问题描述
我有以下Dockerfile
FROM debian:bullseye
RUN \
apt-get -qq update && \
apt-get -qq -y --no-install-recommends install gedit && \
apt-get -qq clean && \
rm -rf /var/lib/apt/lists/
并使用以下脚本在具有X11支持的容器中启动bash:
XAUTH=$(mktemp -t docker-XXXXXXXX)
trap "rm $XAUTH" EXIT
xauth nlist $disPLAY | sed -e 's/^..../ffff/' | xauth -f $XAUTH nmerge -
docker run --rm --init -it \
-e disPLAY=$disPLAY \
-e XAUTHORITY=/tmp/xauth \
-v $XAUTH:/tmp/xauth:rw \
-v /tmp/.X11-unix:/tmp/.X11-unix:rw \
-u $(id -u):$(id -g) \
[image] \
/bin/bash
在容器内,我可以在后台启动gedit &。第一个进程启动,一切正常,但是,第二个启动gedit崩溃:
This probably reflects a bug in the program.
The error was 'BadAccess (attempt to access private resource denied)'.
(Details: serial 717 error_code 10 request_code 130 (MIT-SHM) minor_code 1)
(Note to programmers: normally,X errors are reported asynchronously;
that is,you will receive the error a while after causing it.
To debug your program,run it with the GDK_SYNCHRONIZE environment
variable to change this behavior. You can then get a meaningful
backtrace from your debugger if you break on the gdk_x_error() function.)
Trace/breakpoint trap (core dumped)
随后对gedit &的调用不会受到影响;只有第二个呼叫失败。
我已经用xeyes尝试了上述操作,但该程序似乎不受影响。
解决方法
我有一个非常相似的问题,并用this answer解决了。
您可以设置the option
--ipc=host来使docker容器与主机进程通信并访问共享内存。
启动图形应用程序的命令如下所示:docker run --ipc=host -e DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix --user="$(id --user):$(id --group)" ubuntu:freemat