GNU bug report logs - #61101
Graphical container examples forget to expose things.

Package: guix;

Reported by: Maxime Devos <maximedevos <at> telenet.be>

Date: Fri, 27 Jan 2023 16:52:01 UTC

Severity: normal

To reply to this bug, email your comments to 61101 AT debbugs.gnu.org.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to bug-guix <at> gnu.org:
bug#61101; Package guix. (Fri, 27 Jan 2023 16:52:01 GMT) Full text and rfc822 format available.

Acknowledgement sent to Maxime Devos <maximedevos <at> telenet.be>:
New bug report received and forwarded. Copy sent to bug-guix <at> gnu.org. (Fri, 27 Jan 2023 16:52:01 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Maxime Devos <maximedevos <at> telenet.be>
To: bug-guix <at> gnu.org
Subject: Graphical container examples forget to expose things.
Date: Fri, 27 Jan 2023 17:50:38 +0100

[Message part 1 (text/plain, inline)]

Many of the graphical container examples don't work.

For example, take

     guix shell --container --network --no-cwd ungoogled-chromium \
       --preserve='^DISPLAY$' -- chromium

from (guix)Invoking guix shell.  It fails with:

Authorization required, but no authorization protocol specified
[1:1:0127/163058.718097:ERROR:ozone_platform_x11.cc(238)] Missing X 
server or $DISPLAY
[1:1:0127/163058.718126:ERROR:env.cc(255)] The platform failed to 
initialize.  Exiting.

To make it work, "XAUTHORITY" needs to be preserved and exposed:

guix shell --container --network --no-cwd ungoogled-chromium 
--preserve='^DISPLAY$' --preserve='^XAUTHORITY$' --expose=/tmp/.X11-unix 
--expose="$XAUTHORITY" -- chromium

For another example, take "eolie" from "(guix)Invoking guix environment":

     guix environment --preserve='^DISPLAY$' --container --network \
       --expose=/etc/machine-id \
       --expose=/etc/ssl/certs/ \
       --share=$HOME/.local/share/eolie/=$HOME/.local/share/eolie/ \
       --ad-hoc eolie nss-certs dbus --  eolie

it fails with

Authorization required, but no authorization protocol specified
Unable to init server: Could not connect: Connection refused
Authorization required, but no authorization protocol specified
Unable to init server: Could not connect: Connection refused
Authorization required, but no authorization protocol specified
Unable to init server: Could not connect: Connection refused

Preserving XAUTHORITY and exposing $XAUTHORITY makes it actually start, 
though the created window is invisible.  Exposing /sys makes the window 
actually visible, albeit with

(WebKitWebProcess:2): Gtk-WARNING **: 16:40:32.008: cannot open display: :1
Unable to init server: Could not connect: Connection refused

warnings.


An additional issue, is that the examples -- even after adjustment -- 
stop working with network-less containers, e.g.

guix environment --preserve='^DISPLAY|XAUTHORITY$' --container 
--expose=/etc/machine-id        --expose=/etc/ssl/certs/ 
--expose="$XAUTHORITY" 
--share=$HOME/.local/share/eolie/=$HOME/.local/share/eolie/ 
--expose=/sys --expose=/sys/bus  --ad-hoc eolie nss-certs dbus --  eolie


fails with

Unable to init server: Could not connect: Connection refused
Unable to init server: Could not connect: Connection refused
Unable to init server: Could not connect: Connection refused

(org.gnome.Eolie:1): Gtk-WARNING **: 16:41:53.524: cannot open display: :1.

(I discovered this with the FHS container example in 
https://guix.gnu.org/en/blog/2023/the-filesystem-hierarchy-standard-comes-to-guix-containers/ 
-- it was a no-network application I tried out, so I left out the 
--network.)

To fix this, I had to add --expose=/tmp/.X11-unix.  It should be 
documented how to make network-less containers for graphical 
applications -- nowhere in the manual or FHS blog post is /tmp/.X11-unix 
mentioned.

Greetings,
Maxime.

[OpenPGP_0x49E3EE22191725EE.asc (application/pgp-keys, attachment)]

[OpenPGP_signature (application/pgp-signature, attachment)]

Information forwarded to bug-guix <at> gnu.org:
bug#61101; Package guix. (Fri, 27 Jan 2023 18:57:03 GMT) Full text and rfc822 format available.

Message #8 received at 61101 <at> debbugs.gnu.org (full text, mbox):

From: Simon Tournier <zimon.toutoune <at> gmail.com>
To: Maxime Devos <maximedevos <at> telenet.be>, 61101 <at> debbugs.gnu.org
Subject: Re: bug#61101: Graphical container examples forget to expose things.
Date: Fri, 27 Jan 2023 18:34:02 +0100

Hi,

On ven., 27 janv. 2023 at 17:50, Maxime Devos <maximedevos <at> telenet.be> wrote:
> Many of the graphical container examples don't work.

I think it is related to #47097 [1].

1: <http://issues.guix.gnu.org/issue/47097>


Cheers,
simon

This bug report was last modified 2 years and 12 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #61101 Graphical container examples forget to expose things.

GNU bug report logs - #61101
Graphical container examples forget to expose things.