accetto / ubuntu-vnc-xfce-g3 Goto Github PK

Discussed in #55

If navigating to the URL https://get.webgl.org, then Firefox displays the following text:

Hmm. While your browser seems to support WebGL, it is disabled or unavailable. If possible, please ensure that you are running the latest drivers for your video card.

Hello and thanks in advance

everithing is running fine until I stop the container then start it again, initially the windows have their controls and borders but after de stop-start they don't. I saw wfm4 and /usr/lib/x86_64-linux-gnu/xfce4/exo-2/exo-helper-2 not present

what can I do in this cases whitout remove the container?

Lets say I run a docker image:
docker run -p 49154:5901 -p 49153:6901 accetto/ubuntu-vnc-xfce-g3:latest-fugo /home/headless/run.sh

Where run.sh file contains a simple bash script:

#! /bin/bash

python3 /home/headless/clicker/test.py

And test.py contains:

import os 

print("Some jobs")
exit(1) // Here the docker image quits on any error larger than 0, but hangs / waits infinitely if the python script returns 0

Shouldn't the image be killed when command is executed also successfully?
How do I exit the image if the program is successful?

It seems that there is a bug in build script, which creates duplicate entries for group user, e.g.:

users:x:100:         <--------
nogroup:x:65534:
messagebus:x:101:
i2psvc:x:102:
users:x:1000:       <--------

Whenever package is installed within extended image like i2p or software-properties-common which modifies /etc/group file by adding specific groups, /etc/group file is corrected and the duplicate users:x:1000: entry is removed (only gid 100 remains which is not correct) in turn causing container to exit upon entrypoint script (permission denied as everything is owned by root).

Workaround for now is in extending Dockerfile add the following lines after installing above mentioned packages.

RUN echo 'users:x:1000:' >> /etc/group
RUN chown -R 1000:1000 ~
RUN chown -R 1000:1000 /dockerstartup

./builder.sh latest-firefox build fails due to

• missing execution rights +x
• ./docker/hooks/env.rc: line 31: REPO_OWNER_NAME: Need repo owner name

docker run -d -p 5901:5901 -p 6901:6901 --rm accetto/ubuntu-vnc-xfce-firefox-g3:22.04 fails:

• no logs shown in container
• grey screen when logging in with headless password

Image and container are not modified.
Open browser and enter youtube.com (youtube.com/?gl=HK)
--display
Aw, Snap@
something went wrong while displaying this webpage
error code: SIGABRT

Hello, I'm attempting to follow the README under building images for building just the image locally, but I'm encountering the following error,

$ ./builder.sh latest build

==> EXECUTING @2023-03-05_16-42-57: ./builder.sh 

./builder.sh: line 84: ./docker/hooks/build: Permission denied

Steps to reproduce

• Clone and cd into repo
• Checkout latest releas by running git checkout v23.02.1
• Make the builder.sh executable by running chmod +x builder.sh
• Attempt to build image locally by running ./builder.sh latest build

OS

Linux Mint 21.1

How can i disable the VNC password?

Today I started to experience black desktop after starting a stopped container. It happens under Windows 10 (updated today to Docker Desktop 3.0.0) and also under Linux (Ubuntu 20.04). Investigating the issue...

I want to use novnc in --nocursor mode,but tigerVNC doesnot support it ,is it possiable to hide cursor in tigerVNC or change tigerVNC to X11VNC

Hi,
just a cautionary note for those pulling this image to run on a cluster. Using Singularity, --containall -c and mounting home in Documents, the change of permissions will result in your host home being at 777.
Bob

Thanks for this great work!
Just to let you know that this Wiki page refers to the following files that are not in the repository anymore:

• Dockerfile.xfce.chromium
• Dockerfile.xfce.firefox

Probably related to pre g3 images.

Is it possible to override certain XFCE settings e.g. via a config override file via bind mount? Examples of what I'd like to achieve:

• set a desktop background
• reduce the number of workspaces to 1

Thank you!

Hi, thank you for this awsome image.

It would be nice to have clipboard synchronization between the host and the "guest" instead of having to use the novnc clipboard form.

Another nice feature would be the ability to record and playback VNC sessions. I tried to find something that is recent and works but did not see anything that inspired confidence. Maybe you you have heard of a solution for this?

could you please create a arm64 build? would love to run this on my raspbery pi 4.
right now i'm getting this error
ubuntu-xface | standard_init_linux.go:211: exec user process caused "exec format error"

also, it would be awesome to have SSL with novnc even just self signed certs.

Hello,
first of all thanks for the beautiful container!

I'm facing a problem with Chromium: it gives me Aw, Snap! Error code: SIGTRAP when I try to browse any website.
Using noVNC full, container created with docker create --name=ubuntu -p 5901:5901 -p 6901:6901 accetto/ubuntu-vnc-xfce-chromium-g3.

