==> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/stderr <== ==> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/stdout <== ==> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log <== ==> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/message.log <== DEBUGNOTE[13:37:03,353]: check_host(): ps can watch root processes: yes x11docker[13:37:03,369]: Image name: pccastor-lxde_wallet:latest Container command: DEBUGNOTE[13:37:03,403]: host user: bon 1002:1002 /home/bon DEBUGNOTE[13:37:03,775]: storeinfo(): cache=/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242 DEBUGNOTE[13:37:03,788]: storeinfo(): stdout=/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/stdout DEBUGNOTE[13:37:03,799]: storeinfo(): stderr=/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/stderr DEBUGNOTE[13:37:03,827]: storeinfo(): x11dockerpid=30015 DEBUGNOTE[13:37:03,906]: x11docker version: 6.9.0 Backend version: Docker version 20.10.7, build f0df350 Host system: "Debian GNU/Linux 10 (buster)" Host architecture: amd64 (x86_64) Command: '/usr/bin/x11docker' '--xvfb' '--size=1980x1200' '--lang=fr' '--keymap' 'fr-latin9' '--pulseaudio' 'pccastor-lxde_wallet:latest' Parsed options: --xvfb --size '1980x1200' --lang 'fr' --keymap 'fr-latin9' --pulseaudio '' -- 'pccastor-lxde_wallet:latest' DEBUGNOTE[13:37:03,916]: Dependency check for --xvfb: 0 DEBUGNOTE[13:37:03,920]: Dependencies of --xvfb already checked: 0 DEBUGNOTE[13:37:03,924]: Dependencies of --xvfb already checked: 0 DEBUGNOTE[13:37:03,928]: storeinfo(): xserver=--xvfb DEBUGNOTE[13:37:03,968]: container user: bon 1002:1002 /home/bon ==> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/xinit.log <== ==> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/stderr <== ==> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/stdout <== ==> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log <== ==> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/message.log <== DEBUGNOTE[13:37:03,353]: check_host(): ps can watch root processes: yes x11docker[13:37:03,369]: Image name: pccastor-lxde_wallet:latest Container command: DEBUGNOTE[13:37:03,403]: host user: bon 1002:1002 /home/bon DEBUGNOTE[13:37:03,775]: storeinfo(): cache=/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242 DEBUGNOTE[13:37:03,788]: storeinfo(): stdout=/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/stdout DEBUGNOTE[13:37:03,799]: storeinfo(): stderr=/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/stderr DEBUGNOTE[13:37:03,827]: storeinfo(): x11dockerpid=30015 DEBUGNOTE[13:37:03,906]: x11docker version: 6.9.0 Backend version: Docker version 20.10.7, build f0df350 Host system: "Debian GNU/Linux 10 (buster)" Host architecture: amd64 (x86_64) Command: '/usr/bin/x11docker' '--xvfb' '--size=1980x1200' '--lang=fr' '--keymap' 'fr-latin9' '--pulseaudio' 'pccastor-lxde_wallet:latest' Parsed options: --xvfb --size '1980x1200' --lang 'fr' --keymap 'fr-latin9' --pulseaudio '' -- 'pccastor-lxde_wallet:latest' DEBUGNOTE[13:37:03,916]: Dependency check for --xvfb: 0 DEBUGNOTE[13:37:03,920]: Dependencies of --xvfb already checked: 0 DEBUGNOTE[13:37:03,924]: Dependencies of --xvfb already checked: 0 DEBUGNOTE[13:37:03,928]: storeinfo(): xserver=--xvfb DEBUGNOTE[13:37:03,968]: container user: bon 1002:1002 /home/bon ==> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/xinit.log <== ==> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/message.log <== DEBUGNOTE[13:37:04,008]: waitforlogentry(): tailstdout: Waiting for logentry "x11docker=ready" in store.info DEBUGNOTE[13:37:04,011]: waitforlogentry(): tailstderr: Waiting for logentry "x11docker=ready" in store.info DEBUGNOTE[13:37:04,032]: storepid(): Stored pid '30492' of 'watchpidlist': 30492 pts/4 00:00:00 bash DEBUGNOTE[13:37:04,052]: storepid(): Stored pid '30503' of 'watchmessagefifo': 30503 pts/4 00:00:00 bash x11docker[13:37:04,070]: Virtual screen size: 1980x1200 x11docker[13:37:04,081]: Physical screen size: x11docker WARNING: Option --pulseaudio allows container applications to catch your audio output and microphone input. DEBUGNOTE[13:37:04,116]: storeinfo(): pulseaudiomoduleid=22 x11docker[13:37:04,186]: Generated pulseaudio client.conf: 1 # Connect to host pulseaudio server using mounted UNIX socket 2 default-server = unix:/x11docker/pulseaudio.socket 3 # Prevent a server running in container 4 autospawn = no 5 daemon-binary = /bin/true 6 # Prevent use of shared memory 7 enable-shm = false 8 DEBUGNOTE[13:37:04,227]: storeinfo(): DISPLAY=:107 DEBUGNOTE[13:37:04,240]: storeinfo(): XAUTHORITY=/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client DEBUGNOTE[13:37:04,252]: storeinfo(): XSOCKET=/tmp/.X11-unix/X107 DEBUGNOTE[13:37:04,265]: storeinfo(): XDG_RUNTIME_DIR=/run/user/1002 DEBUGNOTE[13:37:04,280]: storeinfo(): Xenv= DISPLAY=:107 XAUTHORITY=/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client XSOCKET=/tmp/.X11-unix/X107 XDG_RUNTIME_DIR=/run/user/1002 DEBUGNOTE[13:37:04,320]: X server command: /usr/bin/Xvfb :107 \ -retro \ +extension RANDR \ +extension RENDER \ +extension GLX \ +extension XVideo \ +extension DOUBLE-BUFFER \ +extension SECURITY \ +extension DAMAGE \ +extension X-Resource \ -extension XINERAMA -xinerama \ -extension MIT-SHM \ +extension Composite +extension COMPOSITE \ +extension XTEST \ -dpms \ -s off \ -auth /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/Xauthority.server \ -nolisten tcp \ -screen 0 1980x1200x24 \ x11docker[13:37:04,491]: --init: Found tini binary: /usr/bin/docker-init DEBUGNOTE[13:37:04,521]: storeinfo(): tini=/usr/bin/docker-init DEBUGNOTE[13:37:04,538]: Users and terminal: x11docker was started by: bon As host user serves (running X, storing cache): bon Container user will be: bon Container user password: x11docker Getting permission to run backend with: su -c Terminal for password frontend: eval