All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning since version 4.0.
Project website: https://github.com/mviereck/x11docker
--pull
: Usedocker pull IMAGE
orx11docker --build IMAGE
instead.
6.10.0 - 2021-10-06
--build
: New option to build an image from x11docker repository.--snap
: New option to enable fallback mode to support Docker in snap. (#375)
--backend=nerdctl
: Disallow--home
in rootless mode.--backend
: Allow--share
in all rootless modes.- Use
python
to parse json output ofinspect
. --update, --update-master, --remove
: detect and use current installation directory. (#371)
- Return exit code of container command (regression fix). (#383)
--share
: If path is inHOME
, change container path and create softlink. OtherwiseHOME
might not be writeable.--fallback
: Add missing switch in option parsing. (#372)--interactive
: Fix output redirection. (#364)
--wm=container
: drop containerized window manager support.
6.9.0 - 2021-06-02
--backend=BACKEND
: Experimental option to choose a container backend. Currently supported:docker
,podman
andnerdctl
. (#255) (#357)- Support of rootless docker. (#327)
--composite
: New option to enable or disable X extension Composite. Can help to fix issues with--nxagent
. (#345)--no-setup
: Disable x11docker setup in container. (Formerly experimental.)
--pw [=FRONTEND]
: ArgumentFRONTEND
is optional now to allow easy switch to rootful nerdctl or podman. SettingFRONTEND
requires=
.--xhost [=STR]
: ArgumentSTR
is optional now. If empty, set to+SI:localuser:$USER
. SettingSTR
requires=
.
x11docker-gui
: Fixed--share
bug. Add several missing options. (#358)--init=s6-overlay
: Use--tmpfs /run:exec
(#340)containerrootrc
: Don't rundocker exec --privileged
for container root setup to avoid possible abuse by corrupted core utils.--limit
: Change free memory check. (#360)
--podman
: Use--backend=podman
instead. (Formerly experimental)
6.8.0 - 2021-04-08
--iglx
: Use indirect rendering for OpenGL.--password
: New option to set a container user password. (#334)
--sudouser
: Allow optional argumentnopasswd
for sudo without password. (#337)
--size
: Regard if no monitor is connected. (#336)
6.7.0 - 2021-02-28
-I, --network
: New option to set network mode.-I
will be mandatory in future to allow internet access. Replaces--no-internet
and--hostnet
.--runasuser
: New option to add (background) commands incmdrc
. Intended to run e.g.fcitx
keyboard input daemon. (#269) (x11docker/deepin:#2)--fallback=no
: New option to deny fallbacks for failing options.--no-setup
: Experimental option to disable x11docker setup in container.--podman
: Experimentalpodman
support. (#255)--xopt
: Experimental option to add custom X server options. (#296)
--lang
: Allow multiple times to generate more than one locale.
--home=~/DIR
: Replace~
with$HOME
.--hostnet
: set host IP to 127.0.0.1 for options like--pulseaudio=tcp
.--pulseaudio
: set to TCP if pulseaudio runs as system daemon. (#266)- Allow
docker logs
to grab container output, too. (#254) --xpra
: version check failed in few circumstances. (#287)--gpu
: share/dev/nvmap
and/dev/nvhost*
if present. (#290)--preset
: Parse witheval
to catch strings. (x11docker/deepin:#20)- MS Windows: IP check / no dockerNAT interface anymore. (runx:#6) (#325)
--hostnet
: Use--network=host
instead.--no-internet
: Use--network=none
instead.
6.6.2 - 2020-05-19
--home=VOLUME
,--share=VOLUME
: Support of docker volumes. ehough/docker-kodi#33
--update
: Fixsed
error in changelog excerpt. (#236)--webcam
: Add container user to group video. (#241)
--sharessh
: Please use (directly or with help of option--preset
):--share $(dirname $SSH_AUTH_SOCK) --env SSH_AUTH_SOCK="$SSH_AUTH_SOCK"
6.6.1 - 2020-03-19
--runx
: FixXAUTHORITY
copy bug. (#219)
6.6.0 - 2020-03-19
- Experimental WSL2 support. See also new option
--mobyvm
. (#214) --preset
: New option to read files with predefined option sets. (#218)--mobyvm
: New option to use MobyVM in WSL2. Default for WSL2 is native Linux docker.--shell
: New option to specify preferred user shell. (#26) (#211)
--nxagent --keymap=clone
: Clone xkb settings from host in nxagent. (#208)--printer
: Share entirerun/cups
, not only socketrun/cups/cups.sock
. (#222)--wm
: Improved checks and fallback handling. Disabled context menu for host window manager--wm=openbox
.
6.5.0 - 2019-12-22
--xoverip
: New option to enforce X over TCP/IP. For special setups only. (#201)
- Run
containerrootrc
with--privileged
. Does not affect desired container command incontainerrc
. Allows less privileges with NVIDIA driver installation and avoids issues like in (#196) --xephyr
: Disabled Xephyr option-glamor
. (#196)--runtime
: Addedoci
to list of known runtimes. (#205)TODO.md
outsourced from x11docker script.
- Support
snap
installation of Docker. (#191) --gpu
: NVIDIA driver installation failed with--cap-default
. (#198)
6.4.0 - 2019-11-14
--xtest [=yes|no]
: New option to enable or disable X extension XTEST. Can be needed for custom access with xpra. (#190)
- Do not set
tini
option-s
. Avoids issue withcatatonit
. (#189) - Exchange static file descriptor numbers with dynamic ones. Hopefully fixes an odd issue where bash eats up some lines of code on exit.
- docker-for-win: Do not use cache path within WSL subsystem. (#165)
--xpra
: Check for validity of--opengl=noprobe
.--xpra
: Drop support on MS Windows / WSL.- Use window manager in auto mode for
--xephyr
and similars. - Fix
waitforlogentry()
error if pulling image. (#193)
6.3.0 - 2019-10-04
--showinfofile
: New option: Echo path to internal x11docker info storage file. Can be parsed for informations like container IP and name.--newprivileges [=yes|no]
: New option to set or unset docker run option--security-opt=no-new-privileges
.
- Return exit code of container command. x11docker errors return code
64
. --dbus
: Optional argument=system
to run a DBus system daemon. Similar to previous--dbus-system
. For experimental setups only.--dbus-system
: Already deprecated in v6.2.0. New fallback:--dbus=system --cap-default
.--exe
: Run withtini
/docker-init
if available.--showenv
: Does not containX11DOCKER_CACHE
anymore. Have a look at--showinfofile
instead.--weston
,--kwin
,--hostwayland
: Always set all Wayland environment variables and run with DBus user daemon. Previously needed--wayland
.--xdummy --gpu
/--xvfb --gpu
: Supported only in host X, no longer on console or on Wayland.--xephyr
: enabled-glamor
.- Wait before starting X until possible password prompt is ready.
- Lots of code cleanup.
- Enable X extension
X-Resource
to allow Gnome 3 in container. (#16) - Avoid double IP address while checking
docker0
interface. (#182) - Avoid possible race condition of display number on simultaneous starts.
6.2.0 - 2019-08-17
--enforce-i
: Run x11docker in interactive bash mode. Rather special option to provide a fix for special issues, e.g. runningweston-launch
on void linux that needs an interactive tty. Not recommended in general. (#166) (#176)-F
: Shortcut for--xfishtank
.-l
: Shortcut for--lang
.-P
: Shortcut for--printer
.-V
: Same as-v, --verbose
, but with colored output. Useful e.g. with--init=systemd
.
- Short options do not accept optional arguments. Affects
-l -m -p -P -w -v
. -m
: Does not accept optional argument=PATH
. Use--home=PATH
instead.-v, --verbose
: Does not accept argument=c
anymore. Use-V
instead.-w
: Does not accept argument anymore. Use--wm=ARG
instead.--xpra
: Runs on Wayland since xpra v3.0-r23305.
--dbus-system
: Use one of--init=systemd|openrc|runit|sysvinit
instead. Current fallback:--init=systemd
.
--workdir
: Has been overwritten / no effect.- Fixed
tty
check if not running in a terminal. (#176) (#177)
6.1.1 - 2019-07-31
--gpu
: Add user to grouprender
.
6.1.0 - 2019-07-30
--clean-xhost
: Disable xhost access policies on host display.--no-xhost
: Reintroduced for backwards compatibility. Deprecated. Use--clean-xhost
instead.--systemd
: Reintroduced for backwards compatibility. Deprecated. Use--init=systemd
instead.
--home
: Allow optional host folder DIR with--home=DIR
.--printer
: Allow optional argumenttcp|socket
. Allows CUPS printing for--runtime=kata-runtime
.--share
: Don't share--volume
along with--device
. Has been a workaround for an old Docker bug setting wrong file ownerships. #24
--homedir=DIR
: Use--home=DIR
instead.--systemd
: Use--init=systemd
instead.--no-xhost
: Use--clean-xhost
instead.
--xpra --clipboard
: Fix not using xpra option--xsettings=no
. xpra ticket #2342- Copy
/etc/skel
into emptyHOME
.
