From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <help-guix-bounces+larch=yhetil.org@gnu.org>
Received: from mp11.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms5.migadu.com with LMTPS
	id qGtVN8t97WOzvgAAbAwnHQ
	(envelope-from <help-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Thu, 16 Feb 2023 01:50:19 +0100
Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp11.migadu.com with LMTPS
	id yLpAN8t97WP9eAEA9RJhRA
	(envelope-from <help-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Thu, 16 Feb 2023 01:50:19 +0100
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 2819D1A8F2
	for <larch@yhetil.org>; Thu, 16 Feb 2023 01:50:18 +0100 (CET)
Authentication-Results: aspmx1.migadu.com;
	dkim=pass header.d=posteo.net header.s=2017 header.b=kvpGyKyA;
	dmarc=pass (policy=none) header.from=posteo.net;
	spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org"
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1676508619;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post:dkim-signature;
	bh=bkmeywKPwCfQzhWj6kWEVQLqgl2TQhYO94LsCCtzPqw=;
	b=lVdEnahCawMYrm7Dhc8fObbQEqWDHHEd3Ek9I4acxxvXL4x25TfurijpbhpDk6nomkxr9+
	o3rpMvx5/47NHkHSua4Bs5koyZCBfXOFLg5fvI9abTLL/gjRdJl8RnW/TV/FSvN+ugXcah
	QS6dtOS2Po5M5RTP5e6XaQpLVS6db21sxo64o8VPGRVQFxDVW3dmFj61CL96aBhmQ5lhQ4
	KNw6Oq8vLXQ+aGbPlW2V0QopVRTBrx7aj/uy/xgRx1f7CihDToenZmm2y14/Ot4FU7skOa
	IYFxIMhs6aACT1I8jLRHLGFm3NY6AQRphrIgmvobgB6GB6snP+jpve9MSQmf1g==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=pass header.d=posteo.net header.s=2017 header.b=kvpGyKyA;
	dmarc=pass (policy=none) header.from=posteo.net;
	spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org"
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1676508619; a=rsa-sha256; cv=none;
	b=uc5s2Z/RoD8XDWdvPmHzjiaVMhTP2PtddCyrzxYDKty9ocnq6l9IDzCvvA3UKKW4uz7TD6
	7ydyBeVrHlG2z+8i7kms96IQh2nskOmW2I5OK0/RYA1YfrK+HqfDr746D8Bg7I2aayjcUa
	4qtGsYItwYEZACTnYpGd5WSIcoRcg6j9Mu7ueCWvwxzffIPB85Zx4wk//pjbIiOST5ZPg/
	zDhMOzlKJG+H65JbADCP2wgcTwAaJUArUKVVRqgL4KOJo8gNUlGsQ8s8hkVDNqMFTB0B+p
	FVCFzHHafcKbltQCEIv+hsvWIil81CfnbMTMtLMaGY8OF8eCs1rVnFZ6LL7qpg==
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <help-guix-bounces@gnu.org>)
	id 1pSSTC-0002MW-DK; Wed, 15 Feb 2023 19:49:54 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <kyle@posteo.net>) id 1pSSTA-0002MN-VQ
 for help-guix@gnu.org; Wed, 15 Feb 2023 19:49:52 -0500
Received: from mout01.posteo.de ([185.67.36.65])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <kyle@posteo.net>) id 1pSST7-0002KL-Mr
 for help-guix@gnu.org; Wed, 15 Feb 2023 19:49:52 -0500
Received: from submission (posteo.de [185.67.36.169]) 
 by mout01.posteo.de (Postfix) with ESMTPS id 65B3224038B
 for <help-guix@gnu.org>; Thu, 16 Feb 2023 01:49:43 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017;
 t=1676508586; bh=Aj4hh9EKwTS2LhhWoBEoT71bDZYMthpNwBonAenGIW8=;
 h=From:To:Cc:Subject:Date:From;
 b=kvpGyKyAcb30p6IfBJ68rrSkVzFPMb+4CYae8+VvOcGB1kVmu/0QIqNrz9B+MWYSE
 jTWsYZZWNGEeYLkGf3vVghCD9ptm/1QN3w7xPaQCnOf3H6COC2JXNuhiJyNJJphYYk
 jMJhb8+QSnIWeCI3uB8vCnuFfsSiOALB6DCPRToM5T6sj+INRSQb+ULtSQ9Iy2TiHw
 6Wxuvy+28I29iqdkX9hEuFnV0jhcq7AXxmmVsWWr09iG15p/eh0gBFazFoWDVnnfkO
 +yJmFOplXQaYNYqTtf1SbUUgZS3JMpX57TfFGcTgv7BPyK0ja3xnfCanv2LENbaEAD
 9P7tT2AtGSMIA==
Received: from customer (localhost [127.0.0.1])
 by submission (posteo.de) with ESMTPSA id 4PHGYf0Q2lz9rxD;
 Thu, 16 Feb 2023 01:49:41 +0100 (CET)
References: <87wn4qgy6a.fsf@posteo.net> <874jroyti6.fsf@gmail.com>
From: Kyle Andrews <kyle@posteo.net>
To: Simon Tournier <zimon.toutoune@gmail.com>
Cc: help-guix@gnu.org
Subject: Re: guix pack isolation
Date: Wed, 15 Feb 2023 23:56:33 +0000
In-reply-to: <874jroyti6.fsf@gmail.com>
Message-ID: <87cz6ao2n0.fsf@posteo.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass client-ip=185.67.36.65; envelope-from=kyle@posteo.net;
 helo=mout01.posteo.de
X-Spam_score_int: -43
X-Spam_score: -4.4
X-Spam_bar: ----
X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: help-guix@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <help-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/help-guix>,
 <mailto:help-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/help-guix>
X-Migadu-Queue-Id: 2819D1A8F2
X-Spam-Score: -8.69
X-Migadu-Spam-Score: -8.69
X-Migadu-Scanner: scn0.migadu.com
List-Post: <mailto:help-guix@gnu.org>
List-Help: <mailto:help-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/help-guix>,
 <mailto:help-guix-request@gnu.org?subject=subscribe>
Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org
Sender: help-guix-bounces+larch=yhetil.org@gnu.org
X-Migadu-Country: US
X-Migadu-Flow: FLOW_IN
X-TUID: 9X7wRs/kio/w