Running in a terminal: yes Running on console: no Running over SSH: yes Running sourced: no bash $-: hB DEBUGNOTE[13:37:04,544]: storeinfo(): containername=x11docker_X107_pccastor-lxde_wallet-latest_65823175242 DEBUGNOTE[13:37:05,108]: docker command: docker run --detach --tty \ --name x11docker_X107_pccastor-lxde_wallet-latest_65823175242 \ --user 1002:1002 \ --userns=host \ --cap-drop ALL \ --security-opt no-new-privileges \ --security-opt label=type:container_runtime_t \ --volume '/usr/bin/docker-init':'/usr/local/bin/init':ro \ --tmpfs /run:exec --tmpfs /run/lock \ --volume '/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share':'/x11docker':rw \ --volume '/tmp/.X11-unix/X107':'/X107':rw \ --volume /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/pulseaudio.client.conf:/etc/pulse/client.conf:ro \ --workdir '/tmp' \ --entrypoint env \ --env 'container=docker' \ --env 'XAUTHORITY=/x11docker/Xauthority.client' \ --env 'DISPLAY=:107' \ --env 'PULSE_COOKIE=/x11docker/pulseaudio.cookie' \ --env 'PULSE_SERVER=unix:/x11docker/pulseaudio.socket' \ --env 'USER=bon' \ -- pccastor-lxde_wallet:latest /usr/local/bin/init -- /bin/sh - /x11docker/containerrc x11docker[13:37:05,392]: Generated dockerrc: 1 #! /usr/bin/env bash 2 3 # dockerrc: 4 # This script runs as root (or member of group docker) on host. 5 # - inspect image 6 # - pull image if needed 7 # - create containerrc 8 # - set up systemd/elogind cgroup if needed 9 # - run window manager in container or from host if needed 10 11 trap '' SIGINT 12 13 askyesno () 14 { 15 local Choice; 16 read -t60 -n1 -p "(timeout after 60s assuming no) [Y|n]" Choice; 17 [ "$?" = '0' ] && { 18 [[ "$Choice" == [YyJj]* ]] || [ -z "$Choice" ] && return 0 19 }; 20 return 1 21 } 22 checkpid () 23 { 24 [ -e "/proc/${1:-NONSENSE}" ] 25 } 26 escapestring () 27 { 28 echo "${1:-}" | LC_ALL=C sed -e 's/[^a-zA-Z0-9,._+@=:/-]/\\&/g; ' 29 } 30 mysleep () 31 { 32 sleep "${1:-1}" 2> /dev/null || sleep 1 33 } 34 pspid () 35 { 36 LC_ALL=C ps -p "${1:-}" 2> /dev/null | grep -v 'TIME' 37 } 38 rmcr () 39 { 40 case "${1:-}" in 41 "") 42 sed "s/$(printf "\r")//g" 43 ;; 44 *) 45 sed -i "s/$(printf "\r")//g" "${1:-}" 46 ;; 47 esac 48 } 49 rocknroll () 50 { 51 [ -s "$Timetosaygoodbyefile" ] && return 1; 52 [ -e "$Timetosaygoodbyefile" ] || return 1; 53 return 0 54 } 55 saygoodbye () 56 { 57 debugnote "time to say goodbye ($*)"; 58 [ -e "$Timetosaygoodbyefile" ] && echo timetosaygoodbye >> $Timetosaygoodbyefile; 59 [ -e "$Timetosaygoodbyefifo" ] && echo timetosaygoodbye >> $Timetosaygoodbyefifo 60 } 61 storeinfo () 62 { 63 [ -e "$Storeinfofile" ] || return 1; 64 case "${1:-}" in 65 dump) 66 grep "^${2:-}=" $Storeinfofile | sed "s/^${2:-}=//" 67 ;; 68 drop) 69 sed -i "/^${2:-}=/d" $Storeinfofile 70 ;; 71 test) 72 grep -q "^${2:-}=" $Storeinfofile 73 ;; 74 *) 75 debugnote "storeinfo(): ${1:-}"; 76 grep -q "^$(echo "${1:-}" | cut -d= -f1)=" $Storeinfofile && { 77 sed -i "/^$(echo "${1:-}" | cut -d= -f1)=/d" $Storeinfofile 78 }; 79 echo "${1:-}" >> $Storeinfofile 80 ;; 81 esac 82 } 83 storepid () 84 { 85 case "${1:-}" in 86 dump) 87 grep -w "${2:-}" "$Storepidfile" | cut -d' ' -f1 88 ;; 89 test) 90 grep -q -w "${2:-}" "$Storepidfile" 91 ;; 92 *) 93 echo "${1:-NOPID}" "${2:-NONAME}" >> "$Storepidfile"; 94 debugnote "storepid(): Stored pid '${1:-}' of '${2:-}': $(pspid ${1:-} ||:)" 95 ;; 96 esac 97 } 98 waitforlogentry () 99 { 100 local Startzeit Uhrzeit Dauer Count=0 Schlaf; 101 local Errorkeys="${4:-}"; 102 local Warten="${5:-60}"; 103 local Error=; 104 Startzeit="$(date +%s ||:)"; 105 Startzeit="${Startzeit:-0}"; 106 [ "$Warten" = "infinity" ] && Warten=32000; 107 debugnote "waitforlogentry(): ${1:-}: Waiting for logentry \"${3:-}\" in $(basename ${2:-})"; 108 while ! grep -q "${3:-}" < "${2:-}"; do 109 Count="$(( $Count + 1 ))"; 110 Uhrzeit="$(date +%s ||:)"; 111 Uhrzeit="${Uhrzeit:-0}"; 112 Dauer="$(( $Uhrzeit - $Startzeit ))"; 113 Schlaf="$(( $Count / 10 ))"; 114 [ "$Schlaf" = "0" ] && Schlaf="0.5"; 115 mysleep "$Schlaf"; 116 [ "$Dauer" -gt "10" ] && debugnote "waitforlogentry(): ${1:-}: Waiting since ${Dauer}s for log entry \"${3:-}\" in $(basename ${2:-})"; 117 [ "$Dauer" -gt "$Warten" ] && error "waitforlogentry(): ${1:-}: Timeout waiting for entry \"${3:-}\" in $(basename ${2:-}) 118 Last lines of $(basename ${2:-}): 119 $(tail "${2:-}")"; 120 [ "$Errorkeys" ] && grep -i -q -E "$Errorkeys" < "${2:-}" && error "waitforlogentry(): ${1:-}: Found error message in logfile. 121 Last lines of logfile $(basename ${2:-}): 122 $(tail "${2:-}")"; 123 rocknroll || { 124 debugnote "waitforlogentry(): ${1:-}: Stopped waiting for ${3:-} in $(basename ${2:-}) due to terminating signal."; 125 Error=1; 126 break 127 }; 128 done; 129 [ "$Error" ] && return 1; 130 debugnote "waitforlogentry(): ${1:-}: Found log entry \"${3:-}\" in $(basename ${2:-})."; 131 return 0 132 } 133 134 warning() { 135 echo "$*:WARNING" | sed "s/\$/ /" >>$Messagefile 136 } 137 note() { 138 echo "$*:NOTE" | sed "s/\$/ /" >>$Messagefile 139 } 140 verbose() { 141 echo "$*:VERBOSE" | sed "s/\$/ /" >>$Messagefile 142 } 143 debugnote() { 144 echo "$*:DEBUGNOTE" | sed "s/\$/ /" >>$Messagefile 145 } 146 error() { 147 echo "$*:ERROR" | sed "s/\$/ /" >>$Messagefile 148 exit 64 149 } 150 stdout() { 151 echo "$*:STDOUT" | sed "s/\$/ /" >>$Messagefile 152 } 153 154 Containercommand="" 155 Imagename="pccastor-lxde_wallet:latest" 156 Messagefile='/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/message.fifo' 157 Newxenv=' DISPLAY=:107 XAUTHORITY=/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client XSOCKET=/tmp/.X11-unix/X107 XDG_RUNTIME_DIR=/run/user/1002' 158 export PATH='/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/sbin:/usr/sbin' 159 Storeinfofile='/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/store.info' 160 Storepidfile='/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/store.pids' 