1singularity(1) singularity(1)
2
6 singularity-shell - Run a shell within a container
7
11 singularity shell [shell options...]
12
16 singularity shell supports the following formats:
17 *.sif Singularity Image Format (SIF). Native to Singular‐
20 ity 3.0+
21 *.sqsh SquashFS format. Native to Singularity 2.4+
24 *.img ext3 format. Native to Singularity versions < 2.4.
27 directory/ sandbox format. Directory containing a valid root
30 file
31 system and optionally Singularity meta-data.
32 instance://* A local running instance of a container. (See the
35 instance
36 command group.)
37 library://* A SIF container hosted on a Library
40 (default https://cloud.sylabs.io/library)
41 docker://* A Docker/OCI container hosted on Docker Hub or an‐
44 other
45 OCI registry.
46 shub://* A container hosted on Singularity Hub.
49 oras://* A SIF container hosted on an OCI registry that sup‐
52 ports
53 the OCI Registry As Storage (ORAS) specification.
54
58 --add-caps="" a comma separated capability list to add
59 --allow-setuid[=false] allow setuid binaries in container (root
62 only)
63 --app="" set an application to run inside a container
66 --apply-cgroups="" apply cgroups from file for container processes
69 (root only)
70 -B, --bind=[] a user-bind path specification. spec has the format
73 src[:dest[:opts]], where src and dest are outside and inside paths. If
74 dest is not given, it is set equal to src. Mount options ('opts') may
75 be specified as 'ro' (read-only) or 'rw' (read/write, which is the de‐
76 fault). Multiple bind paths can be given by a comma separated list.
77 --blkio-weight=0 Block IO relative weight in range 10-1000, 0 to
80 disable
81 --blkio-weight-device=[] Device specific block IO relative weight
84 -e, --cleanenv[=false] clean environment before running container
87 --compat[=false] apply settings for increased OCI/Docker compati‐
90 bility. Infers --containall, --no-init, --no-umask, --no-eval,
91 --writable-tmpfs.
92 -c, --contain[=false] use minimal /dev and empty other directories
95 (e.g. /tmp and $HOME) instead of sharing filesystems from your host
96 -C, --containall[=false] contain not only file systems, but also
99 PID, IPC, and environment
100 --cpu-shares=-1 CPU shares for container
103 --cpus="" Number of CPUs available to container
106 --cpuset-cpus="" List of host CPUs available to container
109 --cpuset-mems="" List of host memory nodes available to container
112 --disable-cache[=false] dont use cache, and dont create cache
115 --dns="" list of DNS server separated by commas to add in re‐
118 solv.conf
119 --docker-host="" specify a custom Docker daemon host
122 --docker-login[=false] login to a Docker Repository interactively
125 --drop-caps="" a comma separated capability list to drop
128 --env=[] pass environment variable to contained process
131 --env-file="" pass environment variables from file to contained
134 process
135 -f, --fakeroot[=false] run container in new user namespace as uid
138 0
139 --fusemount=[] A FUSE filesystem mount specification of the form
142 ': ' - where is 'container' or 'host', specifying where the mount will
143 be performed ('container-daemon' or 'host-daemon' will run the FUSE
144 process detached). is the path to the FUSE executable, plus options
145 for the mount. is the location in the container to which the FUSE
146 mount will be attached. E.g. 'container:sshfs 10.0.0.1:/ /sshfs'. Im‐
147 plies --pid.
148 -h, --help[=false] help for shell
151 -H, --home="/builddir" a home directory specification. spec can
154 either be a src path or src:dest pair. src is the source path of the
155 home directory outside the container and dest overrides the home direc‐
156 tory within the container.
157 --hostname="" set container hostname. Infers --uts.
160 -i, --ipc[=false] run container in a new IPC namespace
163 --keep-privs[=false] let root user keep privileges in container
166 (root only)
167 --memory="" Memory limit in bytes
170 --memory-reservation="" Memory soft limit in bytes
173 --memory-swap="" Swap limit, use -1 for unlimited swap
176 --mount=[] a mount specification e.g. 'type=bind,source=/opt,des‐
179 tination=/hostopt'.
