Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Running the self-build wechat docker image in x11docker's single application mode via deepin-terminal. #16

Closed
hongyi-zhao opened this issue Nov 8, 2020 · 9 comments
Closed

Running the self-build wechat docker image in x11docker's single application mode via deepin-terminal. #16

hongyi-zhao opened this issue Nov 8, 2020 · 9 comments
Labels
question

Comments

@hongyi-zhao
Copy link

The Dockerfile and the image build command are as follows:

$ docker build -t x11docker-deepin-wechat .

# The content of the Dockerfile:
FROM x11docker/deepin
RUN echo "deb http://mirrors.ustc.edu.cn/deepin/ lion main non-free contrib" > /etc/apt/sources.list
RUN env DEBIAN_FRONTEND=noninteractive dpkg --add-architecture i386 && apt-get update
RUN env DEBIAN_FRONTEND=noninteractive apt-get install -y git netcat socat haproxy gawk uuid curl lsb-release apt-utils \
    deepin-wine deepin-wine32 deepin-wine32-preloader deepin-wine-helper deepin-wine-uninstaller deepin.com.wechat

Start the docker image and then run wechat from dockerized deepin-terminal.

$ x11docker --sudouser --clipboard x11docker-deepin-wechat deepin-terminal

werner@1190984ca629:~$ /opt/deepinwine/apps/Deepin-WeChat/run.sh 
Run Deepin-WeChat 2.6.8.65deepin0 c:/Program Files/Tencent/WeChat/WeChat.exe
run Deepin-WeChat progress pid 
Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
total 0
lrwxrwxrwx 1 werner werner 10 Nov  8 21:31 c: -> ../drive_c
lrwxrwxrwx 1 werner werner 10 Nov  8 21:31 com1 -> /dev/ttyS0
lrwxrwxrwx 1 werner werner 10 Nov  8 21:31 com10 -> /dev/ttyS9
lrwxrwxrwx 1 werner werner 11 Nov  8 21:31 com11 -> /dev/ttyS10
lrwxrwxrwx 1 werner werner 11 Nov  8 21:31 com12 -> /dev/ttyS11
lrwxrwxrwx 1 werner werner 11 Nov  8 21:31 com13 -> /dev/ttyS12
lrwxrwxrwx 1 werner werner 11 Nov  8 21:31 com14 -> /dev/ttyS13
lrwxrwxrwx 1 werner werner 11 Nov  8 21:31 com15 -> /dev/ttyS14
lrwxrwxrwx 1 werner werner 11 Nov  8 21:31 com16 -> /dev/ttyS15
lrwxrwxrwx 1 werner werner 10 Nov  8 21:31 com2 -> /dev/ttyS1
lrwxrwxrwx 1 werner werner 10 Nov  8 21:31 com3 -> /dev/ttyS2
lrwxrwxrwx 1 werner werner 10 Nov  8 21:31 com4 -> /dev/ttyS3
lrwxrwxrwx 1 werner werner 10 Nov  8 21:31 com5 -> /dev/ttyS4
lrwxrwxrwx 1 werner werner 10 Nov  8 21:31 com6 -> /dev/ttyS5
lrwxrwxrwx 1 werner werner 10 Nov  8 21:31 com7 -> /dev/ttyS6
lrwxrwxrwx 1 werner werner 10 Nov  8 21:31 com8 -> /dev/ttyS7
lrwxrwxrwx 1 werner werner 10 Nov  8 21:31 com9 -> /dev/ttyS8
lrwxrwxrwx 1 werner werner  8 Nov  8 21:31 d:: -> /dev/sdb
lrwxrwxrwx 1 werner werner 17 Nov  8 21:31 e: -> /media/wayne/Ntfs
lrwxrwxrwx 1 werner werner  9 Nov  8 21:31 e:: -> /dev/sdb1
lrwxrwxrwx 1 werner werner 12 Nov  8 21:31 y: -> /home/werner
lrwxrwxrwx 1 werner werner  1 Nov  8 21:31 z: -> /
CallApp Deepin-WeChat c:/Program Files/Tencent/WeChat/WeChat.exe
Disable auto update
rm: cannot remove '/home/werner/.deepinwine/Deepin-WeChat/drive_c/users/werner/Application Data/Tencent/WeChat/All Users/config/configEx.ini': No such file or directory
Sun Nov  8 21:31:20 CST 2020:kill WeChat.exe block
Sun Nov  8 21:31:20 CST 2020:No wine process found
/home/werner/.deepinwine/Deepin-WeChat/drive_c/Program Files/Tencent/WeChat
Starting process c:/Program Files/Tencent/WeChat/WeChat.exe ...
werner@1190984ca629:~$ X Error of failed request:  BadWindow (invalid Window parameter)
  Major opcode of failed request:  20 (X_GetProperty)
  Resource id in failed request:  0x0
  Serial number of failed request:  10
  Current serial number in output stream:  10

Any hints for this problem?