161 Timetosaygoodbyefile='/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/timetosaygoodbye' 162 Timetosaygoodbyefifo='/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/timetosaygoodbye.fifo' 163 Xserver='--xvfb' 164 Workdir='' 165 166 Containerarchitecture= 167 Containerid= 168 Containerip= 169 Dockerlogspid='' 170 Exec= 171 Entrypoint= 172 Failure= 173 Imagepull= 174 Imageuser= 175 Inspect= 176 Line= 177 Pid1pid= 178 Runtime= 179 Signal= 180 Windowmanagermode= 181 Windowmanagercommand= 182 Wmcontainerid= 183 Wmdockercommand= 184 debugnote 'Running dockerrc: Setup as root or as user docker on host.' 185 186 187 # Check whether docker daemon is running, get docker info 188 docker info >>/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/docker.info 2>>/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log || { 189 error "'docker info' failed. 190 If using docker: Is docker daemon running at all? 191 Try to start docker daemon with 'systemctl start docker'. 192 Last lines of log: 193 $(rmcr < '/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log' | tail)" 194 } 195 196 # Check default runtime 197 Runtime="$( { grep 'Default Runtime' < '/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/docker.info' ||: ;} | awk '{print $3}' )" 198 [ -n "$Runtime" ] && { 199 debugnote "dockerrc: Found default container Runtime: $Runtime" 200 debugnote "dockerrc: All $(grep 'Runtimes' < '/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/docker.info' ||: )" 201 [ "$Runtime" != '' ] && { 202 case $Runtime in 203 kata-runtime) warning 'Found default container runtime kata-runtime. 204 Please run x11docker with --runtime=kata-runtime to avoid issues.' ;; 205 nvidia) [ 'no' = 'yes' ] && warning 'Option --gpu: Found default container runtime nvidia. 206 Please run x11docker with --runtime=nvidia to avoid issues.' ;; 207 runc|crun|oci) ;; 208 *) note "Found unknown container runtime: $Runtime 209 Please report at: https://github.com/mviereck/x11docker" ;; 210 esac 211 } 212 } 213 Runtime='UNDECLARED_RUNTIME' 214 debugnote "dockerrc: Container Runtime: $Runtime" 215 storeinfo "runtime=$Runtime" 216 217 # Refresh images.list for x11docker-gui 218 docker images 2>>/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log | grep -v REPOSITORY | awk '{print $1 ":" $2}' >>/home/bon/.cache/x11docker/docker.imagelist.sort 219 rmcr /home/bon/.cache/x11docker/docker.imagelist.sort 220 while read -r Line ; do 221 grep -q "" <<<$Line || echo $Line >> /home/bon/.cache/x11docker/docker.imagelist 222 done < <(sort < /home/bon/.cache/x11docker/docker.imagelist.sort) 223 rm /home/bon/.cache/x11docker/docker.imagelist.sort 224 225 # Check if image pccastor-lxde_wallet:latest is available locally 226 Imagepull=no 227 grep -x -q 'pccastor-lxde_wallet:latest' < /home/bon/.cache/x11docker/docker.imagelist || grep -x -q 'pccastor-lxde_wallet:latest:latest' < /home/bon/.cache/x11docker/docker.imagelist || { 228 docker images | grep -q '^pccastor-lxde_wallet:latest ' || { 229 echo 'Image pccastor-lxde_wallet:latest not found locally.' >&2 230 echo 'Do you want to pull it from docker hub?' >&2 231 askyesno && Imagepull=yes || error "Image 'pccastor-lxde_wallet:latest' not available locally and not pulled from docker hub." 232 } 233 } 234 235 rocknroll || exit 64 236 237 [ "$Imagepull" = 'yes' ] && { 238 note "Pulling image 'pccastor-lxde_wallet:latest' from docker hub" 239 docker pull pccastor-lxde_wallet:latest 1>&2 || error "Pulling image 'pccastor-lxde_wallet:latest' seems to have failed!" 240 } 241 242 rocknroll || exit 64 243 244 Inspect="$(docker inspect pccastor-lxde_wallet:latest --format='{{.Config.User}}|{{.Config.WorkingDir}}|{{.Architecture}}')" 245 246 # Check architecture 247 Containerarchitecture="$(cut -d'|' -f3 <<< "$Inspect")" 248 debugnote "dockerrc: Image architecture: $Containerarchitecture" 249 # Check CMD 250 [ -z "$Containercommand" ] && { 251 # extract image command from image if not given on cli 252 Containercommand="$(docker inspect pccastor-lxde_wallet:latest --format='{{.Config.Cmd}}')" 253 Containercommand="${Containercommand#[}" 254 Containercommand="${Containercommand%]}" 255 debugnote "dockerrc: Image CMD: $Containercommand" 256 echo "$Containercommand" | grep -q /x11docker/containerrc && error 'Recursion error: Found CMD /x11docker/containerrc in image. 257 Did you use 'docker commit' with an x11docker container? 258 Please build new images with a Dockerfile instead of using docker commit, 259 or provide a different container command.' 260 } 261 262 # Check USER 263 Imageuser="$(cut -d'|' -f1 <<< "$Inspect")" 264 debugnote "dockerrc: Image USER: $Imageuser" 265 [ "$Imageuser" ] && note "Found 'USER $Imageuser' in image. 266 If you want to run with user $Imageuser instead of host user bon, 267 than run with --user=RETAIN." 268 storeinfo containeruser="bon" 269 270 # Check ENTRYPOINT 271 Entrypoint="$(docker inspect pccastor-lxde_wallet:latest --format='{{.Config.Entrypoint}}')" 272 Entrypoint="${Entrypoint#[}" 273 Entrypoint="${Entrypoint%]}" 274 debugnote "dockerrc: Image ENTRYPOINT: $Entrypoint" 275 echo "$Entrypoint" | grep -qE 'tini|init|systemd' && { 276 note "There seems to be an init system in ENTRYPOINT of image: 277 $Entrypoint 278 Will disable it as x11docker already runs an init with option --tini. 279 To allow this ENTRYPOINT, run x11docker with option --init=none." 280 Entrypoint= 281 } 282 283 # Check WORKDIR 284 Workdir="$(cut -d'|' -f2 <<< "$Inspect")" 285 debugnote "dockerrc: Image WORKDIR: $Workdir" 286 [ "$Workdir" ] && note "Found 'WORKDIR $Workdir' in image. 287 You can change it with option --workdir=DIR." 288 289 [ -z "$Containercommand$Entrypoint" ] && error 'No container command specified and no CMD or ENTRYPOINT found in image.' 