One more question:

Being a shared machine, we could quite possibly see lots of users on a node. I am hoping to simply bind mount /tmp:/tmp and let things happen right with picking of display using the info in /tmp/.X11-utils. This seems to work correctly EXCEPT, websockify doesn't seem to get the message and still points to localhost:5901. IF, I set the VNC_PORT manually, things seem to be ok, but that of course requires that I choose the display as one determines the other.

Where does websockify get the port for VNC from? And when for that matter.

Short of answering that, my plan is to simply choose two open ports, say, >7000 and set the VNC/noVNC/DISPLAY variables accordingly.

I have a use case where I'd like to configure and persist dotfiles/folders in the $HOME directory of a container running the ubuntu-vnc-xfce-g3 image. My current working approach has been to bind a directory from my host machine that contains the expected dotfiles/folders (s.a., .vnc/) to the container's $HOME directory via the following docker-compose.yml file and docker-compose up command, where ./shared is the persistent folder containing the expected dotfiles/folders,

---
version: "3.7"
services:
  ubuntu-vnc-xfce-g3:
    build: .
    image: accetto/ubuntu-vnc-xfce-g3:latest
    ports:
      - "5901:5901"
    user: "0"
    environment:
      VNC_PW: password
    shm_size: '512m'
    stdin_open: true # docker run -i
    tty: true        # docker run -t
    volumes:
      - type: bind
        source: ./shared
        target: /home/headless
    security_opt:
      - seccomp=unconfined
...

In the above example, the dotfiles were originally obtained by first binding ./shared (source volume) to a directory nested in /home/headless, s.a., /home/headless/shared (target volume) then copying over the contents of /home/headless/ into /home/headless/shared from within a vnc session, then changing target volume from /home/headless/shared to /home/headless. Would it be possible for the image to be pre-configured to copy these dotfiles into this persistent directory upon initial creation of the container?

As a user of this image behind network appliance (load-balancer, reverse proxy, ...)
I should have an option to enable websocket ping/pong
In order to avoid being disconnected by the network appliance dropping the inactive TCP session.

Network appliance (load-balancers, reverse proxy) are configured to drop inactive sessions. For example, nginx default configuration is 60 seconds. Same for AWS ELB Classic load balancer, which can be increased up to 3600 seconds.

Websocket provide a configurable ping/pong mechanism to maintain tcp sessions opened on each network hops using heartbeat packet. And there is novnc_proxy parameter to enable it.

Here's how to reproduce

docker run --rm -it -p 6901:6901 --env HEADLESS_USER_NAME=myuser accetto/ubuntu-vnc-xfce-opengl-g3:latest

Log in via noVNC with the password headless. Observe username is still headless and not myuser.

Cheers and thanks!

According to the docs noVNC offers a full and a lite client. Is there a way to skip the choice and always use e.g. the full client? I'm currently building my own docker image based on your accetto/ubuntu-vnc-xfce-g3:latest image and have it running in a compose stack. Both build time and runtime config change would work. Thank you!

Hi there,

Thanks for the great project! To support development on an Apple M1 chip and other platforms, would it be possible to provide arm64 builds?

I know this is relatively easy to do with GitHub actions.

Cheers and again thanks for the awesome container images. :)

David

First of, thank you so much for your images, I've been running them on our server!

Lately I've been having an issue with the g3 images. When I connect to it I get a blank screen and I cannot see the desktop environment.

sudo docker run --rm -p 6901:6901 accetto/ubuntu-vnc-xfce-g3

This does not happen when I use an old legacy image.

sudo docker run --rm -p 6901:6901 accetto/ubuntu-vnc-xfce

I would really appreciate it if you can help me with this matter. Thanks in advance,

Ale

cloud you please help to check ,
how to change language to japanese or other.

can not display local lanuage(japanese).

thanks always.

It's a great Desktop docker image,But i want to use another language, it's hard to install locales.
So is it possiable add locales in this image.
Thanks very much

This is a great docker package! I have limited access to the VNC Server to the localhost by using a port mapping like "127.0.0.1:5901:5901" but there is a localhost configuration option for tigervnc that should be usable?

I've tried this in an extension of the Dockerfile:

RUN echo "localhost" >> /etc/tigervnc/vncserver-config-defaults

But that seems to break the VNC server.

First of all, thanks for the slim and awesome image!

We are using it inside a kubernetes cluster hosted on IBM Cloud.

After switching from a CI pipeline within GitLab.com to a selfhosted ArgoWorkflow Pipeline, we are not able to get the pod started after building the image. With the old pipeline it worked flawlessly for many months.

We get exactly the following error that you already mentioned in closed issue#4, but we are not using bindmounts or persistent volumes for the /home/headless/ path.

The error comes into existence (we stripped our Dockerfile.txt clean, to see, when it occurs), with the line 49 (see attached Dockerfile):
COPY ./config/images/ ./config/startup.sh /home/headless/

Afterwards we also set the execution rights:
RUN chown -R 1001:1000 /home/headless/startup.sh
and:
chmod u+x /home/headless/startup.sh

The actual execution is inside the stateful-set (like a deployment) and was commented out. So even withouth execution, the pod will fail. The script itself is only used to copy a file and set the log path.

