1apptainer(1)                                                      apptainer(1)
2
3
4

NAME

6       apptainer-test - Run the user-defined tests within a container
7
8
9

SYNOPSIS

11       apptainer test [exec options...]
12
13
14

DESCRIPTION

16       The  'test'  command  allows you to execute a testscript (if available)
17       inside of
18         a given container
19
20
21       NOTE:
22             For instances if there is a daemon  process  running  inside  the
23       container,
24             then subsequent container commands will all run within the same
25             namespaces.  This means that the --writable and --contain options
26       will not
27             be honored as the namespaces have already been configured by the
28             'apptainer start' command.
29
30
31

OPTIONS

33       --add-caps=""      a comma separated capability list to add
34
35
36       --allow-setuid[=false]      allow setuid binaries  in  container  (root
37       only)
38
39
40       --app=""      set an application to run inside a container
41
42
43       --apply-cgroups=""      apply cgroups from file for container processes
44       (root only)
45
46
47       -B, --bind=[]      a user-bind path specification.  spec has the format
48       src[:dest[:opts]], where src and dest are outside and inside paths.  If
49       dest is not given, it is set equal to src.  Mount options ('opts')  may
50       be  specified as 'ro' (read-only) or 'rw' (read/write, which is the de‐
51       fault). Multiple bind paths can be given by a comma separated list.
52
53
54       -e, --cleanenv[=false]      clean environment before running container
55
56
57       --compat[=false]      apply settings for increased OCI/Docker  compati‐
58       bility. Infers --containall, --no-init, --no-umask, --writable-tmpfs.
59
60
61       -c, --contain[=false]      use minimal /dev and empty other directories
62       (e.g. /tmp and $HOME) instead of sharing filesystems from your host
63
64
65       -C, --containall[=false]      contain not only file systems,  but  also
66       PID, IPC, and environment
67
68
69       --disable-cache[=false]      dont use cache, and dont create cache
70
71
72       --dns=""       list  of  DNS  server  separated by commas to add in re‐
73       solv.conf
74
75
76       --docker-login[=false]      login to a Docker Repository interactively
77
78
79       --drop-caps=""      a comma separated capability list to drop
80
81
82       --env=[]      pass environment variable to contained process
83
84
85       --env-file=""      pass environment variables from  file  to  contained
86       process
87
88
89       -f,  --fakeroot[=false]      run container in new user namespace as uid
90       0
91
92
93       --fusemount=[]      A FUSE filesystem mount specification of  the  form
94       ': ' - where  is 'container' or 'host', specifying where the mount will
95       be performed ('container-daemon' or 'host-daemon'  will  run  the  FUSE
96       process  detached).   is  the path to the FUSE executable, plus options
97       for the mount.  is the location in the  container  to  which  the  FUSE
98       mount  will  be attached. E.g. 'container:sshfs 10.0.0.1:/ /sshfs'. Im‐
99       plies --pid.
100
101
102       -h, --help[=false]      help for test
103
104
105       -H, --home="/builddir"      a home directory specification.   spec  can
106       either  be  a src path or src:dest pair.  src is the source path of the
107       home directory outside the container and dest overrides the home direc‐
108       tory within the container.
109
110
111       --hostname=""      set container hostname
112
113
114       -i, --ipc[=false]      run container in a new IPC namespace
115
116
117       --keep-privs[=false]       let  root  user keep privileges in container
118       (root only)
119
120
121       --mount=[]      a mount specification e.g.  'type=bind,source=/opt,des‐
122       tination=/hostopt'.
123
124
125       -n,  --net[=false]       run container in a new network namespace (sets
126       up a bridge network interface by default)
127
128
129       --network="bridge"      specify desired network type separated by  com‐
130       mas, each network will bring up a dedicated interface inside container
131
132
133       --network-args=[]      specify network arguments to pass to CNI plugins
134
135
136       --no-home[=false]       do  NOT  mount users home directory if /home is
137       not the current working directory
138
139
140       --no-https[=false]      use http instead of https for docker:// oras://
141       and library:///... URIs
142
143
144       --no-init[=false]      do NOT start shim process with --pid
145
146
147       --no-mount=[]       disable  one  or more mount xxx options set in app‐
148       tainer.conf
149
150
151       --no-privs[=false]      drop all privileges  from  root  user  in  con‐
152       tainer)
153
154
155       --no-umask[=false]       do  not  propagate umask to the container, set
156       default 0022 umask
157
158
159       --nv[=false]      enable Nvidia support
160
161
162       --nvccli[=false]      use nvidia-container-cli for GPU  setup  (experi‐
163       mental)
164
165
166       -o,  --overlay=[]      use an overlayFS image for persistent data stor‐
167       age or as read-only layer of container
168
169
170       --passphrase[=false]      prompt for an encryption passphrase
171
172
173       --pem-path=""      enter an path to a PEM formatted RSA key for an  en‐
174       crypted container
175
176
177       -p, --pid[=false]      run container in a new PID namespace
178
179
180       --pwd=""       initial working directory for payload process inside the
181       container
182
183
184       --rocm[=false]      enable experimental Rocm support
185
186
187       -S, --scratch=[]      include a scratch directory within the  container
188       that is linked to a temporary dir (use -W to force location)
189
190
191       --security=[]       enable  security  features (SELinux, Apparmor, Sec‐
192       comp)
193
194
195       -u, --userns[=false]      run container in a new user namespace, allow‐
196       ing  Apptainer  to  run completely unprivileged on recent kernels. This
197       disables some features of Apptainer, for example  it  only  works  with
198       sandbox images.
199
200
201       --uts[=false]      run container in a new UTS namespace
202
203
204       --vm[=false]      enable VM support
205
206
207       --vm-cpu="1"       number  of  CPU cores to allocate to Virtual Machine
208       (implies --vm)
209
210
211       --vm-err[=false]      enable attaching stderr from VM
212
213
214       --vm-ip="dhcp"      IP Address to assign for container usage.  Defaults
215       to DHCP within bridge network.
216
217
218       --vm-ram="1024"       amount  of  RAM in MiB to allocate to Virtual Ma‐
219       chine (implies --vm)
220
221
222       -W, --workdir=""      working directory to be used for  /tmp,  /var/tmp
223       and $HOME (if -c/--contain was also used)
224
225
226       -w,  --writable[=false]       by  default  all Apptainer containers are
227       available as read only. This option makes the file system accessible as
228       read/write.
229
230
231       --writable-tmpfs[=false]      makes the file system accessible as read-
232       write with non persistent data (with overlay support only)
233
234
235

EXAMPLE

237                Set the '%test' section with a definition file like so:
238                %test
239                    echo "hello from test" "$@"
240
241                $ apptainer test /tmp/debian.sif command
242                    hello from test command
243
244                For additional help, please visit our public documentation pages which are
245                found at:
246
247                    https://www.sylabs.io/docs/
248
249
250
251

SEE ALSO

253       apptainer(1)
254
255
256

HISTORY

258       22-Jun-2022 Auto generated by spf13/cobra
259
260
261
262Auto generated by spf13/cobra      Jun 2022                       apptainer(1)
Impressum