docker run -it --rm \
--env="DISPLAY=$DISPLAY" \
--volume="$HOME/.Xauthority:/root/.Xauthority:ro" \
--net=host \
containerThe above runs a Docker container with:
- Sets
$DISPLAYenvironment variable to be:0which is short forunix:0(we do this with$DISPLAY) - Mounts the file
~/.Xauthorityinto the container at/rootbecause the user inside the container is usuallyroot. - Propagates the host network space into the container, because the X client must be able to contact the X unix domain socket.
- The usage of
-itis for enabling interactive and allocating a pseudo-tty. - The usage of
--rmis to ensure that the container is removed when the process shutsdown.
On Linux, X clients will try to connect to the abstract unix domain socket with
the name /tmp/.X11-unix/X0. Note that X0 is due to :0.
This is why we don't need to mount the /tmp/.X11-unix/X0 into the container.
However on non-Linux, you may need to mount that socket as well.
The ~/.Xauthority is intended for the GUI application use your own
credentials to connect to the X server.
When using Qt, it will try to use the MIT Shared Memory Extension. This requires either one of the 2 options:
--env='QT_X11_NO_MITSHM=1'to prevent Qt from trying to use the MIT Shared Memory Extension.--ipc=hostwhich adds the host's IPC namespace into the container
Note that if the HOME is not set inside container then you need this:
docker run -it --rm \
--env="DISPLAY=$DISPLAY" \
--volume="$HOME/.Xauthority:/.Xauthority:ro" \
--net=host \
containerThis is because if HOME is not set, then the .Xauthority will be looked up at /.
Just use
x11dockerin the future!