From 1b3195b5b0b860fa6714ad778cd761e289b24f49 Mon Sep 17 00:00:00 2001 From: Paulo Miguel Almeida Date: Thu, 30 Sep 2021 19:29:00 +1300 Subject: [PATCH 1/2] Add configuration step required for recent versions of singularity --- docs/spec/spec-2.0.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/docs/spec/spec-2.0.md b/docs/spec/spec-2.0.md index a6f07bd..20750c6 100644 --- a/docs/spec/spec-2.0.md +++ b/docs/spec/spec-2.0.md @@ -113,6 +113,22 @@ The example below will run a container that exposes the port `5432` to the host. - 5432:5432 ``` +**Obs.:** In recent versions of the Singularity CLI, there is the need for tweaking the +`/etc/singularity/singularity.conf` to allow `fakeroot` to bind to ports otherwise +an error will be thrown at container execution similar to this: + +``` +INFO: Converting SIF file to temporary sandbox... +ERROR: Network fakeroot is not permitted for unprivileged users. +INFO: Cleaning up image... +``` + +To allow fakeroot to bind ports without sudo you need to execute this: + +``` +echo "allow net networks = bridge, fakeroot" >> /etc/singularity/singularity.conf +``` + ## Start Group Startscript options generally include those for networking, and any other flags From 61ac8d3b19ffd14ecacf34b6cffa871f29bd90e6 Mon Sep 17 00:00:00 2001 From: Paulo Miguel Almeida Date: Fri, 1 Oct 2021 08:59:01 +1300 Subject: [PATCH 2/2] Update docs/spec/spec-2.0.md Co-authored-by: Vanessasaurus <814322+vsoch@users.noreply.github.com> --- docs/spec/spec-2.0.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/spec/spec-2.0.md b/docs/spec/spec-2.0.md index 20750c6..1579f92 100644 --- a/docs/spec/spec-2.0.md +++ b/docs/spec/spec-2.0.md @@ -113,7 +113,7 @@ The example below will run a container that exposes the port `5432` to the host. - 5432:5432 ``` -**Obs.:** In recent versions of the Singularity CLI, there is the need for tweaking the +**Observation:** In recent versions of the Singularity CLI, there is the need for tweaking the `/etc/singularity/singularity.conf` to allow `fakeroot` to bind to ports otherwise an error will be thrown at container execution similar to this: