The pflask docs show an example of running chromium:
$ pflask --user=$USER --mount=tmp:$HOME -- chromium --disable-setuid-sandbox
However, running Xorg apps, for me anyway, is not that simple. For a start, you would be using the Xorg "abstract socket", which means DISPLAY variable must be set. Yesterday, I did this, to run Leafpad (running as root):
# pflask --chroot=container --keepenv -- leafpad
...with the "--keepenv", it worked, otherwise complained about undefined DISPLAY.
This morning, tried exactly the same thing, this time got a "badaccess" error and leafpad crashed. Why it worked yesterday and not today, I have no idea, however, I do recognise the symptom, it was discussed in the Puppy Forum here:
http://murga-linux.com/puppy/viewtopic.php?p=941005&sid=9a24d5bc588a849a2b155d65740fcb52#941005
So, trying this:
# pflask --chroot=container --keepenv --no-ipcns
# leafpad
...and leafpad works immediately. However, if do this:
# pflask --chroot=container --keepenv
# leafpad
The program 'leafpad' received an X Window System error.
This probably reflects a bug in the program.
The error was 'BadAccess (attempt to access private resource denied)'.
(Details: serial 354 error_code 10 request_code 130 minor_code 1)
(Note to programmers: normally, X errors are reported asynchronously;
that is, you will receive the error a while after causing it.
To debug your program, run it with the --sync command line
option to change this behavior. You can then get a meaningful
backtrace from your debugger if you break on the gdk_x_error() function.)
# leafpad
...then have the problem that have to run leafpad twice. After the first failure, all X apps will run ok first time. The above is not stating that it is a shm problem, maybe it is something else.
If anyone has any thought on this, please contribute. It would be very nice if X apps would run without needing the "--noipcns"!
The pflask docs show an example of running chromium:
$ pflask --user=$USER --mount=tmp:$HOME -- chromium --disable-setuid-sandboxHowever, running Xorg apps, for me anyway, is not that simple. For a start, you would be using the Xorg "abstract socket", which means DISPLAY variable must be set. Yesterday, I did this, to run Leafpad (running as root):
# pflask --chroot=container --keepenv -- leafpad...with the "--keepenv", it worked, otherwise complained about undefined DISPLAY.
This morning, tried exactly the same thing, this time got a "badaccess" error and leafpad crashed. Why it worked yesterday and not today, I have no idea, however, I do recognise the symptom, it was discussed in the Puppy Forum here:
http://murga-linux.com/puppy/viewtopic.php?p=941005&sid=9a24d5bc588a849a2b155d65740fcb52#941005
So, trying this:
...and leafpad works immediately. However, if do this:
...then have the problem that have to run leafpad twice. After the first failure, all X apps will run ok first time. The above is not stating that it is a shm problem, maybe it is something else.
If anyone has any thought on this, please contribute. It would be very nice if X apps would run without needing the "--noipcns"!