Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ERROR: apply_privileges Requesting capability set #2202

Open
josemq opened this issue May 3, 2024 · 3 comments
Open

ERROR: apply_privileges Requesting capability set #2202

josemq opened this issue May 3, 2024 · 3 comments

Comments

@josemq
Copy link

josemq commented May 3, 2024

Version of Apptainer

What version of Apptainer (or Singularity) are you using? Run

apptainer --version (or singularity --version).

apptainer version 1.3.1+194-gb97bab87b

Expected behavior

What did you expect to see when you do...?

Expected a shell to execute to the container

Actual behavior

What actually happened? Why was it incorrect?

The error in the output submitted:
ERROR [U=0,P=955] apply_privileges() Requesting capability set 0x000001ffffffffff while permitted capability set is 0x000001fffdfcffff

Steps to reproduce this behavior

How can others reproduce this issue/problem?

This was originally a Singularity 3.4 ( Centos 6 ) sandbox and I used Apptainer 1.3.1 to build an image from this sandbox. The error message provided occurs when I try to shell into the container.

What OS/distro are you running

$ cat /etc/os-release

PRETTY_NAME="Debian GNU/Linux 10 (buster)"
NAME="Debian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

How did you install Apptainer

Write here how you installed Apptainer (or Singularity). Eg. RPM, source.

Installed source package
@GodloveD GodloveD modified the milestone: 1.3.2 May 3, 2024
@DrDaveD
Copy link
Contributor

DrDaveD commented May 3, 2024

Please provide detailed step-by-step instructions on how to reproduce this.

@josemq
Copy link
Author

josemq commented May 10, 2024

This seem to have been related to executing the specific container as root as oppose to a standard user. I recompiled Apptainer 1.3.1 with the setuid option but now I'm receiving the following error using a standard users:

INFO: gocryptfs not found, will not be able to use gocryptfs
INFO: A fusermount error may indicate that the kernel is too old
INFO: The --unsquash option may work around it
FATAL: container creation failed: image driver mount failure: image driver squashfuse instance exited with error: squashfuse exited: fusermount: mountpoint /dev/fuse is not a directory or a regular file

@DrDaveD
Copy link
Contributor

DrDaveD commented May 10, 2024

I think your squashfuse is too old. Follow the instructions in INSTALL.md on Compiling dependent FUSE-based packages.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@DrDaveD @GodloveD @josemq