Regards,
HY
@mviereck
Copy link
Owner

mviereck commented Nov 8, 2020

That looks harmless. If it does not cause obvious issues, you can ignore it.

@hongyi-zhao
Copy link
Author

hongyi-zhao commented Nov 8, 2020
edited
Loading

That looks harmless. If it does not cause obvious issues, you can ignore it.

The login UI of wechat won't appear for ever. Furthermore, I also tried to add the --hostnet option as shown below and the problem is still the same:

$ x11docker --sudouser --hostnet --clipboard x11docker-deepin-wechat deepin-terminal
$ x11docker --hostnet x11docker-deepin-wechat deepin-terminal

Regards,
HY

@hongyi-zhao hongyi-zhao changed the title Meet 'X Error of failed request: BadWindow (invalid Window parameter)' error when running wechat from the dockerized deepin-terminal. Running in single application mode for wechat via deepin-terminal: The login UI of wechat won't appear for ever. Nov 8, 2020
@hongyi-zhao hongyi-zhao changed the title Running in single application mode for wechat via deepin-terminal: The login UI of wechat won't appear for ever. When starting wechat via deepin-terminal in single application mode, the login UI of wechat won't appear for ever. Nov 8, 2020
@hongyi-zhao hongyi-zhao changed the title When starting wechat via deepin-terminal in single application mode, the login UI of wechat won't appear for ever. When starting wechat via deepin-terminal with x11docker's single application mode, the login UI of wechat won't appear for ever. Nov 8, 2020
@hongyi-zhao hongyi-zhao changed the title When starting wechat via deepin-terminal with x11docker's single application mode, the login UI of wechat won't appear for ever. Running the self-build wechat docker container in x11docker's single application mode via deepin-terminal. Nov 8, 2020
@hongyi-zhao hongyi-zhao changed the title Running the self-build wechat docker container in x11docker's single application mode via deepin-terminal. Running the self-build wechat docker image in x11docker's single application mode via deepin-terminal. Nov 8, 2020
@mviereck
Copy link
Owner

mviereck commented Nov 8, 2020

I can reproduce the issue.
I considered it might depend on systemd and ran directly with:

x11docker --init=systemd --cap-default  -- --security-opt seccomp=unconfined --cap-add IPC_LOCK -- wechatimage /opt/deepinwine/apps/Deepin-WeChat/run.sh

But this fails, too.
Adding options --alsa --pulseaudio --gpu does not help either.

I have no idea how to fix this.
Did you try the bestwu/wechat image? Did it work with the setup described there?

@hongyi-zhao
Copy link
Author

hongyi-zhao commented Nov 8, 2020
edited
Loading

I can reproduce the issue.
I considered it might depend on systemd and ran directly with:

x11docker --init=systemd --cap-default  -- --security-opt seccomp=unconfined --cap-add IPC_LOCK -- wechatimage /opt/deepinwine/apps/Deepin-WeChat/run.sh

But this fails, too.
Adding options --alsa --pulseaudio --gpu does not help either.

Yep. But the error messages given the above two starting methods are different:

werner@X10DAi:~/Public/repo/github.com/mviereck$ x11docker --init=systemd --cap-default  -- --security-opt seccomp=unconfined --cap-add IPC_LOCK -- x11docker-deepin-wechat /opt/deepinwine/apps/Deepin-WeChat/run.sh
x11docker WARNING: User werner is member of group docker.
  That allows unprivileged processes on host to gain root privileges.

x11docker note: Using X server option --xpra

x11docker WARNING: Option --cap-default disables security hardening
  for containers done by x11docker. Default docker capabilities are allowed.
  This is considered to be less secure.

x11docker note: Option --cap-default: Enabling option --newprivileges.
  You can avoid this with --newprivileges=no

x11docker note: Option --xpra: If you encounter issues with xpra, 
  you can try --nxagent instead.
  Rather use xpra from www.xpra.org than from distribution repositories.