6.0.0 - 2019-07-08
--wm
: Use imagex11docker/openbox
to provide a window manager. Set--wm=host
or--wm=COMMAND
to use a host window manager. Set--wm=IMAGE
to run local image IMAGE as window manager. (#158)
--vcxsrv
: X server on Windows. Userunx
on MS Windows instead to provide X for x11docker: https://github.com/mviereck/runx (#165)--pulseaudio
on MS Windows is no longer supported.--ps
,--trusted
,--untrusted
,--no-xtest
,--no-xhost
,--silent
,--stderr
,--stdout
,--nothing
,--cachedir
,--starter
,--tini
,--systemd
,--openrc
,--runit
,--sysvinit
,--no-init
,--sys-admin
: Removed; search this changelog for possible replacements noted in 'Deprecated' chapters.
--gpu
with automated NVIDIA driver installation: Don't set--security-opt=no-new-privileges
. (#162)--hostwayland
: Fix socket name issue. (ehough/kodi #26)- WSL: Add Windows System32 path to
PATH
. Can miss withsudo
. (#153) --update
,--update-master
: Support more commontar
besideunzip
. (#115)--xwin
: Use random display number. (#165)--xpra
: Check for option availability to support multiple versions. Significantly faster startup since xpra v3.0-r23066. (#167) (#165)
5.6.0 - 2019-05-02
--runtime=RUNTIME
: New option to specify container runtime. Known runtimes:runc
(docker default),crun
,nvidia
andkata-runtime
. (#138)--share=PATH
: Share file or folder. Replaces--sharedir
. Works for device files in/dev
, too. Shares targets of symlinks, too.
--sharedir
: Use--share
instead.--no-xhost
: No replacement.--sys-admin
: No replacement.
--clipboard
: Bugfix for--xephyr
and some other desktop mode X servers. (#152)--dbus-system
: Fixed startup failure with user switching.--init=sysvinit|runit|openrc
: Always create service to start system DBus.elogind
support for debian buster containers. Partial support for Void.docker commit
: Throw error if running a recursive image command created withdocker commit
from an x11docker container. (#146)
5.5.2 - 2019-04-08
--init=s6-overlay
: Support of init systems6
as given bys6-overlay
. (#136)
x11docker
without an option: showx11docker --help
instead of running an empty X server.
--init=systemd|openrc|runit
: fixes for several container systems.--dbus-system
: Regression fix for service file check.--exe
: Regard possible--
in command. Command before it has been dropped errately as invalidDOCKER_RUN_OPTIONS
before.--tty
: Workaround: Set environment variablesLINES
andCOLUMNS
to current terminal size. Only needed without--interactive
. Docker bug ticket #33794--init=tini
: Support of native docker-init on docker-for-win.- Check for availability of
realpath
. --kwin
,--kwin-xwayland
: Check for option--windowed
. (#144)
5.5.1 - 2019-03-18
--ps
: Preserved cache and container. No replacement.
--lang[=LOCALE]
: Argument LOCALE is optional now. Note that=
is mandatory now. Use--lang=ru
instead of--lang ru
.--lang
without an argument sets$LANG
from host.
- Fix for host user check after multiple
su
. --entrypoint env
instead of--entrypoint /usr/bin/env
. Some systems have/bin/env
instead.
5.5.0 - 2019-03-06
--init=tini|systemd|sysvinit|openrc|runit|none
: New option to specify or disable init system / PID 1 in container. Replaces singular options.
--tini
: Use--init=tini
instead.--systemd
: Use--init=systemd
instead.--sysvinit
: Use--init=sysvinit
instead.--openrc
: Use--init=openrc
instead.--runit
: Use--init=runit
instead.--no-init
: Use--init=none
instead.
--wm[=COMMAND]
: ArgumentCOMMAND
is optional now. Note that=
is mandatory now. Use--wm=openbox
instead of--wm openbox
.--wm
without an argument autodetects a host window manager.
- Execute
containerrootrc
in/tmp
of container to circumvent possible issues with access700
of~/.cache
on host. (#131) - Check repeatedly for PID1 of container to avoid race condition on slow systems. (#133)
5.4.4 - 2019-02-24
--gpu
: NVIDIA driver installation: Avoid--install-libglvnd
and--no-nvidia-modprobe
for installer versions that do not support it. Fool dependency check forbinutils
for old installer versions. Skip installation if--runtime=nvidia
is given in docker run options. (#127)
5.4.3 - 2019-02-19
--alsa[=CARDNAME]
: Accepts a sound card name as optional argument.--gpu
: NVIDIA driver installation: Avoid dependencies onkmod
andxz
.
--gpu
: NVIDIA driver installation: Old versions need--install-libglvnd
.
5.4.2 - 2019-02-18
--gpu
: Fixes for automated NVIDIA driver installation. (#127)
5.4.1 - 2019-02-08
--update
: Remove debug output ofset -x
.
5.4.0 - 2019-02-08
--pull [=ask|yes|no|always]
: New option to allow/denydocker pull
. (#109)--limit[=FACTOR]
: New option to restrict RAM and CPU usage.--border
: New option to draw a colored border into--xpra
windows. Helps to distinguish between host and container applications. (#91)--xtest
,--xcomposite
: Experimental options to enable X extensionsXTEST
andCOMPOSITE
. Might be removed in later releases. (#117)
- Copy
/etc/skel/.
in container toHOME
ifHOME
is empty. - Changed shebang
#! /bin/bash
to#! /usr/bin/env bash
for portability. (#83) - Allow interactive
docker pull
in terminal only. Do not start additional X terminal. (#109) - Prefer starting terminal to ask for root password. Use additional X terminal only as a fallback. (#109)
- API FIX: Preserve quoting in image command correctly.
Image commands like
sh -c 'ls && pwd'
previously failed. Instead'ls && pwd'
sort of worked although it is weird. Nowsh -c 'ls && pwd'
works as intended and'ls && pwd'
fails. (#112) -t, --tty
: Long option was not parsed.- docker-for-win: Fixed IP check (#102)
- docker-for-win: Make sure container is terminated. (#106)
- docker-for-win:
--interactive
: Usewinpty
wrapper. (#87) - MSYS2/Cygwin: Always use X over IP to serve e.g.
Xvfb.exe
, too. (#123) --update
: Fixedsed
parsing error for excerpt ofCHANGELOG.md
.
5.3.3 - 2018-11-17
-i, --interactive
: New option to run with an interactive TTY. (#87)-t, --tty
: Replaces--nothing
. Runs no X server, uses terminal only. Allowsx11docker -ti
similar to often useddocker run -ti
.-q, --quiet
: Replaces--silent
. Suppress x11docker messages.
--silent
: Use--quiet
instead.--nothing
: Use--tty
instead.--stdout
: stdout is always displayed now.--stderr
: stderr is always displayed now.-Q
: stdout and stderr are always displayed now.
--webcam
: Share/run/udev/data
to provide device information forcheese
andgnome-ring
. (#86) (#75)--sysvinit
: fixed startup failure due to missing container user name.
5.3.2 - 2018-11-08
--user=RETAIN
: Keep user settings of image instead of creating a new one. (#85)
gnome-terminal
did not appear for password prompt ordocker pull
. (#84)- Watch container pid 1 instead of container pid itself. Avoids issue on NixOS
where users cannot see processes of other users, root or docker in this case.
Throw error if x11docker cannot watch container pid 1 due to
hidepid=2
. (#83)
5.3.1 - 2018-10-22
--hostdisplay
: FixedXAUTHORITY
issue if running overssh -X
. (#81)
5.3.0 - 2018-10-11
--launcher
: Replaces--starter
, creates an application launcher.
- Major code cleanup and restructuring. New: commented
main()
routine. --dbus
: Always usesdbus-run-session
, doesn't trydbus-launch
anymore.--xpra
: Allow choice of virtual frame buffer with--xdummy
or--xvfb
. If not specified: defaults to Xvfb, fallback to Xdummy.
--starter
: Use--launcher
instead.--trusted
: Use--clipboard
instead.--untrusted
: No replacement.--xtest
: No replacement.--no-xtest
: No replacement.
--weston*
,--kwin*
: Did not terminate due to DBus issue.--xdummy
,--xvfb
: avoid X message boxes if there is no host X. Affects error messages anddocker pull
. (#77)--pw
: regression fix, did not prompt for password in terminal window./etc/pam.d/su
: allow additional default configs.- Export environment variables
DOCKER_*
in dockerrc if some exist. (#79)
5.2.0 - 2018-09-17
--webcam
: New option to share webcam devices/dev/video*
. (#75)--hostdbus
: New option to connect container to DBus session from host.-q
: New option, shortcut for--stdout --stderr --silent
.-Q
: New option, shortcut for--stdout --stderr
.
--wayland
: Does not run--dbus-system
anymore to avoid complexity and issues on arch linux. Some old GTK3 applications may fail now. In that case, use--weston
instead.--sharedir DIR
: Appending:ro
toDIR
restricts to read-only access.
--systemd --verbose
: journalctl.log was not shown.--systemd
: fixed slow dbus startup.
