Closed hollowshiroyuki closed 1 year ago
Dramelac
commented
1 year ago Hello,
The VPN is not a problem for display sharing neither is the host mode (Exegol is using a X11 unix socket).
Can you run exegol info <container_name> and copy paste here the result ?
Exegol does not support wayland yet, and I never tested the compatibility with Xwayland, so this is problem the reason why.
hollowshiroyuki
commented
1 year ago Here's exegol info output :
┌──────────────────┬───────────────────────────────────────────────────────────────────┐
│ Name │ demo │
│ Image │ light - v.2.1.1 │
├──────────────────┼───────────────────────────────────────────────────────────────────┤
│ GUI │ On ✔ │
│ Network │ host │
│ Timezone │ On ✔ │
│ Exegol resources │ On ✔ (/opt/resources) │
│ My resources │ On ✔ (/my-resources) │
│ Shell logging │ Off 🪓 │
│ Privileged │ Off ✔ │
│ Workspace │ Dedicated (/workspace) │
│ Envs │ DISPLAY=:0 │
│ │ _JAVA_AWT_WM_NONREPARENTING=1 │
│ │ QT_X11_NO_MITSHM=1 │
│ │ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin │
│ Volumes │ /home/hollow/.exegol/my-resources ➡ /my-resources │
│ │ /home/hollow/.exegol/exegol-resources ➡ /opt/resources │
│ │ /home/hollow/.exegol/workspaces/demo ➡ /workspace │
│ │ /tmp/.X11-unix ➡ /tmp/.X11-unix │
│ │ /etc/localtime ➡ /etc/localtime (RO) │
└──────────────────┴───────────────────────────────────────────────────────────────────┘The error message when I try to start firefox is :
Authorization required, but no authorization protocol specified Unable to init server: Could not connect: Connection refused Error: cannot open display: :0
I don't really know if this info is relevant but my compositor (Hyprland) uses wlroot's wlr_xwayland_create to start Xwayland.
hollowshiroyuki
commented
1 year ago So I found a weird workaround, it works but I don't know how or why :
I created a user with the same UID as my host user in the container and when I start a GUI while su'ed into this user it works.
Steps to reproduce :
# useradd -o -m -u <Host User ID> host_user
# su host_user
$ firefox -> It works
I noticed in the permissions of /tmp/.X11-unix/X0 the rvm group with a GID of 1000 but no user with the same name, what is it ? I only found things related to the Ruby Version Manager ?
Dramelac
commented
1 year ago Thats because /tmp/.X11-unix/X0 is a unix socket of your X server on your host and this soket is used by GUI application running in your user environment with user rights.
The Authorization required error may occur if the X server requests authentication (see the xauth command).
The UID / GID 1000 is the first default id for user and group on your host system, when using docker bind mount, file and permission are shared. When you shared a file own by your host user, it's own by UID 1000 but inside your container, UID (from /etc/passwd) are not the same that your host and same for groups.
By using a user with the same id of your host user with the right permission, you manage to use the unix socket.
It would be interesting to see if with xauth (from the host or the container) it would be possible to add exegol to the authorized accounts.
hollowshiroyuki
commented
1 year ago Thanks for your explanations ! I don't have much time but if I manage to find a nice way to do it I'll open a PR :+1:
Hi !
I'm trying to use Exegol for a school security project including some challenges with the need for a browser.
I don't know if the problem comes from me using Wayland, I have Xwayland installed and configured or from Exegol because it's connected to a VPN and isn't in
hostnetwork mode.The environment variable
DISPLAYis set to:0so I guess Exegol is presuming the container runs inhostnetwork mode ?