x11docker WARNING: Found custom DOCKER_RUN_OPTIONS.
  x11docker will add them to 'docker run' command without
  a serious check for validity or security. Found options:
   '--security-opt' 'seccomp=unconfined' '--cap-add' 'IPC_LOCK'

x11docker WARNING: Option --init=systemd slightly degrades container isolation.
  It adds some user switching capabilities x11docker would drop otherwise.
  However, they are still within default docker capabilities.
  Not within default docker capabilities it adds capability SYS_BOOT.  
  It shares access to host cgroups in /sys/fs/cgroup.
  Some processes in container will run as root.

x11docker WARNING: Option --newprivileges=yes: x11docker does not set 
  docker run option --security-opt=no-new-privileges. 
  That degrades container security.
  However, this is still within a default docker setup.

Run Deepin-WeChat 2.6.8.65deepin0 c:/Program Files/Tencent/WeChat/WeChat.exe
run Deepin-WeChat progress pid 
Activating service name='org.gtk.vfs.Daemon'
Successfully activated service 'org.gtk.vfs.Daemon'
Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
total 0
lrwxrwxrwx 1 werner werner 10 Nov  9 07:34 c: -> ../drive_c
lrwxrwxrwx 1 werner werner 10 Nov  9 07:34 com1 -> /dev/ttyS0
lrwxrwxrwx 1 werner werner 10 Nov  9 07:34 com10 -> /dev/ttyS9
lrwxrwxrwx 1 werner werner 11 Nov  9 07:34 com11 -> /dev/ttyS10
lrwxrwxrwx 1 werner werner 11 Nov  9 07:34 com12 -> /dev/ttyS11
lrwxrwxrwx 1 werner werner 11 Nov  9 07:34 com13 -> /dev/ttyS12
lrwxrwxrwx 1 werner werner 11 Nov  9 07:34 com14 -> /dev/ttyS13
lrwxrwxrwx 1 werner werner 11 Nov  9 07:34 com15 -> /dev/ttyS14
lrwxrwxrwx 1 werner werner 11 Nov  9 07:34 com16 -> /dev/ttyS15
lrwxrwxrwx 1 werner werner 10 Nov  9 07:34 com2 -> /dev/ttyS1
lrwxrwxrwx 1 werner werner 10 Nov  9 07:34 com3 -> /dev/ttyS2
lrwxrwxrwx 1 werner werner 10 Nov  9 07:34 com4 -> /dev/ttyS3
lrwxrwxrwx 1 werner werner 10 Nov  9 07:34 com5 -> /dev/ttyS4
lrwxrwxrwx 1 werner werner 10 Nov  9 07:34 com6 -> /dev/ttyS5
lrwxrwxrwx 1 werner werner 10 Nov  9 07:34 com7 -> /dev/ttyS6
lrwxrwxrwx 1 werner werner 10 Nov  9 07:34 com8 -> /dev/ttyS7
lrwxrwxrwx 1 werner werner 10 Nov  9 07:34 com9 -> /dev/ttyS8
lrwxrwxrwx 1 werner werner  8 Nov  9 07:34 d:: -> /dev/sdb
lrwxrwxrwx 1 werner werner 17 Nov  9 07:34 e: -> /media/wayne/Ntfs
lrwxrwxrwx 1 werner werner  9 Nov  9 07:34 e:: -> /dev/sdb1
lrwxrwxrwx 1 werner werner 12 Nov  9 07:34 y: -> /home/werner
lrwxrwxrwx 1 werner werner  1 Nov  9 07:34 z: -> /
CallApp Deepin-WeChat c:/Program Files/Tencent/WeChat/WeChat.exe
Disable auto update
rm: cannot remove '/home/werner/.deepinwine/Deepin-WeChat/drive_c/users/werner/Application Data/Tencent/WeChat/All Users/config/configEx.ini': No such file or directory
Mon Nov  9 07:34:12 CST 2020:kill WeChat.exe block
Mon Nov  9 07:34:12 CST 2020:No wine process found
/home/werner/.deepinwine/Deepin-WeChat/drive_c/Program Files/Tencent/WeChat
Starting process c:/Program Files/Tencent/WeChat/WeChat.exe ...
X Error of failed request:  BadWindow (invalid Window parameter)
  Major opcode of failed request:  20 (X_GetProperty)
  Resource id in failed request:  0x0
  Serial number of failed request:  10
  Current serial number in output stream:  10



werner@X10DAi:~/Public/repo/github.com/mviereck$ x11docker --init=systemd --cap-default --alsa --pulseaudio --gpu -- --security-opt seccomp=unconfined --cap-add IPC_LOCK -- x11docker-deepin-wechat /opt/deepinwine/apps/Deepin-WeChat/run.sh
x11docker WARNING: User werner is member of group docker.
  That allows unprivileged processes on host to gain root privileges.

x11docker note: Your system uses closed source NVIDIA driver.
  GPU support will work only with options --hostdisplay and --xorg.
  Consider to use free open source nouveau driver instead.

x11docker note: Using X server option --hostdisplay

x11docker WARNING: Option --gpu degrades container isolation.
  Container gains access to GPU hardware.
  This allows reading host window content (palinopsia leak)
  and GPU rootkits (compare proof of concept: jellyfish).

x11docker note: Option --gpu: To allow GPU acceleration with --hostdisplay,
  x11docker will allow trusted cookies.

x11docker WARNING: Option --cap-default disables security hardening
  for containers done by x11docker. Default docker capabilities are allowed.
  This is considered to be less secure.

x11docker note: Option --cap-default: Enabling option --newprivileges.
  You can avoid this with --newprivileges=no

x11docker note: Option --hostdisplay: To allow --hostdisplay with trusted cookies,
  x11docker must share host IPC namespace with container (option --hostipc)
  to allow shared memory for X extension MIT-SHM.

x11docker note: To allow protection against X security leaks 
  while using --gpu with NVIDIA, please use option --xorg.

x11docker WARNING: Option --hostdisplay with trusted cookies provides
      QUITE BAD CONTAINER ISOLATION !
  Keylogging and controlling host applications is possible! 
  Clipboard sharing is enabled (option --cliboard).
  It is recommended to use another X server option like --xpra or --nxagent.

x11docker WARNING: Option --hostipc severely degrades 
  container isolation. IPC namespace remapping is disabled.

x11docker WARNING: Found custom DOCKER_RUN_OPTIONS.
  x11docker will add them to 'docker run' command without
  a serious check for validity or security. Found options:
   '--security-opt' 'seccomp=unconfined' '--cap-add' 'IPC_LOCK'

x11docker note: Option --gpu: You are using the closed source NVIDIA driver.
  GPU acceleration will only work if you have installed the very same driver
  version in image. That makes images less portable.
  It is recommended to use free open source nouveau driver on host instead.
  Ask NVIDIA corporation to at least publish their closed source API,
  or even better to actively support open source driver nouveau.

x11docker note: Option --gpu: x11docker can try to automatically install NVIDIA driver
  version 440.64 in container on every container startup.
  Drawbacks: Container startup is a bit slower and its security will be reduced.

  You can look here for a driver installer:
    https://www.nvidia.com/Download/index.aspx
    https://http.download.nvidia.com/
  A direct download URL is probably:
    https://http.download.nvidia.com/XFree86/Linux-x86_64/440.64/NVIDIA-Linux-x86_64-440.64.run
  If you got a driver, store it at one of the following locations:
    /home/werner/.local/share/x11docker/
    /usr/local/share/x11docker/

  Be aware that the version number must match exactly the version on host.
  The file name must begin with 'NVIDIA', contain the version number 440.64
  and end with suffix '.run'.

x11docker WARNING: Option --pulseaudio allows container applications
  to catch your audio output and microphone input.

x11docker WARNING: ALSA sound with option --alsa degrades container isolation.
  Shares device files in /dev/snd, container gains access to sound hardware.
  Container applications can catch audio output and microphone input.

x11docker note: It seems that pulseaudio is running on your host.
  Pulseaudio can interfere with ALSA sound (option --alsa).
  Host sound may not work while container is playing sound and vice versa.
  Alternative: with pulseaudio on host and in image, use option --pulseaudio.

x11docker WARNING: Option --init=systemd slightly degrades container isolation.
  It adds some user switching capabilities x11docker would drop otherwise.
  However, they are still within default docker capabilities.
  Not within default docker capabilities it adds capability SYS_BOOT.  
  It shares access to host cgroups in /sys/fs/cgroup.
  Some processes in container will run as root.

x11docker WARNING: Option --newprivileges=yes: x11docker does not set 
  docker run option --security-opt=no-new-privileges. 
  That degrades container security.
  However, this is still within a default docker setup.

