rpm/apptainer
SHA256
1
0
Fork 0
forked from pool/apptainer
Code Pull Requests Activity
0aad0a2b68
apptainer/apptainer.spec

161 lines
4.8 KiB
RPMSpec
Raw Normal View History

Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
#
# spec file for package apptainer
#
Accepting request 962878 from home:mslacken:pr - Updated to v1.0.1 with following bug fixes * Don't prompt for y/n to overwrite an existing file when build is called from a non-interactive environment. Fail with an error. * Preload NSS libraries prior to mountspace name creation to avoid circumstances that can cause loading those libraries from the container image instead of the host, for example in the startup environment. * Fix race condition where newly created loop devices can sometimes not be opened. * Support nvidia-container-cli v1.8.0 and above, via fix to capability set. OBS-URL: https://build.opensuse.org/request/show/962878 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=6
2022-03-18 17:15:06 +01:00
# Copyright (c) 2022 SUSE LLC
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define apptainerpath src/github.com/apptainer/
%define _buildshell /bin/bash
Accepting request 993098 from home:mslacken:pr - Updated to version 1.1.0-rc1 which enables apptainer to run without suid and additional groups. Although this is a prerelease this is a major advantage justifying its use. * Added a squashfuse image driver that enables mounting SIF files without using setuid-root. Requires the squashfuse command and unprivileged user namespaces. * Added a fuse2fs image driver that enables mounting EXT3 files and EXT3 SIF overlay partitions without using setuid-root. Requires the fuse2fs command and unprivileged user namespaces. * Added the ability to use persistent overlay (--overlay) and --writable-tmpfs without using setuid-root. This requires unprivileged user namespaces and either a new enough kernel (>= 5.11) or the fuse-overlayfs command. Persistent overlay works when the overlay path points to a regular filesystem (known as "sandbox" mode, which is not allowed when in setuid mode), or when it points to an EXT3 image. Does not work with a SIF partition because that requires privileges to mount as an ext3 image. * Extended the --fakeroot option to be useful when /etc/subuid and /etc/subgid mappings have not been set up. If they have not been set up, a root-mapped unprivileged user namespace (the equivalent of unshare -r) and/or the fakeroot command from the host will be tried. Together they emulate the mappings pretty well but they are simpler to administer. This feature is especially useful with the --overlay and --writable-tmpfs options and for building containers unprivileged, because they allow installing packages that assume they're running as root. A limitation on using it with --overlay and --writable-tmpfs however is that when only the fakeroot command can be used (because there are no user namespaces available, in suid mode) then the base image has to be a sandbox. This feature works nested inside of an apptainer container, where another apptainer command will also be in the fakeroot environment without requesting the --fakeroot option again, or it can be used inside an OBS-URL: https://build.opensuse.org/request/show/993098 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=14
2022-08-04 17:03:35 +02:00
%define vers_suffix -rc.1
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
Summary: Application and environment virtualization
License: BSD-3-Clause-LBNL
Group: Productivity/Clustering/Computing
Name: apptainer
Accepting request 993098 from home:mslacken:pr - Updated to version 1.1.0-rc1 which enables apptainer to run without suid and additional groups. Although this is a prerelease this is a major advantage justifying its use. * Added a squashfuse image driver that enables mounting SIF files without using setuid-root. Requires the squashfuse command and unprivileged user namespaces. * Added a fuse2fs image driver that enables mounting EXT3 files and EXT3 SIF overlay partitions without using setuid-root. Requires the fuse2fs command and unprivileged user namespaces. * Added the ability to use persistent overlay (--overlay) and --writable-tmpfs without using setuid-root. This requires unprivileged user namespaces and either a new enough kernel (>= 5.11) or the fuse-overlayfs command. Persistent overlay works when the overlay path points to a regular filesystem (known as "sandbox" mode, which is not allowed when in setuid mode), or when it points to an EXT3 image. Does not work with a SIF partition because that requires privileges to mount as an ext3 image. * Extended the --fakeroot option to be useful when /etc/subuid and /etc/subgid mappings have not been set up. If they have not been set up, a root-mapped unprivileged user namespace (the equivalent of unshare -r) and/or the fakeroot command from the host will