How can I run a graphical application in a container under Wayland?
As you say you are running Fedora 25 with Wayland, I assume you are using Gnome-Wayland desktop.
Gnome-Wayland runs Xwayland to support X applications. You can share Xwayland access like you did before with Xorg.
Your example command misses XAUTHORITY
, and you don't mention xhost
. You need one of this ways to allow X applications in docker to access Xwayland (or any X). As all this is not related to Wayland, I refer to How can you run GUI applications in docker container? on how to run X applications in docker.
As for short, two solutions with xhost:
- Allow your local user access via xhost:
xhost +SI:localuser:$(id -un)
and create a similar user with docker run option:--user=$(id -u):$(id -g)
- Discouraged: Allow root access to X with
xhost +SI:localuser:root
Related Pitfall: X normally uses shared memory (X extension MIT-SHM
). Docker containers are isolated and cannot access shared memory. That can lead to rendering glitches and RAM access failures. You can avoid that with docker run option --ipc=host
. That impacts container isolation as it disables IPC namespacing. Compare: https://github.com/jessfraz/dockerfiles/issues/359
To run Wayland applications in docker without X, you need a running wayland compositor like Gnome-Wayland or Weston. You have to share the Wayland socket. You find it in XDG_RUNTIME_DIR
and its name is stored in WAYLAND_DISPLAY
. As XDG_RUNTIME_DIR
only allows access for its owner, you need the same user in container as on host. Example:
docker run -e XDG_RUNTIME_DIR=/tmp \
-e WAYLAND_DISPLAY=$WAYLAND_DISPLAY \
-v $XDG_RUNTIME_DIR/$WAYLAND_DISPLAY:/tmp/$WAYLAND_DISPLAY \
--user=$(id -u):$(id -g) \
imagename waylandapplication
QT5 applications also need -e QT_QPA_PLATFORM=wayland
and must be started with imagename dbus-launch waylandapplication
x11docker for X and Wayland applications in docker is an all in one solution. It also cares about preserving container isolation (that gets lost if simply sharing host X display as in your example).
I'd recommend Sommelier by Google. It allows you to launch Wayland OR X11 apps and provides the sockets that those apps are looking for in order to get them into the current display server. https://chromium.googlesource.com/chromiumos/platform2/+/master/vm_tools/sommelier/
A simple how-to that should work on any system not just Crouton/Crostini on ChromeOS.
https://github.com/dnschneid/crouton/wiki/Sommelier-(A-more-native-alternative-to-xiwi)