奇点;在用户主目录中获取 github 回购协议
Singularity; get a github repo into the users home directory
瞄准
目的是创建一个安装一些包的奇点容器,然后从 git 仓库克隆一个自定义包并制作它。用户需要获得使用自定义包的权限,理想情况下它会位于奇点用户的主目录中,但这似乎比我预期的要难。
奇点几乎总是作为 shell 启动,它包含一组麻烦的自定义包,并以可重复、可共享的方式从中生成结果。
问题
克隆 git 存储库似乎不错,但我唯一可以把它放在用户甚至可以看到它的地方是 /github_repo,它始终由 root 拥有。
我无法将它获取到用户的主目录,因为在 %post 期间,变量 $HOME 似乎没有指向用户的主目录,它指向 /root,然后创建的对象属于根。事实上,虽然 /home 确实存在,但它是空的,似乎用户还不存在。
我尝试克隆到 /github_repo 然后添加
chown -R $USER /github_repo
chmod -R 766 /github_repo
到%post。
容器可以建和运行,当它是运行ning;
$ ls -lh /github_repo
ls: cannot access '/github_repo': Permission denied
total 0
d????????? ? ? ? ? ? CorrectNameOfGithubFolder
-????????? ? ? ? ? ? CorrectNameOfGithubFile
所以它可以看到文件和文件夹的名称,但看不到它们的权限?我什至不知道那是可能的。如果我不弄乱 %post 中的权限,它就是 root 拥有的完全正常的文件。
食谱
这是我目前所拥有的,您应该会发现它已构建并且 运行s。
如果你想 运行 它将 recipy 保存为 example.def 然后做
sudo singularity build example.sif example.def
singularity run --containall example.sif
然后尝试
$ ls -lh /packages
example.def
BootStrap: docker
From: ubuntu:18.04
# commands on the host system
%setup
# make print colour #
GREEN='3[0;32m'
NOCOLOUR='3[0m'
echo "${GREEN}~~~ Getting modified packages from github ~~~ ${NOCOLOUR}"
export PACKAGES_TMP=/tmp/packages
rm -fr $PACKAGES_TMP
mkdir -p $PACKAGES_TMP
git clone https://github.com/rootpy/rootpy-tutorials.git $PACKAGES_TMP
cp -R ${PACKAGES_TMP} ${SINGULARITY_ROOTFS}
# get files from the host (but we dont need any)
%files
# what is done when the container is built
%post
# make print colour #
GREEN='3[0;32m'
NOCOLOUR='3[0m'
# start
echo "${GREEN}~~~ install apt packages ~~~ ${NOCOLOUR}"
apt -y update
# for fetching from repos if needed
apt -y install git
# for getting anything else from the net
apt -y install wget
# text editors
apt -y install vim-tiny
apt -y install nano
# for making downloaded packages
apt -y install make
echo "${GREEN}~~~ Set up a .bashrc ~~~ ${NOCOLOUR}"
BASHRC=/home/.bashrc
touch $BASHRC
echo "alias vim=vim.tiny\n" >> $BASHRC
# will be called in run
## Not working???
## the /home/ directory appears empty
# echo "${GREEN}~~~ Move packages to home dir ~~~ ${NOCOLOUR}"
MY_HOME=$(ls -l /home/)
echo in post home is $MY_HOME
touch ~/test
touch $HOME/test
mkdir $HOME/test_dir
# PACKAGES=$MY_HOME/packages/
# mv /packages $PACKAGES
echo "${GREEN}~~~ Give the user permission and control ~~~ ${NOCOLOUR}"
# this bit does odd things
PACKAGES=/packages
chown -R $USER $PACKAGES
chmod -R 766 $PACKAGES
echo "${GREEN}~~~ Making the packages ~~~ ${NOCOLOUR}"
# need to implement
# enviroment variabels instide the container
# sourced at run time not build time
%environment
export PACKAGES=/packages/
export BASHRC=/home/.bashrc
# this is executed when the contain is launched with
# singularity run example.sif
%runscript
MY_HOME=$(ls -l /home/)
echo at run home is $MY_HOME
touch ~/runtest1
touch $HOME/runtest2
mkdir $HOME/runtest_dir
ls -lh /
ls -lh $HOME
ls -lh $HOME/runtest_dir/
# source the .bashrc
echo $BASHRC
/bin/bash --rcfile $BASHRC
# this would be executed just after build
%test
echo I havent written any tests
# metadata
%labels
Author ClumsyCat
Version v1.0
%help
to build me
> sudo singularity build example.sif example.def
to run me do
> singularity run --containall --bind /my/out/dir/ example.sif
the "--containall" flag prevents interactions with your system
the "--bind /my/out/dir/" mounts a directory in your system
this allows scripts in that directory to be accessed from the image