5.1.0 - 2018-09-02
--printer
: New option to access CUPS printer server. (#73)
--hostdisplay
: Fixed wrongDISPLAY
detection ifXAUTHORITY
is missing, happened e.g. in Gnome Wayland session. (#74)--nxagent
: X authentication was set toxhost +
. Now restricted to cookie using clients again.
5.0.0 - 2018-08-20
- Support of MSYS2, Cygwin and WSL on MS Windows. (#55)
--vcxsrv
: New option for VcXsrv X server on MS Windows. Similar to Xming. (#55)--xwin
: New option for Xwin X server of Cygwin/X on MS Windows.--sharessh
: New option to share SSH agent authentication socket from host. (#59)--name
: New option to set container name. (#61)--cachebasedir
: Set custom cache base directory. Replaces--cachedir
.--homebasedir
: Set base directory where to store folders for--home
.
- API CHANGE: Syntax changed for custom
DOCKER_RUN_OPTIONS
(#58). New:
x11docker [OPTIONS] -- DOCKER_RUN_OPTIONS -- IMAGE [COMMAND [ARG1 ARG2 ...]]
Previous syntax, still valid, but deprecated:
x11docker [OPTIONS] -- "DOCKER_RUN_OPTIONS" IMAGE [COMMAND [ARG1 ARG2 ...]]
x11docker [OPTIONS] -- IMAGE COMMAND ARG1 -- ARG2
BREAKS due to wrongly parsed --
:
x11docker [OPTIONS] -- "DOCKER_RUN_OPTIONS" IMAGE COMMAND ARG1 -- ARG2
Valid:
x11docker [OPTIONS] -- DOCKER_RUN_OPTIONS -- IMAGE COMMAND ARG1 -- ARG2
--pulseaudio
allows optional argument=tcp
or=socket
. Defaults to connection over shared socket on Linux and to TCP connection on MS Windows. On Linux both modes are possible, on MS Windows TCP only.--verbose
: takes optional argumentc
for colored output, eg-vc
.
--cachedir
: Use--cachebasedir
instead.
--ipc
: Use--hostipc
instead.--net
: Use--hostnet
instead.--sharewayland
: Use--wayland
instead.--setwaylandenv
: Use--wayland
instead.--dbus-daemon
,--dbusdaemon
: Use--dbus-system
instead.--add
: Use--runfromhost
instead.
--xpra
: Support of outdated xpra version v0.17.6 that is still distributed in debian stretch and buster.--xpra
: Set x11docker cache folder as xpra socket folder. (#69)--xpra
: Check ifxhost
is available if xpra version 2.3.1 has cookie issue. (#57)--xpra-xwayland
: Set Weston--fullscreen
to get Xwayland resolution matching host display. Weston v4.0.0 seems to interpret screen size settings inweston.ini
different than before.--pulseaudio
: create socket to share instead of using existing one. (#71)--pw gksu
,--pw gksudo
: Disable keyboard grabbing to avoid issues with Gnome 3 Wayland session.- Don't fail on missing password prompt frontend if no password is needed.
4.3.6 - 2018-07-03
--auto
: Prefer--xpra
and--xephyr
over--nxagent
again.--nxagent
too often has issues with extension Composite.--xorg
: Allow running Xorg as root from within X if/etc/X11/Xwrapper.config
is not configured to allow it.--xpra
,--xpra-xwayland
: Set maximal--quality 100
.
--xpra
: Check for tty timeout had a bug that caused all clients of same server to terminate if one client was closed.--xorg
: Secure check for free tty instead of guessing it.--xorg
: Error messages appear on new display instead of host display.--sysvinit
,--runit
,--openrc
: Clean shutdown on CTRL-C / SIGINT.x11docker-gui
: Fixed issue with self-terminating on cleanup.- errors within subshells did not reliably terminate x11docker.
--tini
: Check fordocker-init
in snap installs of docker. (#51)--dbus-system
: Disable servicesorg.freedesktop.hostname1
andorg.freedesktop.locale1
if not running with--systemd
. Can cause container shutdown after some time.--hostdisplay
: Fixed possiblexhost -SI:localuser:$USER
. (#53)/etc/shadow
: Fixed fedora issue with000
file access. (#53)
4.3.5 - 2018-06-21
x11docker-gui
runs from console, too.
--xorg
and others on TTY failed due to xinit in subshell. (regression in v4.3.4).--weston --size
failed on tty, have to specify drm backend for check.- timezone syncing: If setting
TZ
, positive offsets have been set wrong. - timezone syncing: Regard
TZ
from host, not only/etc/localtime
. --xpra
: catch timeout disconnection that happens if using another tty longer than 60s. Restart xpra client in that case.
4.3.4 - 2018-06-15
--dbus-system --sharecgroup
: support ofelogind
in container.- Timezone syncing: Do not mount-bind
/etc/localtime
. If tzdata is missing in image, but host and image have same libc, provide current timezone file only. Create symlink/etc/localtime
within container. If all that fails, setTZ
with offset to UTC. (#50) - Improved
message.fifo
handling from within dockerrc and container. - Disentangled final code sequence of xinit and docker run.
- Check for running docker daemon in dockerrc instead of using
pidof
. (#49) - Show error message if X server fails to start. Suppress warning if needless.
--xpra
: Do not exit onfailed
in xpra server log. (seen on Ubuntu 18.04).--xorg
: ShowXwrapper.config
warning ifneeds_root_rights=yes
is missing. (Seen on Ubuntu 18.04).--xorg
: Password prompt did not appear on new display.--nothing
: Bugfix password prompt on console.--nothing
: Avoid startup error message.--nothing
: Don't start X if running within X / dependency check issue.--nothing
: Pull request for non-local images was invisible.
4.3.3 - 2018-06-05
--no-init
or missingtini
resp.docker-init
: usesh
as PID 1 for desktop environments (--desktop
) to allow logout.
- fedora 28: Check for docker daemon with name
dockerd-current
(#49) --auto
: Prefer--hostdisplay
for seamless apps if nothing else is available.--wayland
,--weston
,--kwin
,--hostwayland
: Show error and exit if no wayland environment can be provided.- dockerrc messages forwarded to logfile fifo. (fixes "unknown file descriptor").
4.3.2 - 2018-06-03
x11docker-gui
is interactive now. Live preview of generated command. Starting multiple x11docker instances possible. Copy-to-clipboard button.x11docker-gui
: create list of installed images every time x11docker or x11docker-gui runs and has enough permissions. Image list is used in x11docker-gui in image combo.--cleanup
: Running as root not mandatory.--clipboard
: supportxsel
additional toxclip
.
- Starting in pure Wayland environments failed (regression in v4.3.0).
--wayland
,--weston
,--kwin
in pure Wayland: detect screen size.
4.3.1 - 2018-05-29
--auto
: prefer--nxagent
over--xpra
and--xephyr
. Reasons: Faster startup than--xpra
. Flexible display size opposed to--xephyr
. Since Ubuntu 18.04 available to broader range of users than before.--runfromhost
can be specified multiple times now.--runasroot
can be specified multiple times now.--dbus-system
and init systems: remove useless or failing dbus services.--systemd
: mask some useless or failing units.- set
DISPLAY
,XAUTHORITY
,WAYLAND_DISPLAY
andXDG_RUNTIME_DIR
indocker run
command for easier custom use ofdocker exec
.
--xpra
: Deny to start xpra >2.2.5 and <r19519 due to MIT-SHM bug. Show message that startup is only possible with--hostipc
. xpra bugticket: https://xpra.org/trac/ticket/1858--xpra
: Warning and workaround for cookie bug in xpra >=v2.3. xpra bugticket: https://www.xpra.org/trac/ticket/1859--xpra
in desktop mode: Allow closing client window, don't restart.
4.3.0 - 2018-05-26
--stdin
: Forward stdin of x11docker to image command.--showpid1
: Echo host PID of container PID 1 on stdout.
--security-opt=no-new-privileges
for init systems and--dbus-system
. Now default for all options except--sudouser
and--cap-default
.--dbus-system
andinit
system options: Run all except a few dbus system services manually and show security warning message. Manual start needed due tono-new-privileges
, polkit setuid helper fails.- Minimize or delete
/etc/pam.d/su
and delete/etc/pam.d/sudo
. Avoids security leak that would allow switching to root in container ifPAM
configuration allows it and capabilities forsu
are given. - Remove
/bin/sh -c
from extracted CMD image command. - Regard
WORKDIR
in image, use it instead ofHOME
. (#45) - Logfile handling with fifo/named pipe.
--auto
: Tightened dependency check.- Improved process watching using less resources. Faster shutdown.
x11docker-gui
: New structure using tabs.- Some code cleanup.
