Alfred's spAcE

2015.12.21

Firefox in LXC

Filed under: Linux, misc — Tags: , — Alfred Yang @ 19:49

This is referring to https://www.stgraber.org/2014/02/09/lxc-1-0-gui-in-containers/

## I use Trusty in Wily
$ lxc-create -t download -n gui -- -d ubuntu -r trusty -a amd64

## change mount and pre-start hook(replacing USERNAME appropriately):
$ vi ~/.local/share/lxc/gui/config
lxc.mount.entry = /dev/dri dev/dri none bind,optional,create=dir
lxc.mount.entry = /dev/snd dev/snd none bind,optional,create=dir
lxc.mount.entry = /tmp/.X11-unix tmp/.X11-unix none bind,optional,create=dir
lxc.mount.entry = /dev/video0 dev/video0 none bind,optional,create=file

lxc.hook.pre-start = /home/USERNAME/.local/share/lxc/gui/setup-lxc.sh

# change id_map, same file
lxc.id_map = u 0 100000 65536
lxc.id_map = g 0 100000 65536
-> (assuming uid/gid is 1000/1000)
lxc.id_map = u 0 100000 1000
lxc.id_map = g 0 100000 1000
lxc.id_map = u 1000 1000 1
lxc.id_map = g 1000 1000 1
lxc.id_map = u 1001 101001 64535
lxc.id_map = g 1001 101001 64535

## create start-up hook
$ vi ~/.local/share/lxc/gui/setup-lxc.sh
#!/bin/sh
PULSE_PATH=$LXC_ROOTFS_PATH/home/ubuntu/.pulse_socket

if [ ! -e "$PULSE_PATH" ] || [ -z "$(lsof -tn $PULSE_PATH 2>&1)" ]; then
    pactl load-module module-native-protocol-unix auth-anonymous=1 \
        socket=$PULSE_PATH
fi

# below to let container can connect to host X server
XAUTH_FILE="${LXC_ROOTFS_PATH}/home/ubuntu/.Xauthority"
rm $XAUTH_FILE
touch $XAUTH_FILE
xauth extract - $DISPLAY | xauth -f $XAUTH_FILE merge ~/.Xauthority

## after create script, make it executable
chmod a+x ~/.local/share/lxc/gui/setup-lxc.sh
## change folder owner
$ sudo chown -R 1000:1000 ~/.local/share/lxc/gui/rootfs/home/ubuntu

## install software in container
$ lxc-start -n gui -d
$ lxc-attach -n gui -- umount /tmp/.X11-unix
# you can change ubuntu repo to your prefer site;
$ lxc-attach -n gui -- apt-get update
$ lxc-attach -n gui -- apt-get dist-upgrade -y
$ lxc-attach -n gui -- apt-get install ubuntu-artwork dmz-cursor-theme ca-certificates pulseaudio firefox -y
$ lxc-attach -n gui -- apt-get -f install -y
$ lxc-attach -n gui -- sudo -u ubuntu mkdir -p /home/ubuntu/.pulse/
$ echo "disable-shm=yes" | lxc-attach -n gui -- sudo -u ubuntu tee /home/ubuntu/.pulse/client.conf
# optional install - tmpreaper fonts-wqy-microhei flashplugin-installer default-jre icedtea-7-plugin
$ lxc-stop -n gui

## script to start firefox in LXC
$ vi ~/.local/share/lxc/gui/start-firefox 
#!/bin/sh
CONTAINER=gui
CMD_LINE="firefox $*"

STARTED=false

if ! lxc-wait -n $CONTAINER -s RUNNING -t 0; then
 lxc-start -n $CONTAINER -d
 lxc-wait -n $CONTAINER -s RUNNING
 STARTED=true
fi

PULSE_SOCKET=/home/ubuntu/.pulse_socket

lxc-attach --clear-env -n $CONTAINER -- sudo -u ubuntu -i \
 env DISPLAY=$DISPLAY PULSE_SERVER=$PULSE_SOCKET $CMD_LINE

if [ "$STARTED" = "true" ]; then
 lxc-stop -n $CONTAINER -t 10
fi

## desktop file (replacing USERNAME appropriately):
$ vi ~/.local/share/applications/lxc-firefox.desktop 
[Desktop Entry]
Version=1.0
Name=Firefox in LXC
Comment=Access the Internet
Exec=/home/USERNAME/.local/share/lxc/gui/start-firefox %U
Icon=/home/USERNAME/.local/share/lxc/gui/rootfs/usr/share/pixmaps/firefox.png
Type=Application
Categories=Network;WebBrowser;

2015.07.04

Change the alias of lxc image

Filed under: Linux — Tags: , , — Alfred Yang @ 22:00

After using lxd-images to import some images from linuxcontainers.org, I think the alias I originally use is too long. But it takes me some time to find a way to change the alias. Finally, I find I can add an alias, then delete the old one.
$ lxc image list
+---------------+--------------+--------+-------------+--------+------------------------------+
| ALIAS | FINGERPRINT | PUBLIC | DESCRIPTION | ARCH | UPLOAD DATE |
+---------------+--------------+--------+-------------+--------+------------------------------+
| ubuntu-trusty | 04aac4257341 | no | | x86_64 | Jul 4, 2015 at 8:29am (CST) |
| centos6 | afae698680fc | no | | x86_64 | Jul 4, 2015 at 10:28am (CST) |
+---------------+--------------+--------+-------------+--------+------------------------------+
$ lxc image alias create trusty 04aac4257341
$ lxc image list
+-----------------+--------------+--------+-------------+--------+------------------------------+
| ALIAS | FINGERPRINT | PUBLIC | DESCRIPTION | ARCH | UPLOAD DATE |
+-----------------+--------------+--------+-------------+--------+------------------------------+
| trusty (1 more) | 04aac4257341 | no | | x86_64 | Jul 4, 2015 at 8:29am (CST) |
| centos6 | afae698680fc | no | | x86_64 | Jul 4, 2015 at 10:28am (CST) |
+-----------------+--------------+--------+-------------+--------+------------------------------+
$ lxc image alias delete ubuntu-trusty
$ lxc image list
+---------+--------------+--------+-------------+--------+------------------------------+
| ALIAS | FINGERPRINT | PUBLIC | DESCRIPTION | ARCH | UPLOAD DATE |
+---------+--------------+--------+-------------+--------+------------------------------+
| trusty | 04aac4257341 | no | | x86_64 | Jul 4, 2015 at 8:29am (CST) |
| centos6 | afae698680fc | no | | x86_64 | Jul 4, 2015 at 10:28am (CST) |
+---------+--------------+--------+-------------+--------+------------------------------+