Skip to content

SELinux

Jump to bottom
mviereck edited this page Oct 17, 2018 · 1 revision

How to bypass SELinux restrictions

Default SELinux settings do not allow access to host files shared with --volume. There is a flag z or Zthat can be added to --volume, but it still does not allow access to UNIX sockets like /tmp/.X11-unix/X0. This affects especially Fedora and CentOS where SELinux is enabled by default.

Allow access for docker containers to shared files and unix sockets with docker run option:

--security-opt label=type:container_runtime_t

Compare: SELinux and docker: allow access to X unix socket in /tmp/.X11-unix

Basics

Wiki home page

Output of x11docker --help

Dependencies

Option details

X server options

Setup for --xorg

Init systems

Special setups with x11docker

Packaging x11docker

Installation on MS Windows

NVIDIA driver

Interactive docker build

Display manager entry

Access new X server

Multiarch setups

SSH access

HTML5 web applications

VNC access

Setups without x11docker

How to provide X display

How to: X authentication

How to provide Wayland

How to set up sound

How to set up GPU

How to share webcam

How to access CUPS printer

How to: X over TCP/IP

How to access host DBus

How to improve security

How to bypass SELinux

Clone this wiki locally