/usr/bin/ch-docker-run is in charliecloud 0.2.3~git20171120.1a5609e-2.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 | #!/bin/bash
# bash is needed for arrays.
LIBEXEC=/usr/lib/charliecloud
. ${LIBEXEC}/base.sh
usage () {
cat 1>&2 <<EOF
Run CMD in a Docker container TAG.
Usage:
$ $(basename $0) [-i] [-b HOSTDIR:GUESTDIR ...] TAG CMD [ARGS ...]
The special sauce is:
1. CMD runs as you, not root or whatever is specified in the Dockerfile.
2. Users and groups inside the container match the host.
3. /etc/hosts is patched up to use the network effectively.
Options:
-i Run interactively with a pseudo-TTY
-b Bind-mount HOSTDIR at GUESTDIR inside the container (can be repeated)
You must have sufficient privilege (via sudo) to run the Docker commands.
EOF
exit ${1:-1}
}
set -e
MOUNTS=( /etc/passwd:/etc/passwd \
/etc/group:/etc/group )
if [[ $1 = --help ]]; then
usage 0
fi
if [[ $1 = --version ]]; then
version
exit 0
fi
while getopts 'b:ih' opt; do
case $opt in
i) INTERACTIVE=-it ;;
b) MOUNTS+=( $OPTARG ) ;;
h)
usage 0
;;
\?)
usage
;;
esac
done
shift $(($OPTIND-1))
if [[ $# -lt 2 ]]; then
usage
fi
TAG="$1"
shift
if [[ $INTERACTIVE ]]; then
echo 'interactive mode'
fi
echo 'bind mounts:'
MOUNTARGS=''
for (( i = 0; i < ${#MOUNTS[@]}; i++ )); do
echo ' ' ${MOUNTS[$i]}
MOUNTARGS+=" -v ${MOUNTS[$i]}"
done
set -x
$DOCKER run --read-only -u $USER $INTERACTIVE $MOUNTARGS $TAG "$@"
|