Mailing List ArchivesAuthenticated access |
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesAuthenticated access |
|
|
Thanks, that is indeed a good advice! I’ll check and see whether it has any limitations for our use case.... But if I understood correctly “becoming root” inside a docker container should not harm the host OS in any manner... so why it
is disabled in Condor ? Is there some security flaw there ? Thanks, Gergely From: HTCondor-users <htcondor-users-bounces@xxxxxxxxxxx>
On Behalf Of Kandes, Martin Gergely, Dimitri does have a good point. But I understand your problem. I help maintain the Singularity containers we build for our users [1].
One possibility you might consider is using miniconda [2] to install additional packages in userspace, if the user's HOME directory or some scratch space available to the job is large enough to handle installations
of packages like TensorFlow. I actually install miniconda by default in our base containers for this purpose myself. e.g., see [3] [4].
I know this isn't a Docker-native solution. But that's how I might do it with Singularity. Marty [1] https://github.com/mkandes/naked-singularity [2] https://docs.conda.io/en/latest/miniconda.html [3] https://github.com/mkandes/naked-singularity/blob/master/definition-files/comet/ubuntu/ubuntu.def [4] From: HTCondor-users <htcondor-users-bounces@xxxxxxxxxxx> on behalf of Dimitri Maziuk via HTCondor-users <htcondor-users@xxxxxxxxxxx> On 6/13/19 3:07 PM, Gergely Debreczeni via HTCondor-users wrote: This e-mail and any files transmitted with it contain confidential and may contain privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and delete this e-mail. Any unauthorized use, copying, disclosure or distribution of the material in this e-mail is strictly forbidden. |