SingularityCE 4.1.2 Release

[David Trudgian]

https://github.com/sylabs/singularity/releases/tag/v4.1.2SingularityCE 4.1.1 is a patch release in the 4.1 series, including various bug fixes. See the link above for details and downloads.

Bug Fixes

• Set OCI runtime-spec annotations that are required by the documented image-spec conversion process.
• In --oci mode always set inner ID map based on host user, not USER in OCI container. Fixes incorrect permissions for files owned by USER in the container.
• Provide warning / info message for OCI image-spec features (volumes, exposed ports) that are not supported by singularity.
• Honor WORKDIR by default for OCI images in --oci mode, as required by OCI image-spec.
• Restore previous --writable behaviour when running a container image from SIF/SquashFS in user namepace mode. The image will be extracted to a temporary sandbox, which is writable at runtime. Note that any changes are not made to the original image.
• Fix target: no such file or directory error in native mode when extracting layers from certain OCI images that manipulate hard links across layers.
• Fix extraction of OCI layers when run in a root mapped user namespace (e.g.. unshare -r).
• Use user namespace for wrapping of unsquashfs when singularity is run with --userns / -uflag. Fixes temporary sandbox extraction of images in non-root mapped user namespace (e.g.unshare -c`).