[winswitch] Xpra Xorg launch sequence: using a unix domain socket in /tmp/.X11-unix

Timothy Hobbs timothy at hobbs.cz
Sat Jul 18 21:08:25 BST 2015

Dear list,

I am the creator of subuser.org. Subuser is a free open source software project (LGPL3) which aims to allow a person to run desktop applications inside Docker containers. Subuser has several aims. One is to make it easier to publish desktop applications on linux by improving portability. Another is to make the desktop more secure by containing those desktop applications within their respective containers.

Right now, the seccond goal is not met. Desktop applications communicate with the host's X11 server by sharing the /tmp/.X11-unix folder with it. This works well, but is completely insecure. I have been waiting for wayland to come out in order to provide a secure solution. However, spurred on by the success of OZ, written by subgraph.com I have begun to reconsider xpra as an intermediate option.

As I want to maintain portability and ease of creating subuser Docker images, I do not wish to install the xpra server in each Docker image which contains a desktop application. In order to maintain this sepparation of requirements, I have come up with the following architecture involving 3 containers:

-------------                      -------------
|desktop app| <--/tmp/.X11-unix--> |xpra server|    Untrusted
-------------                      -------------
                                         | ~/.xpra
-------------                       -------------
| host      |  <--/tmp/.X11-unix--> |xpra client|   Trusted
-------------                       -------------

This allows me to run 3 containers.

1) contains the untrusted desktop application
2) contains an untrusted xpra server
3) contains a trusted xpra client

I can use an up-to-date version of xpra, as I do not need to have xpra installed on the host.

The only problem, is that when I run

$ xpra start :100 --start-child=xterm

I don't end up with a unix domain socket in the xpra server's /tmp/.X11-unix directory. This is despite the fact that I have -nolisten tcp set in xpra.conf:

xvfb=Xorg -dpi 96 -noreset -nolisten tcp +extension GLX +extension RANDR +extension RENDER -logfile ${HOME}/.xpra/Xorg.${DISPLAY}.log -config /etc/xpra/xorg.conf

I am confused as to why this is happening, and how I can get a unix domain socket to work with. I cannot use a UDP socket due to the difficulties of sharing UDP sockets between containers.

I have been testing this settup on xpra version 0.14.10

Thank you in advance for your help,

Timothy Hobbs

More information about the shifter-users mailing list