ssh into running singularity process using nsenter?
186 views
Skip to first unread message
Stefan Kombrink
Jun 20, 2017, 8:47:25 AM6/20/17
to singularity
Hi folks,
did anyone already successfully try to hijack running singularity container processes using nsenter?
I'd be really interested on any reports of that
Stefan
did anyone already successfully try to hijack running singularity container processes using nsenter?
I'd be really interested on any reports of that
Stefan
Gregory M. Kurtzer
Jul 9, 2017, 3:55:17 PM7/9/17
to singu...@lbl.gov
Heya Stefan,
Yes, I believe it did work as this was debugged on Slack.
Also, Michael Bauer has working the ability to rejoin Singularity containers when running in daemon mode. It is very cool stuff!
Greg
--
You received this message because you are subscribed to the Google Groups "singularity" group.
To unsubscribe from this group and stop receiving emails from it, send an email to singularity+unsubscribe@lbl.gov.
Gregory M. Kurtzer
CEO, SingularityWare, LLC.
Senior Architect, RStor
Computational Science Advisor, Lawrence Berkeley National Laboratory
Rémy Dernat
Jul 12, 2017, 4:05:14 PM7/12/17
to singu...@lbl.gov
Hi,
Yes we have used nsenter to enter a running container - using also chroot (in /usr/local/var/singularity/final... )
Just download/install a recent version of util-linux (2.28+) to use lsns and get your process ID for the wanted namespace.
I don't know how you want to mix this with ssh but anyway you can install openssh-server in your container and then you can login in it.
But singularity should not be used to run service b/c it won't be close when you will stop/exit from it. Indeed, like Greg said, you can look at Michael Bauer code to manage more gracefully your container as a service. Scripting the daemon should not be too tricky...
Best regards
Rémy
Le 9 juil. 2017 21:55, "Gregory M. Kurtzer" <gmku...@gmail.com> a écrit :
Heya Stefan,Yes, I believe it did work as this was debugged on Slack.Also, Michael Bauer has working the ability to rejoin Singularity containers when running in daemon mode. It is very cool stuff!Greg
On Tue, Jun 20, 2017 at 5:47 AM, 'Stefan Kombrink' via singularity <singu...@lbl.gov> wrote:
Hi folks,
did anyone already successfully try to hijack running singularity container processes using nsenter?
I'd be really interested on any reports of that
Stefan
--
You received this message because you are subscribed to the Google Groups "singularity" group.
To unsubscribe from this group and stop receiving emails from it, send an email to singularity...@lbl.gov.
--Gregory M. KurtzerCEO, SingularityWare, LLC.Senior Architect, RStorComputational Science Advisor, Lawrence Berkeley National Laboratory
Reply all
Reply to author
Forward
0 new messages