Details and environment (Dockerfile.txt excerpts attached):

• Release 22.04 was used in all tests
• Kubernetes Version 1.22.6
• We build with Kaniko instead of DinD for security reasons and caching is switched off, snapshotMode ist set to "full" (we strive for debugging purposes to get a reproducible, clean build)
• The build step is succesfull with no error
• In the old GitLab.com CI/CD pipeline we also build with Kaniko, without any further flags (worked great)
• When starting the pod it fails with:

mkdir: cannot create directory '/home/headless/.vnc': Permission denied
/dockerstartup/vnc_startup.rc: line 36: /home/headless/.vnc/passwd: No such file or directory
chmod: cannot access '/home/headless/.vnc/passwd': No such file or directory
/dockerstartup/vnc_startup.rc: line 43: /home/headless/.vnc/config: No such file or directory
and "crashloopbackoff"

• Running $id yields:
  uid=1001(headless) gid=1000(headless) groups=1000(headless),27(sudo) looks correct, right?
• "Fun"-fact: If the image is build with docker cli locally (on a mac, if that matters), then pushed to the registry and deployed with ArgoCD it works, the image is smaller, has a different python version (3.8) installed (caching was also off for that test).

Any ideas or discussions are helpful, we can happily provide more details if asked for. Thanks for the fine work!

Container fails to boot with following log, if the image was extended with flatpak installed

mkdir: cannot create directory '/home/headless/.vnc': Permission denied
/dockerstartup/vnc_startup.rc: line 57: /home/headless/.vnc/passwd: No such file or directory
chmod: cannot access '/home/headless/.vnc/passwd': No such file or directory
/dockerstartup/vnc_startup.rc: line 65: /home/headless/.vnc/config: No such file or directory
/dockerstartup/vnc_startup.rc: line 99: /dockerstartup/vnc.log: Permission denied
/dockerstartup/vnc_startup.rc: line 127: /dockerstartup/novnc.log: Permission denied
/dockerstartup/startup.sh: line 25: kill: (19) - No such process

Tested with both accetto/debian-vnc-xfce-g3:latest (468d0a79fabe) and accetto/ubuntu-vnc-xfce-g3:latest (8a4a3b7b500f).
This may be an issue of debian/ubuntu-vnc-xfce-g3 or its upstream, further investigation is needed.

When I start the container, login to noVNC, try to open a terminal and run sudo apt update, it will return an error

sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges?

When I run su root, and enter the default password headless, it will print

$ su root
Password: 
su: Authentication failure

According to the docs, I should be able to enter sudo, but I can't. Is there something wrong?

Hi, as is probably obvious from the title, I'm a bit new to this container game, so this question is probably a bit embarrassingly simple, but the truth is I've been trying to get this part of it to work for a couple of hours and I can't figure it out, so I thought I'd ask.

I would like to specify the username and group used inside the container - I found in the docs that these are supposed to be added as arguments while using 'docker build' - that seemed clear enough to me, but I've realized that while I can easily pull and run your images, I can not find a way to build them. I tried a couple of things (namely trying to locate where the filles are pulled to, which I couldn't, and then trying to include your pulled images as a FROM statement in a dockerfile, which ran but the extra build args never got used). So, any chance anyone could provide some beginner friendly insight how to get this done?

Also, I think it speaks very highly of this elegant and useful project @accetto built here that even a noob such as myself can very quickly get a working version up and running.

PS: I don't think it matters too much, but I am using podman instead of docker.

Hi, I'm using docker image accetto/ubuntu-vnc-xfce-firefox-g3 and it is unclear for me what the expected startup sequence is. The dockerfile should switch to the user headless at the end of the Dockerfile but does this mean all processes will run as user header? I am getting permission errors for /dockerstartup/vnc.log because that directory is owned by root. My assumption is that some things should be launched as root at startup but the desktop should be for the headless user but I do not see where this happens in the startup script. Thanks for any pointers!

I see there has been some work to get audio working with noVNC at novnc/noVNC#1525 and this got me interested in PulseAudio. I though I would ask about this as it would be ideal to have sound with the browser.

Hello
How can I use --remote-debugging-port=9222 and expose it to the web?
Main idea is to have docker with exposed websocket connection to manipulate it with puppeteer
I tried to build my own Dockerfile on top of your image, but it didn't worked :(
Any ideas how to make it working?

FROM accetto/ubuntu-vnc-xfce-chromium-g3:latest

EXPOSE 6901
EXPOSE 5901
EXPOSE 9222
CMD ["/usr/bin/chromium-browser", "--remote-debugging-port=9222  --remote-debugging-address=127.0.0.1"]
#CMD ["/usr/bin/chromium-browser", "--remote-debugging-port=9222  --remote-debugging-address=0.0.0.0"] Didn't worked also