1singularity(1)                                                  singularity(1)
2
3
4

NAME

6       singularity-exec - Run a command within a container
7
8
9

SYNOPSIS

11       singularity exec [exec options...]
12
13
14

DESCRIPTION

16       singularity exec supports the following formats:
17
18
19       *.sif               Singularity Image Format (SIF). Native to Singular‐
20       ity 3.0+
21
22
23       *.sqsh              SquashFS format.  Native to Singularity 2.4+
24
25
26       *.img               ext3 format. Native to Singularity versions < 2.4.
27
28
29       directory/          sandbox format. Directory containing a  valid  root
30       file
31                             system and optionally Singularity meta-data.
32
33
34       instance://*         A  local running instance of a container. (See the
35       instance
36                             command group.)
37
38
39       library://*         A SIF container hosted on a Library
40                             (default https://cloud.sylabs.io/library)
41
42
43       docker://*          A Docker/OCI container  hosted  on  Docker  Hub  or
44       another
45                             OCI registry.
46
47
48       shub://*            A container hosted on Singularity Hub.
49
50
51       oras://*            A SIF container hosted on an OCI registry that sup‐
52       ports
53                             the OCI Registry As Storage (ORAS) specification.
54
55
56

OPTIONS

58       --add-caps=""      a comma separated capability list to add
59
60
61       --allow-setuid[=false]      allow setuid binaries  in  container  (root
62       only)
63
64
65       --app=""      set an application to run inside a container
66
67
68       --apply-cgroups=""      apply cgroups from file for container processes
69       (root only)
70
71
72       -B, --bind=[]      a user-bind path specification.  spec has the format
73       src[:dest[:opts]], where src and dest are outside and inside paths.  If
74       dest is not given, it is set equal to src.  Mount options ('opts')  may
75       be  specified  as  'ro'  (read-only)  or 'rw' (read/write, which is the
76       default). Multiple bind paths can be given by a comma separated list.
77
78
79       -e, --cleanenv[=false]      clean environment before running container
80
81
82       -c, --contain[=false]      use minimal /dev and empty other directories
83       (e.g. /tmp and $HOME) instead of sharing filesystems from your host
84
85
86       -C,  --containall[=false]       contain not only file systems, but also
87       PID, IPC, and environment
88
89
90       --disable-cache[=false]      dont use cache, and dont create cache
91
92
93       --dns=""      list  of  DNS  server  separated  by  commas  to  add  in
94       resolv.conf
95
96
97       --docker-login[=false]      login to a Docker Repository interactively
98
99
100       --drop-caps=""      a comma separated capability list to drop
101
102
103       --env=[]      pass environment variable to contained process
104
105
106       --env-file=""       pass  environment  variables from file to contained
107       process
108
109
110       -f, --fakeroot[=false]      run container in new user namespace as  uid
111       0
112
113
114       --fusemount=[]       A  FUSE filesystem mount specification of the form
115       ': ' - where  is 'container' or 'host', specifying where the mount will
116       be  performed  ('container-daemon'  or  'host-daemon' will run the FUSE
117       process detached).  is the path to the FUSE  executable,  plus  options
118       for  the  mount.   is  the  location in the container to which the FUSE
119       mount will  be  attached.  E.g.  'container:sshfs  10.0.0.1:/  /sshfs'.
120       Implies --pid.
121
122
123       -h, --help[=false]      help for exec
124
125
126       -H,  --home="/builddir"       a home directory specification.  spec can
127       either be a src path or src:dest pair.  src is the source path  of  the
128       home directory outside the container and dest overrides the home direc‐
129       tory within the container.
130
131
132       --hostname=""      set container hostname
133
134
135       -i, --ipc[=false]      run container in a new IPC namespace
136
137
138       --keep-privs[=false]      let root user keep  privileges  in  container
139       (root only)
140
141
142       -n,  --net[=false]       run container in a new network namespace (sets
143       up a bridge network interface by default)
144
145
146       --network="bridge"      specify desired network type separated by  com‐
147       mas, each network will bring up a dedicated interface inside container
148
149
150       --network-args=[]      specify network arguments to pass to CNI plugins
151
152
153       --no-home[=false]       do  NOT  mount users home directory if /home is
154       not the current working directory
155
156
157       --no-init[=false]      do NOT start shim process with --pid
158
159
160       --no-mount=[]      disable one or more mount xxx options set in  singu‐
161       larity.conf
162
163
164       --no-privs[=false]       drop  all  privileges  from  root user in con‐
165       tainer)
166
167
168       --no-umask[=false]      do not propagate umask to  the  container,  set
169       default 0022 umask
170
171
172       --nohttps[=false]       do  NOT  use HTTPS with the docker:// transport
173       (useful for local docker registries without a certificate)
174
175
176       --nonet[=false]      disable VM network handling
177
178
179       --nv[=false]      enable experimental Nvidia support
180
181
182       -o, --overlay=[]      use an overlayFS image for persistent data  stor‐
183       age or as read-only layer of container
184
185
186       --passphrase[=false]      prompt for an encryption passphrase
187
188
189       --pem-path=""       enter  an  path  to  a  PEM formated RSA key for an
190       encrypted container
191
192
193       -p, --pid[=false]      run container in a new PID namespace
194
195
196       --pwd=""      initial working directory for payload process inside  the
197       container
198
199
200       --rocm[=false]      enable experimental Rocm support
201
202
203       -S,  --scratch=[]      include a scratch directory within the container
204       that is linked to a temporary dir (use -W to force location)
205
206
207       --security=[]      enable security features  (SELinux,  Apparmor,  Sec‐
208       comp)
209
210
211       -u, --userns[=false]      run container in a new user namespace, allow‐
212       ing Singularity to run completely unprivileged on recent kernels.  This
213       disables  some  features of Singularity, for example it only works with
214       sandbox images.
215
216
217       --uts[=false]      run container in a new UTS namespace
218
219
220       --vm[=false]      enable VM support
221
222
223       --vm-cpu="1"      number of CPU cores to allocate  to  Virtual  Machine
224       (implies --vm)
225
226
227       --vm-err[=false]      enable attaching stderr from VM
228
229
230       --vm-ip="dhcp"       IP Address to assign for container usage. Defaults
231       to DHCP within bridge network.
232
233
234       --vm-ram="1024"      amount of  RAM  in  MiB  to  allocate  to  Virtual
235       Machine (implies --vm)
236
237
238       -W,  --workdir=""       working directory to be used for /tmp, /var/tmp
239       and $HOME (if -c/--contain was also used)
240
241
242       -w, --writable[=false]      by default all Singularity  containers  are
243       available as read only. This option makes the file system accessible as
244       read/write.
245
246
247       --writable-tmpfs[=false]       makes  the  file  system  accessible  as
248       read-write with non persistent data (with overlay support only)
249
250
251

EXAMPLE

253                $ singularity exec /tmp/debian.sif cat /etc/debian_version
254                $ singularity exec /tmp/debian.sif python ./hello_world.py
255                $ cat hello_world.py | singularity exec /tmp/debian.sif python
256                $ sudo singularity exec --writable /tmp/debian.sif apt-get update
257                $ singularity exec instance://my_instance ps -ef
258                $ singularity exec library://centos cat /etc/os-release
259
260
261
262

SEE ALSO

264       singularity(1)
265
266
267

HISTORY

269       11-Mar-2021 Auto generated by spf13/cobra
270
271
272
273Auto generated by spf13/cobra      Mar 2021                     singularity(1)