be tried. Together they emulate the mappings pretty well but they are simpler to administer. This feature is especially useful with the --overlay and --writable-tmpfs options and for building containers unprivileged, because they allow installing packages that assume they're running as root. A limitation on using it with --overlay and --writable-tmpfs however is that when only the fakeroot command can be used (because there are no user namespaces available, in suid mode) then the base image has to be a sandbox. This feature works nested inside of an apptainer container, where another apptainer command will also be in the fakeroot environment without requesting the --fakeroot option again, or it can be used inside an OBS-URL: https://build.opensuse.org/request/show/993098 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=14
2022-08-04 17:03:35 +02:00
Version: 1.1.0
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
Release: 0
# https://spdx.org/licenses/BSD-3-Clause-LBNL.html
URL: https://apptainer.org
Source0: https://github.com/apptainer/apptainer/archive/v%{version}%{?vers_suffix}/apptainer-%{version}%{?vers_suffix}.tar.gz
Source1: README.SUSE
Source2: SLE-12SP5.def
Source3: SLE-15SP3.def
Source5: %{name}-rpmlintrc
Source10: vendor.tar.gz
Accepting request 993258 from home:mslacken:pr * Added fix-32bit-compilation.patch from upstream OBS-URL: https://build.opensuse.org/request/show/993258 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=15
2022-08-05 10:57:40 +02:00
Patch1: fix-32bit-compilation.patch
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
BuildRequires: cryptsetup
BuildRequires: fdupes
BuildRequires: gcc
BuildRequires: git
BuildRequires: go >= 1.17
BuildRequires: libuuid-devel
BuildRequires: make
BuildRequires: openssl-devel
BuildRequires: sysuser-tools
%ifarch aarch64
BuildRequires: binutils-gold
%endif
BuildRequires: libseccomp-devel
Requires: squashfs
PreReq: permissions
# there's no golang for ppc64, ppc64le does not have non pie builds
ExcludeArch: ppc64 ppc64le
Accepting request 963975 from home:mslacken:pr now with obsoletes OBS-URL: https://build.opensuse.org/request/show/963975 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=8
2022-03-22 15:31:53 +01:00
Obsoletes: singularity
Accepting request 993098 from home:mslacken:pr - Updated to version 1.1.0-rc1 which enables apptainer to run without suid and additional groups. Although this is a prerelease this is a major advantage justifying its use. * Added a squashfuse image driver that enables mounting SIF files without using setuid-root. Requires the squashfuse command and unprivileged user namespaces. * Added a fuse2fs image driver that enables mounting EXT3 files and EXT3 SIF overlay partitions without using setuid-root. Requires the fuse2fs command and unprivileged user namespaces. * Added the ability to use persistent overlay (--overlay) and --writable-tmpfs without using setuid-root. This requires unprivileged user namespaces and either a new enough kernel (>= 5.11) or the fuse-overlayfs command. Persistent overlay works when the overlay path points to a regular filesystem (known as "sandbox" mode, which is not allowed when in setuid mode), or when it points to an EXT3 image. Does not work with a SIF partition because that requires privileges to mount as an ext3 image. * Extended the --fakeroot option to be useful when /etc/subuid and /etc/subgid mappings have not been set up. If they have not been set up, a root-mapped unprivileged user namespace (the equivalent of unshare -r) and/or the fakeroot command from the host will be tried. Together they emulate the mappings pretty well but they are simpler to administer. This feature is especially useful with the --overlay and --writable-tmpfs options and for building containers unprivileged, because they allow installing packages that assume they're running as root. A limitation on using it with --overlay and --writable-tmpfs however is that when only the fakeroot command can be used (because there are no user namespaces available, in suid mode) then the base image has to be a sandbox. This feature works nested inside of an apptainer container, where another apptainer command will also be in the fakeroot environment without requesting the --fakeroot option again, or it can be used inside an OBS-URL: https://build.opensuse.org/request/show/993098 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=14
2022-08-04 17:03:35 +02:00
Obsoletes: singularity-ce
Accepting request 963975 from home:mslacken:pr now with obsoletes OBS-URL: https://build.opensuse.org/request/show/963975 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=8
2022-03-22 15:31:53 +01:00
Obsoletes: singularity-runtime
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
%description
Singularity provides functionality to make portable
containers that can be used across host environments.
