Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
singularity shell segfault with docker://centos:6 #845
I'm running Singularity 2.3.1-development.ga78190c8 on a Debian testing using kernel 4.11.0-1-amd64.
I've got a segfault with a centos6 docker image:
I've got no problem with a centos7 docker image:
Here is the tail of the debug output with the centos6 container:
@gmkurtzer I'll get us started here, and if you want to edit / adjust I can add to our troubleshooting docs. Here is a first go not following this issue closely:
Segfault on Bootstrap of Centos Image
If you are bootstrapping a centos 6 docker image, you might hit a segfault:
@gmkurtzer add something here for why this is happening?
The fix is to pass the variable
and then update grub and reboot:
These commands were on the host. The /etc/default/grub is debian specific, you might want to mention that.
It would be interesting to know the vsyscall status for the main GNU/Linux distributions.
On the top of my head, I would suggest:
From the debian kernel changelog:
Seems OK to me, thank you for the update !
Also, from the kernel-parameters.txt of linux kernel source tree:
The change to "emulate" has security implications. Given that emulate is the default mode of the upstream. I guess it is OK to change it. I think Singularity users should be clearly aware of that. Maybe it should appears somewhere in the Security section of the documentation or this linked issue is enough for the moment ? Your call ! =)
* adding troubleshooting for debian issue hpcng/singularity#845 * adding note about security implications * Typo: dummpy.img -> dummy.img (#94) Not sure if this was a typo or a snarky insider joke by a Perl/Ruby programmer.... * Typo: One -> On & wordsmithing (#95) * Type: One -> On * Wordsmithing * Fix inaccurate docker command description (#96) There is no `docker -ps` command. The docker `ps` subcommand lists containers. The docker `history` subcommand will list the layers, like so: ``` hartzelg@blah:~$ docker history hartzelg/cime IMAGE CREATED CREATED BY SIZE COMMENT 7185c64fa2a5 5 months ago /bin/sh -c #(nop) VOLUME [/cime_config.yaml] 0 B fd53e85b356b 5 months ago /bin/sh -c #(nop) VOLUME [/var/jenkins_home] 0 B b50f22ae6ec1 5 months ago /bin/sh -c #(nop) COPY file:fb917d778dfa959bb 10.11 kB [...] ``` * Typo: maybe -> may be (#97) * Oops: "pids" -> "numeric userid" (#98) "pids" is process ids, I think? What you mean is the users numeric id, e.g. on machine A `hartzell` is `3245` so files are owned by `3245`. But, when I get to machine B where `hartzell` is `22453`, those same files appear to be someone else. Right? * nothing to see here... * fixing environment variable example * Fix typo (#99) * $SINGULARITY_ENVIRONMENT, --nv, and random cleanup * removed Usage sections from commands * removed $SINGULARITY_ENVIRONMENT jazz from current docs * reverted docs-usage to old version * cleaning up the merge a bit more * finalizing and approving PR to close #100!