180 -n, --net[=false] run container in a new network namespace (sets
183 up a bridge network interface by default)
184 --network="bridge" specify desired network type separated by com‐
187 mas, each network will bring up a dedicated interface inside container
188 --network-args=[] specify network arguments to pass to CNI plugins
191 --no-eval[=false] do not shell evaluate env vars or OCI container
194 CMD/ENTRYPOINT/ARGS
195 --no-home[=false] do NOT mount users home directory if /home is
198 not the current working directory
199 --no-https[=false] use http instead of https for docker:// oras://
202 and library:///... URIs
203 --no-init[=false] do NOT start shim process with --pid
206 --no-mount=[] disable one or more 'mount xxx' options set in sin‐
209 gularity.conf, specify absolute destination path to disable a bind path
210 entry, or 'bind-paths' to disable all bind path entries.
211 --no-privs[=false] drop all privileges from root user in con‐
214 tainer)
215 --no-setgroups[=false] disable setgroups when entering --fakeroot
218 user namespace
219 --no-umask[=false] do not propagate umask to the container, set
222 default 0022 umask
223 --nv[=false] enable Nvidia support
226 --nvccli[=false] use nvidia-container-cli for GPU setup (experi‐
229 mental)
230 --oci[=false] Launch container with OCI runtime (experimental)
233 --oom-kill-disable[=false] Disable OOM killer
236 -o, --overlay=[] use an overlayFS image for persistent data stor‐
239 age or as read-only layer of container
240 --passphrase[=false] prompt for an encryption passphrase
243 --pem-path="" enter an path to a PEM formatted RSA key for an en‐
246 crypted container
247 -p, --pid[=false] run container in a new PID namespace
250 --pids-limit=0 Limit number of container PIDs, use -1 for unlim‐
253 ited
254 --pwd="" initial working directory for payload process inside the
257 container
258 --rocm[=false] enable experimental Rocm support
261 -S, --scratch=[] include a scratch directory within the container
264 that is linked to a temporary dir (use -W to force location)
265 --security=[] enable security features (SELinux, Apparmor, Sec‐
268 comp)
269 -s, --shell="" path to program to use for interactive shell
272 --sif-fuse[=false] attempt FUSE mount of SIF (unprivileged / user
275 namespace only) (experimental)
276 --syos[=false] execute SyOS shell
279 -u, --userns[=false] run container in a new user namespace, allow‐
282 ing Singularity to run completely unprivileged on recent kernels. This
283 disables some features of Singularity, for example it only works with
284 sandbox images.
285 --uts[=false] run container in a new UTS namespace
288 --vm[=false] enable VM support
291 --vm-cpu="1" number of CPU cores to allocate to Virtual Machine
294 (implies --vm)
295 --vm-err[=false] enable attaching stderr from VM
298 --vm-ip="dhcp" IP Address to assign for container usage. Defaults
301 to DHCP within bridge network.
302 --vm-ram="1024" amount of RAM in MiB to allocate to Virtual Ma‐
305 chine (implies --vm)
306 -W, --workdir="" working directory to be used for /tmp, /var/tmp
309 and $HOME (if -c/--contain was also used)
310 -w, --writable[=false] by default all Singularity containers are
313 available as read only. This option makes the file system accessible as
314 read/write.
315 --writable-tmpfs[=false] makes the file system accessible as read-
318 write with non persistent data (with overlay support only)
319
323 $ singularity shell /tmp/Debian.sif
324 Singularity/Debian.sif> pwd
325 /home/gmk/test
326 Singularity/Debian.sif> exit
327 $ singularity shell -C /tmp/Debian.sif
329 Singularity/Debian.sif> pwd
330 /home/gmk
331 Singularity/Debian.sif> ls -l
332 total 0
333 Singularity/Debian.sif> exit
334 $ sudo singularity shell -w /tmp/Debian.sif
336 $ sudo singularity shell --writable /tmp/Debian.sif
337 $ singularity shell instance://my_instance
339 $ singularity shell instance://my_instance
341 Singularity: Invoking an interactive shell within container...
342 Singularity container:~> ps -ef
343 UID PID PPID C STIME TTY TIME CMD
344 ubuntu 1 0 0 20:00 ? 00:00:00 /usr/local/bin/singularity/bin/sinit
345 ubuntu 2 0 0 20:01 pts/8 00:00:00 /bin/bash --norc
346 ubuntu 3 2 0 20:02 pts/8 00:00:00 ps -ef
347
352 singularity(1)
353
357 18-Sep-2023 Auto generated by spf13/cobra
358Auto generated by spf13/cobra Sep 2023 singularity(1)