%prep
%setup -q -n gopath/%{apptainerpath} -c
cp %{S:1} %{S:2} %{S:3} .
mv %{name}-%{version}%{?vers_suffix} %{name}
cd %{_builddir}/gopath/%{apptainerpath}/apptainer
Accepting request 993258 from home:mslacken:pr * Added fix-32bit-compilation.patch from upstream OBS-URL: https://build.opensuse.org/request/show/993258 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=15
2022-08-05 10:57:40 +02:00
%patch1 -p1
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
%build
cd %{name}
# create VERSION file
echo %version > VERSION
# Not all of these parameters currently have an effect, but they might be
Accepting request 993098 from home:mslacken:pr - Updated to version 1.1.0-rc1 which enables apptainer to run without suid and additional groups. Although this is a prerelease this is a major advantage justifying its use. * Added a squashfuse image driver that enables mounting SIF files without using setuid-root. Requires the squashfuse command and unprivileged user namespaces. * Added a fuse2fs image driver that enables mounting EXT3 files and EXT3 SIF overlay partitions without using setuid-root. Requires the fuse2fs command and unprivileged user namespaces. * Added the ability to use persistent overlay (--overlay) and --writable-tmpfs without using setuid-root. This requires unprivileged user namespaces and either a new enough kernel (>= 5.11) or the fuse-overlayfs command. Persistent overlay works when the overlay path points to a regular filesystem (known as "sandbox" mode, which is not allowed when in setuid mode), or when it points to an EXT3 image. Does not work with a SIF partition because that requires privileges to mount as an ext3 image. * Extended the --fakeroot option to be useful when /etc/subuid and /etc/subgid mappings have not been set up. If they have not been set up, a root-mapped unprivileged user namespace (the equivalent of unshare -r) and/or the fakeroot command from the host will be tried. Together they emulate the mappings pretty well but they are simpler to administer. This feature is especially useful with the --overlay and --writable-tmpfs options and for building containers unprivileged, because they allow installing packages that assume they're running as root. A limitation on using it with --overlay and --writable-tmpfs however is that when only the fakeroot command can be used (because there are no user namespaces available, in suid mode) then the base image has to be a sandbox. This feature works nested inside of an apptainer container, where another apptainer command will also be in the fakeroot environment without requesting the --fakeroot option again, or it can be used inside an OBS-URL: https://build.opensuse.org/request/show/993098 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=14
2022-08-04 17:03:35 +02:00
# used someday. They are the same parameters as in the configure macro.
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
tar xzf %{S:10}
./mconfig -V %{version}-%{release} \
-P release \
--prefix=%{_prefix} \
--exec-prefix=%{_exec_prefix} \
--bindir=%{_bindir} \
--sbindir=%{_sbindir} \
--sysconfdir=%{_sysconfdir} \
--datadir=%{_datadir} \
--includedir=%{_includedir} \
--libdir=%{_libdir} \
--libexecdir=%{_libexecdir} \
--localstatedir=%{_localstatedir}/lib \
--sharedstatedir=%{_sharedstatedir} \
--mandir=%{_mandir} \
Accepting request 993098 from home:mslacken:pr - Updated to version 1.1.0-rc1 which enables apptainer to run without suid and additional groups. Although this is a prerelease this is a major advantage justifying its use. * Added a squashfuse image driver that enables mounting SIF files without using setuid-root. Requires the squashfuse command and unprivileged user namespaces. * Added a fuse2fs image driver that enables mounting EXT3 files and EXT3 SIF overlay partitions without using setuid-root. Requires the fuse2fs command and unprivileged user namespaces. * Added the ability to use persistent overlay (--overlay) and --writable-tmpfs without using setuid-root. This requires unprivileged user namespaces and either a new enough kernel (>= 5.11) or the fuse-overlayfs command. Persistent overlay works when the overlay path points to a regular filesystem (known as "sandbox" mode, which is not allowed when in setuid mode), or when it points to an EXT3 image. Does not work with a SIF partition because that requires privileges to mount as an ext3 image. * Extended the --fakeroot option to be useful when /etc/subuid and /etc/subgid mappings have not been set up. If they have not been set up, a root-mapped unprivileged user namespace (the equivalent of unshare -r) and/or the fakeroot command from the host will be tried. Together they emulate the mappings pretty well but they are simpler to administer. This feature is especially useful with the --overlay and --writable-tmpfs options and for building containers unprivileged, because they allow installing packages that assume they're running as root. A limitation on using it with --overlay and --writable-tmpfs however is that when only the fakeroot command can be used (because there are no user namespaces available, in suid mode) then the base image has to be a sandbox. This feature works nested inside of an apptainer container, where another apptainer command will also be in the fakeroot environment without requesting the --fakeroot option again, or it can be used inside an OBS-URL: https://build.opensuse.org/request/show/993098 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=14
2022-08-04 17:03:35 +02:00
--infodir=%{_infodir} \
--without-suid
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
cd builddir
make V="" old_config=
