Open bhzhu203 opened 3 years ago
Is that a X server error? System is LFS Linux
QEMU emulator version 2.9.92
Upgrade to version 5
Display is :0.0 but you used :0.1
No protocol specified
This sounds like an authentication error.
X access is normally restricted with a cookie, mostly ~/.Xauthority
or $XDG_RUNTIME_DIR/Xauthority
. The path is stored in variable XAUTHORITY
.
X authentication is sometimes weakend with xhost
. Current xhost settings can be seen with a blanc xhost
command.
An often seen but bad solution is xhost +
that disables X authentication entirely.
If the user uid on host is the same as in image (e.g. with docker run option --user $(id -u):$(id -g)
), a reasonable solution is xhost +SI:localuser:$(id -un)
. To allow root in container access to X, set xhost +SI:localuser:root
.
A better solution is to provide a cookie to the container. It needs some preparation:
Cookiefile=~/mycookie
Cookie="$(xauth nlist ${DISPLAY} | sed -e 's/^..../ffff/')"
echo $Cookie | xauth -f $Cookiefile nmerge -
Share file $Cookiefile
with the container and set --env XAUTHORITY=/path/to/mycookie
No protocol specified
This sounds like an authentication error. X access is normally restricted with a cookie, mostly
~/.Xauthority
or$XDG_RUNTIME_DIR/Xauthority
. The path is stored in variableXAUTHORITY
. X authentication is sometimes weakend withxhost
. Current xhost settings can be seen with a blancxhost
command.An often seen but bad solution is
xhost +
that disables X authentication entirely. If the user uid on host is the same as in image (e.g. with docker run option--user $(id -u):$(id -g)
), a reasonable solution isxhost +SI:localuser:$(id -un)
. To allow root in container access to X, setxhost +SI:localuser:root
.A better solution is to provide a cookie to the container. It needs some preparation:
Cookiefile=~/mycookie Cookie="$(xauth nlist ${DISPLAY} | sed -e 's/^..../ffff/')" echo $Cookie | xauth -f $Cookiefile nmerge -
Share file
$Cookiefile
with the container and set--env XAUTHORITY=/path/to/mycookie
This solved my issue ! Many thanks!
1.set the right Display echo $Display to see the value on the host
Cookiefile=~/mycookie Cookie="$(xauth nlist ${DISPLAY} | sed -e 's/^..../ffff/')" echo $Cookie | xauth -f $Cookiefile nmerge -
if not solved , just run xhost +
No protocol specified
This sounds like an authentication error. X access is normally restricted with a cookie, mostly
~/.Xauthority
or$XDG_RUNTIME_DIR/Xauthority
. The path is stored in variableXAUTHORITY
. X authentication is sometimes weakend withxhost
. Current xhost settings can be seen with a blancxhost
command.An often seen but bad solution is
xhost +
that disables X authentication entirely. If the user uid on host is the same as in image (e.g. with docker run option--user $(id -u):$(id -g)
), a reasonable solution isxhost +SI:localuser:$(id -un)
. To allow root in container access to X, setxhost +SI:localuser:root
.A better solution is to provide a cookie to the container. It needs some preparation:
Cookiefile=~/mycookie Cookie="$(xauth nlist ${DISPLAY} | sed -e 's/^..../ffff/')" echo $Cookie | xauth -f $Cookiefile nmerge -
Share file
$Cookiefile
with the container and set--env XAUTHORITY=/path/to/mycookie
Thanks @mviereck for letting us know, should I change all xhost references to xhost +SI:localuser:"$(id -un)"
?
should I change all xhost references to xhost +SI:localuser:"$(id -un)"?
In fact, no.
Your examples only share DISPLAY
and /tmp/.X11-unix
without caring for X authentication. (Edit: Just found you recommend xhost +
in the troubleshooting section.)
This works only if:
xhost +SI:localuser:"$(id -un)"
on itself. The container user arch
has the same uid as the host user.
Check your output of xhost
. I bet your user has an entry. Don't rely on this.
If you run xhost -SI:localuser:"$(id -un)"
(disabling) , you won't be able to run your own example.
So your current example rather works "by accident".
xhost +SI:localuser:arch
won't work because the host does not know this user name. Unfortunately, xhost
does not accept an uid. xhost +
disables X authentication at all and should not be used.
You can use xhost +SI:localuser:$(id -un)
if you run the container with docker run --user $(id -u):$(id -g) [...]
.
Of course the container has to handle varying uids in that case.
I recommend not to use xhost
at all but to set up a cookie. Cookies do not depend on user uids.
This makes your setup a bit more complicated but clean.
(Advertisement: x11docker can do the job for you. ;-) )
Unfortunately, xhost does not accept an uid.
I have to correct myself: It is possible to specify an uid instead of a name to xhost.
Example:
xhost "+SI:localuser:#1000"
The uid must be preceeded with a #
, otherwise it is interpreted as a name.
That might be a solution for your setup. Specify the uid of container user arch
.
