# X applications in a chroot



## sukh (Jan 21, 2011)

Hi everybody!

I'm sorry but English isn't my native language.

Does anyone know how to run X applications inside a chroot? I've seen in GNU/Linux and I want do to this in FreeBSD.
I've modified for the chroot in rc.conf :


```
jail_x32_ip="192.168.1.32"
jail_x32_devfs_enable="YES"
jail_x32_procfs_enable="YES"
```

And then I do:
`/sbin/mount_nullfs /tmp /x32/tmp`

To have /tmp in the chroot, but when I run any X application as ark, I receipt 
	
	



```
cannot connect to X server :0.0
```
 and I export DISPLAY and PATH correctly.

I forgot, I'm running FreeBSD 8.2-PRERELEASE on an AMD64, and I want chroot or jail (both working good together) to compile i386 or amd64 binaries.

Thanks everybody!


----------



## sukh (Jan 22, 2011)

*No reply*

Nobody know how to do this ? :\
Well I'm still trying, if I discover how to do it, I will post the solution.
Greetings.


----------



## dareni (Mar 8, 2011)

Hi sukh,

Investigate using ports-mgmt/tinderbox to build ports in standardized manner. Tinderbox uses clean jail environments to stage builds, archives the build logs and allows for port options and port dependency configuration. Tinderbox User Guide

To test packages depending on an X server, this solution using Xnest works:
http://forums.freebsd.org/showthread.php?t=16038&highlight=jail+xorg

Xnest did not provide me with hardware rendering. Has anyone succeeded with hardware rendering in a jail?


----------



## Nukama (Mar 8, 2011)

Sukh, have you allowed access to your X server from your jail?
`# [pman]xhost[/pman] +192.168.1.32`
What is the output of `# echo $DISPLAY` inside your jail?
And how are you accessing the jail(), or are you using chroot()?

Dareni, I'm not quite sure, if hardware rendering is enabled inside my jails. 
But I can play 1080p videos over www/linux-f10-flashplugin10 inside www/firefox.
Here is the output inside my desktop jail for `# glxinfo | grep render`.


```
IRQ's not enabled, falling back to busy waits: 2 0
direct rendering: Yes
OpenGL renderer string: Mesa DRI R600 (RS780 9614) 20090101  TCL
```

Allowing access to DRI for jails in /etc/devfs.rules.

```
[devfsrules_desktop_jail=5]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path 'mixer*' unhide
add path 'dsp*' unhide
add path 'dri' unhide
add path 'dri/card0' unhide
```

and set the jail_$JAILNAME_devfs_ruleset variable to "devfsrules_desktop_jail".

My jails consist of x11/xorg, graphics/mesa-demos and I'm setting $DISPLAY inside csh with `# setenv DISPLAY 192.168.1.1:0`.


----------



## dareni (Mar 9, 2011)

Hi Nukama,

You have hardware rendering not software. For some reason I thought you would need an xserver running in the jail to get hardware rendering for a jail. I now also have my desktop running out of a jail .  Thanks.

Jailing a desktop gives greater separation of the desktop from the host providing:

a) more stability during upgrades by having the option to upgrade the host independently of the jails (except for the dependency of the jail xclients on the host xserver)

b) easily backup and restore the complete work environment,

c) several installations of different versions of the same software on a single host.

The only risks I can see: the xclients dependency on the xserver, and the jail dependency on the host.

What a great facility for testing desktop software!
Is the use of a jail for the desktop common? 

I am interested in running Xorg in a jail for testing drivers but when I attempt to run Xorg I get the error:


```
(WW) xf86EnableIO: Failed to open /dev/io for extended I/O(EE) No devices detected.

Fatal server error:
no screens found
```

This is after the successful load of the radeon_drv.so module and dev is wide open and allow.raw_sockets.

I guess it isn't too difficult to just test gpu drivers on the host.


----------



## sidetone (Mar 7, 2015)

I got /dev to populate the devices by adjusting devfs.rules

```
[devfsrules_jail=4]
add include $devfsrules_unhide_all
```
This is a temporary solution, to troubleshoot the /dev directory, until the specific devices can be re-hidden.

Is there an update on how to get a program access the X display from inside ezjail or jail? Thanks in advance.

`root@qt4:~ # scribus`

```
scribus: cannot connect to X server
```
Thread building-in-one-jail-installing-in-another.18378 looks like an option for some purposes.


----------



## dareni (Mar 24, 2015)

Hi Sidetone, did you set DISPLAY to point to an xserver?


----------



## sidetone (Mar 25, 2015)

Hi,
I tried `# xcalc -display 192.168.1.71:0.0`. The `setenv $DISPLAY` and `echo $DISPLAY`commands above work. From the main system `echo $DISPLAY` shows: 
	
	



```
:0.0
```
I set DISPLAY for the jail, but perhaps have the wrong value for the xserver. Even though my jail's /dev is populated, graphical programs don't seem to work. That is my IP address at the time, but I use "dhcp", so would my hostname go there?


----------

