19099: Enable container shell when using singularity runtime.

[arvados.git] / lib / install / deps.go

diff --git a/lib/install/deps.go b/lib/install/deps.go
index cdf28e09c69c23bd9259710380fdbaa8476101bf..2d9da72b9785d5419469d1a27c277e300795b738 100644 (file)
--- a/lib/install/deps.go
+++ b/lib/install/deps.go
@@ -338,6 +338,16 @@ make -C ./builddir install
                        }
                }
 
+               err = inst.runBash(`
+install /usr/bin/nsenter /var/lib/arvados/bin/nsenter
+setcap "cap_sys_admin+pei cap_sys_chroot+pei" /var/lib/arvados/bin/nsenter
+singularity config global --set 'allow net networks' bridge
+singularity config global --set 'allow net groups' sudo
+`, stdout, stderr)
+               if err != nil {
+                       return 1
+               }
+
                // The entry in /etc/locale.gen is "en_US.UTF-8"; once
                // it's installed, locale -a reports it as
                // "en_US.utf8".