Message boards :
ATLAS Application :
ATLAS native 1.23
Message board moderation
| Author | Message |
|---|---|
|
Send message Joined: 20 Apr 16 Posts: 180 Credit: 1,355,327 RAC: 0   |
This version explicitly mounts /tmp and /var/tmp into the container, to see if this fixes the errors seen in production. |
|
Send message Joined: 22 Apr 16 Posts: 677 Credit: 2,002,766 RAC: 2 
|
In \tmp and \var\tmp are some folder in CentOS9-VM from this morning. systemd-private-f412b1030d9d40abbae48c3d5b0ea6b0ea6bf-rtkit-daemon.service They have the same name in both folder, but are empty 7:20:12 UTC from today. Using root as user for testing and production only. Had no faulty task so long with 1.22 seen. |
|
Send message Joined: 22 Apr 16 Posts: 677 Credit: 2,002,766 RAC: 2
|
Apptainer documentation namespaces? https://apptainer.org/docs/admin/main/user_namespace.html |
 Send message Joined: 28 Jul 16 Posts: 484 Credit: 394,839 RAC: 1 |
I wonder if this could be a side effect of hardening options set in BOINC's systemd service unit. Did not yet test it but it should be ensured that the tmp dir forwarded to apptainer is not the system wide tmp. Instead the tmp below the slot should be used. |
|
Send message Joined: 20 Apr 16 Posts: 180 Credit: 1,355,327 RAC: 0 |
I wonder if this could be a side effect of hardening options set in BOINC's systemd service unit. Thanks for this tip, it looks like this is indeed the problem. The unit file has ProtectSystem=strict ReadWritePaths=-/var/lib/boinc -/etc/boinc-client which makes /tmp and /var/tmp read-only. In v1.25 I set APPTAINERENV_TMPDIR to a dir inside the slots and this seems to fix the problem. |
©2024 CERN