%install
export GOPATH=$PWD/gopath
export GOFLAGS=-mod=vendor
export PATH=$GOPATH/bin:$PATH
cd %{name}/builddir
Accepting request 993098 from home:mslacken:pr - Updated to version 1.1.0-rc1 which enables apptainer to run without suid and additional groups. Although this is a prerelease this is a major advantage justifying its use. * Added a squashfuse image driver that enables mounting SIF files without using setuid-root. Requires the squashfuse command and unprivileged user namespaces. * Added a fuse2fs image driver that enables mounting EXT3 files and EXT3 SIF overlay partitions without using setuid-root. Requires the fuse2fs command and unprivileged user namespaces. * Added the ability to use persistent overlay (--overlay) and --writable-tmpfs without using setuid-root. This requires unprivileged user namespaces and either a new enough kernel (>= 5.11) or the fuse-overlayfs command. Persistent overlay works when the overlay path points to a regular filesystem (known as "sandbox" mode, which is not allowed when in setuid mode), or when it points to an EXT3 image. Does not work with a SIF partition because that requires privileges to mount as an ext3 image. * Extended the --fakeroot option to be useful when /etc/subuid and /etc/subgid mappings have not been set up. If they have not been set up, a root-mapped unprivileged user namespace (the equivalent of unshare -r) and/or the fakeroot command from the host will be tried. Together they emulate the mappings pretty well but they are simpler to administer. This feature is especially useful with the --overlay and --writable-tmpfs options and for building containers unprivileged, because they allow installing packages that assume they're running as root. A limitation on using it with --overlay and --writable-tmpfs however is that when only the fakeroot command can be used (because there are no user namespaces available, in suid mode) then the base image has to be a sandbox. This feature works nested inside of an apptainer container, where another apptainer command will also be in the fakeroot environment without requesting the --fakeroot option again, or it can be used inside an OBS-URL: https://build.opensuse.org/request/show/993098 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=14
2022-08-04 17:03:35 +02:00
make DESTDIR=$RPM_BUILD_ROOT install
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
cd ../..
%fdupes apptainer/examples
mkdir -p .tmp
for j in LICENSE.md LICENSE; do
for i in `find . -name $j`; do
Accepting request 962878 from home:mslacken:pr - Updated to v1.0.1 with following bug fixes * Don't prompt for y/n to overwrite an existing file when build is called from a non-interactive environment. Fail with an error. * Preload NSS libraries prior to mountspace name creation to avoid circumstances that can cause loading those libraries from the container image instead of the host, for example in the startup environment. * Fix race condition where newly created loop devices can sometimes not be opened. * Support nvidia-container-cli v1.8.0 and above, via fix to capability set. OBS-URL: https://build.opensuse.org/request/show/962878 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=6
2022-03-18 17:15:06 +01:00
k="`basename ${i/%\/$j/-$j}`"
if ! [[ $k =~ apptainer-.* ]]; then
cp $i .tmp/$k
fi
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
done
done
Accepting request 993098 from home:mslacken:pr - Updated to version 1.1.0-rc1 which enables apptainer to run without suid and additional groups. Although this is a prerelease this is a major advantage justifying its use. * Added a squashfuse image driver that enables mounting SIF files without using setuid-root. Requires the squashfuse command and unprivileged user namespaces. * Added a fuse2fs image driver that enables mounting EXT3 files and EXT3 SIF overlay partitions without using setuid-root. Requires the fuse2fs command and unprivileged user namespaces. * Added the ability to use persistent overlay (--overlay) and --writable-tmpfs without using setuid-root. This requires unprivileged user namespaces and either a new enough kernel (>= 5.11) or the fuse-overlayfs command. Persistent overlay works when the overlay path points to a regular filesystem (known as "sandbox" mode, which is not allowed when in setuid mode), or when it points to an EXT3 image. Does not work with a SIF partition because that requires privileges to mount as an ext3 image. * Extended the --fakeroot option to be useful when /etc/subuid and /etc/subgid mappings have not been set up. If they have not been set up, a root-mapped unprivileged user namespace (the equivalent of unshare -r) and/or the fakeroot command from the host will be tried. Together they emulate the mappings pretty well but they are simpler to administer. This feature is especially useful with the --overlay and --writable-tmpfs options and for building containers unprivileged, because they allow installing packages that assume they're running as root. A limitation on using it with --overlay and --writable-tmpfs however is that when only the fakeroot command can be used (because there are no user namespaces available, in suid mode) then the base image has to be a sandbox. This feature works nested inside of an apptainer container, where another apptainer command will also be in the fakeroot environment without requesting the --fakeroot option again, or it can be used inside an OBS-URL: https://build.opensuse.org/request/show/993098 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=14
2022-08-04 17:03:35 +02:00
%fdupes -s .tmp/
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
mv .tmp/* .