290 291 ######## Create containerrc ######## 292 293 { echo '#! /bin/sh' 294 echo '' 295 echo '# containerrc' 296 echo '# Created startscript for docker run used as container command.' 297 echo '# Runs as unprivileged user in container.' 298 echo '' 299 echo 'exec 6>&1 7>&2' 300 echo 'exec >>/x11docker/container.log 2>&1' 301 echo '' 302 echo 'mysleep () 303 { 304 sleep "${1:-1}" 2> /dev/null || sleep 1 305 }' 306 echo 'rocknroll () 307 { 308 [ -s "$Timetosaygoodbyefile" ] && return 1; 309 [ -e "$Timetosaygoodbyefile" ] || return 1; 310 return 0 311 }' 312 echo 'saygoodbye () 313 { 314 debugnote "time to say goodbye ($*)"; 315 [ -e "$Timetosaygoodbyefile" ] && echo timetosaygoodbye >> $Timetosaygoodbyefile; 316 [ -e "$Timetosaygoodbyefifo" ] && echo timetosaygoodbye >> $Timetosaygoodbyefifo 317 }' 318 echo 'storeinfo () 319 { 320 [ -e "$Storeinfofile" ] || return 1; 321 case "${1:-}" in 322 dump) 323 grep "^${2:-}=" $Storeinfofile | sed "s/^${2:-}=//" 324 ;; 325 drop) 326 sed -i "/^${2:-}=/d" $Storeinfofile 327 ;; 328 test) 329 grep -q "^${2:-}=" $Storeinfofile 330 ;; 331 *) 332 debugnote "storeinfo(): ${1:-}"; 333 grep -q "^$(echo "${1:-}" | cut -d= -f1)=" $Storeinfofile && { 334 sed -i "/^$(echo "${1:-}" | cut -d= -f1)=/d" $Storeinfofile 335 }; 336 echo "${1:-}" >> $Storeinfofile 337 ;; 338 esac 339 }' 340 echo 'waitforlogentry () 341 { 342 local Startzeit Uhrzeit Dauer Count=0 Schlaf; 343 local Errorkeys="${4:-}"; 344 local Warten="${5:-60}"; 345 local Error=; 346 Startzeit="$(date +%s ||:)"; 347 Startzeit="${Startzeit:-0}"; 348 [ "$Warten" = "infinity" ] && Warten=32000; 349 debugnote "waitforlogentry(): ${1:-}: Waiting for logentry \"${3:-}\" in $(basename ${2:-})"; 350 while ! grep -q "${3:-}" < "${2:-}"; do 351 Count="$(( $Count + 1 ))"; 352 Uhrzeit="$(date +%s ||:)"; 353 Uhrzeit="${Uhrzeit:-0}"; 354 Dauer="$(( $Uhrzeit - $Startzeit ))"; 355 Schlaf="$(( $Count / 10 ))"; 356 [ "$Schlaf" = "0" ] && Schlaf="0.5"; 357 mysleep "$Schlaf"; 358 [ "$Dauer" -gt "10" ] && debugnote "waitforlogentry(): ${1:-}: Waiting since ${Dauer}s for log entry \"${3:-}\" in $(basename ${2:-})"; 359 [ "$Dauer" -gt "$Warten" ] && error "waitforlogentry(): ${1:-}: Timeout waiting for entry \"${3:-}\" in $(basename ${2:-}) 360 Last lines of $(basename ${2:-}): 361 $(tail "${2:-}")"; 362 [ "$Errorkeys" ] && grep -i -q -E "$Errorkeys" < "${2:-}" && error "waitforlogentry(): ${1:-}: Found error message in logfile. 363 Last lines of logfile $(basename ${2:-}): 364 $(tail "${2:-}")"; 365 rocknroll || { 366 debugnote "waitforlogentry(): ${1:-}: Stopped waiting for ${3:-} in $(basename ${2:-}) due to terminating signal."; 367 Error=1; 368 break 369 }; 370 done; 371 [ "$Error" ] && return 1; 372 debugnote "waitforlogentry(): ${1:-}: Found log entry \"${3:-}\" in $(basename ${2:-})."; 373 return 0 374 }' 375 echo ' 376 warning() { 377 echo "$*:WARNING" | sed "s/\$/ /" >>$Messagefile 378 } 379 note() { 380 echo "$*:NOTE" | sed "s/\$/ /" >>$Messagefile 381 } 382 verbose() { 383 echo "$*:VERBOSE" | sed "s/\$/ /" >>$Messagefile 384 } 385 debugnote() { 386 echo "$*:DEBUGNOTE" | sed "s/\$/ /" >>$Messagefile 387 } 388 error() { 389 echo "$*:ERROR" | sed "s/\$/ /" >>$Messagefile 390 exit 64 391 } 392 stdout() { 393 echo "$*:STDOUT" | sed "s/\$/ /" >>$Messagefile 394 }' 395 echo 'Messagefile=/x11docker/message.fifo' 396 echo 'Storeinfofile=/x11docker/store.info' 397 echo 'Timetosaygoodbyefile=/x11docker/timetosaygoodbye' 398 echo '' 399 echo 'waitforlogentry containerrc $Storeinfofile containerrootrc=ready infinity' 400 echo 'debugnote "Running containerrc: Unprivileged user commands in container"' 401 echo '' 402 echo "Containercommand=\"$Containercommand\"" 403 echo "Entrypoint=\"$Entrypoint\"" 404 echo '' 405 echo 'verbose "containerrc: Container system:' 406 echo '$(cat /etc/os-release 2>&1 ||:)"' 407 echo '' 408 } >> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/containerrc 409 { 410 echo '' 411 echo '# USER and HOME' 412 echo 'Containeruser="$(storeinfo dump containeruser)"' 413 echo 'Containeruserhome="/home/bon"' 414 echo 'export USER="$Containeruser"' 415 echo '[ "$Containeruserhome" ] && {' 416 echo ' export HOME="$Containeruserhome"' 417 echo '}' 418 echo '' 419 echo '# XDG_RUNTIME_DIR' 420 echo 'Containeruseruid=$(id -u $Containeruser)' 421 echo 'export XDG_RUNTIME_DIR=/tmp/XDG_RUNTIME_DIR' 422 echo '[ -e /run/user/$Containeruseruid ] && ln -s /run/user/$Containeruseruid $XDG_RUNTIME_DIR || mkdir -p -m700 $XDG_RUNTIME_DIR' 423 echo '' 424 echo '# Copy files from /etc/skel into empty HOME' 425 echo '[ -d "$HOME" ] && {' 426 echo ' [ -d /etc/skel ] && [ -z "$(ls -A "$Containeruserhome" 2>/dev/null | grep -v -E "gnupg")" ] && {' 427 echo ' debugnote "containerrc: HOME is empty. Copying from /etc/skel"' 428 echo ' cp -n -R /etc/skel/. $Containeruserhome' 429 echo ' :' 430 echo ' } || {' 431 echo ' debugnote "containerrc: HOME is not empty. Not copying from /etc/skel"' 432 echo ' }' 433 echo '}' 434 echo '' 435 echo '# Create softlink to X unix socket' 436 echo '[ -e /tmp/.X11-unix/X107 ] || ln -s /X107 /tmp/.X11-unix' 437 echo '' 438 echo 'unset WAYLAND_DISPLAY' 439 echo '' 440 echo 'export XDG_SESSION_TYPE=x11' 441 echo '' 442 echo '' 443 echo 'export TERM=xterm' 444 echo 'storeinfo test locale && export LANG="$(storeinfo dump locale)"' 445 echo '[ -e "/usr/share/zoneinfo/UCT" ] || export TZ=UTC-00' 446 echo '[ "$(date -Ihours)" != "2021-07-29T13+00:00" ] && export TZ=UTC-00' 447 echo '[ "$DEBIAN_FRONTEND" = noninteractive ] && unset DEBIAN_FRONTEND && export DEBIAN_FRONTEND' 448 echo '[ "$DEBIAN_FRONTEND" = newt ] && unset DEBIAN_FRONTEND && export DEBIAN_FRONTEND' 449 echo '# container environment (--env)' 450 echo "export 'container=docker'" 451 echo "export 'XAUTHORITY=/x11docker/Xauthority.client'" 452 echo "export 'DISPLAY=:107'" 453 echo "export 'PULSE_COOKIE=/x11docker/pulseaudio.cookie'" 454 echo "export 