Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $ x11docker-gui --verbose
- x11docker-gui: created kaptain grammar:
- #! /usr/bin/kaptain
- start "Run GUI applications in docker images - x11docker 3.9.6" -> options buttons;
- options:beside -> frameleft frameright;
- frameleft -> choose_image_framed choose_xserver_framed appeareance_framed ;
- frameright -> choose_options stddevelline @fill;
- choose_image_framed:framed -> choose_image;
- choose_image "Choose docker image" -> logo_imageorexe dockerimage;
- logo_imageorexe:beside -> @icon("/home/jan/.cache/x11docker/x11docker-gui/x11docker.png..d7a9") imageorexe ;
- imageorexe -> image | exe | xonly;
- image:beside "Run docker image in segregated X server" -> "-- " security_dialog;
- exe "--exe: Start host application in another X server" -> "--exe -- ";
- xonly "--xonly: Only create new empty X server" -> "--xonly -- ";
- dockerimage "docker image [and command] to run:" -> @combow("",
- "x11docker/xfce ",
- "x11docker/lxde ",
- "x11docker/lxqt ",
- "x11docker/mate ",
- "x11docker/fluxbox ",
- "x11docker/lumina ",
- "x11docker/trinity ",
- "x11docker/lxde-wine ",
- "x11docker/xfce-wine-playonlinux ",
- "x11docker/plasma ",
- "x11docker/cde \ \" # (needs --hostnet)",
- "x11docker/deepin \ \" # (needs --dbus-system and --pulseaudio)",
- "x11docker/cinnamon \ \" # (needs --systemd or --dbus-system)",
- "x11docker/enlightenment \ \" # (needs --runit)"
- ,"lightworks:latest ","x11docker/kaptain:latest ","x11docker/lxde:latest ","ubuntu:latest ","nginx:latest ");
- choose_xserver_framed:framed -> choose_xserver;
- choose_xserver -> xserverbla xservercombo desktop gpu wm waylanddbus;
- xserverbla:beside "Choose X server" -> @fill xinfobutton xdependenciesbutton ;
- xservercombo -> s/(:.*$)/ / @combo(
- ": Automatically choose X server (regards --desktop, --gpu and --wayland)",
- "--xpra: Show container application windows on your main desktop",
- "--xephyr: Show container desktop in a window on your main desktop",
- "--xpra-xwayland: Like --xpra (allows --gpu)",
- "--weston-xwayland: Like --xephyr (allows --gpu)",
- "--hostdisplay: Share host X display :0 (Quite bad container isolation!)",
- "--xorg: Core Xorg server. (Switch with <CTRL><ALT><F1>...<F12>)",
- "--nxagent: Like --xpra; with --desktop like --xephyr. Experimental.",
- "--xwayland: Core Xwayland. (Needs running Wayland on host).",
- "--xdummy: Invisible X server Xdummy",
- "--xvfb: Invisible X server Xvfb",
- "--kwin-xwayland: Like --weston-xwayland, but using kwin_wayland",
- "--kwin: Wayland in KWin without X",
- "--weston: Wayland in Weston without X",
- "--hostwayland: Share host Wayland display without X",
- "--nothing: No X and no Wayland"
- );
- gpu "--gpu: Hardware acceleration for OpenGL (degrades container isolation)" -> "--gpu " | ! "";
- wm :beside "--wm: Host window manager to use" -> "--wm=\"" @combow("plasmashell","icewm","i3","","auto","none")="auto" "\" " | ! "" ;
- desktop "--desktop: Image contains a desktop environment" -> "--desktop " | ! "" ;
- waylanddbus:beside -> wayland dbus whydbus;
- wayland "--wayland: Create Wayland environment" -> "--wayland " | ! "" ;
- dbus "--dbus: Run with" -> "--dbus " | ! "" ;
- whydbus:dialog "dbus-launch" -> @text=" Some QT5 applications in Wayland need dbus-launch. \n Some GTK3 applications must run without it. \n �\\_(�-�)_/�" @close=" Close";
- appeareance_framed:framed -> sizefullscreen ;
- sizefullscreen " Appearance of new X server" -> sizefullscreenline scale rotate dpi outputcount;
- sizefullscreenline:beside -> size xfishtank fullscreen;
- size:beside "--size: virtual screen size" -> "--size \"" @combow("320x240","640x480","800x600","1024x768","1280x800","1280x1024","1400x1050","1680x1200","1920x1080")="800x600" "\" "| !"" ;
- fullscreen "--fullscreen" -> "--fullscreen " | ! "" ;
- xfishtank "--xfishtank" -> "--xfishtank " | ! "" ;
- scale:beside "--scale: zoom factor (Xpra, Xorg: all, Weston: full integer only)" -> "--scale=\"" @combow("0.25","0.5","0.75","0.9","1","1.25","1.5","2","2.5","3")="1.5" "\" " | ! "" ;
- rotate:beside "--rotate: rotation and mirroring (Xorg and Weston only)" -> "--rotate=\"" @combo("0","90","180","270","flipped","flipped-90","flipped-180","flipped-270")="180" "\" " | ! "" ;
- dpi:beside "--dpi: screen density / dots per inch (influences font size)" -> "--dpi=\"" @combow("36","48","60","72","84","96","120","150","256","300")="96" "\" " | ! "" ;
- outputcount:beside "--output-count: multiple displays (Weston, KWin, Xephyr)" -> "--output-count=\"" @combow("1","2","3","4")="2" "\" " | ! "" ;
- choose_options:framed -> choose_options_normal choose_options_hostfolders choose_options_advanced;
- choose_options_normal "Sound, clipboard and language" -> clipboard alsaline pulseaudio lang langenv;
- clipboard "--clipboard: Enable clipboard sharing (image clips: xpra only)" -> "--clipboard " | ! "";
- pulseaudio "--pulseaudio: Sound with pulseaudio (needs pulseaudio in image, too)" -> "--pulseaudio " | ! "";
- alsaline:beside -> alsa alsacard;
- alsa "--alsa: Sound with ALSA" -> "--alsa " | ! "" ;
- alsacard:beside "--env ALSA_CARD=" -> "--env ALSA_CARD=\"" @combow("USB camera at usb-0000:00:14.0-6, full speed","camera","Vimicro corp. Lenovo USB2.0 UVC Camera at usb-0000:00:1a.0-1.1, high speed","Camera","PCH","HDMI","") "\" " | ! "";