and results from the image to persist in the directory
It also allows the run script to call .bashrc
这里发生了一些事情。
- 除非主机系统上有您确实需要的东西,don't use
%setup。它 运行 在主机 OS 上以 root 身份运行,很容易以您意想不到的方式破坏事物。
- 默认情况下,singularity 将 运行ning 用户的
$HOME 安装到容器中,因此您放入 /home/... 的任何内容都将被覆盖,除非用户使用 --no-home . Best practices 出于这个原因建议不要安装到 $HOME
- 当您引用 $USER 时,
%post 中的所有步骤都将其设置为 root,因为它是 运行 (sudo singularity build ...) 时的用户,所以它实际上在做任何事情
chmod -R 664 - 这会破坏您的目录。您需要执行位才能实际访问目录,而不仅仅是读取
我已经调整了您的样本定义文件,使其更符合您的预期。评论解释原因。
BootStrap: docker
From: ubuntu:18.04
%post
# make print colour #
GREEN='3[0;32m'
NOCOLOUR='3[0m'
PACKAGES=/packages
# give all files 774 and directories 775 by default
umask 002
# start
echo "${GREEN}~~~ install apt packages ~~~ ${NOCOLOUR}"
# install everything at once and use apt-get for non-interactive installs
apt-get -y update && apt-get install -y git wget vim-tiny nano make
# create a symlink to vim instead of an alias
ln -s $(which vim.tiny) /usr/local/bin/vim
echo "${GREEN}~~~ Getting modified packages from github ~~~ ${NOCOLOUR}"
# git clone in %post instead of %setup
mkdir $PACKAGES
cd $PACKAGES
git clone https://github.com/rootpy/rootpy-tutorials.git
echo "${GREEN}~~~ Making the packages ~~~ ${NOCOLOUR}"
# need to implement
echo do something here
%environment
export PACKAGES=/packages
%runscript
echo I am $(whoami)
echo
cd $PACKAGES
echo I am in $PWD
ls -la --color=auto
echo
echo vim is: $(which vim)
运行 singularity run --containall example.sif 给出:
I am tsnowlan
I am in /packages
total 0
drwxrwxr-x 3 root root 39 May 28 12:23 .
drwxr-xr-x 1 tsnowlan tsnowlan 60 May 28 12:24 ..
drwxrwxr-x 6 root root 117 May 28 12:23 rootpy-tutorials
vim is: /usr/local/bin/vim
瞄准
目的是创建一个安装一些包的奇点容器,然后从 git 仓库克隆一个自定义包并制作它。用户需要获得使用自定义包的权限,理想情况下它会位于奇点用户的主目录中,但这似乎比我预期的要难。
奇点几乎总是作为 shell 启动,它包含一组麻烦的自定义包,并以可重复、可共享的方式从中生成结果。
问题
克隆 git 存储库似乎不错,但我唯一可以把它放在用户甚至可以看到它的地方是 /github_repo,它始终由 root 拥有。
我无法将它获取到用户的主目录,因为在 %post 期间,变量 $HOME 似乎没有指向用户的主目录,它指向 /root,然后创建的对象属于根。事实上,虽然 /home 确实存在,但它是空的,似乎用户还不存在。
我尝试克隆到 /github_repo 然后添加
chown -R $USER /github_repo
chmod -R 766 /github_repo
到%post。
容器可以建和运行,当它是运行ning;
$ ls -lh /github_repo
ls: cannot access '/github_repo': Permission denied
total 0
d????????? ? ? ? ? ? CorrectNameOfGithubFolder
-????????? ? ? ? ? ? CorrectNameOfGithubFile
所以它可以看到文件和文件夹的名称,但看不到它们的权限?我什至不知道那是可能的。如果我不弄乱 %post 中的权限,它就是 root 拥有的完全正常的文件。
食谱
这是我目前所拥有的,您应该会发现它已构建并且 运行s。 如果你想 运行 它将 recipy 保存为 example.def 然后做
sudo singularity build example.sif example.def
singularity run --containall example.sif
然后尝试
$ ls -lh /packages
example.def
BootStrap: docker
From: ubuntu:18.04
# commands on the host system
%setup
# make print colour #
GREEN='3[0;32m'
NOCOLOUR='3[0m'
echo "${GREEN}~~~ Getting modified packages from github ~~~ ${NOCOLOUR}"
export PACKAGES_TMP=/tmp/packages
rm -fr $PACKAGES_TMP
mkdir -p $PACKAGES_TMP
git clone https://github.com/rootpy/rootpy-tutorials.git $PACKAGES_TMP
cp -R ${PACKAGES_TMP} ${SINGULARITY_ROOTFS}
# get files from the host (but we dont need any)
%files
# what is done when the container is built
%post
# make print colour #
GREEN='3[0;32m'
NOCOLOUR='3[0m'
# start
echo "${GREEN}~~~ install apt packages ~~~ ${NOCOLOUR}"
apt -y update
# for fetching from repos if needed
apt -y install git
# for getting anything else from the net
apt -y install wget
# text editors
apt -y install vim-tiny
apt -y install nano
# for making downloaded packages
apt -y install make
echo "${GREEN}~~~ Set up a .bashrc ~~~ ${NOCOLOUR}"
