1singularity(1)                                                  singularity(1)
2
3
4

NAME

6       singularity-shell - Run a shell within a container
7
8
9

SYNOPSIS

11       singularity shell [shell options...]
12
13
14

DESCRIPTION

16       singularity shell supports the following formats:
17
18
19       *.sif               Singularity Image Format (SIF). Native to Singular‐
20       ity 3.0+
21
22
23       *.sqsh              SquashFS format.  Native to Singularity 2.4+
24
25
26       *.img               ext3 format. Native to Singularity versions < 2.4.
27
28
29       directory/          sandbox format. Directory containing a  valid  root
30       file
31                             system and optionally Singularity meta-data.
32
33
34       instance://*         A  local running instance of a container. (See the
35       instance
36                             command group.)
37
38
39       library://*         A SIF container hosted on a Library
40                             (default https://cloud.sylabs.io/library)
41
42
43       docker://*          A Docker/OCI container  hosted  on  Docker  Hub  or
44       another
45                             OCI registry.
46
47
48       shub://*            A container hosted on Singularity Hub.
49
50
51       oras://*            A SIF container hosted on an OCI registry that sup‐
52       ports
53                             the OCI Registry As Storage (ORAS) specification.
54
55
56

OPTIONS

58       --add-caps=""      a comma separated capability list to add
59
60
61       --allow-setuid[=false]      allow setuid binaries  in  container  (root
62       only)
63
64
65       --app=""      set an application to run inside a container
66
67
68       --apply-cgroups=""      apply cgroups from file for container processes
69       (root only)
70
71
72       -B, --bind=[]      a user-bind path specification.  spec has the format
73       src[:dest[:opts]], where src and dest are outside and inside paths.  If
74       dest is not given, it is set equal to src.  Mount options ('opts')  may
75       be  specified  as  'ro'  (read-only)  or 'rw' (read/write, which is the
76       default). Multiple bind paths can be given by a comma separated list.
77
78
79       -e, --cleanenv[=false]      clean environment before running container
80
81
82       -c, --contain[=false]      use minimal /dev and empty other directories
83       (e.g. /tmp and $HOME) instead of sharing filesystems from your host
84
85
86       -C,  --containall[=false]       contain not only file systems, but also
87       PID, IPC, and environment
88
89
90       --disable-cache[=false]      dont use cache, and dont create cache
91
92
93       --dns=""      list  of  DNS  server  separated  by  commas  to  add  in
94       resolv.conf
95
96
97       --docker-login[=false]      login to a Docker Repository interactively
98
99
100       --drop-caps=""      a comma separated capability list to drop
101
102
103       --env=[]      pass environment variable to contained process
104
105
106       --env-file=""       pass  environment  variables from file to contained
107       process
108
109
110       -f, --fakeroot[=false]      run container in new user namespace as  uid
111       0
112
113
114       --fusemount=[]       A  FUSE filesystem mount specification of the form
115       ': ' - where  is 'container' or 'host', specifying where the mount will
116       be  performed  ('container-daemon'  or  'host-daemon' will run the FUSE
117       process detached).  is the path to the FUSE  executable,  plus  options
118       for  the  mount.   is  the  location in the container to which the FUSE
119       mount will  be  attached.  E.g.  'container:sshfs  10.0.0.1:/  /sshfs'.
120       Implies --pid.
121
122
123       -h, --help[=false]      help for shell
124
125
126       -H,  --home="/builddir"       a home directory specification.  spec can
127       either be a src path or src:dest pair.  src is the source path  of  the
128       home directory outside the container and dest overrides the home direc‐
129       tory within the container.
130
131
132       --hostname=""      set container hostname
133
134
135       -i, --ipc[=false]      run container in a new IPC namespace
136
137
138       --keep-privs[=false]      let root user keep  privileges  in  container
139       (root only)
140
141
142       -n,  --net[=false]       run container in a new network namespace (sets
143       up a bridge network interface by default)
144
145
146       --network="bridge"      specify desired network type separated by  com‐
147       mas, each network will bring up a dedicated interface inside container
148
149
150       --network-args=[]      specify network arguments to pass to CNI plugins
151
152
153       --no-home[=false]       do  NOT  mount users home directory if /home is
154       not the current working directory
155
156
157       --no-init[=false]      do NOT start shim process with --pid
158
159
160       --no-mount=[]      disable one or more mount xxx options set in  singu‐
161       larity.conf
162
163
164       --no-privs[=false]       drop  all  privileges  from  root user in con‐
165       tainer)
166
167
168       --no-umask[=false]      do not propagate umask to  the  container,  set
169       default 0022 umask
170
171
172       --nohttps[=false]       do  NOT  use HTTPS with the docker:// transport
173       (useful for local docker registries without a certificate)
174
175
176       --nonet[=false]      disable VM network handling
177
178
179       --nv[=false]      enable experimental Nvidia support
180
181
182       -o, --overlay=[]      use an overlayFS image for persistent data  stor‐
183       age or as read-only layer of container
184
185
186       --passphrase[=false]      prompt for an encryption passphrase
187
188
189       --pem-path=""       enter  an  path  to  a  PEM formated RSA key for an
190       encrypted container
191
192
193       -p, --pid[=false]      run container in a new PID namespace
194
195
196       --pwd=""      initial working directory for payload process inside  the
197       container
198
199
200       --rocm[=false]      enable experimental Rocm support
201
202
203       -S,  --scratch=[]      include a scratch directory within the container
204       that is linked to a temporary dir (use -W to force location)
205
206
207       --security=[]      enable security features  (SELinux,  Apparmor,  Sec‐
208       comp)
209
210
211       -s, --shell=""      path to program to use for interactive shell
212
213
214       --syos[=false]      execute SyOS shell
215
216
217       -u, --userns[=false]      run container in a new user namespace, allow‐
218       ing Singularity to run completely unprivileged on recent kernels.  This
219       disables  some  features of Singularity, for example it only works with
220       sandbox images.
221
222
223       --uts[=false]      run container in a new UTS namespace
224
225
226       --vm[=false]      enable VM support
227
228
229       --vm-cpu="1"      number of CPU cores to allocate  to  Virtual  Machine
230       (implies --vm)
231
232
233       --vm-err[=false]      enable attaching stderr from VM
234
235
236       --vm-ip="dhcp"       IP Address to assign for container usage. Defaults
237       to DHCP within bridge network.
238
239
240       --vm-ram="1024"      amount of  RAM  in  MiB  to  allocate  to  Virtual
241       Machine (implies --vm)
242
243
244       -W,  --workdir=""       working directory to be used for /tmp, /var/tmp
245       and $HOME (if -c/--contain was also used)
246
247
248       -w, --writable[=false]      by default all Singularity  containers  are
249       available as read only. This option makes the file system accessible as
250       read/write.
251
252
253       --writable-tmpfs[=false]       makes  the  file  system  accessible  as
254       read-write with non persistent data (with overlay support only)
255
256
257