x11docker WARNING: Sharing device file: /dev/dri

x11docker WARNING: Sharing device file: /dev/nvidia0

x11docker WARNING: Sharing device file: /dev/nvidiactl

x11docker WARNING: Sharing device file: /dev/nvidia-modeset

x11docker WARNING: Sharing device file: /dev/nvidia-uvm

x11docker WARNING: Sharing device file: /dev/nvidia-uvm-tools

x11docker WARNING: Sharing device file: /dev/vga_arbiter

x11docker WARNING: Sharing device file: /dev/snd

Run Deepin-WeChat 2.6.8.65deepin0 c:/Program Files/Tencent/WeChat/WeChat.exe
run Deepin-WeChat progress pid 

** (zenity:2604): WARNING **: Couldn't connect to accessibility bus: Failed to connect to socket /tmp/dbus-ZZm0m0LT9c: Connection refused
Activating service name='org.gtk.vfs.Daemon'
Successfully activated service 'org.gtk.vfs.Daemon'
Gtk-Message: Failed to load module "canberra-gtk-module"
Gtk-Message: Failed to load module "canberra-gtk-module"
Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
total 0
lrwxrwxrwx 1 werner werner 10 Nov  9 07:35 c: -> ../drive_c
lrwxrwxrwx 1 werner werner 10 Nov  9 07:35 com1 -> /dev/ttyS0
lrwxrwxrwx 1 werner werner 10 Nov  9 07:35 com10 -> /dev/ttyS9
lrwxrwxrwx 1 werner werner 11 Nov  9 07:35 com11 -> /dev/ttyS10
lrwxrwxrwx 1 werner werner 11 Nov  9 07:35 com12 -> /dev/ttyS11
lrwxrwxrwx 1 werner werner 11 Nov  9 07:35 com13 -> /dev/ttyS12
lrwxrwxrwx 1 werner werner 11 Nov  9 07:35 com14 -> /dev/ttyS13
lrwxrwxrwx 1 werner werner 11 Nov  9 07:35 com15 -> /dev/ttyS14
lrwxrwxrwx 1 werner werner 11 Nov  9 07:35 com16 -> /dev/ttyS15
lrwxrwxrwx 1 werner werner 10 Nov  9 07:35 com2 -> /dev/ttyS1
lrwxrwxrwx 1 werner werner 10 Nov  9 07:35 com3 -> /dev/ttyS2
lrwxrwxrwx 1 werner werner 10 Nov  9 07:35 com4 -> /dev/ttyS3
lrwxrwxrwx 1 werner werner 10 Nov  9 07:35 com5 -> /dev/ttyS4
lrwxrwxrwx 1 werner werner 10 Nov  9 07:35 com6 -> /dev/ttyS5
lrwxrwxrwx 1 werner werner 10 Nov  9 07:35 com7 -> /dev/ttyS6
lrwxrwxrwx 1 werner werner 10 Nov  9 07:35 com8 -> /dev/ttyS7
lrwxrwxrwx 1 werner werner 10 Nov  9 07:35 com9 -> /dev/ttyS8
lrwxrwxrwx 1 werner werner  8 Nov  9 07:35 d:: -> /dev/sdb
lrwxrwxrwx 1 werner werner 17 Nov  9 07:35 e: -> /media/wayne/Ntfs
lrwxrwxrwx 1 werner werner  9 Nov  9 07:35 e:: -> /dev/sdb1
lrwxrwxrwx 1 werner werner 12 Nov  9 07:35 y: -> /home/werner
lrwxrwxrwx 1 werner werner  1 Nov  9 07:35 z: -> /
CallApp Deepin-WeChat c:/Program Files/Tencent/WeChat/WeChat.exe
Disable auto update
rm: cannot remove '/home/werner/.deepinwine/Deepin-WeChat/drive_c/users/werner/Application Data/Tencent/WeChat/All Users/config/configEx.ini': No such file or directory
Mon Nov  9 07:35:40 CST 2020:kill WeChat.exe block
Mon Nov  9 07:35:40 CST 2020:tag bottle: 
Traceback (most recent call last):
  File "/opt/deepinwine/tools/get_tray_window", line 28, in <module>
    get_tray_window()
  File "/opt/deepinwine/tools/get_tray_window", line 18, in get_tray_window
    traymanager = bus.get_object("com.deepin.dde.TrayManager", "/com/deepin/dde/TrayManager")
  File "/usr/lib/python2.7/dist-packages/dbus/bus.py", line 241, in get_object
    follow_name_owner_changes=follow_name_owner_changes)
  File "/usr/lib/python2.7/dist-packages/dbus/proxies.py", line 248, in __init__
    self._named_service = conn.activate_name_owner(bus_name)
  File "/usr/lib/python2.7/dist-packages/dbus/bus.py", line 180, in activate_name_owner
    self.start_service_by_name(bus_name)
  File "/usr/lib/python2.7/dist-packages/dbus/bus.py", line 278, in start_service_by_name
    'su', (bus_name, flags)))
  File "/usr/lib/python2.7/dist-packages/dbus/connection.py", line 651, in call_blocking
    message, timeout)
dbus.exceptions.DBusException: org.freedesktop.DBus.Error.ServiceUnknown: The name com.deepin.dde.TrayManager was not provided by any .service files
Mon Nov  9 07:35:40 CST 2020:active bottles: 
/home/werner/.deepinwine/Deepin-WeChat/drive_c/Program Files/Tencent/WeChat
Starting process c:/Program Files/Tencent/WeChat/WeChat.exe ...
[1109/073541:INFO:exception_record.cc(518)] [QB]Process ID: 60 Type: 1

