Re: How to test GUI ports within their poudriere jails?
- In reply to: Edward Sanford Sutton, III: "How to test GUI ports within their poudriere jails?"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 28 May 2023 21:34:47 UTC
Hello. Here are the commands in my notes. The prompt on the far left is whether to run on the host or jail side. The name I am giving to the poudriere jail is src. host# poudriere bulk -j src -i x11/xauth jail# make -C /usr/ports/x11/xterm/ pkg-depends install-package jail# make -C /usr/ports/devel/dbus/ install-package jail# make -C /usr/ports/x11-fonts/xorg-fonts install-package jail# service newsyslog onestart jail# service syslogd onestart jail# service dbus onestart jail# (\ echo "Port 22222" ;\ echo "AddressFamily any" ;\ echo "ListenAddress ::1" ;\ echo "ListenAddress 127.0.0.1" ;\ echo "PermitRootLogin yes" ;\ echo "PasswordAuthentication yes" ;\ echo "PermitEmptyPasswords yes" ;\ echo "AcceptEnv LANG LC_*" ;\ ) >> /etc/ssh/sshd_config jail# service sshd onestart jail# passwd -l root jail# echo "user::::::User &::/bin/tcsh:user" | adduser -f - -w yes jail# pw groupmod video -m user jail# passwd -l user host# devfs -m /usr/local/poudriere/data/.m/src-default/ref/dev rule apply path \* unhide host# devfs -m /usr/local/poudriere/data/.m/src-default/ref/dev rule apply path dri/\* unhide host# devfs -m /usr/local/poudriere/data/.m/src-default/ref/dev rule apply path drm/\* unhide host# ssh-keygen -R "[::1]:22222" host# ssh \ -o "StrictHostKeyChecking no" \ -o "UserKnownHostsFile `mktemp -d`/known_hosts" \ -o "SendEnv TERM SHLVL" \ -o "SetEnv LANG=C.UTF-8 LC_CTYPE=C.UTF-8" \ -Y -p 22222 user@::1 ssh# eval `dbus-launch --auto-syntax --exit-with-session` ssh# xterm & # <- probably works ssh# openshot-qt & # <- I wanted to run this :) host# scp \ -o "StrictHostKeyChecking no" \ -o "UserKnownHostsFile `mktemp -d`/known_hosts" \ -P 22222 -r -p /tmp/file user@\[::1\]: # <- put in a file without root shell This involves passing the X protocol through ssh and making video-related devices visible to jail. Is there a smarter way to do it? :) Regards.