- lang:beside "--lang: Look for language utf8 locale, create it if missing" -> "--lang=\"" @combow("cs_CZ","aa_DJ","aa_ER","aa_ET","af_ZA","ak_GH","am_ET","an_ES","anp_IN","ar_AE","ar_BH","ar_DZ","ar_EG","ar_IN","ar_IQ","ar_JO","ar_KW","ar_LB","ar_LY","ar_MA","ar_OM","ar_QA","ar_SA","ar_SD","ar_SS","ar_SY","ar_TN","ar_YE","as_IN","ast_ES","ayc_PE","az_AZ","be_BY","bem_ZM","ber_DZ","ber_MA","bg_BG","bhb_IN","bho_IN","bn_BD","bn_IN","bo_CN","bo_IN","br_FR","brx_IN","bs_BA","byn_ER","C","ca_AD","ca_ES","ca_FR","ca_IT","ce_RU","chr_US","cmn_TW","crh_UA","csb_PL","cs_CZ","cv_RU","cy_GB","da_DK","de_AT","de_BE","de_CH","de_DE","de_IT","de_LI","de_LU","doi_IN","dv_MV","dz_BT","el_CY","el_GR","en_AG","en_AU","en_BW","en_CA","en_DK","en_GB","en_HK","en_IE","en_IL","en_IN","en_NG","en_NZ","en_PH","en_SG","en_US","en_ZA","en_ZM","en_ZW","eo","es_AR","es_BO","es_CL","es_CO","es_CR","es_CU","es_DO","es_EC","es_ES","es_GT","es_HN","es_MX","es_NI","es_PA","es_PE","es_PR","es_PY","es_SV","es_US","es_UY","es_VE","et_EE","eu_ES","eu_FR","fa_IR","ff_SN","fi_FI","fil_PH","fo_FO","fr_BE","fr_CA","fr_CH","fr_FR","fr_LU","fur_IT","fy_DE","fy_NL","ga_IE","gd_GB","gez_ER","gez_ET","gl_ES","gu_IN","gv_GB","hak_TW","ha_NG","he_IL","hi_IN","hne_IN","hr_HR","hsb_DE","ht_HT","hu_HU","hy_AM","ia_FR","id_ID","ig_NG","ik_CA","is_IS","it_CH","it_IT","iu_CA","ja_JP","ka_GE","kk_KZ","kl_GL","km_KH","kn_IN","kok_IN","ko_KR","ks_IN","ku_TR","kw_GB","ky_KG","lb_LU","lg_UG","li_BE","lij_IT","li_NL","ln_CD","lo_LA","lt_LT","lv_LV","lzh_TW","mag_IN","mai_IN","mg_MG","mhr_RU","mi_NZ","mk_MK","ml_IN","mni_IN","mn_MN","mr_IN","ms_MY","mt_MT","my_MM","nan_TW","nb_NO","nds_DE","nds_NL","ne_NP","nhn_MX","niu_NU","niu_NZ","nl_AW","nl_BE","nl_NL","nn_NO","nr_ZA","nso_ZA","oc_FR","om_ET","om_KE","or_IN","os_RU","pa_IN","pap_AW","pap_CW","pa_PK","pl_PL","POSIX","ps_AF","pt_BR","pt_PT","quz_PE","raj_IN","ro_RO","ru_RU","ru_UA","rw_RW","sa_IN","sat_IN","sc_IT","sd_IN","se_NO","sgs_LT","shs_CA","sid_ET","si_LK","sk_SK","sl_SI","so_DJ","so_ET","so_KE","so_SO","sq_AL","sq_MK","sr_ME","sr_RS","ss_ZA","st_ZA","sv_FI","sv_SE","sw_KE","sw_TZ","szl_PL","ta_IN","ta_LK","tcy_IN","te_IN","tg_TJ","the_NP","th_TH","ti_ER","ti_ET","tig_ER","tk_TM","tl_PH","tn_ZA","tr_CY","tr_TR","ts_ZA","tt_RU","ug_CN","uk_UA","unm_US","ur_IN","ur_PK","uz_UZ","ve_ZA","vi_VN","wa_BE","wae_CH","wal_ET","wo_SN","xh_ZA","yi_US","yo_NG","yue_HK","zh_CN","zh_HK","zh_SG","zh_TW","zu_ZA")="cs_CZ" "\" " | ! "" ;
- langenv:beside "Set language environment variable only: --env LANG=" -> "--env LANG=\"" @combow("cs_CZ.UTF-8","aa_DJ","aa_DJ.utf8","aa_DJ.UTF-8","aa_ER","aa_ER@saaho","aa_ET","af_ZA","af_ZA.utf8","af_ZA.UTF-8","ak_GH","am_ET","an_ES","an_ES.utf8","an_ES.UTF-8","anp_IN","ar_AE","ar_AE.utf8","ar_AE.UTF-8","ar_BH","ar_BH.utf8","ar_BH.UTF-8","ar_DZ","ar_DZ.utf8","ar_DZ.UTF-8","ar_EG","ar_EG.utf8","ar_EG.UTF-8","ar_IN","ar_IQ","ar_IQ.utf8","ar_IQ.UTF-8","ar_JO","ar_JO.utf8","ar_JO.UTF-8","ar_KW","ar_KW.utf8","ar_KW.UTF-8","ar_LB","ar_LB.utf8","ar_LB.UTF-8","ar_LY","ar_LY.utf8","ar_LY.UTF-8","ar_MA","ar_MA.utf8","ar_MA.UTF-8","ar_OM","ar_OM.utf8","ar_OM.UTF-8","ar_QA","ar_QA.utf8","ar_QA.UTF-8","ar_SA","ar_SA.utf8","ar_SA.UTF-8","ar_SD","ar_SD.utf8","ar_SD.UTF-8","ar_SS","ar_SY","ar_SY.utf8","ar_SY.UTF-8","ar_TN","ar_TN.utf8","ar_TN.UTF-8","ar_YE","ar_YE.utf8","ar_YE.UTF-8","as_IN","ast_ES","ast_ES.utf8","ast_ES.UTF-8","ayc_PE","az_AZ","be_BY","be_BY@latin","be_BY.utf8","be_BY.UTF-8","bem_ZM","ber_DZ","ber_MA","bg_BG","bg_BG.utf8","bg_BG.UTF-8","bhb_IN.utf8","bhb_IN.UTF-8","bho_IN","bn_BD","bn_IN","bo_CN","bo_IN","br_FR","br_FR@euro","br_FR.utf8","br_FR.UTF-8","brx_IN","bs_BA","bs_BA.utf8","bs_BA.UTF-8","byn_ER","C","ca_AD","ca_AD.utf8","ca_AD.UTF-8","ca_ES","ca_ES@euro","ca_ES.utf8","ca_ES.UTF-8","ca_ES.utf8@valencia","ca_ES@valencia","ca_FR","ca_FR.utf8","ca_FR.UTF-8","ca_IT","ca_IT.utf8","ca_IT.UTF-8","ce_RU","chr_US","cmn_TW","crh_UA","csb_PL","cs_CZ","cs_CZ.utf8","cs_CZ.UTF-8","C.UTF-8","cv_RU","cy_GB","cy_GB.utf8","cy_GB.UTF-8","da_DK","da_DK.utf8","da_DK.UTF-8","de_AT","de_AT@euro","de_AT.utf8","de_AT.UTF-8","de_BE","de_BE@euro","de_BE.utf8","de_BE.UTF-8","de_CH","de_CH.utf8","de_CH.UTF-8","de_DE","de_DE@euro","de_DE.utf8","de_DE.UTF-8","de_IT","de_IT.utf8","de_IT.UTF-8","de_LI.utf8","de_LI.UTF-8","de_LU","de_LU@euro","de_LU.utf8","de_LU.UTF-8","doi_IN","dv_MV","dz_BT","el_CY","el_CY.utf8","el_CY.UTF-8","el_GR","el_GR.utf8","el_GR.UTF-8","en_AG","en_AU","en_AU.utf8","en_AU.UTF-8","en_BW","en_BW.utf8","en_BW.UTF-8","en_CA","en_CA.utf8","en_CA.UTF-8","en_DK","en_DK.iso885915","en_DK.utf8","en_DK.UTF-8","en_GB","en_GB.iso885915","en_GB.utf8","en_GB.UTF-8","en_HK","en_HK.utf8","en_HK.UTF-8","en_IE","en_IE@euro","en_IE.utf8","en_IE.UTF-8","en_IL","en_IN","en_NG","en_NZ","en_NZ.utf8","en_NZ.UTF-8","en_PH","en_PH.utf8","en_PH.UTF-8","en_SG","en_SG.utf8","en_SG.UTF-8","en_US","en_US.iso885915","en_US.utf8","en_US.UTF-8","en_ZA","en_ZA.utf8","en_ZA.UTF-8","en_ZM","en_ZW","en_ZW.utf8","en_ZW.UTF-8","eo","es_AR","es_AR.utf8","es_AR.UTF-8","es_BO","es_BO.utf8","es_BO.UTF-8","es_CL","es_CL.utf8","es_CL.UTF-8","es_CO","es_CO.utf8","es_CO.UTF-8","es_CR","es_CR.utf8","es_CR.UTF-8","es_CU","es_DO","es_DO.utf8","es_DO.UTF-8","es_EC","es_EC.utf8","es_EC.UTF-8","es_ES","es_ES@euro","es_ES.utf8","es_ES.UTF-8","es_GT","es_GT.utf8","es_GT.UTF-8","es_HN","es_HN.utf8","es_HN.UTF-8","es_MX","es_MX.utf8","es_MX.UTF-8","es_NI","es_NI.utf8","es_NI.UTF-8","es_PA","es_PA.utf8","es_PA.UTF-8","es_PE","es_PE.utf8","es_PE.UTF-8","es_PR","es_PR.utf8","es_PR.UTF-8","es_PY","es_PY.utf8","es_PY.UTF-8","es_SV","es_SV.utf8","es_SV.UTF-8","es_US","es_US.utf8","es_US.UTF-8","es_UY","es_UY.utf8","es_UY.UTF-8","es_VE","es_VE.utf8","es_VE.UTF-8","et_EE","et_EE.iso885915","et_EE.utf8","et_EE.UTF-8","eu_ES","eu_ES@euro","eu_ES.utf8","eu_ES.UTF-8","eu_FR","eu_FR@euro","eu_FR.utf8","eu_FR.UTF-8","fa_IR","ff_SN","fi_FI","fi_FI@euro","fi_FI.utf8","fi_FI.UTF