From 4616a04086c1f9248008add524a9cf74ffecca33 Mon Sep 17 00:00:00 2001
From: "Suren A. Chilingaryan" <csa@suren.me>
Date: Thu, 1 Sep 2022 01:34:15 +0200
Subject: CAP_ADD SYS_ADMIN to enable use of perf, etc.

---
 run/config.sh            | 2 ++
 run/devel.sh             | 2 +-
 run/run-bash.sh          | 2 +-
 run/run-jupyter.sh       | 2 +-
 run/run-ssh.sh           | 2 +-
 run/run.sh               | 2 +-
 run/test.sh              | 2 +-
 run/update-from-devel.sh | 2 +-
 8 files changed, 9 insertions(+), 7 deletions(-)

(limited to 'run')

diff --git a/run/config.sh b/run/config.sh
index 9685daf..299219c 100644
--- a/run/config.sh
+++ b/run/config.sh
@@ -8,6 +8,8 @@ web_port="${port}80"
 image="$1"
 [ -n "$image" ] || image="localhost/tomo-remote:latest"		# tomo-remote:latest tomo-remote:devel tomo-remote:evelina (also ccpi, ufo, tomo)
 
+options="--cap-add SYS_ADMIN --hooks-dir /usr/share/containers/oci/hooks.d"
+
 volumes="-v $home/ccpi/build/setup:/root/setup -v $home/ccpi/data:/ccpi/data -v $home/ccpi/repos:/ccpi/repos -v /mnt/fast:/mnt/fast"
 [ -d /mnt/fast/$user ] && volumes="$volumes -v /mnt/fast/$user:/ccpi/data/fast"
 
diff --git a/run/devel.sh b/run/devel.sh
index fef44e0..a5eb84c 100644
--- a/run/devel.sh
+++ b/run/devel.sh
@@ -8,4 +8,4 @@ if [ ! -d ../repos ]; then
     buildah unshare bash ../build/extract.sh  ${image}
 fi
 
-podman run --name "ccpi-devel" -it --rm --hooks-dir /usr/share/containers/oci/hooks.d/ -p $ssh_port:2222/tcp $volumes ${image} bash -c "[ -f /usr/bin/supervisord ] && python /usr/bin/supervisord; bash /root/setup/provision.sh; bash"
+podman run --name "ccpi-devel" -it --rm $options -p $ssh_port:2222/tcp $volumes ${image} bash -c "[ -f /usr/bin/supervisord ] && python /usr/bin/supervisord; bash /root/setup/provision.sh; bash"
diff --git a/run/run-bash.sh b/run/run-bash.sh
index 1e25e8a..118e615 100644
--- a/run/run-bash.sh
+++ b/run/run-bash.sh
@@ -4,4 +4,4 @@ set -o errexit
 
 . config.sh
 
-podman run --name "ccpi-run" -it --rm --hooks-dir /usr/share/containers/oci/hooks.d/ -p ${web_port}:8888/tcp -p $ssh_port:2222/tcp $volumes ${image} bash
+podman run --name "ccpi-run" -it --rm $options -p ${web_port}:8888/tcp -p $ssh_port:2222/tcp $volumes ${image} bash
diff --git a/run/run-jupyter.sh b/run/run-jupyter.sh
index 3858b4e..18a939a 100644
--- a/run/run-jupyter.sh
+++ b/run/run-jupyter.sh
@@ -10,4 +10,4 @@ echo "    ssh -L $web_port:localhost:$web_port $(hostname)"
 echo "Generate password file '/ccpi/data/.jupyter/jupyter_notebook_config.json' with running in the container the following command"
 echo "    jupyter notebook password"
 
-podman run --name "ccpi-run" -it --rm --hooks-dir /usr/share/containers/oci/hooks.d/ -p ${web_port}:8888/tcp $volumes ${image} jupyter notebook --allow-root --no-browser --ip 0.0.0.0 --port=8888 --notebook-dir=/ccpi/data/ --debug
\ No newline at end of file
+podman run --name "ccpi-run" -it --rm $options -p ${web_port}:8888/tcp $volumes ${image} jupyter notebook --allow-root --no-browser --ip 0.0.0.0 --port=8888 --notebook-dir=/ccpi/data/ --debug
\ No newline at end of file
diff --git a/run/run-ssh.sh b/run/run-ssh.sh
index 86f994f..6ae64d2 100644
--- a/run/run-ssh.sh
+++ b/run/run-ssh.sh
@@ -10,4 +10,4 @@ echo "    ssh -L $ssh_port:localhost:$ssh_port $(hostname)"
 echo " and connect locally "
 echo "    ssh -p $ssh_port localhost"
 
-podman run --name "ccpi-run" -it --rm --hooks-dir /usr/share/containers/oci/hooks.d/ -p ${ssh_port}:2222/tcp $volumes ${image} /usr/sbin/sshd -D -p 2222
+podman run --name "ccpi-run" -it --rm $options -p ${ssh_port}:2222/tcp $volumes ${image} /usr/sbin/sshd -D -p 2222
diff --git a/run/run.sh b/run/run.sh
index eabb633..5ab1bb1 100644
--- a/run/run.sh
+++ b/run/run.sh
@@ -4,4 +4,4 @@ set -o errexit
 
 . config.sh
 
-podman run --name "ccpi-run" -it --rm --hooks-dir /usr/share/containers/oci/hooks.d/ -p ${web_port}:8888/tcp -p $ssh_port:2222/tcp $volumes ${image} sh -c '[ -f /usr/bin/supervisord ] && python /usr/bin/supervisord; /bin/bash'
+podman run --name "ccpi-run" -it --rm $options -p ${web_port}:8888/tcp -p $ssh_port:2222/tcp $volumes ${image} sh -c '[ -f /usr/bin/supervisord ] && python /usr/bin/supervisord; /bin/bash'
diff --git a/run/test.sh b/run/test.sh
index 97bb631..68a1a13 100644
--- a/run/test.sh
+++ b/run/test.sh
@@ -3,4 +3,4 @@
 set -o errexit
 
 #podman exec -it "ccpi-devel" bash /ccpi/data/run.sh
-podman run --name "ccpi-run" -it --rm --hooks-dir /usr/share/containers/oci/hooks.d/ $volumes -e "CUDA_VISIBLE_DEVICES=2" localhost/ccpi:devel bash /ccpi/data/run.sh
+podman run --name "ccpi-run" -it --rm $options $volumes -e "CUDA_VISIBLE_DEVICES=2" localhost/ccpi:devel bash /ccpi/data/run.sh
diff --git a/run/update-from-devel.sh b/run/update-from-devel.sh
index 2be835f..7291270 100644
--- a/run/update-from-devel.sh
+++ b/run/update-from-devel.sh
@@ -8,7 +8,7 @@ if [ ! -d ../repos ]; then
     buildah unshare bash ../build/extract.sh ${image}
 fi
 
-podman run --name "ccpi-devel" -it --hooks-dir /usr/share/containers/oci/hooks.d/ $volumes ${image} bash /root/setup/provision.sh
+podman run --name "ccpi-devel" -it $options $volumes ${image} bash /root/setup/provision.sh
 podman container cp ../repos/ ccpi-devel:/ccpi/
 podman container commit ccpi-devel ${image}:devel
 podman rm ccpi-devel
-- 
cgit v1.2.3