- Don't set
-title
inXephyr
command. Xephyr bug: Releasing keyboard and mouse after grab (ctrl+shift) does not work with-title
. (#44) --nxagent
: Fixed keyboard layout issue, don't use setxkbmap.--nxagent
: Regard--keymap
.--nxagent
: Removed extension Composite, caused some issues.--exe
: Don't pass file descriptors to host executable.--wayland
Works with prissy GTK3 applications (e.g. xfce4-terminal) again, needed user switching in--dbus-system
for unknown reasons.--showid
failed with sudo due to missing file descriptors. Using mkfifo now.- Don't forward stdin as default, can cause trouble if empty. use
--stdin
instead. --xorg
: disable screen saver (#46)
4.2.1 - 2018-05-10
- Forward
stdin
of x11docker to container command with a named pipe/fifo.
x11docker-gui
: Use stdin for kaptain grammar transmission. Don't use cache.--dbus-system
: Don't create--tmpf /tmp --tmpfs /run --tmpfs /var/run --tmpfs /run/lock
. (#43)- Some internal improvements for faster startup and shutdown.
x11docker-gui
: fixed x11docker startup failure due to changed stdout output.
4.2.0 - 2018-05-04
--group-add
: New option to add groups to container user. Needed instead of-- --group-add
to cover user switching setups, too.--showid
: New option to show container ID on stdout.--runfromhost
: Replaces deprecated--add
to have a meaningful option name. Similar to already existing--exe
, but integrates with container.--runasroot
: New option to run command as root in container on startup.
--gpu
: Support for automatic installation of NVIDIA drivers in container. Limited toglibc
based image systems. (#41)elogind
support for--sysvinit
,--openrc
and--runit
. See also elogind in container: elogind#52--systemd
: If host does not runsystemd
, create/sys/fs/cgroup/systemd
.--dbus-system
: wait for bus socket to be ready before continuing.--tini
: Usetini-static
from~/.local/share/x11docker
or/usr/local/share/x11docker
if available. Show message for this possibility if/usr/bin/docker-init
is missing. (Widespread docker packaging issue). (#23)- Avoid user switching except for
--systemd
,--sysvinit
,--openrc
and--runit
. (#42) - Outsourced
x11docker.png
fromx11docker-gui
. - No default output of container ID on stdout anymore. Use
--showid
instead. --silent
: Do not show error messages except in logfile.--weston[-xwayland] --fullscreen
: Use X backend if possible to prevent possible crash with nested fullscreen weston in host drm weston.- Disabled forwarding of
stdin
to container, has not been reliable.
--add
changed its option name to--runfromhost
.
- Don't share or link
/tmp/.Xn-lock
as usefulness is in doubt. Avoids issues withx11docker/xwayland
. --stdout --showid:
Make sure container ID is shown first.
4.1.1 - 2018-04-12
- Mount nothing into
/tmp
as init cleanups may try (and fail) to delete it. - Write or link into
/tmp
only after possible init cleanup. - Mount X socket r/w again as there is no longer a risk due to
/tmp
cleanups. --debug
: Some changes for more useful debugging output. Dropset -x
in main code, insteadset -Eu
withtrap ERR
.--update
/--update-master
: Show excerpt ofCHANGELOG.md
.- Check
ENTRYPOINT
for init entries/tini|/init|/systemd
and disable it if x11docker already runs an init. (Default:--tini
.)
x11docker-gui
regards new output of container ID now that confused output ofx11docker/kaptain
and prevented start ofx11docker
.- Mount
WAYLAND_DISPLAY
andDISPLAY
at/
instead of/x11docker/
in container. Avoids a docker bug that only sometimes causes startup failurestat /run/user/1000/wayland-600: no such file or directory
. Occasionally docker is confused about a mount point inside of a mount point. Avoiding that now. However, issue only seen with shared Wayland sockets and never with X sockets, maybe due to different option positions indocker run
command. --workdir
: Avoid double setting of--workdir
in docker command if x11docker option--workdir
is set. Caused no trouble, though.
4.1.0 - 2018-04-08
--update-master
updates to latest x11docker master version. (Formerly job of--update
).
--update
updates to latest x11docker release on github. (Formerly: latest master version).
4.0.0 - 2018-04-07
- Outsourced changelog from x11docker source code to
CHANGELOG.md
. (#38) - Follow guidelines of Keep a Changelog.
- Stricter compliance to Semantic Versioning rules.
- Previous version links in changelog lead to history tree leafs with
corresponding
x11docker
script. - Upcoming version links in changelog will lead to corresponding releases.
3.9.9 - 2018-04-06
- Removed
--security-opt=no-new-privileges
for--systemd
/--sysvinit
/--runit
/--openrc
. (Undoes some changes from V3.9.8.1). Will be reintroduced after further checks, caused issues withx11docker/deepin
andx11docker/cinnamon
. --env
: set environment variables indocker run
, too. Makes them available withindocker exec
.
3.9.8.5 - 2018-04-05
finish()
: rundocker stop
before creatingtimetosaygoodbye
for more graceful shutdown (#37)
- Set correct
XAUTHORITY
in setup script. - Disable
User
in systemd journal service, can fail in restricted setups.
3.9.8.4 - 2018-04-04
--workdir
to set working directory different fromHOME
. (#36)
--systemd
/--dbus-system
: changedsu
command to removesh
from pstree.
- User group entry in
/etc/group
had wrong syntax.
3.9.8.3 - 2018-04-04
--dbus-system
: must not set--security-opt=no-new-privileges
, important services likepolkitd
fail.
3.9.8.2 - 2018-04-03
- disable entrypoint
tini
if x11docker already runs an init system (default:--tini
/docker-init
from docker). (#34)
3.9.8.1 - 2018-04-03
--security-opt=no-new-privileges
now always set except for--sudouser
. It does not harm switching from root to less privileged users. (Note: is undone in v3.9.9)- setup script with user switching:
exec su
instead ofsu
to avoid root shell in parent tree.su
is now immediate child ofinit
.
- show container ID on stdout (#36).
Can be catched e.g. with
read containerID < <(x11docker [...] )
.
3.9.8.0 - 2018-04-02
- Removed
Xtermlogfile
, usingDockerlogfile
instead. Strange: solved missing output with--pw=su
or--pw=sudo
, too.
- Escape special characters in
--env
,ENV
and image command. (Addresses #34, too, now solved better). (Note: still have to escape some other optional arguments)
3.9.7.9 - 2018-03-31
- Store parsed parts of
Imagecommand
in''
to allow constructs likesh -c "cd /etc ; xterm"
- Added
--rm
todocker run
of environment check. (#34)
3.9.7.8 - 2018-03-31
- Handle equal signs in container environment defined with
ENV
(#34)
3.9.7.7 - 2018-03-31
- Handle whitespaces in container environment defined with
ENV
(#34)
3.9.7.6 - 2018-03-30
- mount X socket and lockfile read-only to protect from
/tmp
init cleanups. - minor improvements of init system initialization
- remove checks for
--userns-remap
and--selinux-enabled
. (#33)
3.9.7.5 - 2018-03-30
--dbus-system
: drop explicit consolekit support--sysvinit
,--openrc
: disable getty in inittab instead of overwriting inittab with shared volume--sysvinit
: changerc.local
in setupscript instead of overwriting it with shared volume--openrc
,--runit
: create service in setupscript. Drop some more capabilities
3.9.7.4 - 2018-03-26
--sysvinit
for init system SysVinit in container. Tested with devuan.
--pulseaudio
: need to set environment variablePULSE_SERVER
. (Was missing after switch from tcp to socket connection).--runit
: add softlink for X socket inx11docker.CMD.sh
for compatibility withrunit
on debian.
3.9.7.3 - 2018-03-21
--pulseaudio
: share socketXDG_RUNTIME_DIR/pulse
instead of connecting over tcp.
3.9.7.2 - 2018-03-20
--add
to add a host command inxinitrc
.--debug
to set-x
in all scripts showing code lines while executed.
--wm
: fall back to autodetection if specified window manager not found.--dbus
: enable automatically for--runit
,--openrc
- consolekit: use automatically with
--dbus-system
,--openrc
,--runit
mywatch()
: usewatch
again, now withoutsh -c
--help
:usage()
cleanup
--sharewayland
,--waylandenv
: not needed for anything anymore.--wayland
does the job.
writeaccess()
handles user group names with spaces in it. #30--env
: regard whitespace. Still need to handle special chars like "'$.
3.9.7.1 - 2018-03-16
- alpine images:
/etc/shadow
entry must be/bin/sh
,--dbus-system
withsu
fails with/bin/bash
. - openSUSE:
finish()
: replacebc
with bash-only calculation,bc
is missing on openSUSE.
3.9.7 - 2018-03-15
- structure change: don't
sleep 1
for setup; instead wait for it inx11docker.CMD.sh
resp. runsu
orinit
in setup xinitrc
: some cleanup--verbose
: power of moo- SSH with
--hostdisplay
: set--hostipc
,--hostnet
and--trusted
. Do not use X-generated cookie, bake it myself.
- openSUSE/fedora:
ps
check for container pid; fixed desktop logout issue, too. ---weston
/--weston-xwayland
: do not start drm backend if started within X withoutDISPLAY
-> crashed host X.- regard SSH session, assume tty if
DISPLAY
is empty. --hostdisplay
: don't set keymap.
3.9.6.1 - 2018-03-10
--lang
: replacelocale-gen
with more general availablelocaledef
.