'PULSE_SERVER=unix:/x11docker/pulseaudio.socket'" 455 echo "export 'USER=bon'" 456 echo '' 457 echo '[ -d "$HOME" ] && cd "$HOME"' 458 [ "$Workdir" ] && echo "[ -d \"$Workdir\" ] && cd \"$Workdir\" # WORKDIR in image" 459 echo '' 460 echo '' 461 echo 'env >> /x11docker/container.environment' 462 echo 'verbose "Container environment:' 463 echo '$(env | sort)"' 464 echo '' 465 echo 'tail -f /x11docker/stdout 2>/dev/null &' 466 echo 'tail -f /x11docker/stderr >&2 2>/dev/null &' 467 echo "exec \$Dbus sh /x11docker/cmdrc >>/x11docker/stdout 2>>/x11docker/stderr" 468 } >> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/containerrc 469 ######## End of containerrc ######## 470 471 # Write containerrc into x11docker.log 472 nl -ba >> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/x11docker.log < /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/containerrc 473 474 ######## Create cmdrc ######## 475 { echo '#! /bin/sh' 476 echo '# Created startscript for cmdrc containing final container command' 477 echo '' 478 echo 'storeinfo () 479 { 480 [ -e "$Storeinfofile" ] || return 1; 481 case "${1:-}" in 482 dump) 483 grep "^${2:-}=" $Storeinfofile | sed "s/^${2:-}=//" 484 ;; 485 drop) 486 sed -i "/^${2:-}=/d" $Storeinfofile 487 ;; 488 test) 489 grep -q "^${2:-}=" $Storeinfofile 490 ;; 491 *) 492 debugnote "storeinfo(): ${1:-}"; 493 grep -q "^$(echo "${1:-}" | cut -d= -f1)=" $Storeinfofile && { 494 sed -i "/^$(echo "${1:-}" | cut -d= -f1)=/d" $Storeinfofile 495 }; 496 echo "${1:-}" >> $Storeinfofile 497 ;; 498 esac 499 }' 500 echo ' 501 warning() { 502 echo "$*:WARNING" | sed "s/\$/ /" >>$Messagefile 503 } 504 note() { 505 echo "$*:NOTE" | sed "s/\$/ /" >>$Messagefile 506 } 507 verbose() { 508 echo "$*:VERBOSE" | sed "s/\$/ /" >>$Messagefile 509 } 510 debugnote() { 511 echo "$*:DEBUGNOTE" | sed "s/\$/ /" >>$Messagefile 512 } 513 error() { 514 echo "$*:ERROR" | sed "s/\$/ /" >>$Messagefile 515 exit 64 516 } 517 stdout() { 518 echo "$*:STDOUT" | sed "s/\$/ /" >>$Messagefile 519 }' 520 echo 'Messagefile=/x11docker/message.fifo' 521 echo "debugnote \"cmdrc: Running container command: 522 $Entrypoint $Containercommand 523 \"" 524 echo '' 525 echo "$Entrypoint $Containercommand " 526 echo '' 527 echo '[ -h "$Homesoftlink" ] && rm $Homesoftlink' 528 echo "storeinfo cmdexitcode=\$?" 529 } >> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/cmdrc 530 ######## End of cmdrc ######## 531 532 # Write cmdrc into x11docker.log 533 nl -ba >> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/x11docker.log < /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/cmdrc 534 535 # Send signal to run X and wait for X to be ready 536 storeinfo readyforX=ready 537 waitforlogentry 'dockerrc' /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/xinit.log 'xinitrc is ready' 'xinit: giving up|unable to connect to X server|Connection refused|server error|Only console users are allowed' 538 539 rocknroll || exit 64 540 541 542 rocknroll || exit 64 543 544 545 #### run docker image #### 546 read Containerid < <(docker run --detach --tty \ 547 --name x11docker_X107_pccastor-lxde_wallet-latest_65823175242 \ 548 --user 1002:1002 \ 549 --userns=host \ 550 --cap-drop ALL \ 551 --security-opt no-new-privileges \ 552 --security-opt label=type:container_runtime_t \ 553 --volume '/usr/bin/docker-init':'/usr/local/bin/init':ro \ 554 --tmpfs /run:exec --tmpfs /run/lock \ 555 --volume '/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share':'/x11docker':rw \ 556 --volume '/tmp/.X11-unix/X107':'/X107':rw \ 557 --volume /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/pulseaudio.client.conf:/etc/pulse/client.conf:ro \ 558 --workdir '/tmp' \ 559 --entrypoint env \ 560 --env 'container=docker' \ 561 --env 'XAUTHORITY=/x11docker/Xauthority.client' \ 562 --env 'DISPLAY=:107' \ 563 --env 'PULSE_COOKIE=/x11docker/pulseaudio.cookie' \ 564 --env 'PULSE_SERVER=unix:/x11docker/pulseaudio.socket' \ 565 --env 'USER=bon' \ 566 -- pccastor-lxde_wallet:latest /usr/local/bin/init -- /bin/sh - /x11docker/containerrc 2>>/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log | rmcr) 567 ########################## 568 569 570 [ "$Containerid" ] || { 571 error "Startup of docker failed. Did not receive a container ID. 572 573 Last lines of container log: 574 $(rmcr < /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log | tail)" 575 } 576 storeinfo containerid="$Containerid" 577 # Wait for container to be ready 578 for ((Count=1 ; Count<=40 ; Count++)); do 579 docker exec x11docker_X107_pccastor-lxde_wallet-latest_65823175242 sh -c : 2>&1 | rmcr >>/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log && { debugnote 'dockerrc: Container is up and running.' ; break ; } || debugnote "dockerrc: Container not ready on $Count. attempt, trying again." 580 rocknroll || exit 64 581 mysleep 0.1 582 done 583 584 # Wait for pid 1 in container 585 for ((Count=1 ; Count<=40 ; Count++)); do 586 Pid1pid="$(docker inspect --format '{{.State.Pid}}' x11docker_X107_pccastor-lxde_wallet-latest_65823175242 2>>/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log | rmcr)" 587 debugnote "dockerrc: $Count. check for PID 1: $Pid1pid" 588 checkpid "$Pid1pid" && break 589 rocknroll || exit 64 590 mysleep 0.1 591 done 592 [ "$Pid1pid" = "0" ] && Pid1pid="" 593 [ -z "$Pid1pid" ] && error "dockerrc(): Did not receive PID of PID1 in container. 594 Maybe the container immediately stopped for unknown reasons. 595 Just in case, check if host and image architecture are compatible: 596 Host architecture: amd64 (x86_64), image architecture: $Containerarchitecture. 