EXAMPLE

259                $ singularity shell /tmp/Debian.sif
260                Singularity/Debian.sif> pwd
261                /home/gmk/test
262                Singularity/Debian.sif> exit
263
264                $ singularity shell -C /tmp/Debian.sif
265                Singularity/Debian.sif> pwd
266                /home/gmk
267                Singularity/Debian.sif> ls -l
268                total 0
269                Singularity/Debian.sif> exit
270
271                $ sudo singularity shell -w /tmp/Debian.sif
272                $ sudo singularity shell --writable /tmp/Debian.sif
273
274                $ singularity shell instance://my_instance
275
276                $ singularity shell instance://my_instance
277                Singularity: Invoking an interactive shell within container...
278                Singularity container: > ps -ef
279                UID        PID  PPID  C STIME TTY          TIME CMD
280                ubuntu       1     0  0 20:00 ?        00:00:00 /usr/local/bin/singularity/bin/sinit
281                ubuntu       2     0  0 20:01 pts/8    00:00:00 /bin/bash --norc
282                ubuntu       3     2  0 20:02 pts/8    00:00:00 ps -ef
283
284
285
286

SEE ALSO

288       singularity(1)
289
290
291

HISTORY

293       11-Mar-2021 Auto generated by spf13/cobra
294
295
296
297Auto generated by spf13/cobra      Mar 2021                     singularity(1)
Impressum