--tini
: check fordocker-init
inPATH
, disable default option--tini
if missing. (#23)
3.9.6 - 2018-03-09
--lang
to set language locale in utf8, create it if missing.
3.9.5 - 2018-03-06
--keymap
to set keyboard layout.
3.9.4.2 - 2018-03-06
- Store keyboard layout (xkb_keymap) in separate file, not in xinitrc. Set on all X servers. #25
3.9.4.1 - 2018-03-06
- share
/etc/localtime
with container to have the same time zone as on host.
- typo
--pulseaudio
3.9.4.0 - 2018-03-05
--sys-admin
: no longer deprecated, needed for systemd in debian 9 images (but not debian 10). Adds capabilitySYS_ADMIN
.--hostnet
replaces former--net
.--hostipc
replaces former--ipc
.--dbus-system
replaces former--dbus-daemon
.
--pulseaudio
with--hostnet
: no fallback to--alsa
, use localhost IP instead.--pulseaudio
--no-internet
: fallback to--alsa
.--auto
--gpu
: fallback to--hostdisplay
for seamless mode if xpra and weston not found. (#23)- clean up error message on docker startup failure, remove multiple error lines.
- stdout and stderr of image command outsourced of
docker.log
. docker log -f >> docker.log
to get output in detached mode.- more verbose messages in waiting subroutines.
--net
is replaced by--hostnet
.--ipc
is replaced by--hostipc
.--dbus-daemon
is replaced by--dbus-system
.
- mount
/dev/dri
and/dev/snd
not only with--device
, but also--volume
to keep ownership+group. Workaround for bug in docker. #24. --hostdisplay
: Use correct display number to share/tmp/.X0-lock
, only share if it exists.--systemd
: terminate x11docker if systemd startup fails.
3.9.3.2 - 2018-03-01
--no-xtest
: disable extensionXTEST
. Default for most options.
- openSUSE docker package misses init binary
docker-init
, show warnings for--tini
. #23
3.9.3.1 - 2018-03-01
- Avoid wrong
XTEST
warning messages.
3.9.3 - 2018-03-01
--xtest
to enable X extensionXTEST
. Default for--xdummy
,--xvfb
,--xpra
--tini
: show warning for outdated docker versions without option--init
and fall back to--no-init
. #23--pulseaudio
with--net
: fallback to--alsa
, disabling--pulseaudio
.
3.9.2.3 - 2018-02-25
- set container GID of video and audio to same as on host. Avoids issues if container system has different GIDs than host.
- cat docker daemon messages for startup error message.
mywatch()
: replaced watch with custom sleep loop, watch failed in--hostdisplay
(xinitrc) setups.mywatch()
: verbose output.--exe
: only forward stdin if not empty.finish()
: use pkill in most cases instead of kill to avoid kill success messages.
--weston
/--kwin
: wait for file creation of wayland socket, checking logfile is not enough.--kwin
: kwin_wayland seems to need dbus-launch now.
3.9.2.2 - 2018-02-09
- check free display and cache folder with find only.
- plasmashell added to possible window managers.
--exe
: avoid possible hostexe options withbasename
for$Hostexebasename
.- typo checking
/tmp/.Xn-lock
. - checking free display number: race condition if starting two x11docker instances at same time, second one failed because display number already in use.
3.9.2.1 - 2018-01-29
- create
/x11docker/environment
to store and provide container environment variables.
- correct date/year in changelog. (#21)
finish()
: wrong warning although terminating bgpid was successful.
3.9.2 - 2018-01-21
finish()
: more precise check with pid and name before killing background pids.
- add groups
video
andaudio
indocker run
ifsu
is not used in container./etc/group
changes by dockerrc seem to be not regarded in that case.
3.9.1.9 - 2018-01-17
--xpra
: if server crashes, use xpra option--mmap=no
on restart.
3.9.1.8 - 2018-01-16
--xpra
: stop x11docker if xpra server crashes multiple times.
3.9.1.7 - 2018-01-15
--gpu
: share/dev/vga_arbiter
and/dev/nvidia*
.
3.9.1.6 - 2018-01-15
--xpra
: restart xpra server if it crashes (can happen with xpra 2.2, reason unknown)
3.9.1.5 - 2018-01-13
--xpra
: reconnect to server after timeout (60s) if switching to console.
3.9.1.4 - 2018-01-12
--help
: someusage()
updates.--xorg
: create virtual framebuffer if no monitor is connected (headless server setup).--xpra
: note that 2.1.x series is more stable than 2.2.x series.- create
$Cacherootfolder/Xenv.latest
with latest X environment variables for easier custom access. --verbose --systemd
: hide error messages:Failed to add fd to store | Failed to set invocation ID | Failed to reset devices.list
--systemd
: set global environment variableXAUTHORITY
.
3.9.1.3 - 2018-01-04
--dbus-daemon
: setxhost +SI:localuser:$USER
, needed for deepin.--pulseaudio
: faster startup of pulseaudio, no sleep 1.- create fake home directory and softlinks to sharedirs in CMD.sh, base is
/fakehome
now. - extension
XTEST
: more restrictive defaults.
- pull terminal did not appear if running from terminal.
--systemd
: globalXAUTHORITY
setting was wrong, removed at all.
3.9.1.2 - 2017-12-28
--sudouser
: root gets passwordx11docker
, too. Allowssu
now.- cut image command at
#
to allow comments in x11docker-gui examples.
- check environment variables in image and set them in
x11docker.CMD.sh
. AllowsPATH
ofx11docker/trinity
again. - parsing host
XAUTHORITY
if running fromgksu
.
3.9.1.1 - 2017-12-28
--systemd
: directly share X socket as systemd can have issues with soft links
3.9.1 - 2017-12-25
- run in detached mode, drop mess of nohup/setsid/script
--dbusdaemon
: dropped consolekit, not really useful--dbusdaemon
: switch only for--tini
/--none
. Always run daemon for--systemd
--openrc
--runit
--systemd
: create/sys/fs/cgroup/systemd
if missing on hostcontainersetup.sh
collects most formerdocker exec
commands fromdockerrc
--sys-admin
: thanks to--tmpfs=/run/lock
(Note: reintroduced in v3.9.4.0)
3.9.0.5 - 2017-12-21
- add capability
DAC_OVERRIDE
if user switching is allowed -> needed to change/etc/sudoers
if ro. --systemd
: adding--tmpfs=/run/lock
allows to drop--sys-admin
!
- only create
XDG_RUNTIME_DIR
if not already existing.
3.9.0.4 - 2017-12-20
- changes to satisfy
lirios/unstable
: - add docker run
-ti
- run docker command with
script -c
to provide fake tty - changed
/tmp/fakehome
to/home/fakehome
- use
--workdir=/tmp
, avoids issues withWORKDIR
in image
--dbus
: check fordbus-launch
inx11docker.CMD.sh
, not indockerrc
on host
3.9.0.3 - 2017-12-17
- switched back to
/tmp/fakehome
to avoidCHOWN
and issues with--sharedir
. - drop
--cap-add CHOWN
. --sharedir
: without--home[dir]
, create softlinks to/tmp/fakehome
.--home
: avoid conflict with--sharedir=$HOME
, mount as$HOME/$(basename $HOME)
.- only
chown $Benutzerhome
if--home[dir]
is not used. Change non-writeable error in warning only. --hostdisplay
: warning if host has no own cookie.
- avoid grey edge with Xwayland,
Xaxis
must be dividable by 8. --sudouser
failed to start
3.9.0.2 - 2017-12-16
/etc/sudoers[.d/]
: replace completely to avoid possible evil image setups.--cap-add CHOWN
as default to allow/home/$Benutzer
with--sharedir
3.9.0.1 - 2017-12-16
- use
/home/$Benutzer
instead of/tmp/fakehome
.
--systemd
: do not set environment variableHOME
globally, root may write into it.
3.9.0 - 2017-12-15
--dbusdaemon
to run dbus system daemon and consolekit in container.--openrc
for init system OpenRC in container.--sharecgroup
to share/sys/fs/cgroup
. Default for--systemd
, possible use cases for--openrc
.
/etc/shadow
: disable possible root password.- re-checked capabilities for init systems.
--systemd
: set environment globally, especiallyDISPLAY
forx11docker/deepin
is needed.--systemd
: setxhost+SI:localuser:$Benutzer
asXAUTHORITY
seems to be ignored./tmp/.ICE-unix
created in dockerrc, root owned with1777
, needed forSESSION_MANAGER
.--xorg
: change Xorg to X. X is setuid wrapper for Xorg on Ubuntu 14.04.--xorg
: +iglx removed from X options, not present in older versions of X, and maybe security issue.- create user in dockerrc with
docker exec
instead of using createuser.sh. - show image name and display in weston window title.
--rw
, root file system is always r/w now due todocker exec
in dockerrc.
- Ubuntu: avoid Wayland backend for Weston due to MIR issue. #19
- create
/var/lib/dbus
in dockerrc to avoid dbus errors with init systems. --runit
: addSYS_BOOT
even with--cap-default
.