rmdir .tmp
Accepting request 993098 from home:mslacken:pr - Updated to version 1.1.0-rc1 which enables apptainer to run without suid and additional groups. Although this is a prerelease this is a major advantage justifying its use. * Added a squashfuse image driver that enables mounting SIF files without using setuid-root. Requires the squashfuse command and unprivileged user namespaces. * Added a fuse2fs image driver that enables mounting EXT3 files and EXT3 SIF overlay partitions without using setuid-root. Requires the fuse2fs command and unprivileged user namespaces. * Added the ability to use persistent overlay (--overlay) and --writable-tmpfs without using setuid-root. This requires unprivileged user namespaces and either a new enough kernel (>= 5.11) or the fuse-overlayfs command. Persistent overlay works when the overlay path points to a regular filesystem (known as "sandbox" mode, which is not allowed when in setuid mode), or when it points to an EXT3 image. Does not work with a SIF partition because that requires privileges to mount as an ext3 image. * Extended the --fakeroot option to be useful when /etc/subuid and /etc/subgid mappings have not been set up. If they have not been set up, a root-mapped unprivileged user namespace (the equivalent of unshare -r) and/or the fakeroot command from the host will be tried. Together they emulate the mappings pretty well but they are simpler to administer. This feature is especially useful with the --overlay and --writable-tmpfs options and for building containers unprivileged, because they allow installing packages that assume they're running as root. A limitation on using it with --overlay and --writable-tmpfs however is that when only the fakeroot command can be used (because there are no user namespaces available, in suid mode) then the base image has to be a sandbox. This feature works nested inside of an apptainer container, where another apptainer command will also be in the fakeroot environment without requesting the --fakeroot option again, or it can be used inside an OBS-URL: https://build.opensuse.org/request/show/993098 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=14
2022-08-04 17:03:35 +02:00
%fdupes -s %buildroot
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
%files
%doc apptainer/examples
%doc apptainer/CONTRIBUTING.md
%doc apptainer/README.md
%doc apptainer/CHANGELOG.md
%doc apptainer/CONTRIBUTORS.md
%doc %{basename:%{S:1}}
%doc %{basename:%{S:2}}
%doc %{basename:%{S:3}}
%license apptainer/LICENSE.md
%license *-LICENSE.md *-LICENSE
%{_bindir}/*
%dir %{_libexecdir}/apptainer
%dir %{_libexecdir}/apptainer/bin
%dir %{_libexecdir}/apptainer/cni
Accepting request 993098 from home:mslacken:pr - Updated to version 1.1.0-rc1 which enables apptainer to run without suid and additional groups. Although this is a prerelease this is a major advantage justifying its use. * Added a squashfuse image driver that enables mounting SIF files without using setuid-root. Requires the squashfuse command and unprivileged user namespaces. * Added a fuse2fs image driver that enables mounting EXT3 files and EXT3 SIF overlay partitions without using setuid-root. Requires the fuse2fs command and unprivileged user namespaces. * Added the ability to use persistent overlay (--overlay) and --writable-tmpfs without using setuid-root. This requires unprivileged user namespaces and either a new enough kernel (>= 5.11) or the fuse-overlayfs command. Persistent overlay works when the overlay path points to a regular filesystem (known as "sandbox" mode, which is not allowed when in setuid mode), or when it points to an EXT3 image. Does not work with a SIF partition because that requires privileges to mount as an ext3 image. * Extended the --fakeroot option to be useful when /etc/subuid and /etc/subgid mappings have not been set up. If they have not been set up, a root-mapped unprivileged user namespace (the equivalent of unshare -r) and/or the fakeroot command from the host will be tried. Together they emulate the mappings pretty well but they are simpler to administer. This feature is especially useful with the --overlay and --writable-tmpfs options and for building containers unprivileged, because they allow installing packages that assume they're running as root. A limitation on using it with --overlay and --writable-tmpfs however is that when only the fakeroot command can be used (because there are no user namespaces available, in suid mode) then the base image has to be a sandbox. This feature works nested inside of an apptainer container, where another apptainer command will also be in the fakeroot environment without requesting the --fakeroot option again, or it can be used inside an OBS-URL: https://build.opensuse.org/request/show/993098 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=14
