accessing the host's X server from inside chroot

[Arthur Chance]

On 09/10/2019 14:18, Per Hedeland wrote:
> On 2019-10-09 01:45, Kostas Oikonomou wrote:
>> I am running FreeBSD 12.0p10.  Using chroot, I am trying to run a browser
>> (palemoon) located in /opt/devuan, which contains a Devuan Linux
>> distribution
>> installed with 'debootstrap'.  My objective is for the browser to use
>> the host's
>> (FreeBSD)
>> X server, not the Devuan one.
>>
>> I've added my FreeBSD user name as a Devuan user, home in
>> /opt/devuan/home.
>> Now I try things like
>>
>> sudo chroot -u <me> /opt/devuan home/palemoon/palemoon
>>
>> but I cannot get past the error
>>
>> Error: cannot open display: :0.0
> 
> The display name :0.0 corresponds to a unix domain socket, typically
> /tmp/.X11-unix/X0, which you of course can't reach after a chroot. By
> setting the environment $DISPLAY to localhost:0.0, a TCP connection
> should be made instead, but these days the X server doesn't listen for
> TCP connections by default. If you start X with startx(1), it should
> be possible to pass it '-- -listen tcp' to make the server listen for
> TCP connections, see the respective man pages.
> 
> Doing this has some security implications though, since the X server
> will then listen on the wildcard address, and it will thus be possible
> to connect to it over the network - I didn't see a way to make it
> listen only on the localhost/loopback address. Authorization is still
> required to actually do anything with the server - unless, of course,
> you turn it off with "xhost +".

If you run the host X server with -listen tcp and and set the DISPLAY
variable in the chroot to localhost:0.0 I think you should be able to
connect if you either 1) copy the FreeBSD level home directory's
.Xauthority to the chroot's home directory or 2) run "xhost +localhost"
at the host level before connecting.

-- 
What do we want?
A time machine!
When do we want it?
Errm ...