search

NixOS / nixpkgs

Nix Packages collection & NixOS
MIT License
17.78k stars 13.89k forks source link

Singularity install (non-nixOS) fails to run example container #151916

Open cfhammill opened 2 years ago

cfhammill commented 2 years ago

Describe the bug

I successfully installed singularity on a non-nixOS linux system, then I went to try a demonstration container, a small alpine linux container

https://cloud.sylabs.io/library/_container/5baba5e594feb900016ea41c

I tried to open the container with 

singularity run alpine-container bash

but failed to run the container, citing conflicting glibc versions

singularity run alpine-container bash
INFO:    Converting SIF file to temporary sandbox...
FATAL:   while extracting alpine-container: root filesystem extraction failed: extract command failed: /nix/store/10lpzbif47sl14z6cjr5mn7vq1w5c9p4-singularity-3.8.5/bin/singularity: /lib/x86_64
-linux-gnu/libc.so.6: version `GLIBC_2.33' not found (required by /nix/store/10lpzbif47sl14z6cjr5mn7vq1w5c9p4-singularity-3.8.5/bin/singularity)
/nix/store/10lpzbif47sl14z6cjr5mn7vq1w5c9p4-singularity-3.8.5/bin/singularity: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.32' not found (required by /nix/store/10lpzbif47sl14z6cjr5mn7vq1
w5c9p4-singularity-3.8.5/bin/singularity)
: exit status 1

I tried to fix with LD_PRELOAD, but that can only fix one of the two versions, for some reason it appears to require both GLIBC_2.33 and 2.32.

Steps To Reproduce

  1. Be on a non-nixOS system
  2. Download the container from sylabs cloud (I did manually for some networking reasons) https://cloud.sylabs.io/library/_container/5baba5e594feb900016ea41c and named it alpine-container
  3. nix-shell -p singularity
  4. singularity run alpine-container bash

Expected behavior

Should start a shell inside the container

Additional context

Add any other context about the problem here.

Notify maintainers

@jbedo (hi!)

Metadata

nix-shell -p nix-info --run "nix-info -m"
 - system: `"x86_64-linux"`
 - host os: `Linux 4.15.0-117-generic, Ubuntu, 18.04.5 LTS (Bionic Beaver)`
 - multi-user?: `no`
 - sandbox: `no`
 - version: `nix-env (Nix) 2.5.1`
 - channels(chris): `"nixpkgs-22.05pre340162.0c408a087b4"`
 - nixpkgs: `/home/chris/.nix-defexpr/channels/nixpkgs`
jbedo commented 2 years ago

Hi @cfhammill! I think this is because it's using unsquashfs from the system not nixpkgs, would you be able to test my branch?

https://github.com/jbedo/nixpkgs/tree/singularity

cfhammill commented 2 years ago

Sure thing. I'm testing on a different computer using a linux vm, without switching to your branch I'm now getting

singularity exec alpine.sif bash
ERROR  : No setuid installation found, for unprivileged installation use: ./mconfig --without-suid

this is more along the lines of what I was expecting when I tried on the other machine - possibly a different issue. With sudo, and creating the directory /var/singularity/mnt/session I was able to get a shell inside the container.

A possibly important detail, on the system above nix was installed using nix-user-chroot, could this be related?

I will try your branch on the other machine likely early next week

jbedo commented 2 years ago

The suid error is expected as it's not possible to have suid binaries in the nix store. We patch around this in the NixOS singularity module using some wrappers, on other systems there's not much we can do. singularity-tools does work on other systems (without root) as it uses a VM to build the image.

I don't think the nix-user-chroot will change anything.