-
Notifications
You must be signed in to change notification settings - Fork 379
How to connect container to DBus from host
mviereck edited this page Sep 7, 2020
·
11 revisions
Normally there are two DBus daemons running on the host system. One is the system daemon, the other one is the user session daemon. For most use cases you will need the user session daemon, but not the system daemon.
- x11docker provides access to host DBus user session daemon with option
--hostdbus
.- For security reasons, rather use option
--dbus
to run a DBus user session inside of container without being connected to the host. - With options
--init=systemd|runit|openrc|sysvinit
x11docker runs a DBus system daemon in container, too.
- For security reasons, rather use option
- To just run a DBus user daemon in container without x11docker and without being connected to the host, use
dbus-launch
ordbus-run-session
in container to run the command.
The DBus user session daemon can have a real or an abstract unix socket. Check the output of echo $DBUS_SESSION_BUS_ADDRESS
.
- If it contains
unix:path
, it is a real unix socket within file system. - If it contains
unix:abstract
, it is an abstract unix socket.
- Example:
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
- Set this variable as it is given:
--env DBUS_SESSION_BUS_ADDRESS="$DBUS_SESSION_BUS_ADDRESS"
- Share the given socket file:
--volume /run/user/1000/bus:/run/user/1000/bus
- Run image with same user as on host:
--user $(id -u):$(id -g)
- Test: Run
notify-send "hello host"
in container.
- Example:
DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-KDKGRIL7QX,guid=221d2f667e843d50fd1dc6a05babf8ae
- Set this variable as it is given:
--env DBUS_SESSION_BUS_ADDRESS="$DBUS_SESSION_BUS_ADDRESS"
- Allow access with
--network=host
. This is an unfortunate insecure solution that shares host network stack with container.
Share DBus system daemon with --volume /run/dbus/system_bus_socket:/run/dbus/system_bus_socket
.
@syncplz figured out how to connect to avahi daemon from host.