-8","fil_PH","fo_FO","fo_FO.utf8","fo_FO.UTF-8","fr_BE","fr_BE@euro","fr_BE.utf8","fr_BE.UTF-8","fr_CA","fr_CA.utf8","fr_CA.UTF-8","fr_CH","fr_CH.utf8","fr_CH.UTF-8","fr_FR","fr_FR@euro","fr_FR.utf8","fr_FR.UTF-8","fr_LU","fr_LU@euro","fr_LU.utf8","fr_LU.UTF-8","fur_IT","fy_DE","fy_NL","ga_IE","ga_IE@euro","ga_IE.utf8","ga_IE.UTF-8","gd_GB","gd_GB.utf8","gd_GB.UTF-8","gez_ER","gez_ER@abegede","gez_ET","gez_ET@abegede","gl_ES","gl_ES@euro","gl_ES.utf8","gl_ES.UTF-8","gu_IN","gv_GB","gv_GB.utf8","gv_GB.UTF-8","hak_TW","ha_NG","he_IL","he_IL.utf8","he_IL.UTF-8","hi_IN","hne_IN","hr_HR","hr_HR.utf8","hr_HR.UTF-8","hsb_DE","hsb_DE.utf8","hsb_DE.UTF-8","ht_HT","hu_HU","hu_HU.utf8","hu_HU.UTF-8","hy_AM","hy_AM.armscii8","ia_FR","id_ID","id_ID.utf8","id_ID.UTF-8","ig_NG","ik_CA","is_IS","is_IS.utf8","is_IS.UTF-8","it_CH","it_CH.utf8","it_CH.UTF-8","it_IT","it_IT@euro","it_IT.utf8","it_IT.UTF-8","iu_CA","ja_JP.eucjp","ja_JP.utf8","ja_JP.UTF-8","ka_GE","ka_GE.utf8","ka_GE.UTF-8","kk_KZ","kk_KZ.rk1048","kk_KZ.utf8","kk_KZ.UTF-8","kl_GL","kl_GL.utf8","kl_GL.UTF-8","km_KH","kn_IN","kok_IN","ko_KR.euckr","ko_KR.utf8","ko_KR.UTF-8","ks_IN","ks_IN@devanagari","ku_TR","ku_TR.utf8","ku_TR.UTF-8","kw_GB","kw_GB.utf8","kw_GB.UTF-8","ky_KG","lb_LU","lg_UG","lg_UG.utf8","lg_UG.UTF-8","li_BE","lij_IT","li_NL","ln_CD","lo_LA","lt_LT","lt_LT.utf8","lt_LT.UTF-8","lv_LV","lv_LV.utf8","lv_LV.UTF-8","lzh_TW","mag_IN","mai_IN","mg_MG","mg_MG.utf8","mg_MG.UTF-8","mhr_RU","mi_NZ","mi_NZ.utf8","mi_NZ.UTF-8","mk_MK","mk_MK.utf8","mk_MK.UTF-8","ml_IN","mni_IN","mn_MN","mr_IN","ms_MY","ms_MY.utf8","ms_MY.UTF-8","mt_MT","mt_MT.utf8","mt_MT.UTF-8","my_MM","nan_TW","nan_TW@latin","nb_NO","nb_NO.utf8","nb_NO.UTF-8","nds_DE","nds_NL","ne_NP","nhn_MX","niu_NU","niu_NZ","nl_AW","nl_BE","nl_BE@euro","nl_BE.utf8","nl_BE.UTF-8","nl_NL","nl_NL@euro","nl_NL.utf8","nl_NL.UTF-8","nn_NO","nn_NO.utf8","nn_NO.UTF-8","nr_ZA","nso_ZA","oc_FR","oc_FR.utf8","oc_FR.UTF-8","om_ET","om_KE","om_KE.utf8","om_KE.UTF-8","or_IN","os_RU","pa_IN","pap_AW","pap_CW","pa_PK","pl_PL","pl_PL.utf8","pl_PL.UTF-8","POSIX","ps_AF","pt_BR","pt_BR.utf8","pt_BR.UTF-8","pt_PT","pt_PT@euro","pt_PT.utf8","pt_PT.UTF-8","quz_PE","raj_IN","ro_RO","ro_RO.utf8","ro_RO.UTF-8","ru_RU","ru_RU.cp1251","ru_RU.koi8r","ru_RU.utf8","ru_RU.UTF-8","ru_UA","ru_UA.utf8","ru_UA.UTF-8","rw_RW","sa_IN","sat_IN","sc_IT","sd_IN","sd_IN@devanagari","se_NO","sgs_LT","shs_CA","sid_ET","si_LK","sk_SK","sk_SK.utf8","sk_SK.UTF-8","sl_SI","sl_SI.utf8","sl_SI.UTF-8","so_DJ","so_DJ.utf8","so_DJ.UTF-8","so_ET","so_KE","so_KE.utf8","so_KE.UTF-8","so_SO","so_SO.utf8","so_SO.UTF-8","sq_AL","sq_AL.utf8","sq_AL.UTF-8","sq_MK","sr_ME","sr_RS","sr_RS@latin","ss_ZA","st_ZA","st_ZA.utf8","st_ZA.UTF-8","sv_FI","sv_FI@euro","sv_FI.utf8","sv_FI.UTF-8","sv_SE","sv_SE.iso885915","sv_SE.utf8","sv_SE.UTF-8","sw_KE","sw_TZ","szl_PL","ta_IN","ta_LK","tcy_IN.utf8","tcy_IN.UTF-8","te_IN","tg_TJ","tg_TJ.utf8","tg_TJ.UTF-8","the_NP","th_TH","th_TH.utf8","th_TH.UTF-8","ti_ER","ti_ET","tig_ER","tk_TM","tl_PH","tl_PH.utf8","tl_PH.UTF-8","tn_ZA","tr_CY","tr_CY.utf8","tr_CY.UTF-8","tr_TR","tr_TR.utf8","tr_TR.UTF-8","ts_ZA","tt_RU","tt_RU@iqtelif","ug_CN","uk_UA","uk_UA.utf8","uk_UA.UTF-8","unm_US","ur_IN","ur_PK","uz_UZ","uz_UZ@cyrillic","uz_UZ.utf8","uz_UZ.UTF-8","ve_ZA","vi_VN","wa_BE","wa_BE@euro","wa_BE.utf8","wa_BE.UTF-8","wae_CH","wal_ET","wo_SN","xh_ZA","xh_ZA.utf8","xh_ZA.UTF-8","yi_US","yi_US.utf8","yi_US.UTF-8","yo_NG","yue_HK","zh_CN","zh_CN.gb18030","zh_CN.gbk","zh_CN.utf8","zh_CN.UTF-8","zh_HK","zh_HK.utf8","zh_HK.UTF-8","zh_SG","zh_SG.gbk","zh_SG.utf8","zh_SG.UTF-8","zh_TW","zh_TW.euctw","zh_TW.utf8","zh_TW.UTF-8","zu_ZA","zu_ZA.utf8","zu_ZA.UTF-8")="cs_CZ.UTF-8" "\" " | ! "" ;
- choose_options_hostfolders "Host directories to share" -> home homedir sharedir1 sharedir2;
- home "--home: Share a host folder in /home/jan/x11docker \n
- as /home/jan in container." -> "--home " | ! "";
- homedir "--homedir: Host directory to use as container home: " -> "--homedir=\"" @directory="" "\" " | ! "" ;
- sharedir1:beside "--sharedir: Share host folder:" -> "--sharedir=\"" @directory="" "\" " | ! "" ;
- sharedir2:beside "--sharedir: Share host folder:" -> "--sharedir=\"" @directory="" "\" " | ! "" ;
- choose_options_advanced "Advanced options"-> verbose noentrypoint nointernet initsystem dbusdaemon pw;
- verbose "--verbose: Be verbose (terminal output of logfiles)" -> "--verbose " | ! "" ;
- noentrypoint "--no-entrypoint: Disable ENTRYPOINT in image" -> "--no-entrypoint " | ! "" ;
- nointernet "--no-internet: Disable internet access for container" -> "--no-internet " | ! "" ;
- initsystem:beside " Run init system in container (default: --tini)" -> @combo( "--tini","--systemd ","--runit ","--openrc ","--no-init")="--systemd " | ! "" ;
- dbusdaemon "--dbus-system: Run dbus system daemon in container" -> "--dbus-system " | ! "" ;
- pw:beside "--pw: password prompt frontend" -> "--pw=\"" @combo("su","sudo","gksu","gksudo","lxsu","lxsudo","kdesu","kdesudo","beesu","pkexec","none")="sudo" "\" " | ! "" ;
- stddevelline:beside -> develdialog;
- develdialog:dialog "Developer options" -> developeroptions @close=" close";
- developeroptions:beside -> develleft develright;
- develleft:framed -> devenvironment devauth devvtdisplay devmisc;
- develright:framed -> devuserframe devcaps devrun devmisc2;
- develcollect -> devenvironment devauth devvtdisplay devmisc devuserframe devcaps devmisc2;
- devuserframe "User settings" -> user hostuser sudouser;
- user:beside "--user: Container user (name or uid)\n
- (default: same as host user)\n
