singularity capability

Manage Linux capabilities for users and groups

Synopsis

Capabilities allow you to have fine grained control over the permissions that your containers need to run.

NOTE: capability add/drop commands require root to run. Granting capabilities to users allows them to escalate privilege inside the container and will likely give them a route to privilege escalation on the host system as well. Do not add capabilities to users who should not have root on the host system.

singularity capability

Examples

All group commands have their own help output:

$ singularity help capability add
$ singularity capability add --help

Options

-h, --help   help for capability

SEE ALSO

• singularity -

Linux container platform optimized for High Performance Computing (HPC) and Enterprise Performance Computing (EPC) * singularity capability add - Add capabilities to a user or group (requires root) * singularity capability avail - Show description for available capabilities * singularity capability drop - Remove capabilities from a user or group (requires root) * singularity capability list - Show capabilities for a given user or group

Auto generated by spf13/cobra on 2-Jul-2021