Make the xauth file persistant (instead of /tmp/.dockercfa2413r.xauth) when `--nocleanup` is used

[felixf4xu]

Hi,

This is a issue already mentioned at https://github.com/osrf/rocker/issues/170 but it's closed, I would like to reopen it.

When I use rocker (for autoware ), I want the container not to be cleaned after rocker exists, so I use --nocleanup with rocker, but that container is run by command like docker run -it --network host --gpus all --privileged -v xxxxxx -e DISPLAY -e TERM -e QT_X11_NO_MITSHM=1 -e XAUTHORITY=/tmp/.dockercfa2413r.xauth -v /tmp/.dockercfa2413r.xauth:/tmp/.dockercfa2413r.xauth -v /tmp/.X11-unix:/tmp/.X11-unix -v /etc/localtime:/etc/localtime:ro <image_id> which uses /tmp file. That actually makes the container not able to be re-run after a host power reset since the /tmp folder will be deleted.

I'm not sure why *.xauth file is needed and why it's created into /tmp folder.

[tfoote]

The xauth file is how the display communicates with the server. https://www.x.org/archive/X11R6.8.1/doc/xauth.1.html

It's a temporary file which is registered with the x server. https://github.com/osrf/rocker/blob/9937f500118f9d5a460251796fc145b4dcffdca9/src/rocker/nvidia_extension.py#L65

I believe that the file is only valid for the duration of operation of the x server with which it was registered. To make it persist across reboots you will likely need to create logic to recreate and rereguster the xauth file with the new xserver. Not just recreate the file or persist the file.

[felixf4xu]

I did some test, if I don't use -e XAUTHORITY=/tmp/.dockercfa2413r.xauth -v /tmp/.dockercfa2413r.xauth:/tmp/.dockercfa2413r.xauth, the other created container can still works for GUI applications, like rviz2. Maybe anything I missed?

[tfoote]

rocker --x11 working as expected

$ rocker --x11 osrf/ros:rolling-desktop rviz2
Extension volume doesn't support default arguments. Please extend it.
Active extensions ['x11']
Writing dockerfile to /tmp/tmpeanathlz/Dockerfile
vvvvvv
# Preamble from extension [x11]

FROM osrf/ros:rolling-desktop
USER root
# Snippet from extension [x11]

# User Snippet from extension [x11]

^^^^^^
Building docker file with arguments:  {'path': '/tmp/tmpeanathlz', 'rm': True, 'nocache': False, 'pull': False}
building > Step 1/2 : FROM osrf/ros:rolling-desktop
building >  ---> df0f3bc9d740
building > Step 2/2 : USER root
building >  ---> Using cache
building >  ---> c28678362590
building > Successfully built c28678362590
Executing command: 
docker run --rm -it  -e DISPLAY -e TERM   -e QT_X11_NO_MITSHM=1   -e XAUTHORITY=/tmp/.dockerhy8md0jb.xauth -v /tmp/.dockerhy8md0jb.xauth:/tmp/.dockerhy8md0jb.xauth   -v /tmp/.X11-unix:/tmp/.X11-unix   -v /etc/localtime:/etc/localtime:ro  c28678362590 rviz2
QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-root'
MESA: error: Failed to query drm device.
libGL error: glx: failed to create dri3 screen
libGL error: failed to load driver: iris
libGL error: failed to open /dev/dri/card0: No such file or directory
libGL error: failed to load driver: iris
MESA: error: Failed to query drm device.
libGL error: glx: failed to create dri3 screen
libGL error: failed to load driver: iris
libGL error: failed to open /dev/dri/card0: No such file or directory
libGL error: failed to load driver: iris
[INFO] [1711010296.735186258] [rviz2]: Stereo is NOT SUPPORTED
[INFO] [1711010296.735273753] [rviz2]: OpenGl version: 4.5 (GLSL 4.5)
[INFO] [1711010296.793956924] [rviz2]: Stereo is NOT SUPPORTED

trying it removing the xauth environment and mount and it fails to run.

$ rocker --mode=dry-run --x11 osrf/ros:rolling-desktop
Extension volume doesn't support default arguments. Please extend it.
Active extensions ['x11']
Writing dockerfile to /tmp/tmpwl038cbh/Dockerfile
vvvvvv
# Preamble from extension [x11]

FROM osrf/ros:rolling-desktop
USER root
# Snippet from extension [x11]

# User Snippet from extension [x11]

^^^^^^
Building docker file with arguments:  {'path': '/tmp/tmpwl038cbh', 'rm': True, 'nocache': False, 'pull': False}
building > Step 1/2 : FROM osrf/ros:rolling-desktop
building >  ---> df0f3bc9d740
building > Step 2/2 : USER root
building >  ---> Using cache
building >  ---> c28678362590
building > Successfully built c28678362590
Run this command: 

docker run --rm -it  -e DISPLAY -e TERM   -e QT_X11_NO_MITSHM=1   -e XAUTHORITY=/tmp/.docker_qtzk8ce.xauth -v /tmp/.docker_qtzk8ce.xauth:/tmp/.docker_qtzk8ce.xauth   -v /tmp/.X11-unix:/tmp/.X11-unix   -v /etc/localtime:/etc/localtime:ro  c28678362590 
$ docker run --rm -it  -e DISPLAY -e TERM   -e QT_X11_NO_MITSHM=1   -v /tmp/.X11-unix:/tmp/.X11-unix   -v /etc/localtime:/etc/localtime:ro  c28678362590 
root@f06dff4fb698:/# rviz2
Authorization required, but no authorization protocol specified
qt.qpa.xcb: could not connect to display :1
qt.qpa.plugin: Could not load the Qt platform plugin "xcb" in "" even though it was found.
This application failed to start because no Qt platform plugin could be initialized. Reinstalling the application may fix this problem.

Available platform plugins are: eglfs, linuxfb, minimal, minimalegl, offscreen, vnc, xcb.

Aborted (core dumped)
root@f06dff4fb698:/# 

I verified that if you run it with --home and --user it will work with the xauth file not set so there must be some sort of default path in the home directory that can be used by the applications.