- (a gid can be specified with user:gid)" -> "--user=\"" @string="jan" "\" " | ! "" ;
- hostuser:beside "--hostuser: run x11docker as user \n
- different from \$(logname)=jan:\n
- (x11docker must be started as root)" -> "--hostuser=\"" @string="" "\" " | ! "" ;
- sudouser "--sudouser: Allow su and sudo in container. Password: x11docker\n
- Severe reduction of container security!" -> "--sudouser " | ! "" ;
- devmisc "Miscellaneous" -> cachedir westonini keymap;
- devmisc2 "Miscellaneous" -> ps silent stdoutline;
- westonini "--westonini: Custom weston.ini (see man weston.ini)" -> "--westonini=\"" @infile="/usr/share/doc/weston/examples/weston.ini" "\" " | ! "";
- ps "--ps: Keep created container and cache files" -> "--ps " | ! "" ;
- cachedir:beside "--cachedir: Host cache folder: " -> "--cachedir=\"" @directory="" "\" " | ! "" ;
- silent "--silent: Do not show any messages" -> "--silent " | ! "" ;
- stdoutline:beside -> stdout stderr ;
- stdout "--stdout: show stdout of container" -> "--stdout " | ! "" ;
- stderr "--stderr " -> "--stderr " | ! "" ;
- keymap:beside "--keymap: XKB keyboard layout:" -> "--keymap \"" @combow("us","af","al","am","ara","at","au","az","ba","bd","be","bg","br","brai","bt","bw","by","ca","cd","cm","cn","cz","de","dk","dz","ee","epo","es","et","fi","fo","fr","gb","ge","gh","gn","gr","hr","hu","ch","id","ie","il","in","iq","ir","is","it","jp","ke","kg","kh","kr","kz","la","latam","lk","lt","lv","ma","mao","md","me","mk","ml","mm","mn","mt","mv","my","nec_vndr/jp","ng","nl","no","np","ph","pk","pl","pt","ro","rs","ru","se","si","sk","sn","sy","tg","th","tj","tm","tr","tw","tz","ua","us","uz","vn","za") "\" " | ! "";
- devauth "X authentication" -> untrusted trusted xhost noauth noxhost;
- untrusted "--untrusted: Create untrusted cookies restricting X access. \n
- Default for --hostdisplay." -> "--untrusted " | ! "" ;
- trusted "--trusted: Trusted cookies for --hostdisplay. Default for --gpu." -> "--trusted " | ! "" ;
- xhost:beside "--xhost: see \"man xhost\". Use with care" -> "--xhost=\"" @string="+SI:localuser:jan" "\" " | ! "" ;
- noauth "--no-auth: Disable cookie authentication on new X server." -> "--no-auth " | ! "" ;
- noxhost "--no-xhost: Disable any \"xhost +...\" access to host X server" -> "--no-xhost " | ! "" ;
- devenvironment "Environment" -> showenv sharewayland waylandenv setenvdialog;
- showenv "--showenv: Show environment variables for custom access \n
- to new X server. Default for --xdummy, --xvfb and --xonly." -> "--showenv " | ! "" ;
- sharewayland "--sharewayland: Share wayland socket and \$WAYLAND_DISPLAY.\n
- Default for --wayland, --weston, --kwin and --hostwayland." -> "--sharewayland " | ! "" ;
- waylandenv "--waylandenv: Set wayland toolkit environment variables.\n
- Default for --wayland, needed for QT5 in Wayland." -> "--waylandenv " | ! "" ;
- devvtdisplay "X display number and vt/tty, X extension XTEST" -> vt display xtest noxtest;
- vt :beside "--vt: virtual terminal/tty to use: \n
- (influences --xorg, --xpra, --xdummy)" -> "--vt=\"" @string="8" "\" " | ! "";
- display :beside "--display: display number to use: " -> "--display=\"" @string="1000" "\" " | ! "";
- xtest "--xtest: enable X extension XTEST. Default for --xdummy, --xvfb, --xpra" -> "--xtest " | ! "";
- noxtest "--no-xtest: disable X extension XTEST for --xdummy, --xvfb, --xpra" -> "--no-xtest " | ! "";
- devrun -> setcapsdialog dockeroptions ;
- dockeroptions "Custom options for \"docker run\" " -> @string="" ;
- devcaps "Container capabilities and namespaces" -> capdefault sysadmin sharecgroup ipc net;
- capdefault "--cap-default: Allow default container capabilities." -> "--cap-default " | ! "" ;
- sysadmin "--sys-admin: add capability SYS_ADMIN. Needed for older systemd \n
- versions like in debian 9 based images for --systemd." -> "--sys-admin " | ! "" ;
- sharecgroup "--sharecgroup: Share /sys/fs/cgroup. \n
- Default for --systemd, possible use with --openrc." -> "--sharecgroup " | ! "" ;
- ipc "--hostipc: Disable IPC namespacing. Allows MIT-SHM extension. \n
- Shares host interprocess communication and shared memory. " -> "--hostipc " | ! "" ;
- net "--hostnet: Disable network namespacing. \n
- Shares host network stack including dbus." -> "--hostnet " | ! "" ;
- setenvdialog:beside "--env: Set custom environment " -> envdialog ;
- envdialog:dialog "Environment variables" -> envdialogwaylandinfo envXDG envGTK envQT envQTegl envClutter envSDL envElementary1 envElementary2 envEvas
- envdialogothers envKWin envQT4shm envQT5deco envBWbackend envBWdisplay
- envCustom1 envCustom2 envCustom3 envCustom4 @close="close";
- envdialogwaylandinfo "These environment variables summon toolkits to use Wayland instead of X11" -> "";
- envXDG:beside -> "--env=\"" @string="XDG_SESSION_TYPE=wayland" "\" " | ! "" ;
- envGTK:beside "GTK3" -> "--env=\"" @string="GDK_BACKEND=wayland" "\" " | ! "" ;
- envQT:beside "QT5" -> "--env=\"" @string="QT_QPA_PLATFORM=wayland" "\" " | ! "" ;
- envQTegl:beside "QT5" -> "--env=\"" @string="QT_QPA_PLATFORM=wayland-egl" "\" " | ! "" ;
- envClutter:beside "Clutter" -> "--env=\"" @string="CLUTTER_BACKEND=wayland" "\" " | ! "" ;
- envSDL:beside "SDL" -> "--env=\"" @string="SDL_VIDEODRIVER=wayland" "\" " | ! "" ;
- envElementary1:beside "Elementary" -> "--env=\"" @string="ELM_DISPLAY=wl" "\" " | ! "" ;
- envElementary2:beside "Elementary" -> "--env=\"" @string="ELM_ACCEL=opengl" "\" " | ! "" ;
- envEvas:beside "Ecore_Evas" -> "--env=\"" @string="ECORE_EVAS_ENGINE=wayland_egl" "\" " | ! "" ;
- envdialogothers:beside "Other environment variable settings" -> "";
- envKWin:beside "KWin" -> "--env=\"" @string="KWIN_COMPOSE=Q" "\" " | ! "" ;