I have no idea how to fix this.
Did you try the bestwu/wechat image? Did it work with the setup described there?

Tried both docker-compose and docker run methods described there. For the case of docker-compose, the login UI won't appear for ever; for the case of docker run, the login UI appears quickly as a flash and then disappeared.

@mviereck
Copy link
Owner

mviereck commented Nov 9, 2020

Tried both docker-compose and docker run methods described there. For the case of docker-compose, the login UI won't appear for ever; for the case of docker run, the login UI appears quickly as a flash and then disappeared.

Maybe you could open an issue there? bestwu might be more familiar with wechat and might find a fix that could be used with x11docker as well.

The new error mssages indicate that wechat tries to connect to the deepin tray manager and crashes because there is no tray.

@hongyi-zhao
Copy link
Author

hongyi-zhao commented Nov 9, 2020
edited
Loading

Maybe you could open an issue there? bestwu might be more familiar with wechat and might find a fix that could be used with x11docker as well.

Bestwu currently isn't very active in maintaining his project. I'm afraid that even if I open a question there, he may not have time to study it.

The new error mssages indicate that wechat tries to connect to the deepin tray manager and crashes because there is no tray.

Why this will happen and how to fix it?

@mviereck
Copy link
Owner

Why this will happen and how to fix it?

I don't know. This should be rather asked at www.deepin.org .

@mviereck
Copy link
Owner

Surprisingly I got wechat running:

x11docker  --hostdisplay --clipboard -- wechatimage sh -c '/opt/deepinwine/apps/Deepin-WeChat/run.sh ; sleep 5; while pgrep WeChat; do sleep 1; done'

It fails with other X servers, and it takes a very long time until the window with QR-code appears.

(The additional pgrep/sleep loop is needed because the WeChat process moves itself to run in background. A foreground process is needed to keep the container running.)

@hongyi-zhao
Copy link
Author

hongyi-zhao commented Nov 12, 2020
edited
Loading

Tricky and wonderful. I confirm that your conclusion is correct with the following command:

$ x11docker --hostdisplay --clipboard -- hongyi-zhao/deepin-wine sh -c '/opt/deepinwine/apps/Deepin-WeChat/run.sh ; sleep 5; while pgrep WeChat; do sleep 1; done'

Furthermore, I also can successfully run x11docker with more complicated arguments shown as below:

x11docker_share=$HOME/x11docker-share
if [ ! -d $x11docker_share ]; then
  mkdir -p $x11docker_share
fi

x11docker --runasroot "cat <<-EOF > /etc/sudoers
#$ sudo grep -Ev '^[ ]*(#|$)' /etc/sudoers  
Defaults	env_reset
Defaults	mail_badpass
Defaults	secure_path=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin\"
root	ALL=(ALL:ALL) ALL
%admin ALL=(ALL) ALL
%sudo	ALL=(ALL:ALL) ALL

$USER ALL=(ALL) NOPASSWD:ALL
EOF" --share=$x11docker_share --sudouser -c --hostdisplay --init=systemd -- --cap-add=ALL --security-opt seccomp=unconfined -- hongyi-zhao/deepin-wine sh -c '/opt/deepinwine/apps/Deepin-WeChat/run.sh ; sleep 5; while pgrep WeChat; do sleep 1; done'

All other tries with --xpra and --nxagent failed just as you have verified.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hongyi-zhao @mviereck