singularity shell

Run a shell within a container


singularity shell supports the following formats:

*.sif Singularity Image Format (SIF). Native to Singularity 3.0+

*.sqsh SquashFS format. Native to Singularity 2.4+

*.img ext3 format. Native to Singularity versions < 2.4.

directory/ sandbox format. Directory containing a valid root file
system and optionally Singularity meta-data.
instance://* A local running instance of a container. (See the instance
command group.)
library://* A container hosted on a Library (default

docker://* A container hosted on Docker Hub

shub://* A container hosted on Singularity Hub

oras://* A container hosted on a supporting OCI registry

singularity shell [shell options...] <container>


$ singularity shell /tmp/Debian.sif
Singularity/Debian.sif> pwd
Singularity/Debian.sif> exit

$ singularity shell -C /tmp/Debian.sif
Singularity/Debian.sif> pwd
Singularity/Debian.sif> ls -l
total 0
Singularity/Debian.sif> exit

$ sudo singularity shell -w /tmp/Debian.sif
$ sudo singularity shell --writable /tmp/Debian.sif

$ singularity shell instance://my_instance

$ singularity shell instance://my_instance
Singularity: Invoking an interactive shell within container...
Singularity container:~> ps -ef
ubuntu       1     0  0 20:00 ?        00:00:00 /usr/local/bin/singularity/bin/sinit
ubuntu       2     0  0 20:01 pts/8    00:00:00 /bin/bash --norc
ubuntu       3     2  0 20:02 pts/8    00:00:00 ps -ef


    --add-caps string        a comma separated capability list to add
    --allow-setuid           allow setuid binaries in container (root only)
    --app string             set an application to run inside a container
    --apply-cgroups string   apply cgroups from file for container processes (root only)
-B, --bind strings           a user-bind path specification.  spec has the format src[:dest[:opts]], where src and dest are outside and inside paths.  If dest is not given, it is set equal to src.  Mount options ('opts') may be specified as 'ro' (read-only) or 'rw' (read/write, which is the default). Multiple bind paths can be given by a comma separated list.
-e, --cleanenv               clean environment before running container
-c, --contain                use minimal /dev and empty other directories (e.g. /tmp and $HOME) instead of sharing filesystems from your host
-C, --containall             contain not only file systems, but also PID, IPC, and environment
    --dns string             list of DNS server separated by commas to add in resolv.conf
    --docker-login           login to a Docker Repository interactively
    --drop-caps string       a comma separated capability list to drop
-f, --fakeroot               run container in new user namespace as uid 0
-h, --help                   help for shell
-H, --home string            a home directory specification.  spec can either be a src path or src:dest pair.  src is the source path of the home directory outside the container and dest overrides the home directory within the container. (default "/root")
    --hostname string        set container hostname
-i, --ipc                    run container in a new IPC namespace
    --keep-privs             let root user keep privileges in container (root only)
-n, --net                    run container in a new network namespace (sets up a bridge network interface by default)
    --network string         specify desired network type separated by commas, each network will bring up a dedicated interface inside container (default "bridge")
    --network-args strings   specify network arguments to pass to CNI plugins
    --no-home                do NOT mount users home directory if home is not the current working directory
    --no-init                do NOT start shim process with --pid
    --no-privs               drop all privileges from root user in container)
    --nohttps                do NOT use HTTPS, for communicating with local docker registry
    --nv                     enable experimental Nvidia support
-o, --overlay strings        use an overlayFS image for persistent data storage or as read-only layer of container
-p, --pid                    run container in a new PID namespace
    --pwd string             initial working directory for payload process inside the container
-S, --scratch strings        include a scratch directory within the container that is linked to a temporary dir (use -W to force location)
    --security strings       enable security features (SELinux, Apparmor, Seccomp)
-s, --shell string           path to program to use for interactive shell
    --syos                   execute SyOS shell
-u, --userns                 run container in a new user namespace, allowing Singularity to run completely unprivileged on recent kernels. This disables some features of Singularity, for example it only works with sandbox images.
    --uts                    run container in a new UTS namespace
    --vm                     enable VM support
    --vm-cpu string          Number of CPU cores to allocate to Virtual Machine (implies --vm) (default "1")
    --vm-err                 enable attaching stderr from VM
    --vm-ram string          Amount of RAM in MiB to allocate to Virtual Machine (implies --vm) (default "1024")
-W, --workdir string         working directory to be used for /tmp, /var/tmp and $HOME (if -c/--contain was also used)
-w, --writable               by default all Singularity containers are available as read only. This option makes the file system accessible as read/write.
    --writable-tmpfs         makes the file system accessible as read-write with non persistent data (with overlay support only)


Linux container platform optimized for High Performance Computing (HPC) and Enterprise Performance Computing (EPC)

Auto generated by spf13/cobra on 26-Jul-2019