- envQT4shm:beside "QT4" -> "--env=\"" @string="QT_X11_NO_MITSHM=1" "\" " | ! "" ;
- envQT5deco:beside "QT5" -> "--env=\"" @string="QT_WAYLAND_DISABLE_WINDOWDECORATION=1" "\" " | ! "" ;
- envBWbackend:beside "GTK3" -> "--env=\"" @string="GDK_BACKEND=broadway" "\" " | ! "" ;
- envBWdisplay:beside "GTK3" -> "--env=\"" @string="BROADWAY_DISPLAY=:5" "\" " | ! "" ;
- envCustom1:beside "Custom" -> "--env=\"" @string="" "\" " | ! "" ;
- envCustom2:beside "Custom" -> "--env=\"" @string="" "\" " | ! "" ;
- envCustom3:beside "Custom" -> "--env=\"" @string="" "\" " | ! "" ;
- envCustom4:beside "Custom" -> "--env=\"" @string="" "\" " | ! "" ;
- setcapsdialog:beside "Add container capabilities:" -> capsdialog ;
- capsdialog:dialog "docker capabilities and privileges" -> capsreference capstable @close="close";
- capsreference " Add container capabilities degrading container isolation if needed. Use with care.\n\n
- x11docker disables all this capabilities per default with \"--cap-drop=ALL --security-opt=no-new-privileges\". \n\n
- Left column (SETPCAP till SETFCAP) contains capabilities normally enabled by docker per default.\n
- Middle and right column (SYS_MODULE till BLOCK_SUSPEND) contain capabilities disabled by docker per default.\n\n
- See \"man capabilities\" and docker run reference: https://docs.docker.com/engine/reference/run/ " -> "" ;
- capstable:framed:beside -> capsleft capsmiddle capsright;
- capsleft -> drop_1 drop_2 drop_3 drop_4 drop_5 drop_6 drop_7 drop_8 drop_9 drop_10 drop_11 drop_12 drop_13 drop_14 ;
- drop_1:beside "--cap-add" -> "--cap-add=" @string="SETPCAP" " " | ! "" ;
- drop_2:beside "--cap-add" -> "--cap-add=" @string="MKNOD" " " | ! "" ;
- drop_3:beside "--cap-add" -> "--cap-add=" @string="AUDIT_WRITE" " " | ! "" ;
- drop_4:beside "--cap-add" -> "--cap-add=" @string="CHOWN" " " | ! "" ;
- drop_5:beside "--cap-add" -> "--cap-add=" @string="NET_RAW" " " | ! "" ;
- drop_6:beside "--cap-add" -> "--cap-add=" @string="DAC_OVERRIDE" " " | ! "" ;
- drop_7:beside "--cap-add" -> "--cap-add=" @string="FOWNER" " " | ! "" ;
- drop_8:beside "--cap-add" -> "--cap-add=" @string="FSETID" " " | ! "" ;
- drop_9:beside "--cap-add" -> "--cap-add=" @string="KILL" " " | ! "" ;
- drop_10:beside "--cap-add" -> "--cap-add=" @string="SETGID" " " | ! "" ;
- drop_11:beside "--cap-add" -> "--cap-add=" @string="SETUID" " " | ! "" ;
- drop_12:beside "--cap-add" -> "--cap-add=" @string="NET_BIND_SERVICE" " " | ! "" ;
- drop_13:beside "--cap-add" -> "--cap-add=" @string="SYS_CHROOT" " " | ! "" ;
- drop_14:beside "--cap-add" -> "--cap-add=" @string="SETFCAP" " " | ! "" ;
- capsmiddle -> add_1 add_2 add_3 add_4 add_5 add_6 add_7 add_8 add_9 add_10 add_11 add_12 add_13 add_14 ;
- add_1:beside "--cap-add" -> "--cap-add=" @string="SYS_MODULE" " " | ! "" ;
- add_2:beside "--cap-add" -> "--cap-add=" @string="SYS_RAWIO" " " | ! "" ;
- add_3:beside "--cap-add" -> "--cap-add=" @string="SYS_PACCT" " " | ! "" ;
- add_4:beside "--cap-add" -> "--cap-add=" @string="SYS_ADMIN" " " | ! "" ;
- add_5:beside "--cap-add" -> "--cap-add=" @string="SYS_NICE" " " | ! "" ;
- add_6:beside "--cap-add" -> "--cap-add=" @string="SYS_RESOURCE" " " | ! "" ;
- add_7:beside "--cap-add" -> "--cap-add=" @string="SYS_TIME" " " | ! "" ;
- add_8:beside "--cap-add" -> "--cap-add=" @string="SYS_TTY_CONFIG" " " | ! "" ;
- add_9:beside "--cap-add" -> "--cap-add=" @string="AUDIT_CONTROL" " " | ! "" ;
- add_10:beside "--cap-add" -> "--cap-add=" @string="MAC_OVERRIDE" " " | ! "" ;
- add_11:beside "--cap-add" -> "--cap-add=" @string="MAC_ADMIN" " " | ! "" ;
- add_12:beside "--cap-add" -> "--cap-add=" @string="NET_ADMIN" " " | ! "" ;
- add_13:beside "--cap-add" -> "--cap-add=" @string="SYSLOG" " " | ! "" ;
- add_14:beside "--cap-add" -> "--cap-add=" @string="DAC_READ_SEARCH" " " | ! "" ;
- capsright -> add_15 add_16 add_17 add_18 add_19 add_20 add_21 add_22 add_23 @fill device_1 device_2 device_3 device_4 @fill privileged;
- add_15:beside "--cap-add" -> "--cap-add=" @string="LINUX_IMMUTABLE" " " | ! "" ;
- add_16:beside "--cap-add" -> "--cap-add=" @string="NED_BROADCAST" " " | ! "" ;
- add_17:beside "--cap-add" -> "--cap-add=" @string="IPC_LOCK" " " | ! "" ;
- add_18:beside "--cap-add" -> "--cap-add=" @string="IPC_OWNER" " " | ! "" ;
- add_19:beside "--cap-add" -> "--cap-add=" @string="SYS_PTRACE" " " | ! "" ;
- add_20:beside "--cap-add" -> "--cap-add=" @string="SYS_BOOT" " " | ! "" ;
- add_21:beside "--cap-add" -> "--cap-add=" @string="LEASE" " " | ! "" ;
- add_22:beside "--cap-add" -> "--cap-add=" @string="WAKE_ALARM" " " | ! "" ;
- add_23:beside "--cap-add" -> "--cap-add=" @string="BLOCK_SUSPEND" " " | ! "" ;
- device_1:beside"--device" -> "--device=" @string="" " " | ! "" ;
- device_2:beside"--device" -> "--device=" @string="" " " | ! "" ;
- device_3:beside"--device" -> "--device=" @string="" " " | ! "" ;
- device_4:beside"--device" -> "--device=" @string="" " " | ! "" ;
- privileged "--privileged" -> "--privileged " | ! "" ;
- xinfobutton:dialog "X server info" -> xinfo @close=" close";
- xinfo:beside -> xinfo_option xinfotext xinfo_gpu;
- xinfo_option -> xinfo_option_title xinfo_option_auto
- xinfo_option_xpra xinfo_option_xephyr
- xinfo_option_xpraxwayland xinfo_option_westonxwayland
- xinfo_option_hostdisplay xinfo_option_xorg
- xinfo_option_nxagent
- xinfo_option_xwayland xinfo_option_xdummy
- xinfo_option_kwinxwayland xinfo_option_kwin
- xinfo_option_weston xinfo_option_wayland;
- xinfo_option_title -> @text(" X server");
- xinfo_option_auto -> @text(" --auto\n\n");
- xinfo_option_xpra -> @text(" --xpra\n\n\n");
- xinfo_option_xephyr -> @text(" --xephyr");
- xinfo_option_xorg -> @text(" --xorg\n");
