diff --git a/training/ilab-wrapper/ilab b/training/ilab-wrapper/ilab index e47624fa..957bdff4 100755 --- a/training/ilab-wrapper/ilab +++ b/training/ilab-wrapper/ilab @@ -16,6 +16,8 @@ if [[ "$1" = "shell" ]]; then export PARAMS=() fi +export CONTAINERS_STORAGE_CONF="/etc/containers/storage.conf" + PODMAN_COMMAND=("podman" "run" "--rm" "-it" "--device" "${CONTAINER_DEVICE}" "--security-opt" "label=disable" "--net" "host" diff --git a/training/nvidia-bootc/Containerfile b/training/nvidia-bootc/Containerfile index 233fa7bb..7098ea89 100644 --- a/training/nvidia-bootc/Containerfile +++ b/training/nvidia-bootc/Containerfile @@ -187,7 +187,11 @@ fi # Also make sure not to duplicate if a base image already has it specified. RUN grep -q /usr/lib/containers/storage /etc/containers/storage.conf || \ sed -i -e '/additionalimage.*/a "/usr/lib/containers/storage",' \ - /etc/containers/storage.conf + /etc/containers/storage.conf && \ + sed -i -e 's/^# force_mask.*$/force_mask = "shared"/' \ + /etc/containers/storage.conf && \ + sed -i -e 's@^#mount_program = .*@mount_program = "/usr/bin/fuse-overlayfs"@' \ + /etc/containers/storage.conf COPY duplicated/ilab-wrapper/ilab /usr/bin/ilab RUN chmod +x /usr/bin/ilab @@ -212,7 +216,10 @@ RUN --mount=type=secret,id=${INSTRUCTLAB_IMAGE_PULL_SECRET}/.dockerconfigjson \ IID=$(sudo podman --root /usr/lib/containers/storage pull --authfile /run/secrets/${INSTRUCTLAB_IMAGE_PULL_SECRET}/.dockerconfigjson ${INSTRUCTLAB_IMAGE}); \ else \ IID=$(sudo podman --root /usr/lib/containers/storage pull ${INSTRUCTLAB_IMAGE}); \ - fi + fi \ + && chmod a+rx -R /usr/lib/containers + RUN podman system reset --force 2>/dev/null LABEL image_version_id="${IMAGE_VERSION_ID}" +