Singularity build with fakeroot giving an invalid argument error

Question

I am having some trouble with singularity on a system that I don't have sudo permissions on. Singularity is a module on this system so that other users can use it. I am the first user trying to use it. I am trying to use --fakeroot (-f) to build a very simple container.

$ module load singularity

$ singularity --version
singularity version 3.6.4


$ cat t.def
Bootstrap: library
From: ubuntu:18.04
Stage: build

$ singularity build -f t.sif t.def
ERROR  : Failed to create container process: Invalid argument

$ singularity -d build -f t.sif t.def
DEBUG   [U=1013,P=8140]    persistentPreRun()            Singularity version: 3.6.4
DEBUG   [U=1013,P=8140]    persistentPreRun()            Parsing configuration file /opt/singularity/3.6.4//etc/singularity/singularity.conf
DEBUG   [U=1013,P=8140]    handleConfDir()               /home/Thomas.Robinson/.singularity already exists. Not creating.
DEBUG   [U=1013,P=8140]    init()                        Use starter binary /opt/singularity/3.6.4/libexec/singularity/bin/starter-suid
VERBOSE [U=0,P=8140]       print()                       Set messagelevel to: 5
VERBOSE [U=0,P=8140]       init()                        Starter initialization
DEBUG   [U=0,P=8140]       get_pipe_exec_fd()            PIPE_EXEC_FD value: 8
VERBOSE [U=0,P=8140]       is_suid()                     Check if we are running as setuid
VERBOSE [U=0,P=8140]       priv_drop()                   Drop root privileges
DEBUG   [U=1013,P=8140]    init()                        Read engine configuration
DEBUG   [U=1013,P=8140]    init()                        Wait completion of stage1
VERBOSE [U=1013,P=8150]    priv_drop()                   Drop root privileges permanently
DEBUG   [U=1013,P=8150]    set_parent_death_signal()     Set parent death signal to 9
VERBOSE [U=1013,P=8150]    init()                        Spawn stage 1
DEBUG   [U=1013,P=8150]    startup()                     fakeroot runtime engine selected
VERBOSE [U=1013,P=8150]    startup()                     Execute stage 1
DEBUG   [U=1013,P=8150]    StageOne()                    Entering stage 1
VERBOSE [U=1013,P=8140]    wait_child()                  stage 1 exited with status 0
DEBUG   [U=1013,P=8140]    cleanup_fd()                  Close file descriptor 4
DEBUG   [U=1013,P=8140]    cleanup_fd()                  Close file descriptor 5
DEBUG   [U=1013,P=8140]    cleanup_fd()                  Close file descriptor 6
DEBUG   [U=1013,P=8140]    init()                        Set child signal mask
DEBUG   [U=1013,P=8140]    init()                        Create socketpair for master communication channel
DEBUG   [U=1013,P=8140]    init()                        Create RPC socketpair for communication between stage 2 and RPC server
VERBOSE [U=1013,P=8140]    user_namespace_init()         Create user namespace
VERBOSE [U=1013,P=8140]    pid_namespace_init()          Create pid namespace
ERROR   [U=1013,P=8140]    init()                        Failed to create container process: Invalid argument

The debug build doesn't give any information about what the invalid argument is. I tried to remove one of the files, and it just told me I was missing an argument. Is there something wrong with the singularity install, my .def file, or am I doing something totally wrong?

Thanks for the help.

Answer 1

Could you check system enable unprivileged user namespace creation’. It is not enabled by default.

Document: https://sylabs.io/guides/3.6/admin-guide/user_namespace.html#user-namespace-requirements

In my enviroment CentOS 7.4, enabled with:

sudo sh -c 'echo user.max_user_namespaces=15000 \
    >/etc/sysctl.d/90-max_net_namespaces.conf'
sudo sysctl -p /etc/sysctl.d /etc/sysctl.d/90-max_net_namespaces.conf

The same issue in: https://github.com/hpcng/singularity/issues/5585