Greetings, ----- Original Message ----- > There are these web pages: > > https://openvz.org/X_inside_VE > http://pve.proxmox.com/wiki/X11_LXDE_in_OpenVZ > http://openvz.livejournal.com/31953.html > http://www.opennet.ru/tips/2396_firefox_openvz_chroot_limit_virtual.shtml > > and I just tweeted: > > <solardiz> Firefox 38 official binary build (still) works in OpenVZ > container with CentOS 6 running on Owl 3.1-stable (RHEL5'ish OpenVZ > kernel). Handy. > > However, all of this involves TCP sockets - for SSH (over which X11 > is > forwarded), for X11 protocol itself (if no SSH layer), or for VNC. > > It'd be nice to be able to use Unix domain sockets for this. I've tried > bind-mounting a directory with X's Unix domain socket from host into a > container, but connecting to that socket from inside the container fails > with ECONNREFUSED. I didn't investigate this further, but I guess the > host's socket is simply not found in net/unix/af_unix.c: > unix_find_socket_byname(), which in fact checks > ve_accessible_strict(). > > Maybe we should allow for relaxing this check on a per-container basis, > to achieve full native speed in setups like the above, and be able to > watch videos, etc. in web browsers setup like that? The TCP overhead > isn't adding any security against attacks on the X server anyway - it's > the same complicated and fully exposed X protocol anyway. :-( (VNC is > probably safer, depending on implementation and settings, but that's a > separate matter.)
If you weren't on EL5 I'd have the perfect solution... or darn close in my opinion. So, EL5 is at 5.11 and doesn't have that much life left in it. How long before OWL goes to EL6 or is that not going to ever happen? My solution? x2go... which is available in EL6 and EL7 EPEL... but not EL5. EL5 is just too old I think... but then again, with some effort, you might be able to shoehorn x2go onto EL5. TYL, -- Scott Dowdle 704 Church Street Belgrade, MT 59714 (406)388-0827 [home] (406)994-3931 [work] _______________________________________________ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