3.8.0 - 2017-12-04
--systemd
to run systemd as PID 1 in container and run image command as a service.--runit
for init system runit.--init
for init system tini (default now, docker run option--init
).--no-init
to run image command as PID 1 (has been default before x11docker 3.8).--sys-admin
for--cap-add=SYS_ADMIN
. Needed for systemd in debian based images.--wayland
to auto-setup Wayland environment.
- run init system
tini
as default withdocker run --init
. -W
is now--wayland
instead of--weston
,-T
for--weston
now.- container user password:
x11docker
(creating volume/etc/shadow
). --sudouser
: create user with docker run options instead of createuser script.--sudouser
: create/etc/sudoers.d/$Benutzer
with docker exec in dockerrc.--sudouser
: create/etc/sudoers.d/$Benutzer
instead of adding groupswheel
andsudo
.- createuser.sh: check for
useradd
, if missing useadduser
(fits fedora and alpine/busybox as well). - $Sharefolder/stdout+sterr:
chmod 666
to allow access with--user
. --exe
and--xonly
: regard--home
and--homedir
,--user
and--hostuser
.- check pids before calling
mywatch()
. - colored logfile output.
--verbose
: green colored output for logfile titles and verbose() lines.- set env
DISPLAY
XAUTHORITY
andWAYLAND_DISPLAY
in x11docker.CMD.sh as systemd eats them otherwise. - use docker run option
--tmpfs
for/tmp
,/var/tmp
and/run
instead of--volume=/tmp
. - changed container share folder
/tmp/x11docker
to/x11docker
to avoid issues with--tmpfs /tmp
.
- in createuser.sh:
adduser
failed with fedora based images, useuseradd
andusermod
instead. --pw=gksu
: avoid wrong docker startup error message, use nohup in dockerrc.--hostdisplay
with--gpu
needs trusted cookies.--xpra
with--hostuser
: create/run/user/$Hostuseruid
if missing.
3.7.2 - 2017-11-11
- allow
rw
with--volume=/var/tmp
, needed forx11docker/trinity
. --nxagent
: removedxhost
startup workaround.- $Hostxenv: removed custom environment.
--nxagent
: shift+F11 toggles fullscreen.--nxagent
on Mageia: only show warning about seamless mode instead of disabling it.
su
on console needsexec </dev/tty
to have a tty environment.
3.7.1 - 2017-11-03
- read host cookie with xauth if XAUTHORITY is empty, can happen with xdm.
--nxagent
on Mageia: no seamless mode.- replaced while/sleep loops with
watch
. alertbox()
: regardDISPLAY
, use$Anyterminal
otherwise to support Wayland.weston.ini
: keyboard config setting on console.- fedora: show alert for
--ipc
/--trusted
due to missing extension security.
- fixes for gksudo and lxsudo.
- Ubuntu 16.04:
--xpra
: must not set--webcam=no
due to old xpra version. --weston
and--kwin
on console, terminal for password prompt failed.
3.7.0 - 2017-10-30
--alsa
for ALSA sound.
- auto-choose window manager in
--xephyr
/--xorg
/--weston-xwayland
/--kwin-xwayland
/--xwayland
except--desktop
is set. - new function
alertbox()
, outsourced fromerror()
. Additional messagebox tools: yad, kaptain, kdialog, gxmessage, xterm. - changed content of variable
Xserver
to X server option names itself. - extended terminal list for password prompt/docker pull.
--xhost
: always disabling withno_xhost()
, afterwards setting--xhost
.
--kwin-native
, too much trouble, but less use.
--weston
/--weston-xwayland
: set backend in compositor command, weston's autodetection can fail.--kwin
/--kwin-xwayland
: set backend in compositor command, kwin's autodetection can fail.--kwin-xwayland
: set keyboard layout.
3.6.3.9 - 2017-10-25
- show error messages regardless of
--silent
- change
sudo
tosudo -E
, needed for OpenSUSE - code cleanup, some improved messages
3.6.3.8 - 2017-10-25
- fedora: set
--ipc
and--trusted
for--hostdisplay
only
3.6.3.7 - 2017-10-25
--hostdisplay
on fedora: use host cookie, custom cookie is rejected
3.6.3.6 - 2017-10-24
--wmlist
to retrieve list of window managers, used by x11docker-gui, not documented in--help
--gpu
: improved support in autochoosing mode- disabled note of xpra keyboard shortcuts, takes too long
- hardcoded xpra environment variables, parsing
xpra showconfig
takes too long
--pw=sudo
: issue with setsid
3.6.3.5 - 2017-10-24
- xpra with host user root: set environment variables
dbus-launch
forkonsole
andterminator
, needed in dockerrc
3.6.3.4 - 2017-10-23
- add
/usr/sbin
toPATH
, needed on mageia for ip --pw=sudo
:setsid sudo
fails, must usesudo setsid
3.6.3.3 - 2017-10-23
- removed experimental Code
--wm
issue as root in xinitrc
3.6.3.2 - 2017-10-23
- remove debugging
set -x
in xinitrc
3.6.3.1 - 2017-10-23
- split X server command with \backslash in multiple lines
- don't use
su $USER
in xinitrc
3.6.3 - 2017-10-20
--no-internet
- minor adjustments for compatibility with CentOS/RHEL, Arch and Manjaro
- allow gnome-terminal / self-forking terminals in general
- split docker command with \backslash in multiple lines
3.6.2.12 - 2017-10-18
dbus-launch
disturbedgksu
3.6.2.11 - 2017-10-18
- CentOS/RHEL workaround: insist on root or gksu; terminal password prompt causes docker to terminate regardless of nohup
3.6.2.10 - 2017-10-17
- Fixes in terminal emulator setup for password prompt and pull question (2)
3.6.2.9 - 2017-10-17
- xpra: set
--file-transfer=off
(stores files inDownloads
from host, useless here)
- Fixes in terminal emulator setup for password prompt and pull question
3.6.2.8 - 2017-10-12
--xdummy
/--xpra
: add multiple modelines for virtual display sizes to allow flexible changes of xpra client desktop window--xpra
: virtual display size always equal with physical display, create smaller mode in xinitrc -> allow fullscreen- xpra: disable some unused, but possibly leaking features (forwarding of webcam, notifications, printer)
- xpra: set xpra specific environment variables in dockerrc
- xpra: show keyboard shortcuts
3.6.2.7 - 2017-10-08
--xephyr
: title for Xephyr windows--xephyr
: Xnest as fallback for missing Xephyr--xpra
--desktop
hint: screensize bug fixed since xpra v2.2-r17117
3.6.2.6 - 2017-10-07
--xpra
--desktop
: usestart-desktop
instead ofshadow
3.6.2.5 - 2017-10-05
no_xhost()?
after cookie creation avoids xhost warning on Xwayland--output-count
in--auto
mode: choose--weston-xwayland
--display
: allow:
before display numbersh
instead ofbash
to run x11docker_CMD
3.6.2.4 - 2017-09-27
--starter
: missingxdg-user-dir
is no longer an error--silent
: redirect stderr already while parsing--user=root
: disable--cap-drop=ALL
--help
: update usage infoweston.ini
: background color and zoom-in effect- use Kwin/Kwin-Xwayland as fallback for Weston/Weston-Xwayland
- catch closing xpra client in every case, not only in desktop mode
- parsing cli options: check for remaining arguments
$#
instead of empty$1
--xonly
: do not fail if docker daemon is not running
3.6.2.3 - 2017-09-19
--xorg
: only run setxkbmap in xinitrc if $Hostdisplay is set
3.6.2.2 - 2017-09-18
--xpra
--scale
in desktop mode: regard different--dpi
behaviour since xpra v2.2--help
: update usage infosetxkbmap
for Xorg like for Xephyr, tooweston.ini
: addedpanel-position=none
, different syntax for different weston versions (seen in Arch Linux).- x11docker_CMD: replace shell with
exec $Imagecommand
(only if stdin is empty)
3.6.2.1 - 2017-09-15
- removed
z
flag in docker command, not needed with current SELinux solution --weston[-xwayland]
: no output section on tty without--scale
,--size
or--rotate
--weston[-xwayland]
: allow--size
on tty, though only "real" resolutions will take effect--xorg
:--scale
,--size
: change primary monitor only, will do better on multi monitor setup--xdummy --gpu
now possible on tty, too
--home
: avoid creating$Adduserhomefolder
with wrong restrictions if$Hostuser
is different from$Benutzer
- Fixes in part: check screensize
- watch for closing xpra client in desktop mode to avoid invisible remaining x11docker
--xorg
on tty: do not set screen size without--size
.
3.6.2 - 2017-10-10
--xfishtank
to runxfishtank
on new X server. Shows a fish tank.