BASHRC=/home/.bashrc
touch $BASHRC
echo "alias vim=vim.tiny\n" >> $BASHRC
# will be called in run
## Not working???
## the /home/ directory appears empty
# echo "${GREEN}~~~ Move packages to home dir ~~~ ${NOCOLOUR}"
MY_HOME=$(ls -l /home/)
echo in post home is $MY_HOME
touch ~/test
touch $HOME/test
mkdir $HOME/test_dir
# PACKAGES=$MY_HOME/packages/
# mv /packages $PACKAGES
echo "${GREEN}~~~ Give the user permission and control ~~~ ${NOCOLOUR}"
# this bit does odd things
PACKAGES=/packages
chown -R $USER $PACKAGES
chmod -R 766 $PACKAGES
echo "${GREEN}~~~ Making the packages ~~~ ${NOCOLOUR}"
# need to implement
# enviroment variabels instide the container
# sourced at run time not build time
%environment
export PACKAGES=/packages/
export BASHRC=/home/.bashrc
# this is executed when the contain is launched with
# singularity run example.sif
%runscript
MY_HOME=$(ls -l /home/)
echo at run home is $MY_HOME
touch ~/runtest1
touch $HOME/runtest2
mkdir $HOME/runtest_dir
ls -lh /
ls -lh $HOME
ls -lh $HOME/runtest_dir/
# source the .bashrc
echo $BASHRC
/bin/bash --rcfile $BASHRC
# this would be executed just after build
%test
echo I havent written any tests
# metadata
%labels
Author ClumsyCat
Version v1.0
%help
to build me
> sudo singularity build example.sif example.def
to run me do
> singularity run --containall --bind /my/out/dir/ example.sif
the "--containall" flag prevents interactions with your system
the "--bind /my/out/dir/" mounts a directory in your system
this allows scripts in that directory to be accessed from the image
and results from the image to persist in the directory
It also allows the run script to call .bashrc
这里发生了一些事情。
- 除非主机系统上有您确实需要的东西,don't use
%setup。它 运行 在主机 OS 上以 root 身份运行,很容易以您意想不到的方式破坏事物。 - 默认情况下,singularity 将 运行ning 用户的
$HOME安装到容器中,因此您放入/home/...的任何内容都将被覆盖,除非用户使用--no-home. Best practices 出于这个原因建议不要安装到 $HOME - 当您引用 $USER 时,
%post中的所有步骤都将其设置为 root,因为它是 运行 (sudo singularity build ...) 时的用户,所以它实际上在做任何事情 chmod -R 664- 这会破坏您的目录。您需要执行位才能实际访问目录,而不仅仅是读取
我已经调整了您的样本定义文件,使其更符合您的预期。评论解释原因。
BootStrap: docker
From: ubuntu:18.04
%post
# make print colour #
GREEN='3[0;32m'
NOCOLOUR='3[0m'
PACKAGES=/packages
# give all files 774 and directories 775 by default
umask 002
# start
echo "${GREEN}~~~ install apt packages ~~~ ${NOCOLOUR}"
# install everything at once and use apt-get for non-interactive installs
apt-get -y update && apt-get install -y git wget vim-tiny nano make
# create a symlink to vim instead of an alias
ln -s $(which vim.tiny) /usr/local/bin/vim
echo "${GREEN}~~~ Getting modified packages from github ~~~ ${NOCOLOUR}"
# git clone in %post instead of %setup
mkdir $PACKAGES
cd $PACKAGES
git clone https://github.com/rootpy/rootpy-tutorials.git
echo "${GREEN}~~~ Making the packages ~~~ ${NOCOLOUR}"
# need to implement
echo do something here
%environment
export PACKAGES=/packages
%runscript
echo I am $(whoami)
echo
cd $PACKAGES
echo I am in $PWD
ls -la --color=auto
echo
echo vim is: $(which vim)
运行 singularity run --containall example.sif 给出:
I am tsnowlan
I am in /packages
total 0
drwxrwxr-x 3 root root 39 May 28 12:23 .
drwxr-xr-x 1 tsnowlan tsnowlan 60 May 28 12:24 ..
drwxrwxr-x 6 root root 117 May 28 12:23 rootpy-tutorials
vim is: /usr/local/bin/vim