docker run -it --rm \
--env="DISPLAY=$DISPLAY" \
--volume="$HOME/.Xauthority:/root/.Xauthority:ro" \
--net=host \
container
The above runs a Docker container with:
- Sets
$DISPLAY
environment variable to be:0
which is short forunix:0
(we do this with$DISPLAY
) - Mounts the file
~/.Xauthority
into the container at/root
because the user inside the container is usuallyroot
. - Propagates the host network space into the container, because the X client must be able to contact the X unix domain socket.
- The usage of
-it
is for enabling interactive and allocating a pseudo-tty. - The usage of
--rm
is to ensure that the container is removed when the process shutsdown.
On Linux, X clients will try to connect to the abstract unix domain socket with
the name /tmp/.X11-unix/X0
. Note that X0
is due to :0
.
This is why we don't need to mount the /tmp/.X11-unix/X0
into the container.
However on non-Linux, you may need to mount that socket as well.
The ~/.Xauthority
is intended for the GUI application use your own
credentials to connect to the X server.
When using Qt, it will try to use the MIT Shared Memory Extension. This requires either one of the 2 options:
--env='QT_X11_NO_MITSHM=1'
to prevent Qt from trying to use the MIT Shared Memory Extension.--ipc=host
which adds the host's IPC namespace into the container
Note that if the HOME
is not set inside container then you need this:
docker run -it --rm \
--env="DISPLAY=$DISPLAY" \
--volume="$HOME/.Xauthority:/.Xauthority:ro" \
--net=host \
container
This is because if HOME
is not set, then the .Xauthority
will be looked up at /
.
Just use
x11docker
in the future!