--westonini
: regard for--xpra-xwayland
and--xdummy-xwayland
, too.PATH
: adding/usr/games:/usr/local/bin
. Can miss for root, but may be needed for--exe
and--xfishtank
- check for X extension
Security
with xdpyinfo --clipboard
for--hostdisplay
: enable--trusted
and--ipc
, show warning.- xpra startup after xinitrc, not inside. For better error handling
- removed ps loop in dockerrc, not needed anymore due to "docker run" in subshell
waitforlogentry()
: Just return 0 or 1 instead of callingerror()
- changed logfile handling, move log from
/tmp
to $Sharefolder aftertail -F
--sharedir
,--homedir
: allow whitespaces in path--cachedir
: path must not contain whitespaces -> error()--westonini
: allow whitespaces in path--pulseaudio
: remove tcp module, store id in file to not loose it in subshell--exe
: support of--stdout
and--stderr
error()
/finish()
: reliable error code before cache folder creation- weston on tty: clean logfile & pidfile to allow second weston instance
3.6.1.11 - 2017-08-28
- clean check for stdin, no more workaround
3.6.1.10 - 2017-08-27
--nothing
: no check for successful startup, avoids error message for short-timed cli commands--showenv
: wait with output until X is ready and accessible
3.6.1.9 - 2017-08-25
--home
: remove debugging error message
3.6.1.8 - 2017-08-25
- provide stdin to host exe, too (
--exe
) --silent
: suppress error dialog box, too- more reliable exit code 1 on error
--orphaned
: did not find cache folder--hostuser
: cache folder created with root ownership
3.6.1.7 - 2017-08-22
- removed color from
verbose()
, looks strange in logfile
- installer: check for installed unzip
3.6.1.6 - 2017-08-22
- code cleanup
- changed window manager priority
- SELinux:
--security-opt label=type:container_runtime_t
allows access to X unix socket --xorg
: avoid searching for native resolution if--scale
is set.--xorg
: improved check for failed panning- Logfile created in
/tmp
, moved later to $Cacherootfolder, to catch early messages - code cleanup in variable definitions and option parsing
trap -EXIT
avoids double call offinish()
. faster shutdown now.
3.6.1.5 - 2017-08-21
mkdir -p
in installer for tmp folder:-p
was missing, could cause error- declare
note()
in xinitrc --scale
support for--xorg
--size
without--scale
for--xorg
: first try--mode
, than--panning
- broken stdin pipe if running as root
3.6.1.4 - 2017-08-19
beesu
: new frontend for--pw
available on fedora- do not test for passwordless docker if
--pw
is set - create non-existing shared home folder for user different from host user if running as root
- more verbose cache folder names, now with image name and X server in use
- wrong file descriptor for messages before part init()
- passwordless
sudo -n
on fedora did not work with x11docker-gui started from menu instead of cli, without-n
is ok
3.6.1.3 - 2017-08-17
- installer: did not find icon at new location
3.6.1.2 - 2017-08-15
- no
|tee
to $Xtermlogfile ondocker pull
: better interactive output
--resizeable
: Xephyr can crash if resized.
3.6.1.1 -2017-08-16
- timeout 3600 for xauth cookie creation. Needed to avoid cookie timeout on
docker pull
3.6.1 - 2017-08-15
--stdout
: show stdout of image command on stdout--stderr
: show stderr of image command on stderr- forward stdin of x11docker to image command
--silent
: suppress all x11docker terminal messages
- x11docker-gui trys to use image
x11docker/kaptain
ifkaptain
is not installed
3.6.0.5 - 2017-08-14
note()
instead ofwarning()
for less urgent messages
- opensuse: cookie creation failed due to different xauth behaviour
- sudo: do not prompt for password for
docker stop
infinish()
, rather fail stopping
3.6.0.4 - 2017-08-14
- do not complain about missing docker daemon on
--xonly
3.6.0.3 - 2017-08-13
- xpra dpi warning only if
--dpi
or--scale
is set - cookie failure warning for untrusted cookies only
- installer: remove older installations in
/usr/local/bin
3.6.0.2 - 2017-08-13
- check for running docker daemon with $Dockerdaemon instead of ifconfig
- do not disable SELinux if
--ipc
is set
- fedora:
--xorg
: add-keeptty
if running from tty - issue prevented
--xorg
from console if running in subshell finish()
: check for still running container with ps, too. formerly root only could detect it
3.6.0.1 - 2017-08-12
--gpu
::rw,z
does not work for--device
3.6.0 - 2017-08-12
--rw
to allow read/write access to container root file system--pw
to choose password prompt frontend. default:pkexec
--no-entrypoint
to disable ENTRYPOINT in image--hostuser
to set host user different from $(logname)--desktop
: no longer deprecated, easier to understand and remember than--wm=none
-d
: used for--desktop
again, no longer for--dbus
.--dbus
now has short opt-b
- workaround: disabling SELinux for container until solution for sharing unix socket is found. Compare: http://www.projectatomic.io/blog/2015/06/using-volumes-with-docker-can-cause-problems-with-selinux/
- install to
/usr/bin
instead of/usr/local/bin
to support root chmod 755
instead of+x
in installation- check if docker is installed
- check if docker daemon is running (with ifconfig)
- use zenity or notify-send if xmessage is not available in error()
- replaced sed in xauth cookie creation, sed fails in openSUSE (!?)
- check for xpra
--dpi
bug in 2.1 series - xpra
--start-via-proxy=no
for xpra >= 2.1 --nxagent
: temporaryxhost +SI:localuser:$Hostuser
workaround as it fails again to authenticate, nxagent does not divide betweenXAUTHORITY
and--auth
- reduce dependency warnings for
--auto
- prefer $Hostenv instead of $Newxenv for password prompt -> better support for gksu
- show
docker pull
output in a terminal window - allow
--hostdisplay
with--xonly
. May at least be useful to create an untrusted cookie. - outsourced docker startup from xinitrc
- copy host cookie into $Cachefolder for compatibility with gksu
- use gksu/gksudo if available
--showenv
for--xonly
finish()
: trydocker stop $Containername
- dockerrc: no ps/sleep loop if running as root
- don't start docker in xinitrc as xinit runs unprivileged
--ps
keeps cache files, too (formerly container only)- improved X server check due to new variable $Desktopmode
--fullscreen
. Set fullscreen screen size for windowed options (xpra),too- allow root to start x11docker, use
$(logname)
for X server and as container user
--root
: Can be achieved with--hostuser=root
--no-password
: check if docker can run without password makes--no-password
needless. Still possible with--pw none
&, &&, ;, <, >, |
and the like possible in image command again- bugfixes in part "check window manager"
- repeating error message if
waitforlogentry()
failed - cookie creation failed on X without extension Security. (fedora)
3.5.11 - 2017-07-12
- pull image if not available before calling
docker run
3.5.10 - 2017-07-12
- regard
ENTRYPOINT
in dockerrc
3.5.9 - 2017-07-09
--home
with--user=(unknown)
: only show warning (instead of error) not creating persistent home- do not set write permissions on
--home
or--homedir
folder for different users than$USER
or--user
. (Not x11docker's job) - do not set
--read-only
if--user=0
- chown x11docker_CMD to host user to avoid permission issues in $Sharefolder
--user
: use matching gid, gid was set to same as uid
3.5.8 - 2017-06-07
--xhost STR
: to setxhost STR
in xinitrc.--xvfb
to explicitly use Xvfb and to clearly use Xdummy on--xdummy
--kwin-native
: always share Wayland (--sharewayland
--waylandenv
--dbus
)- docker run
--read-only --volume=/tmp
to restrict container filesystem as read-only (except for--sudouser
) --xorg
supports--rotate
. (Xephyr could, but crashes -> Xephyr bug. Nxagent, Xdummy, Xvfb and Xwayland refuse this.)- Xdummy script in $Cachefolder forked from https://xpra.org/trac/browser/xpra/trunk/src/scripts/xpra_Xdummy
- calculate VideoRam in xorg.xdummy.conf (instead of fat hardcoded 256000 kb)
--xhost+
: use--xhost STR
instead.
--nxagent
: due to update? must set nxagent -ac (=xhost +) temporary to allow xinit- allow
--wm
for--kwin-xwayland
3.5.7 - 2017-06-28
- usage info for HTML5 web application setup
- redirect verbose output to &3 to show it in subshells, too, and to avoid possible collision with read < <()
--env
: set custom environment variables in dockerrc instead of in docker run- removed
unix
in $Newxenv for DISPLAY to make xpra ssh setup easier - Xdummy-Xwayland: new X server to provide
--gpu
for--xdummy
based on weston, xwayland and xdotool - always enable extension Xtest on
--xdummy
to allow xpra access - share X socket to /tmp, create .X11-unix in dockerrc and softlink socket. This avoids writeable X11-unix in $Cachedir.
--setwaylandenv
: env now set in dockerrc instead of docker command
3.5.6 - 2017-06-21
--sudouser
: reincarnated option to give sudo without password to container user.
- docker command one-liner extended to dockerrc. dockerrc creates x11docker_CMD. Can always extract image command without additional password prompt and create some environment.
