singularity capability¶
Manage Linux capabilities for users and groups
Synopsis¶
Capabilities allow you to have fine grained control over the permissions that your containers need to run.
NOTE: capability add/drop commands require root to run. Granting capabilities to users allows them to escalate privilege inside the container and will likely give them a route to privilege escalation on the host system as well. Do not add capabilities to users who should not have root on the host system.
singularity capability
Examples¶
All group commands have their own help output:
$ singularity help capability add
$ singularity capability add --help
Options¶
-h, --help help for capability
SEE ALSO¶
Linux container platform optimized for High Performance Computing (HPC) and Enterprise Performance Computing (EPC) * singularity capability add - Add capabilities to a user or group (requires root) * singularity capability avail - Show description for available capabilities * singularity capability drop - Remove capabilities from a user or group (requires root) * singularity capability list - Show capabilities for a given user or group
Auto generated by spf13/cobra on 2-Jul-2021