597 Output of \"docker ps | grep x11docker\": 598 $(docker ps | grep x11docker) 599 600 Content of container log: 601 $(rmcr < /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log | uniq )" 602 storeinfo pid1pid="$Pid1pid" 603 604 # Get IP of container 605 Containerip="$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' x11docker_X107_pccastor-lxde_wallet-latest_65823175242 2>>/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log)" 606 storeinfo containerip=$Containerip 607 608 # Check log for startup failure 609 Failure="$(rmcr < /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log | grep -v grep | grep -E 'Error response from daemon|OCI runtime exec' ||:)" 610 [ "$Failure" ] && { 611 echo "$Failure" >>/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log 612 error "Got error message from docker: 613 $Failure 614 615 Last lines of logfile: 616 $(tail /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log)" 617 } 618 619 debugnote 'dockerrc(): Starting containerrootrc with docker exec' 620 # copy containerrootrc inside of container to avoid possible noexec of host home. 621 docker exec x11docker_X107_pccastor-lxde_wallet-latest_65823175242 sh -c 'cp /x11docker/containerrootrc /tmp/containerrootrc ; chmod 644 /tmp/containerrootrc' 2>&1 | rmcr >>/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log 622 # run container root setup. containerrc will wait until setup script is ready. 623 docker exec -u root x11docker_X107_pccastor-lxde_wallet-latest_65823175242 /bin/sh /tmp/containerrootrc 2>&1 | rmcr >>/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log 624 625 storeinfo dockerrc=ready 626 627 [ "$Containerid" ] || [ "$Wmcontainerid" ] && { 628 # wait for signal of finish() 629 read Signal > /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log 2>&1 & 632 [ "$Wmcontainerid" ] && docker stop $Wmcontainerid >> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log 2>&1 & 633 [ "$Dockerlogspid" ] && kill $Dockerlogspid >> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/container.log 2>&1 & 634 } 635 } & storepid $! dockerstopshell 636 exit 0 x11docker[13:37:05,519]: Generated containerrootrc: 1 #! /bin/sh 2 3 # containerrootrc 4 # This Script is executed as root in container. 5 # - Create container user 6 # - Time zone 7 # - Install NVIDIA driver if requested 8 # - Set up init system services and DBus for --init=systemd|openrc|runit|sysvinit 9 10 # redirect output to have it available before 'docker logs' starts. --init=runit (void) would eat up the output at all for unknown reasons. 11 exec 1>>/x11docker/container.log 2>&1 12 13 storeinfo () 14 { 15 [ -e "$Storeinfofile" ] || return 1; 16 case "${1:-}" in 17 dump) 18 grep "^${2:-}=" $Storeinfofile | sed "s/^${2:-}=//" 19 ;; 20 drop) 21 sed -i "/^${2:-}=/d" $Storeinfofile 22 ;; 23 test) 24 grep -q "^${2:-}=" $Storeinfofile 25 ;; 26 *) 27 debugnote "storeinfo(): ${1:-}"; 28 grep -q "^$(echo "${1:-}" | cut -d= -f1)=" $Storeinfofile && { 29 sed -i "/^$(echo "${1:-}" | cut -d= -f1)=/d" $Storeinfofile 30 }; 31 echo "${1:-}" >> $Storeinfofile 32 ;; 33 esac 34 } 35 rocknroll () 36 { 37 [ -s "$Timetosaygoodbyefile" ] && return 1; 38 [ -e "$Timetosaygoodbyefile" ] || return 1; 39 return 0 40 } 41 42 warning() { 43 echo "$*:WARNING" | sed "s/\$/ /" >>$Messagefile 44 } 45 note() { 46 echo "$*:NOTE" | sed "s/\$/ /" >>$Messagefile 47 } 48 verbose() { 49 echo "$*:VERBOSE" | sed "s/\$/ /" >>$Messagefile 50 } 51 debugnote() { 52 echo "$*:DEBUGNOTE" | sed "s/\$/ /" >>$Messagefile 53 } 54 error() { 55 echo "$*:ERROR" | sed "s/\$/ /" >>$Messagefile 56 exit 64 57 } 58 stdout() { 59 echo "$*:STDOUT" | sed "s/\$/ /" >>$Messagefile 60 } 61 Messagefile=/x11docker/message.fifo 62 Storeinfofile='/x11docker/store.info' 63 Timetosaygoodbyefile=/x11docker/timetosaygoodbye 64 65 debugnote 'Running containerrootrc: Setup as root in container' 66 67 Error='' 68 for Line in cat chmod chown cut cd cp date echo env export grep id ln ls mkdir mv printf rm sed sh sleep tail touch; do 69 command -v "$Line" || { 70 warning "ERROR: Command not found in image: $Line" 71 Error=1 72 } 73 done 74 [ "$Error" ] && error 'Commands for container setup missing in image. 75 You can try with option --no-setup to avoid this error.' 76 77 # Check type of libc 78 ldd --version 2>&1 | grep -q 'musl libc' && Containerlibc='musl' 79 ldd --version 2>&1 | grep -q -E 'GLIBC|GNU libc' && Containerlibc='glibc' 80 debugnote "containerrootrc: Container libc: $Containerlibc" 81 82 # Prepare X environment 83 # Create some system dirs with needed permissions 84 mkdir -v -p /var/lib/dbus /var/run/dbus 85 mkdir -v -p -m 1777 /tmp/.ICE-unix /tmp/.X11-unix /tmp/.font-unix 86 chmod -c 1777 /tmp/.ICE-unix /tmp/.X11-unix /tmp/.font-unix 87 export DISPLAY=:107 XAUTHORITY=/x11docker/Xauthority.client 88 89 # workaround: autostart of xrandr for some desktops like deepin, cinnamon and gnome to fix wrong autoresize 90 echo '#! /bin/sh 91 Output=$(xrandr | grep ' connected' | cut -d" " -f1) 92 Mode=1980x1200 93 xrandr --output $Output --mode $Mode\n' > /usr/local/bin/x11docker-xrandr 94 chmod +x /usr/local/bin/x11docker-xrandr 95 mkdir -p /etc/xdg/autostart 96 echo '[Desktop Entry] 97 Encoding=UTF-8 98 Version=0.9.4 99 Type=Application 100 Name=x11docker-xrandr 101 Comment= 102 Exec=/usr/local/bin/x11docker-xrandr 103 ' > /etc/xdg/autostart/x11docker-xrandr.desktop 104 105 # Time zone 106 [ ! -d /usr/share/zoneinfo ] && [ "$Containerlibc" = "glibc" ] && { 107 mkdir -p /usr/share/zoneinfo 108 cp '/x11docker/libc.localtime' '/usr/share/zoneinfo/UCT' 109 } 110 [ -e '/usr/share/zoneinfo/UCT' ] && ln -f -s '/usr/share/zoneinfo/UCT' /etc/localtime 111 112 # Container system 113 Containersystem="$(grep '^ID=' /etc/os-release 2>/dev/null | cut -d= -f2 || echo 'unknown')" 114 verbose "Container system ID: $Containersystem" 115 116 # Environment variables 117 export 'container=docker' 118 export 'XAUTHORITY=/x11docker/Xauthority.client' 119 export 'DISPLAY=:107' 120 export 'PULSE_COOKIE=/x11docker/pulseaudio.cookie' 121 export 'PULSE_SERVER=unix:/x11docker/pulseaudio.socket' 122 export 'USER=bon' 123 124 # Check container user 125 Containeruser="$(storeinfo dump containeruser)" 126 Containeruser="${Containeruser:-bon}" 127 128 Containeruserhome='/home/bon' 129 # Create user entry in /etc/passwd (and delete possibly existing same uid) 130 cat /etc/passwd | grep -v ':1002:' > /tmp/passwd 131 132 # Disable possible /etc/shadow passwords for other users 133 sed -i 's%:x:%:-:%' /tmp/passwd 134 bash --version >/dev/null 2>&1 && Containerusershell=/bin/bash || Containerusershell=/bin/sh 135 Containeruserentry="bon:x:1002:1002:bon,,,:/home/bon:$Containerusershell" 136 debugnote "containerrootrc: $Containeruserentry" 137 echo "$Containeruserentry" >> /tmp/passwd 138 139 rm /etc/passwd 140 mv /tmp/passwd /etc/passwd || warning 'Unable to change /etc/passwd. That may be a security risk.' 141 142 # Create password entry for container user in /etc/shadow 143 rm -v /etc/shadow || warning 'Cannot change /etc/shadow. That may be a security risk.' 144 echo "bon:sac19FwGGTx/A:17293:0:99999:7:::" > /etc/shadow 145 echo 'root:*:17219:0:99999:7:::' >> /etc/shadow 146 chmod 640 /etc/shadow # can fail depending on available capabilities 147 148 # Create user group entry (and delete possibly existing same gid) 149 cat /etc/group | grep -v ':1002:' > /tmp/group 150 echo "bon:x:1002:" >> /tmp/group 151 mv /tmp/group /etc/group 152 153 # Create /etc/sudoers, delete /etc/sudoers.d. Overwrite possible sudo setups in image. 154 [ -e /etc/sudoers.d ] && rm -v -R /etc/sudoers.d 155 [ -e /etc/sudoers ] && rm -v /etc/sudoers 156 echo '# /etc/sudoers created by x11docker' > /etc/sudoers 157 echo 'Defaults env_reset' >> /etc/sudoers 158 echo 'root ALL=(ALL) ALL' >> /etc/sudoers 159 160 # Restrict PAM configuration of su and sudo 161 mkdir -p /etc/pam.d 162 [ -e /etc/pam.d/sudo ] && rm -v /etc/pam.d/sudo 163 case "$Containersystem" in 164 fedora) 165 echo '#%PAM-1.0' > /etc/pam.d/su 166 echo 'auth sufficient pam_rootok.so' >> /etc/pam.d/su 167 echo 'account sufficient pam_succeed_if.so uid = 0 use_uid quiet' >> /etc/pam.d/su 168 echo 'session include system-auth' >> /etc/pam.d/su 169 ;; 170 *) 171 echo '#%PAM-1.0' > /etc/pam.d/su 172 echo 'auth sufficient pam_rootok.so' >> /etc/pam.d/su # allow root to switch user without a password 173 echo '@include common-auth' >> /etc/pam.d/su 174 echo '@include common-account' >> /etc/pam.d/su 175 echo '@include common-session' >> /etc/pam.d/su 176 ;; 177 esac 178 179 # Set up container user groups 180 # Create HOME 181 [ -e "$Containeruserhome" ] || { 182 mkdir -v -p "$(dirname "$Containeruserhome")" 183 mkdir -v -m 777 "$Containeruserhome" 184 chown -v "$Containeruser":"$Containerusergroup" "$Containeruserhome" && chmod -v 755 "$Containeruserhome" # can fail depending on capabilities 185 } 186 ls -la $Containeruserhome 187 188 rocknroll || exit 64 189 190 191 # disable getty in inittab 192 [ -e /etc/inittab ] && sed -i 's/.*getty/##getty disabled by x11docker## \0/' /etc/inittab 193 194 195 rocknroll || exit 64 196 197 # --lang: Language locale 198 verbose "Searching for language locale matching fr" 199 Locales="$(locale -a)" 200 Langall="$(cat /usr/share/i18n/SUPPORTED | grep -E 'UTF-8|utf8' | cut -d' ' -f1 | cut -d. -f1 | cut -d@ -f1 | sort | uniq)" 201 Langland="$(echo fr | cut -d. -f1)" 202 Langcontainer='' 203 204 echo "$Langland" | grep -q '_' || { 205 Langland="$(echo $Langland | tr '[:upper:]' '[:lower:]')_$(echo $Langland | tr '[:lower:]' '[:upper:]')" 206 echo "$Langall" | grep -q "$Langland" || { 207 echo "$Langall" | grep -i -q "fr" && { 208 Langland="$(echo "$Langall" | grep -i -m1 "fr")" 209 } 210 } 211 } 212 213 Langland="$(echo "$Langland" | cut -d_ -f1 | tr '[:upper:]' '[:lower:]')_$(echo "$Langland" | cut -d_ -f2 | tr '[:lower:]' '[:upper:]')" 214 215 echo "$Locales" | grep -q "$Langland.UTF-8" && Langcontainer="$Langland.UTF-8" 216 echo "$Locales" | grep -q "$Langland.utf8" && Langcontainer="$Langland.utf8" 217 218 [ -z "$Langcontainer" ] && { 219 [ -e /usr/share/i18n/SUPPORTED ] || note "Option --lang: /usr/share/i18n/SUPPORTED not found. 220 Please install package 'locales' in image (belongs to glibc). 221 Look here to find a package for your image system: 222 https://github.com/mviereck/x11docker/wiki/dependencies#dependencies-in-image" 223 224 Langcontainer="$Langland.utf8" 225 note "Option --lang: Generating language locale $Langcontainer". 226 227 command -v localedef >/dev/null || note 'Option --lang: Command localedef not found in image. 228 Need it for language locale creation. 229 Look here to find a package for your image system: 230 https://github.com/mviereck/x11docker/wiki/dependencies#dependencies-in-image' 231 localedef --verbose --force -i "$Langland" -f UTF-8 $Langcontainer || verbose "localedef exit code: $?" 232 233 locale -a | grep -q "$Langcontainer" || { 234 note "Option --lang: Generation of locale $Langcontainer failed." 235 Langcontainer='' 236 } 237 } || { 238 debugnote "Option --lang: Found locale in image: $Langcontainer" 239 } 240 241 [ "$Langcontainer" ] && { 242 storeinfo locale="$Langcontainer" 243 echo "LANG=$Langcontainer" > /etc/default/locale 244 } || note 'Option --lang: Desired locale for 'fr' not found and not generated.' 245 246 debugnote "Option --lang: Output of locale -a: 247 $(locale -a)" 248 249 rocknroll || exit 64 250 251 storeinfo containerrootrc=ready 252 x11docker[13:37:05,545]: Generated xinitrc: 1 #! /bin/sh 2 disable_xhost () 3 { 4 local Line=; 5 command -v xhost > /dev/null || { 6 warning "Command 'xhost' not found. 7 Can not check for possibly allowed network access to X. 8 Please install 'xhost'."; 9 return 1 10 }; 11 xhost 2>&1 | tail -n +2 /dev/stdin | while read -r Line; do 12 debugnote "xhost: Removing entry $Line"; 13 xhost -$Line; 14 done; 15 xhost -; 16 [ "$(xhost 2>&1 | wc -l)" -gt "1" ] && { 17 warning "Remaining xhost permissions found on display ${DISPLAY:-} 18 $(xhost 2>&1 )"; 19 return 1 20 }; 21 xhost 2>&1 | grep "access control disabled" && { 22 warning "Failed to restrict xhost permissions. 