- create
/tmp/XDG_RUNTIME_DIR
and softlink to wayland socket in container due to some KDE issues (XDG_RUNTIME_DIR
must be owned by user). Fails with different--user
- create
/tmp/.X11-unix
with 1777 in container to allow new X sockets (especially for startplasmacompositor). Drawback: container writeable folder in cache - warning with hint to use
--xpra-xwayland
if--scale
is used with--weston-xwayland
. - shorter sleep in finish()
- don't search for deprecated
/tmp/x11docker
in checkorphaned()
- avoid pointless warning about
XTEST
if not using xpra - typo preventing start of
--kwin
and--kwin-native
(-width
instead of--width
) - bugfix parsing option
--wm
export $Hostxenv
in error() was empty if called in xtermrc
3.5.5.2 - 2017-06-10
- update usage info for
--xpra
and--xpra-xwayland
3.5.5.1 - 2017-06-10
- bugfix in
--auto
always choosing--xorg
3.5.5 - 2017-06-09
- autochoose xpra-desktop if xephyr is missing
- improved part: check virtual screen size
- changed dpi calculation depending on xpra mode
- desktop mode for xpra if
--wm
is given - always set
XDG_RUNTIME_DIR=/tmp
as some apps may expect it
3.5.4 - 2017-06-02
- disable extension
XTEST
if using wm from host (to avoid abuse of context menu of openbox and the like)
- set rw access for
/dev/dri
(#12)
3.5.3 - 2017-05-29
--sharedir
replaces--volume
to avoid confusion
- update
usage()
- mount $Sharefolder and its content read-only
- remove X11-unix from $Sharefolder
- set read-only for
/dev/dri
on--gpu
--security-opt=no-new-privileges
added to docker run
--volume
is now called--sharedir
due to different syntax than docker option--volume
--pulseaudio
: get and use IP of container instead of docker0 IP range (#11), disabling TCP module on exit
3.5.2 - 2017-05-22
--volume
to share host folders
3.5.1 - 2017-05-19
- user creation with
--addgroup video
to support non-systemd and kde-neon gpu support - create
/tmp/.X11-unix
with1777
3.5.0 - 2017-05-17
--output-count
to set amount if virtual screens/desktop windows for Weston, Kwin, Xephyr--westonini
to specify a custom weston.ini for--weston
and--weston-xwayland
--cachedir
: specify custom cache folder--homedir
: specify host folder to share as home--trusted
: enforce trusted cookies for--hostdisplay
and--kwin-native
--user
to set user to use (name or uid, non-existing uids possible. default: host user)--cap-default
: Allow docker default capabilities
- avoid Terminal window with
--no-password
--orphaned
cleans /tmp/x11docker--env
: regard whitespaces, use \n to divide entrys- set
mode=preferred
for Weston on tty, ignore $Screensize - extension
XINERAMA
disabled as multiple Xephyr outputs cannot handle it well - create container home folder
/tmp/fakehome
in x11docker_CMD (avoids ownership problems with wine, and is less messy in /tmp) - more failure checks in
installer()
- check for
--userns-remap
, disabling it with--userns=host
if--home
or--homedir
are set - minor exploit check for DISPLAY XAUTHORITY XDG_RUNTIME_DIR WAYLAND_DISPLAY HOME
- automatically choose trusted or untrusted cookies
- show docker log in xtermrc if pulling image
docker run
--cap-drop=ALL
as default- reduce
/etc/passwd
and/etc/group
to container user and groups user and videp only (except root, keeps whole files). - creating container user similar to host user with docker run option
--user
and custom /etc/passwd instead of script createuser. --gpu
: only share--device=/dev/dri
instead of listing all files in it
--cache
--hostuser
: effect of--hostuser
is default now--sudouser
: not possible anymore due to--cap-drop=ALL
-s KILL
for weston on finish() avoids zombie weston window
3.2.1 - 2017-05-05
--scale
with--xpra-xwayland
under X without Wayland failed
3.2.0 - 2017-05-04
--scale
: for xpra and weston--rotate
for weston--dpi
for screen density
- allow MIT-SHM for
--exe
- checking screensize in Gnome-Wayland failed looking for primary display, window was not roughly maximized
- missing
error()
in xinitrc
3.1.16 - 2017-05-03
- bugfix for
--xpra-wayland
in check forWAYLAND_DISPLAY
3.1.15 - 2017-05-02
- faster startup for
--xpra-xwayland
,--weston-xwayland
,--kwin
and--kwin-xwayland
- code cleanup
- bugfix in choosing terminal, replace $Waylandterminal with $Terminal in re-check
- bugfix xtermrc and xinitrc: check if $Dockerpidfile is not empty
3.1.14 - 2017-05-01
- checkorphaned() uses container names instead of numbers
--exe
: reliable kill $Hostexe, even with--weston
* and--kwin
*- remove
:
and/
from image name in $Containername
3.1.13 - 2017-04-30
- Improved multimonitor support (still missing: multihead)
- removed $Cidfile at all, cleanup hint in finish() with $Containername
- redirection of stderr without cat, avoids broken pipe on ctrl-c in ubuntu and opensuse
- removed custom socket in xpra (failed in opensuse)
- avoid root ownership for $Dockerlogfile and $Dockerpidfile
3.1.12 - 2017-04-29
- clean up confusion with x11docker.log
- don't share $Xclientcookie as $Sharefolder is already shared
- don't use $Cacherootfolder for parsererror
- hint to use
--sudo
on some systems - use
id -g
instead of $Benutzer for group name - add
lsb-release -ds
to verbose output
- include
warning()
in xinitrc - bugfix in xinitrc for
--no-xhost
3.1.11 - 2017-04-29
- disabled $Cidfile as not important and due to #10
3.1.10 - 2017-04-28
- check for xenial instead of 16.04/xvfb
- set XPRA_XSHM=0 on Shareipc=no
- disable
--desktop-scaling
in xpra, not supported before xpra v1.x
3.1.9 - 2017-04-27
- don't create Cacherootfolder in variable definitions
- check for Xvfb on Ubuntu 16.04
3.1.8 - 2017-04-25
- Add advice for
--xorg
how to setup xserver-xorg-legacy
3.1.7 - 2017-04-25
--xpra
and--xdummy
now use Xvfb if installed. Compare #9, Xdummy cannot be used on Ubuntu 16.04 due to xorg.conf location- set $Windowmanager in auto choosing X server if switching to desktop windows
3.1.6 - 2017-04-21
--nxagent
: don't close nxagent on every call of nxclient (2)
3.1.5 - 2017-04-20
--nxagent
: don't close nxagent on every call of nxclient
3.1.4 - 2017-04-19
--nxagent
supports untrusted cookies
- don't set dpi if xdpyinfo fails
3.1.3 - 2017-04-18
--nxagent
cookie workaround as it ignores XAUTHORITY on option -auth--nxagent
workaround to terminate on pressing window close button -> fake nxclient
- typo in finish() looking for docker pid
3.1.2 - 2017-04-18
--nxagent
sets right keyboard layout, thanks to Ulrich!
3.1.1 - 2017-04-18
--nxagent
now supports--size
,--fullscreen
and--clipboard
, thanks to Ulrich Sibiller from Arctica!- check dpi from host and set this to new X server
- xpra xmessage to be patient
- disabled keyboard adjusting for
--nxagent
3.1.0 - 2017-04-16
--nxagent
for X servernxagent
3.0.0 - 2017-04-15
- Wayland support.
--wayland
: auto setup for pure Wayland applications--weston
for pure Wayland applications--kwin
for pure Wayland applications--xpra-xwayland
: new X server option to run xpra with GPU acceleration--kwin-xwayland
: new X server option--weston-xwayland
: new X server option, allows GPU acceleration--xwayland
: new X server option--nothing
: Provide no X or Wayland server--sharewayland
: Share host wayland socket and set WAYLAND_DISPLAY--setwaylandenv
: setting environment variables for toolkits like QT and GTK to use wayland--env
: set custom environment variables (formerly--env
had role of new--showenv
)--dbus
: run image command withdbus-launch
--xhost+
: setxhost +
on new X server--showenv
: formerly--env
, show environment variables to access new X server
- second stderr
&3
to show warnings and errors also from within xinitrc and xtermrc - error messages on docker startup failure in xtermrc
xdummy.conf
or--xpra
: custom modeline setting fitting to actual resolution--xdummy
regards--size
- x11docker_CMD checks if ps is available
--wm
changed, autochoosing no longer defaultchmod 1777 /tmp/X11-unix
to allow creation of X sockets in container (needed e.g. forstartplasmacompositor
)--verbose
output much more reliebale now, tail improved- use prefix
unix
forDISPLAY
to disableMIT_SHM
instead using other environment variables - create dektop starter with basename instead of $0
- createuser: start with
--user=0
to allowuseradd
andsu
- reverse order of killing of bgpids in finish(),last one first, to catch possible further output with tail -F
- Newdisplaynumber for xorg starts with
8
- xinitrc:
XPRA_OPENGL_DOUBLE_BUFFERED=1
to avoid xpra bug 1469 - check and set
XDG_RUNTIME_DIR
for weston and Xwayland
--virtualgl
,--dockerenv
,--xpra-image
,--xorg-image
,--xdummy-image
,--tcp
--tcpxsocket
--xsocket
,--glamor
,--sharegpu
,--desktop
,--xhost