- xinfo_option_hostdisplay -> @text(" --hostdisplay\n\n\n");
- xinfo_option_xpraxwayland -> @text(" --xpra-xwayland\n\n");
- xinfo_option_westonxwayland -> @text(" --weston-xwayland\n\n");
- xinfo_option_nxagent -> @text(" --nxagent\n\n");
- xinfo_option_xwayland -> @text(" --xwayland\n");
- xinfo_option_xdummy -> @text(" --xdummy\n --xvfb\n");
- xinfo_option_kwinxwayland -> @text(" --kwin-xwayland\n");
- xinfo_option_weston -> @text(" --weston\n");
- xinfo_option_kwin -> @text(" --kwin\n");
- xinfo_option_wayland -> @text(" --hostwayland\n");
- xinfotext -> xinfo_title xinfo_auto
- xinfo_xpra xinfo_xephyr
- xinfo_xpraxwayland xinfo_westonxwayland
- xinfo_hostdisplay xinfo_xorg
- xinfo_nxagent
- xinfo_xwayland xinfo_xdummy
- xinfo_kwinxwayland xinfo_kwin
- xinfo_weston xinfo_wayland;
- xinfo_title -> @text(" ");
- xinfo_auto -> @text(" Chooses an X server depending on installed dependencies and on given or missing options --desktop, --gpu and --wayland.\n
- --desktop indicates a desktop environment in image (instead of a single application).");
- xinfo_xpra -> @text(" Recommended to run single applications. Application window appears on host display. \n
- Best --clipboard support, picture clips are possible. Seamless scaling (0,5x, 1.5x, 3x ...) with option --scale is possible\n
- Along with option --desktop usefull for desktop environments, too (similar to --xephyr).");
- xinfo_xephyr -> @text(" Recommended to run desktop environments. Desktop appears in a window on host display. Low overhead, very fast.");
- xinfo_xorg -> @text(" Core X server. Switch between displays with keys [CTRL][ALT][F1]...[F12]. Runs ootb from console.");
- xinfo_hostdisplay -> @text(" Share host display :0 instead of running second X server. Attention: Low security, quite bad container isolation!\n
- Please look at button [Security info]. Use with trusted images only. To reduce risks and to avoid bad RAM access, \n
- untrusted cookies restricting X access are used. (Some applications will not work in untrusted mode). Least overhead.\n");
- xinfo_xpraxwayland -> @text(" Like --xpra, uses Xwayland in background. Additional to --xpra, GPU acceleration with option --gpu is possible.\n
- Along with option --desktop usefull for desktop environments, too (similar to --xephyr).");
- xinfo_westonxwayland -> @text(" Like --xephyr, Weston with Xwayland. Can run on X or Wayland in a window or on its own from console. \n
- GPU acceleration, scaling (2x, 3x, 4x ...) and display rotation (0�, 90�, 180�, 270�, flipped, flipped-90�, ...) are possible.");
- xinfo_nxagent -> @text(" Like --xpra, but faster startup. (but no graphical clipboard and no scaling). Quite fast, low overhead.\n
- Along with option --desktop like --xephyr, but better resizeable. Toggle fullscreen in desktop mode with [CTRL][ALT][SHIFT][F].");
- xinfo_xwayland -> @text(" Core Xwayland needs a Wayland environment to run in. Fullscreen display can be moved around with [META][LMB].\n");
- xinfo_xdummy:beside -> @text(" Invisible X server for custom access. Output of environment variables on stdout. \n
- With --gpu a setup with Weston, Xwayland and xdotool is used (instead of Xdummy or Xvfb).") xinfo_xdummy_network;
- xinfo_weston -> @text(" Weston without X to run pure Wayland applications. Runs in X, in Wayland or from console. Scaling and rotation is possible.");
- xinfo_kwinxwayland -> @text(" Like --weston-xwayland, but using Kwin instead of Weston. Runs in X, in Wayland or from console.");
- xinfo_kwin -> @text(" kwin_wayland without X to run pure Wayland applications. Runs in X, in Wayland or from console.");
- xinfo_wayland -> @text(" Shares host wayland socket without X to run pure Wayland applications. Needs a running Wayland compositor.");
- xinfo_gpu -> xinfo_gpu_title xinfo_gpu_auto
- xinfo_gpu_xpra xinfo_gpu_xephyr
- xinfo_gpu_xpraxwayland xinfo_gpu_westonxwayland
- xinfo_gpu_hostdisplay xinfo_gpu_xorg
- xinfo_gpu_nxagent
- xinfo_gpu_xwayland xinfo_gpu_xdummy
- xinfo_gpu_kwinxwayland xinfo_gpu_kwin
- xinfo_gpu_weston xinfo_gpu_wayland;
- xinfo_gpu_title -> @text(" --gpu ");
- xinfo_gpu_auto -> @text(" \n\n");
- xinfo_gpu_xpra -> @text(" no\n\n\n");
- xinfo_gpu_xephyr -> @text(" no\n");
- xinfo_gpu_xorg -> @text(" yes\n");
- xinfo_gpu_hostdisplay -> @text(" yes\n\n\n");
- xinfo_gpu_xpraxwayland -> @text(" yes\n\n");
- xinfo_gpu_westonxwayland -> @text(" yes\n\n");
- xinfo_gpu_nxagent -> @text(" no\n\n");
- xinfo_gpu_xwayland -> @text(" yes\n");
- xinfo_gpu_xdummy -> @text(" yes\n\n");
- xinfo_gpu_weston -> @text(" yes\n");
- xinfo_gpu_kwinxwayland -> @text(" yes\n");
- xinfo_gpu_kwin -> @text(" yes\n");
- xinfo_gpu_wayland -> @text(" yes\n");
- xinfo_xdummy_network:dialog "Network setup example" -> @text(" Sample setup for HTML5 web application:\n
- \n
- \ \ read Xenv < <(x11docker --xdummy x11docker/lxde pcmanfm)\n
- \ \ echo \$Xenv\n
- \ \ export \$Xenv\n
- \ \ xpra start \$DISPLAY --use-display --html=on --bind-tcp=localhost:14500\n
- \n
- In your browser you can access the dockered application at address:\n
- \n
- \ \ http://localhost:14500\n
- \n
- Further infos at https://xpra.org/trac/wiki/Clients/HTML5
- ")
- @text(" Sample setup for VNC\n
- \n
- \ \ read Xenv < <(x11docker --xdummy x11docker/lxde pcmanfm)\n
- \ \ echo \$Xenv\n
- \ \ export \$Xenv\n
- \ \ x11vnc -localhost -noshm \n
- \n
- In another terminal, start VNC viewer with \n
- \n
- \ \ vncviewer localhost:0 \n
- \n
- See \"man x11vnc\" for many details and further infos.\n
- x11vnc option \"-noshm\" disables shared memory (MIT-SHM). \n
- To allow shared memory, use insecure x11docker option --ipc.
