Jack Td Oneil
Reputation: 1
Singularity (aka Apptainer) not able mount fusemount inside container on RHEL 8.10 system be hardened with CIS benchmark
I built a new RHEL 8.10 x86_64 with CIS hardened, and run Singularity/Apptainer on the system, but it hangs at stage:
mountGeneric() Mounting /var/lib/apptainer/mnt/session/fuse/0 to /var/lib/apptainer/mnt/session/final/tmp
I disable Audit service and removed all Audit rules out of the system, its works. The question, why Audit rules could block Singularity/Apptainer engine? How can we exclude Singularity/Apptainer out of Audit monitor?
I have tried removing all Audit rules, it works.
Upvotes: 0
Views: 14
Answers (0)
Related Questions
- Apptainer/Singularity Container built in local dev environment functions well, but does not work at all on cluster. How can I troubleshoot this?
- Toil-cwl-runner not using default-container option with singularity option
- How to execute a command inside a singularity container that do not interact/sources options from the host OS?
- How to build/run container with writable file system using Singularity 3?
- ERROR : Base home directory does not exist within the container with Singularity container