2022-08-04 17:03:35 +02:00
%dir %{_libexecdir}/apptainer/lib
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
%{_libexecdir}/apptainer/bin/starter
Accepting request 993098 from home:mslacken:pr - Updated to version 1.1.0-rc1 which enables apptainer to run without suid and additional groups. Although this is a prerelease this is a major advantage justifying its use. * Added a squashfuse image driver that enables mounting SIF files without using setuid-root. Requires the squashfuse command and unprivileged user namespaces. * Added a fuse2fs image driver that enables mounting EXT3 files and EXT3 SIF overlay partitions without using setuid-root. Requires the fuse2fs command and unprivileged user namespaces. * Added the ability to use persistent overlay (--overlay) and --writable-tmpfs without using setuid-root. This requires unprivileged user namespaces and either a new enough kernel (>= 5.11) or the fuse-overlayfs command. Persistent overlay works when the overlay path points to a regular filesystem (known as "sandbox" mode, which is not allowed when in setuid mode), or when it points to an EXT3 image. Does not work with a SIF partition because that requires privileges to mount as an ext3 image. * Extended the --fakeroot option to be useful when /etc/subuid and /etc/subgid mappings have not been set up. If they have not been set up, a root-mapped unprivileged user namespace (the equivalent of unshare -r) and/or the fakeroot command from the host will be tried. Together they emulate the mappings pretty well but they are simpler to administer. This feature is especially useful with the --overlay and --writable-tmpfs options and for building containers unprivileged, because they allow installing packages that assume they're running as root. A limitation on using it with --overlay and --writable-tmpfs however is that when only the fakeroot command can be used (because there are no user namespaces available, in suid mode) then the base image has to be a sandbox. This feature works nested inside of an apptainer container, where another apptainer command will also be in the fakeroot environment without requesting the --fakeroot option again, or it can be used inside an OBS-URL: https://build.opensuse.org/request/show/993098 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=14
2022-08-04 17:03:35 +02:00
%{_libexecdir}/apptainer/lib/offsetpreload.so
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
%{_libexecdir}/apptainer/cni/*
%dir %{_sysconfdir}/apptainer
%config(noreplace) %{_sysconfdir}/apptainer/capability.json
%config(noreplace) %{_sysconfdir}/apptainer/cgroups
%config(noreplace) %{_sysconfdir}/apptainer/ecl.toml
%config(noreplace) %{_sysconfdir}/apptainer/global-pgp-public
%config(noreplace) %{_sysconfdir}/apptainer/network
%config(noreplace) %{_sysconfdir}/apptainer/nvliblist.conf
%config(noreplace) %{_sysconfdir}/apptainer/seccomp-profiles
%config(noreplace) %{_sysconfdir}/apptainer/apptainer.conf
%config(noreplace) %{_sysconfdir}/apptainer/remote.yaml
%config(noreplace) %{_sysconfdir}/apptainer/rocmliblist.conf
%config(noreplace) %{_sysconfdir}/apptainer/dmtcp-conf.yaml
Accepting request 962878 from home:mslacken:pr - Updated to v1.0.1 with following bug fixes * Don't prompt for y/n to overwrite an existing file when build is called from a non-interactive environment. Fail with an error. * Preload NSS libraries prior to mountspace name creation to avoid circumstances that can cause loading those libraries from the container image instead of the host, for example in the startup environment. * Fix race condition where newly created loop devices can sometimes not be opened. * Support nvidia-container-cli v1.8.0 and above, via fix to capability set. OBS-URL: https://build.opensuse.org/request/show/962878 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=6
2022-03-18 17:15:06 +01:00
%{_datadir}/bash-completion/completions/*
Accepting request 955828 from home:mslacken:pr following the apptainer fork OBS-URL: https://build.opensuse.org/request/show/955828 OBS-URL: https://build.opensuse.org/package/show/network:cluster/apptainer?expand=0&rev=1
2022-02-18 11:34:02 +01:00
%dir %{_localstatedir}/lib/apptainer
%dir %{_localstatedir}/lib/apptainer/mnt
%dir %{_localstatedir}/lib/apptainer/mnt/session
%{_mandir}/man1/*
%changelog
Copy Permalink