I'm trying to run this sudo docker run -it -e RAM=2 --device /dev/kvm -p 50922:10022 -v /tmp/.X11-unix:/tmp/.X11-unix -e "DISPLAY=${DISPLAY:-:0.0}" sickcodes/docker-osx:big-sur
but I've got this error touch: cannot touch '': No such file or directory chown: cannot access '': No such file or directory ssh-keygen: generating new host keys: RSA DSA ECDSA ED25519 nohup: appending output to 'nohup.out' Unable to init server: Could not connect: Connection refused QEMU 5.2.0 monitor - type 'help' for more information (qemu) qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.01H:ECX.aes [bit 25] qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.01H:ECX.avx [bit 28] qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.0DH:EAX [bit 2] qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.01H:ECX.aes [bit 25] qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.01H:ECX.avx [bit 28] qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.0DH:EAX [bit 2] qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.01H:ECX.aes [bit 25] qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.01H:ECX.avx [bit 28] qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.0DH:EAX [bit 2] qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.01H:ECX.aes [bit 25] qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.01H:ECX.avx [bit 28] qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.0DH:EAX [bit 2] ALSA lib confmisc.c:767:(parse_card) cannot find card '0' ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default alsa: Could not initialize DAC alsa: Failed to open
default':
alsa: Reason: No such file or directory
ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory
ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default
alsa: Could not initialize DAC
alsa: Failed to open default': alsa: Reason: No such file or directory audio: Failed to create voice
dac'
ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory
ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default
alsa: Could not initialize ADC
alsa: Failed to open default': alsa: Reason: No such file or directory ALSA lib confmisc.c:767:(parse_card) cannot find card '0' ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default alsa: Could not initialize ADC alsa: Failed to open
default':
alsa: Reason: No such file or directory
audio: Failed to create voice adc' gtk initialization failed
You've been asked to add yourself to the docker group and not use sudo
How add myself to the docker group ?
Secondly, you're running kernel 5.3.7 and QEMU 2.9
@sickcodes @bhzhu203 Yesterday I wrote a wiki article on X authentication: https://github.com/mviereck/x11docker/wiki/X-authentication-with-cookies-and-xhost-(%22No-protocol-specified%22-error) It is not ready yet but already contains the most important parts for the issues discussed here.
Thanks a ton @mviereck I'll have some spare time at the end of this week, which I'll read everything if you've said so far and make security changes. :) so far changed the VNC password from mere hexadecimal to [:print:]
I had similar errors and couldn't run docker over ssh with X forwarding. xterm worked though. I set DISPLAY=x.x.x.x:0 on the host since it's a local network and it worked (xhost + too).
OS related issued, please help us identify the issue by posting the output of this
uname -a \ ; echo "${DISPLAY}" \ ; echo 1 | sudo tee /sys/module/kvm/parameters/ignore_msrs \ ; grep NAME /etc/os-release \ ; df -h . \ ; qemu-system-x86_64 --version \ ; libvirtd --version \ ; free -mh \ ; nproc \ ; egrep -c '(svm|vmx)' /proc/cpuinfo \ ; ls -lha /dev/kvm \ ; ls -lha /tmp/.X11-unix/ \ ; ps aux | grep dockerd \ ; docker ps | grep osx \ ; grep "docker|kvm|virt" /etc/group
Linux bhzhuos 5.3.7-uksm #2 SMP Fri Oct 25 01:09:57 CST 2019 x86_64 GNU/Linux :0.0 1 grep: /etc/os-release: No such file or directory Filesystem Size Used Avail Use% Mounted on /dev/sdc3 781G 231G 548G 30% /home QEMU emulator version 2.9.92 Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers bash: libvirtd: command not found total used free shared buff/cache available Mem: 15G 7.7G 2.2G 449M 5.8G 5.7G Swap: 1.0G 33M 990M 8 8 crw------- 1 root root 10, 232 Mar 19 15:41 /dev/kvm total 0 drwxrwxrwt 2 root root 60 Mar 11 10:27 . drwxrwxrwt 50 root root 1.5K Mar 19 19:33 .. srwxrwxrwx 1 root root 0 Mar 8 20:42 X0 root 17006 0.0 0.0 19280 2156 pts/84 S+ 19:33 0:00 grep --color=auto dockerd root 30259 0.9 0.3 1788464 49460 ? Sl 14:06 3:00 /usr/bin/dockerd -g /home/tmp/docker -s overlay2 --registry-mirror=https://hhw.mirror.aliyuncs.com 60a2b028a60a sickcodes/docker-osx:big-sur "/bin/bash" 4 hours ago Up 4 hours 0.0.0.0:50925->10022/tcp sleepy_poincare
docker run -it --device /dev/kvm -p 50922:10022 -v /tmp/.X11-unix:/tmp/.X11-unix -e "DISPLAY=${DISPLAY:-:0.1}" sickcodes/docker-osx:latest ssh-keygen: generating new host keys: RSA DSA ECDSA ED25519 nohup: appending output to 'nohup.out' No protocol specified Unable to init server: Could not connect: Connection refused QEMU 5.2.0 monitor - type 'help' for more information (qemu) ALSA lib confmisc.c:767:(parse_card) cannot find card '0' ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default alsa: Could not initialize DAC alsa: Failed to open
default': alsa: Reason: No such file or directory ALSA lib confmisc.c:767:(parse_card) cannot find card '0' ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default alsa: Could not initialize DAC alsa: Failed to open
default': alsa: Reason: No such file or directory audio: Failed to create voicedac' ALSA lib confmisc.c:767:(parse_card) cannot find card '0' ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default alsa: Could not initialize ADC alsa: Failed to open
default': alsa: Reason: No such file or directory ALSA lib confmisc.c:767:(parse_card) cannot find card '0' ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default alsa: Could not initialize ADC alsa: Failed to opendefault': alsa: Reason: No such file or directory audio: Failed to create voice
adc' gtk initialization failed