- ")
- @fill(" Sample setup to access dockered GUI applications over ssh:\n
- \n
- \ \ read Xenv < <(x11docker --xdummy x11docker/lxde pcmanfm)\n
- \ \ echo \$Xenv\n
- \ \ export \$Xenv\n
- \ \ xhost +SI:localuser:\$USER\n
- \ \ xpra start ssh:127.0.0.1\$DISPLAY --use-display --start-via-proxy=no\n
- \n
- In another terminal, you can connect with:\n
- \n
- \ \ xpra attach ssh:127.0.0.1\$NEWDISPLAY # NEWDISPLAY must be same as DISPLAY in \$Xenv
- ")
- @fill(" To allow access for rest of world, read https://xpra.org/trac/wiki/Clients/HTML5 and\n
- make sure to take care of security, opening firewall and router ports and such stuff.\n
- In this case, do not use a host window manager with option --wm, it can be risky and is needless!\n
- \n
- For security and authentication, read xpra manpage and \n
- http://xpra.org/trac/wiki/Encryption/SSL
- ") @close=" Close";
- xdependenciesbutton:dialog "Dependencies" -> xdependencies @text(" Other dependencies, some in image, too") xdependencies2 @close=" close";
- xdependencies:beside -> xdep_option xdep_host xdep_xrunning ;
- xdep_option -> xdep_option_title
- xdep_option_xpra xdep_option_xephyr
- xdep_option_xpraxwayland xdep_option_westonxwayland
- xdep_option_hostdisplay xdep_option_xorg
- xdep_option_nxagent
- xdep_option_xwayland xdep_option_xdummy xdep_option_xvfb
- xdep_option_wayland xdep_option_kwin
- xdep_option_weston ;
- xdep_option_title -> @text(" X server");
- xdep_option_xpra -> @text(" --xpra");
- xdep_option_xephyr -> @text(" --xephyr");
- xdep_option_xorg -> @text(" --xorg");
- xdep_option_hostdisplay -> @text(" --hostdisplay");
- xdep_option_xpraxwayland -> @text(" --xpra-xwayland");
- xdep_option_westonxwayland -> @text(" --weston-xwayland");
- xdep_option_nxagent -> @text(" --nxagent");
- xdep_option_xwayland -> @text(" --xwayland");
- xdep_option_xdummy -> @text(" --xdummy");
- xdep_option_xvfb -> @text(" --xvfb");
- xdep_option_weston -> @text(" --weston");
- xdep_option_kwin -> @text(" --kwin, --kwin-xwayland ");
- xdep_option_wayland -> @text(" --hostwayland");
- xdep_host -> xdep_host_title
- xdep_host_xpra xdep_host_xephyr
- xdep_host_xpraxwayland xdep_host_westonxwayland
- xdep_host_hostdisplay xdep_host_xorg
- xdep_host_nxagent
- xdep_host_xwayland xdep_host_xdummy xdep_host_xvfb
- xdep_host_wayland xdep_host_kwin
- xdep_host_weston ;
- xdep_host_title -> @text(" Dependencies on host");
- xdep_host_xpra -> @text(" xpra");
- xdep_host_xephyr -> @text(" Xephyr");
- xdep_host_xorg:beside -> @text(" - \ [ xerver-xorg-legacy ]") xdep_xorg_setupdialog;
- xdep_host_hostdisplay -> @text(" -");
- xdep_host_xpraxwayland -> @text(" Xwayland \ xpra \ [on X also: \ weston \ xdotool ]");
- xdep_host_westonxwayland -> @text(" Xwayland \ weston");
- xdep_host_nxagent -> @text(" nxagent");
- xdep_host_xwayland -> @text(" Xwayland");
- xdep_host_xdummy -> @text(" (dummy video driver for Xorg)");
- xdep_host_xvfb -> @text(" Xvfb");
- xdep_host_weston -> @text(" weston");
- xdep_host_kwin -> @text(" kwin Xwayland");
- xdep_host_wayland -> @text(" -");
- xdep_xrunning -> xdep_xrun_title
- xdep_xrun_xpra xdep_xrun_xephyr
- xdep_xrun_xpraxwayland xdep_xrun_westonxwayland
- xdep_xrun_hostdisplay xdep_xrun_xorg
- xdep_xrun_nxagent
- xdep_xrun_xwayland xdep_xrun_xdummy xdep_xrun_xvfb
- xdep_xrun_wayland xdep_xrun_kwin
- xdep_xrun_weston ;
- xdep_xrun_title -> @text(" Needs running X or Wayland on host");
- xdep_xrun_xpra -> @text(" X \ (or Xwayland on Wayland)");
- xdep_xrun_xephyr -> @text(" X \ (or Xwayland on Wayland)");
- xdep_xrun_xorg -> @text(" -");
- xdep_xrun_hostdisplay -> @text(" X \ (or Xwayland on Wayland)");
- xdep_xrun_xpraxwayland -> @text(" X \ (or Xwayland on Wayland)");
- xdep_xrun_westonxwayland -> @text(" -");
- xdep_xrun_nxagent -> @text(" X \ (or Xwayland on Wayland)");
- xdep_xrun_xwayland -> @text(" Wayland");
- xdep_xrun_xdummy -> @text(" -");
- xdep_xrun_xvfb -> @text(" -");
- xdep_xrun_weston -> @text(" -");
- xdep_xrun_kwin -> @text(" -");
- xdep_xrun_wayland -> @text(" Wayland");
- xdependencies2:beside -> xdep_options xdep_text ;
- xdep_options -> xdep_gpu xdep_xclip xdep_pulseaudio xdep_dbus;
- xdep_text -> xdep_gpu_text xdep_xclip_text xdep_pulseaudio_text xdep_dbus_text;
- xdep_xclip -> @text("--clipboard") ;
- xdep_xclip_text -> @text("Needs package xclip on host (except for options --xpra, --xpra-xwayland and --nxagent).") ;
- xdep_pulseaudio -> @text("--pulseaudio") ;
- xdep_pulseaudio_text -> @text("Needs package pulseaudio on host AND in image.") ;
- xdep_dbus -> @text("--dbus") ;
- xdep_dbus_text -> @text("Needs dbus-launch (debian: package dbus-x11) in image.") ;
- xdep_systemd -> @text("--systemd") ;
- xdep_systemd_text -> @text("Needs systemd in image") ;
- xdep_gpu -> @text("--gpu\n\n\n") ;
- xdep_gpu_text -> @text("Needs OpenGL dependencies (mesa) to be installed in image. For debian images: mesa-utils mesa-utils-extra,\n
- CentOS and fedora images: glx-utils mesa-dri-drivers, Arch Linux images: mesa-demos\n
- Works best with open source drivers on host. Closed source drivers need to be installed in image, too.");
- xdep_xorg_setupdialog:dialog "Setup" -> @text(" Option --xorg can be used out of the box on console tty1...tty6. \n
- \n
- To run a second Xorg server from within an already running X session, \n
- you have to edit file /etc/X11/Xwrapper.conf and replace line:\n
- \n
- \ \ allowed_users=console \n
- \n
- with lines:\n
- \n
- \ \ allowed_users=anybody \n
- \ \ needs_root_rights=yes \n
- \n
- On debian 9 and Ubuntu 16.04 you need to install package xserver-xorg-legacy.