Simon Tournier <zimon.toutoune@gmail.com> writes:

> About squashfs (Singularity container), you can try:
>
>     guix pack -f squashfs python python-numpy bash-minimal -S /bin=3Dbin
>
> which will produce a compressed squashfs that you then import with
> Singularity.

This is pretty much what I had tried minus the `-S /bin=3Dbin' part which
I don't understand. Thankfully, reading the manual informs me that:

```
=E2=80=98guix pack -f squashfs=E2=80=99 always implies =E2=80=98-S /bin=3Db=
in=E2=80=99
```

So, atleast I don't have to understand it yet.

> I do not have Singularity at hand, let demo with Docker
> which is very similar.

Too bad! My system admistrators are against running Docker on the
cluster. The "relocatable" option didn't seem relevant to me since it would=
n't apply any file system isolation.

> $ docker run -ti python-python-numpy-bash:latest python3

The arguments in this command atleast gave me an idea. Maybe I am just
ignorant about how singularity works? I didn't know what -ti could
possibly mean without first looking them up. Maybe I just need to add
some additional arguments to singularity exec?

Arguments in the manual which look particularly interesting to me are:

--contain
--containall
--bind=3D/path/to/shared/file/system/location
--no-home
--workdir

=3D>
https://docs.sylabs.io/guides/3.1/user-guide/cli/singularity_exec.html

If you or anyone else have have any tips on how to best mimic the
behavior of the analogous `guix shell' command with an `singularity
exec' call I would use if guix was available, I am all ears.

Thanks,
Kyle