/run-jupyter.sh +++ b/run/run-jupyter.sh @@ -10,4 +10,4 @@ echo " ssh -L $web_port:localhost:$web_port $(hostname)" echo "Generate password file '/ccpi/data/.jupyter/jupyter_notebook_config.json' with running in the container the following command" echo " jupyter notebook password" -podman run --name "ccpi-run" -it --rm --hooks-dir /usr/share/containers/oci/hooks.d/ -p ${web_port}:8888/tcp $volumes ${image} jupyter notebook --allow-root --no-browser --ip 0.0.0.0 --port=8888 --notebook-dir=/ccpi/data/ --debug \ No newline at end of file +podman run --name "ccpi-run" -it --rm $options -p ${web_port}:8888/tcp $volumes ${image} jupyter notebook --allow-root --no-browser --ip 0.0.0.0 --port=8888 --notebook-dir=/ccpi/data/ --debug \ No newline at end of file diff --git a/run/run-ssh.sh b/run/run-ssh.sh index 86f994f..6ae64d2 100644 --- a/run/run-ssh.sh +++ b/run/run-ssh.sh @@ -10,4 +10,4 @@ echo " ssh -L $ssh_port:localhost:$ssh_port $(hostname)" echo " and connect locally " echo " ssh -p $ssh_port localhost" -podman run --name "ccpi-run" -it --rm --hooks-dir /usr/share/containers/oci/hooks.d/ -p ${ssh_port}:2222/tcp $volumes ${image} /usr/sbin/sshd -D -p 2222 +podman run --name "ccpi-run" -it --rm $options -p ${ssh_port}:2222/tcp $volumes ${image} /usr/sbin/sshd -D -p 2222 diff --git a/run/run.sh b/run/run.sh index eabb633..5ab1bb1 100644 --- a/run/run.sh +++ b/run/run.sh @@ -4,4 +4,4 @@ set -o errexit . config.sh -podman run --name "ccpi-run" -it --rm --hooks-dir /usr/share/containers/oci/hooks.d/ -p ${web_port}:8888/tcp -p $ssh_port:2222/tcp $volumes ${image} sh -c '[ -f /usr/bin/supervisord ] && python /usr/bin/supervisord; /bin/bash' +podman run --name "ccpi-run" -it --rm $options -p ${web_port}:8888/tcp -p $ssh_port:2222/tcp $volumes ${image} sh -c '[ -f /usr/bin/supervisord ] && python /usr/bin/supervisord; /bin/bash' diff --git a/run/test.sh b/run/test.sh index 97bb631..68a1a13 100644 --- a/run/test.sh +++ b/run/test.sh @@ -3,4 +3,4 @@ set -o errexit #podman exec -it "ccpi-devel" bash /ccpi/data/run.sh -podman run --name "ccpi-run" -it --rm --hooks-dir /usr/share/containers/oci/hooks.d/ $volumes -e "CUDA_VISIBLE_DEVICES=2" localhost/ccpi:devel bash /ccpi/data/run.sh +podman run --name "ccpi-run" -it --rm $options $volumes -e "CUDA_VISIBLE_DEVICES=2" localhost/ccpi:devel bash /ccpi/data/run.sh diff --git a/run/update-from-devel.sh b/run/update-from-devel.sh index 2be835f..7291270 100644 --- a/run/update-from-devel.sh +++ b/run/update-from-devel.sh @@ -8,7 +8,7 @@ if [ ! -d ../repos ]; then buildah unshare bash ../build/extract.sh ${image} fi -podman run --name "ccpi-devel" -it --hooks-dir /usr/share/containers/oci/hooks.d/ $volumes ${image} bash /root/setup/provision.sh +podman run --name "ccpi-devel" -it $options $volumes ${image} bash /root/setup/provision.sh podman container cp ../repos/ ccpi-devel:/ccpi/ podman container commit ccpi-devel ${image}:devel podman rm ccpi-devel -- cgit v1.2.3