23 Access to display ${DISPLAY:-} is allowed for everyone."; 24 return 1 25 }; 26 return 0 27 } 28 pspid () 29 { 30 LC_ALL=C ps -p "${1:-}" 2> /dev/null | grep -v 'TIME' 31 } 32 rocknroll () 33 { 34 [ -s "$Timetosaygoodbyefile" ] && return 1; 35 [ -e "$Timetosaygoodbyefile" ] || return 1; 36 return 0 37 } 38 storeinfo () 39 { 40 [ -e "$Storeinfofile" ] || return 1; 41 case "${1:-}" in 42 dump) 43 grep "^${2:-}=" $Storeinfofile | sed "s/^${2:-}=//" 44 ;; 45 drop) 46 sed -i "/^${2:-}=/d" $Storeinfofile 47 ;; 48 test) 49 grep -q "^${2:-}=" $Storeinfofile 50 ;; 51 *) 52 debugnote "storeinfo(): ${1:-}"; 53 grep -q "^$(echo "${1:-}" | cut -d= -f1)=" $Storeinfofile && { 54 sed -i "/^$(echo "${1:-}" | cut -d= -f1)=/d" $Storeinfofile 55 }; 56 echo "${1:-}" >> $Storeinfofile 57 ;; 58 esac 59 } 60 storepid () 61 { 62 case "${1:-}" in 63 dump) 64 grep -w "${2:-}" "$Storepidfile" | cut -d' ' -f1 65 ;; 66 test) 67 grep -q -w "${2:-}" "$Storepidfile" 68 ;; 69 *) 70 echo "${1:-NOPID}" "${2:-NONAME}" >> "$Storepidfile"; 71 debugnote "storepid(): Stored pid '${1:-}' of '${2:-}': $(pspid ${1:-} ||:)" 72 ;; 73 esac 74 } 75 76 warning() { 77 echo "$*:WARNING" | sed "s/\$/ /" >>$Messagefile 78 } 79 note() { 80 echo "$*:NOTE" | sed "s/\$/ /" >>$Messagefile 81 } 82 verbose() { 83 echo "$*:VERBOSE" | sed "s/\$/ /" >>$Messagefile 84 } 85 debugnote() { 86 echo "$*:DEBUGNOTE" | sed "s/\$/ /" >>$Messagefile 87 } 88 error() { 89 echo "$*:ERROR" | sed "s/\$/ /" >>$Messagefile 90 exit 64 91 } 92 stdout() { 93 echo "$*:STDOUT" | sed "s/\$/ /" >>$Messagefile 94 } 95 getscreensize() { 96 CurrentXaxis="$(xrandr | grep primary | cut -d' ' -f4 | cut -dx -f1 )" 97 CurrentYaxis="$(xrandr | grep primary | cut -d' ' -f4 | cut -dx -f2 | cut -d+ -f1)" 98 } 99 checkscreensize() { 100 getscreensize 101 [ "$Xaxis" = "$CurrentXaxis" ] || return 1 102 [ "$Yaxis" = "$CurrentYaxis" ] || return 1 103 return 0 104 } 105 getprimary() { 106 xrandr | grep -q primary || xrandr --output $(xrandr | grep ' connected' | head -n1 | cut -d' ' -f1) --primary 107 echo $(xrandr | grep primary | cut -d' ' -f1) 108 } 109 110 Messagefile='/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/message.fifo' 111 Output="$(getprimary)" 112 Storeinfofile='/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/store.info' 113 Storepidfile='/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/store.pids' 114 Timetosaygoodbyefile='/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/timetosaygoodbye' 115 116 export PATH='/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/sbin:/usr/sbin' 117 118 Cookie='' 119 Line='' 120 Var='' 121 122 debugnote 'Running xinitrc' 123 124 export DISPLAY=:107 XAUTHORITY=/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client XSOCKET=/tmp/.X11-unix/X107 XDG_RUNTIME_DIR=/run/user/1002 125 # background color 126 xsetroot -solid '#7F7F7F' 2>/dev/null 127 128 # create new XAUTHORITY cookies 129 :> /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client 130 131 verbose 'Can not use cookies created over SSH. Will bake one myself.' 132 133 [ -s '/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client' ] || { 134 [ 'trusted' = 'untrusted' ] && note 'Could not create untrusted cookie. 135 Maybe your X server misses extension SECURITY.' 136 } 137 [ -s '/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client' ] || { 138 # still no cookie? try to create one without extension security 139 debugnote 'xinitrc: Failed to retrieve trusted cookie from X server. Will bake one myself.' 140 echo 'Failed to retrieve trusted cookie from X server. Will bake one myself.' 141 xauth -v -i -f /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client add :107 . 4406b740ff1679247328fd4a480ae3da 142 ls -l /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client 143 } 144 145 # Prepare cookie with localhost identification disabled by ffff, needed if X socket is shared. ffff means 'familiy wild' 146 Cookie="$(xauth -i -f /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client nlist | sed -e 's/^..../ffff/')" 147 echo "$Cookie" | xauth -v -i -f /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client nmerge - 148 149 debugnote "xinitrc: Created cookie: $(xauth -f /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client list 2>&1)" 150 ls -l /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client 151 cp /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/Xauthority.server 152 chmod 644 /home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client 153 154 [ -s '/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client' ] || warning 'Cookie creation failed!' 155 export XAUTHORITY=/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client 156 [ 'yes' = 'no' ] || [ ! -s '/home/bon/.cache/x11docker/pccastor-lxde_wallet-latest-65823175242/share/Xauthority.client' ] && unset XAUTHORITY && warning '--xvfb: X server :107 runs without cookie authentication.' 157 158 # clean xhost 159 verbose 'Disabling any possible access to new X server possibly granted by xhost' 160 disable_xhost 161 162 # Keyboard layout 163 164 # create set of different screen resolutions 165 xrandr --newmode "1984x1200" 199.25 1984 2120 2328 2672 1200 1203 1213 1245 -hsync +vsync 166 xrandr --addmode $Output "1984x1200" 167 while read Line; do 168 Line="$(echo "$Line" | sed 's/Modeline//g')" 169 Line="$(echo "$Line" | sed 's/"//g')" 170 xrandr --newmode $Line 2>/dev/null 171 xrandr --addmode "$Output" $(echo $Line | cut -d' ' -f1) 2>/dev/null 172 done < "/home/bon/.cache/x11docker/modelines.1980x1200" 173 174 175 verbose "Output of xrandr on :107 176 $(xrandr)" 177 178 echo 'xinitrc: xinitrc is ready' 179 storeinfo xinitrc=ready 180 181 # wait for the end 182 read Var