- ") @close=" close";
- help:dialog "Help" -> @text(
- " x11docker allows you to run GUI applications and desktop environments from inside of docker images. \n
- Its main purpose is to preserve container isolation while avoiding some X security leaks. \n
- Core concept is to run a segregated second X server and to reduce container privileges.\n
- \n
- Simplest use case: \n
- \ \ \ x11docker IMAGENAME [IMAGECOMMAND]\n
- \n
- Depending on chosen options, you can have high or low container isolation. \n
- Look at button [Security info] to see the differences. x11docker shows terminal messages if something is less secure.\n
- \n
- Automatically choosing an X server:\n
- If no X server option is chosen, x11docker looks for best match in dependencies to run a single application.\n
- If option --desktop is given, it looks for the best match to run a desktop environment.\n
- \n
- Single applications:\n
- With recommended option --xpra, the dockered applications will appear on your already running X display.\n
- You can also choose discouraged option --hostdisplay for this to have least overhead, but then you have quite \n
- bad container isolation, and some applications may fail. \n
- A faster startup than --xpra without drawbacks of --hostdisplay provides --nxagent.\n
- \n
- Desktop environments:\n
- For desktop environments in docker, --xephyr is recommended.\n
- \n
- GPU acceleration:\n
- With option --gpu you can get hardware acceleration for OpenGL graphics rendering. Single applications run best \n
- with --xpra-xwayland or --hostdisplay, desktop environments best with --weston-xwayland, --kwin-xwayland or --xorg.\n
- If GPU acceleration fails, check OpenGL dependencies in image. (Compare dialog button \"Dependencies\")\n
- If no X server option is specified, x11docker will choose the best possibility depending on installed dependencies.\n
- \n
- Wayland: \n
- If option --wayland is given, x11docker sets up a pure Wayland environment without X.\n
- You can specify your preferred Wayland compositor with --weston, --kwin or --hostwayland.\n
- QT5 applications often (always?) need option --dbus, GTK3 applications often fail with option --dbus.\n
- \n
- Troubleshooting:\n
- Run in terminal to see some messages. Activate option --verbose to see full logfile output.\n
- If the automatically chosen password prompt does not fit your setup, choose another one with option --pw.\n
- Some applications may not work well with --hostdisplay. Choose another X server option.\n
- \n
- x11docker and x11docker-gui are published under MIT licence. \n
- Please report issues and get further infos at github: https://github.com/mviereck/x11docker\n
- Some example docker images can be found at https://hub.docker.com/u/x11docker
- ") helpbuttons;
- helpbuttons:beside -> MIT @close=" close" ;
- security_dialog:dialog " Security info " -> sec_info sec_degrading_title sec_degrading sec_developer sec_doesntmatter @close=" close";
- sec_info -> @text(" Main intention of x11docker is to allow running GUI applications in docker on X11 or Wayland while preserving container isolation. \n\n
- Most important part is to avoid common X security leaks, making keylogging and remote controlling of host applications impossible. \n
- This is given for all provided X servers (and Wayland compositors) except option --hostdisplay (see below).\n
- Core concept is to run a segregated second X server with its own authentication cookies.\n\n
- Hardening container security:\n
- Default user in container is same as host user to avoid root running GUI applications.\n
- All default docker container capabilities like user switching, chroot and setuid/setgid are disabled.\n
- Used docker options for container security hardening: \"--cap-drop=ALL --security-opt=no-new-privileges\"\n\n
- Weaknesses / ToDo:\n
- If docker daemon runs with --selinux-enabled, SELinux restrictions are degraded with label container_runtime_t to allow access to X unix socket.\n
- User namespace remapping has limited support and is disabled for options --home and --homedir.\n\n
- x11docker shows warnings in terminal if chosen options degrade container isolation.
- ") ;
- sec_degrading_title -> @text(" Most used options degrading container isolation:");
- sec_degrading:beside -> sec_deg_opt sec_deg_text;
- sec_deg_opt -> sec_hostdisplay_opt sec_gpu_opt sec_pulseaudio_opt sec_init_opt sec_capdefault_opt sec_sudouser_opt;
- sec_deg_text -> sec_hostdisplay_text sec_gpu_text sec_pulseaudio_text sec_init_text sec_capdefault_text sec_sudouser_text;
- sec_gpu_opt -> @text(" --gpu \n\n\n\n\n");
- sec_gpu_text -> @text(" Option --gpu allows hardware acceleration for dockered OpenGL applications. Access to GPU hardware can allow rootkits. \n
- Example rootkit: https://github.com/x0r1/jellyfish\n
- Although there is little known of real attacks, you should be aware of this. This affects X servers and Wayland compositors as well. \n
- Furthermore, container applications can grab video RAM content formerly drawn by host applications (palinopsia leak).\n\
- Attention: Enables insecure option --ipc and --trusted for --hostdisplay, therefore allowing keylogging and remote host control.");
- sec_hostdisplay_opt -> @text(" --hostdisplay \n\n\n");
- sec_hostdisplay_text -> @text(" Quite bad container isolation, but least overhead of all X server options. Use with trusted images only.\n
- Instead of creating a new segregated X server to avoid X security leaks, your host X server is shared with container. \n
- x11docker avoids keylogging and other attacks using untrusted cookies, but do not rely on this. \n");
- sec_pulseaudio_opt -> @text(" --pulseaudio \n --alsa\n");
- sec_pulseaudio_text -> @text(" With sound enabled, container applications can catch your audio output and also can hear everything you say \n
- if your computer has microphones. With option --alsa, container applications have immediate access to sound hardware.");
- sec_init_opt -> @text(" --systemd \n --runit \n --openrc");
- sec_init_text -> @text(" Init system options --systemd, --openrc and --runit allow some container capabilities, but mostly identical to default docker settings. \n
- --systemd additionally shares access to /sys/fs/cgroup. \n
- --runit and --openrc add non-default capability SYS_BOOT.\n");
- sec_capdefault_opt -> @text(" --cap-default ");
- sec_capdefault_text -> @text(" Allows default container capabilities; disables container security hardening by x11docker.");
- sec_sudouser_opt -> @text(" --sudouser ");
- sec_sudouser_text -> @text(" Allows sudo with password \"x11docker\" in container. Allows many capabilities. Outbreaking applications have no limits. ");
- sec_developer -> @text(" Some options in the \"Developer\" section degrade container isolation, especially those in part \"container capabilities\". Please install brain.exe");
- sec_doesntmatter -> @text(" If you do not care about container isolation at all, get a quite fast setup with \"x11docker --hostdisplay --gpu IMAGENAME\" ");
- MIT:dialog "MIT license" -> @text(
- " MIT License\n
- \n
- Copyright (c) 2015,2016,2017,2018 Martin Viereck\n
- \n
- Permission is hereby granted, free of charge, to any person obtaining a copy\n
- of this software and associated documentation files (the \"Software\"), to deal\n
- in the Software without restriction, including without limitation the rights\n
- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n
- copies of the Software, and to permit persons to whom the Software is\n
- furnished to do so, subject to the following conditions:\n
- \n
- The above copyright notice and this permission notice shall be included in all\n
- copies or substantial portions of the Software.\n
- \n
- THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n
- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n
- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n
- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n
- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n
- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n
- SOFTWARE.") @close="close";
- x11docker_options -> choose_xserver sizefullscreen choose_options_normal choose_options_advanced choose_options_hostfolders develcollect imageorexe "\"" setcapsdialog dockeroptions "\" " "\""dockerimage "\"" ;
- x11docker -> "x11docker " x11docker_options;
- buttons :horizontal -> run runxterm preview desktop_starter orphanedcheck help @close="Cancel";
- old_run -> @fork(x11docker)=" Run";
- run -> @dump(x11docker)=" Run";
- preview -> @preview(x11docker,"monospace",900)="Preview command" ;
- desktop_starter -> @dump("xterm -e '","x11docker --starter ",x11docker_options,"'")="Create desktop starter";
- orphanedcheck -> @dump("xterm -hold -e 'pkexec x11docker "," --cleanup '")="Clean up";
- runxterm -> @dump("xterm -hold -e '",x11docker,"'")="Run in xterm";
- Error: Parse error on line 78
- Stuck __after__ the rule on line 77
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement