I am facing an issue of starting a wayland desktop with weston display manager without a wayland compositor that already exists. This is useful when running completely headless virtual machines in a docker container. The VMs in question work fine with XOrg but they have many security vulnerability issues related to running XOrg as Root. So I turn to using Wayland as it is able to run under a user account without access elevation.
Wayland works in a docker container when there is a wayland desktop already running in the host and serves as a wayland compositor. Please note below a working solution where there is a volume mapping between docker host and container /var/run/user/1000/wayland-0:/tmp/wayland-0:
Your x11docker is phenomenal but it only works in the context of having a host with all the wayland infrastructure. My use-case is to create self-contained infrastructure inside the docker and not be dependent on the host at all.
If you know of a way to do it, please let me know,
ypv
P.S. Here is the output where I highlight the problem:
[21:15:30.783] weston 9.0.0
https://wayland.freedesktop.org
Bug reports to: https://gitlab.freedesktop.org/wayland/weston/issues/
Build: 9.0.0
[21:15:30.783] Command line: weston
[21:15:30.783] OS: Linux, 6.2.0-1019-azure, #19~22.04.1-Ubuntu SMP Wed Jan 10 22:57:03 UTC 2024, x86_64
[21:15:30.783] warning: XDG_RUNTIME_DIR "/tmp" is not configured
correctly. Unix access mode must be 0700 (current mode is 777),
and must be owned by the user (current owner is UID 1000).
Refer to your distribution on how to get it, or
http://www.freedesktop.org/wiki/Specifications/basedir-spec
on how to implement it.
[21:15:30.783] Starting with no config file.
[21:15:30.783] Output repaint window is 7 ms maximum.
[21:15:30.783] Loading module '/usr/lib/x86_64-linux-gnu/libweston-9/wayland-backend.so'
[21:15:30.787] Error: Failed to connect to parent Wayland compositor: Connection refused
display option: (none), WAYLAND_DISPLAY=wayland-0
[21:15:30.787] fatal: failed to create compositor backend
X is ready.
XDG_SESSION_DESKTOP=
XDG_SESSION_TYPE=wayland
PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/nvidia/bin
LD_LIBRARY_PATH:/usr/local/nvidia/lib64
Error: Can't open display: :0
Hi,
I am facing an issue of starting a wayland desktop with weston display manager without a wayland compositor that already exists. This is useful when running completely headless virtual machines in a docker container. The VMs in question work fine with XOrg but they have many security vulnerability issues related to running XOrg as Root. So I turn to using Wayland as it is able to run under a user account without access elevation.
Wayland works in a docker container when there is a wayland desktop already running in the host and serves as a wayland compositor. Please note below a working solution where there is a volume mapping between docker host and container /var/run/user/1000/wayland-0:/tmp/wayland-0:
sudo docker run --rm --runtime=nvidia --gpus all -it -e WAYLAND_DISPLAY=wayland-0 -e XDG_RUNTIME_DIR=/tmp -e UNITY_INSTANCES=0 -e XDG_SESSION_TYPE=wayland --net=host --device /dev/dri --device /dev/input --cap-add SYS_TTY_CONFIG --cap-add=SYS_ADMIN --volume=/run/udev/data:/run/udev/data:ro -v $XDG_RUNTIME_DIR/$WAYLAND_DISPLAY:/tmp/$WAYLAND_DISPLAY --volume=/dev/dri/renderD128:/dev/dri/renderD128 my_x11docker_wayland_image
Your x11docker is phenomenal but it only works in the context of having a host with all the wayland infrastructure. My use-case is to create self-contained infrastructure inside the docker and not be dependent on the host at all.
If you know of a way to do it, please let me know, ypv
P.S. Here is the output where I highlight the problem:
[21:15:30.783] weston 9.0.0 https://wayland.freedesktop.org Bug reports to: https://gitlab.freedesktop.org/wayland/weston/issues/ Build: 9.0.0 [21:15:30.783] Command line: weston [21:15:30.783] OS: Linux, 6.2.0-1019-azure, #19~22.04.1-Ubuntu SMP Wed Jan 10 22:57:03 UTC 2024, x86_64 [21:15:30.783] warning: XDG_RUNTIME_DIR "/tmp" is not configured correctly. Unix access mode must be 0700 (current mode is 777), and must be owned by the user (current owner is UID 1000). Refer to your distribution on how to get it, or http://www.freedesktop.org/wiki/Specifications/basedir-spec on how to implement it. [21:15:30.783] Starting with no config file. [21:15:30.783] Output repaint window is 7 ms maximum. [21:15:30.783] Loading module '/usr/lib/x86_64-linux-gnu/libweston-9/wayland-backend.so' [21:15:30.787] Error: Failed to connect to parent Wayland compositor: Connection refused display option: (none), WAYLAND_DISPLAY=wayland-0 [21:15:30.787] fatal: failed to create compositor backend X is ready. XDG_SESSION_DESKTOP= XDG_SESSION_TYPE=wayland PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/nvidia/bin LD_LIBRARY_PATH:/usr/local/nvidia/lib64 Error: Can't open display: :0