[ARVADOS] updated: 2.1.0-1463-gfbffa8c4d
Git user
git at public.arvados.org
Wed Oct 6 19:58:24 UTC 2021
Summary of changes:
tools/arvbox/lib/arvbox/docker/Dockerfile.base | 2 +-
tools/arvbox/lib/arvbox/docker/createusers.sh | 7 +++++++
.../lib/arvbox/docker/service/crunch-dispatch-local/run | 17 +----------------
3 files changed, 9 insertions(+), 17 deletions(-)
mode change 100755 => 120000 tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/run
via fbffa8c4d0fa8bd19fe77b82c16395b80f0bb0ce (commit)
via 25bcd259cf59d51263d74ab09dfc4d9a92ca3fa4 (commit)
from a5804b1e5b04f8f4d0fb1ca67cf7fe8f15d61ec1 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit fbffa8c4d0fa8bd19fe77b82c16395b80f0bb0ce
Merge: a5804b1e5 25bcd259c
Author: Peter Amstutz <peter.amstutz at curii.com>
Date: Wed Oct 6 15:58:02 2021 -0400
Merge branch '18238-containers-in-arvbox' refs #18238
Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>
commit 25bcd259cf59d51263d74ab09dfc4d9a92ca3fa4
Author: Peter Amstutz <peter.amstutz at curii.com>
Date: Mon Oct 4 13:37:42 2021 -0400
18238: Arvbox Singularity / Docker updates wip
Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>
diff --git a/tools/arvbox/lib/arvbox/docker/Dockerfile.base b/tools/arvbox/lib/arvbox/docker/Dockerfile.base
index c112972c4..455665256 100644
--- a/tools/arvbox/lib/arvbox/docker/Dockerfile.base
+++ b/tools/arvbox/lib/arvbox/docker/Dockerfile.base
@@ -105,7 +105,7 @@ RUN apt-key add --no-tty /tmp/8D81803C0EBFCD88.asc && \
RUN mkdir -p /etc/apt/sources.list.d && \
echo deb https://download.docker.com/linux/debian/ buster stable > /etc/apt/sources.list.d/docker.list && \
apt-get update && \
- apt-get -yq --no-install-recommends install docker-ce=5:19.03.13~3-0~debian-buster && \
+ apt-get -yq --no-install-recommends install docker-ce=5:20.10.6~3-0~debian-buster && \
apt-get clean
# Set UTF-8 locale
diff --git a/tools/arvbox/lib/arvbox/docker/createusers.sh b/tools/arvbox/lib/arvbox/docker/createusers.sh
index 7cf58e201..66a4ff474 100755
--- a/tools/arvbox/lib/arvbox/docker/createusers.sh
+++ b/tools/arvbox/lib/arvbox/docker/createusers.sh
@@ -42,6 +42,13 @@ if ! grep "^arvbox:" /etc/passwd >/dev/null 2>/dev/null ; then
mkdir -p /tmp/crunch0 /tmp/crunch1
chown crunch:crunch -R /tmp/crunch0 /tmp/crunch1
+ # singularity needs to be owned by root and suid
+ chown root /var/lib/arvados/bin/singularity \
+ /var/lib/arvados/etc/singularity/singularity.conf \
+ /var/lib/arvados/etc/singularity/capability.json \
+ /var/lib/arvados/etc/singularity/ecl.toml
+ chmod u+s /var/lib/arvados/bin/singularity
+
echo "arvbox ALL=(crunch) NOPASSWD: ALL" >> /etc/sudoers
cat <<EOF > /etc/profile.d/paths.sh
diff --git a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/run b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/run
deleted file mode 100755
index 3ce2220d0..000000000
--- a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/run
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/bash
-# Copyright (C) The Arvados Authors. All rights reserved.
-#
-# SPDX-License-Identifier: AGPL-3.0
-
-exec 2>&1
-set -ex -o pipefail
-
-# singularity can use suid
-chown root /var/lib/arvados/bin/singularity \
- /var/lib/arvados/etc/singularity/singularity.conf \
- /var/lib/arvados/etc/singularity/capability.json \
- /var/lib/arvados/etc/singularity/ecl.toml
-chmod u+s /var/lib/arvados/bin/singularity
-
-exec /usr/local/lib/arvbox/runsu.sh $0-service $1
diff --git a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/run b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/run
new file mode 120000
index 000000000..a388c8b67
--- /dev/null
+++ b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list