Sharing the Xserver with docker container

Richard L. Hamilton rlhamil at smart.net
Mon Jan 25 09:04:31 UTC 2021


In case you don't know already, the following might clarify what's different about the X11 server on macOS that might be affecting your unusual use.

On macOS, the server (if installed and enabled) is started on demand (probably by launchd), which pre-creates and listens on a Unix domain socket and sets up DISPLAY in the second, long form you show below. When something connects, it starts the actual X11 server. ONLY THEN is :0 (actually the Unix domain socket /tmp/.X11-unix/X0) available, as it's the X11 server itself that creates and listens on all connections OTHER than the one used to start it on demand.

That may be done partly for security (the permission on the /private/tmp/com.apple.launchd* directory is much more restrictive, being open only to the particular user), but probably mostly because of fast user switching, where two or more different user's X11 servers may be running at the same time. That probably means that the relationship of the display number suffix on the Apple-peculiar form of DISPLAY and other forms referring to the same server might not always be consistent if more than one user is logged in at once via fast user switching.

Additionally, for security, the server by default does NOT listen on TCP/IP.  That must be enabled with

defaults write org.macports.X11 nolisten_tcp 0  # macports version of server

or

defaults write org.macosforge.xquartz.X11 nolisten_tcp 0 # macosforge version of server
 

Perhaps either :0 or localhost:0 (if enabled) being unavailable until the X11 server is actually running, or the restrictive permission to the /private/tmp/com.apple.launchd.* directory (if you use that form, and if your Docker processes are under a different UID), is part or all of your problem.


> On Jan 24, 2021, at 19:01, Tong Sun <suntong001 at gmail.com> wrote:
> 
> For any Xserver in host, I normally just do the following in the
> docker container
> 
> export DISPLAY=':0'
> xterm &
> 
> and I'll be all set.
> 
> However, I found that it is not the case for Xserver from macport, as
> I see my DISPLAY in my host is
> 
> DISPLAY=/private/tmp/com.apple.launchd.DiHpGrxgFr/org.macports:0
> 
> How can I share that with my docker container?
> 
> thx

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2814 bytes
Desc: not available
URL: <http://lists.macports.org/pipermail/macports-users/attachments/20210125/e490639d/attachment.bin>


More information about the macports-users mailing list