Latest image (built with base 22.04) having trouble running on ubuntu 20.04 host

[saw-jan]

Latest squish image built on ubuntu 22.04 as base has blank black screen when connected via vnc.
Base was updated to 22.04 in this PR #33

Maybe the plugins/docker image doesn't have 22.04 as base image which might have affected building image and thus causing this problem. (?)

NOTE:

1. ✔️ Running container on ubuntu22.04 host - can see xfce desktop
2. ❌ Running container on ubuntu20.04 host - black screen

[saw-jan]

CC @fmoc

[saw-jan]

I tried building locally on the ubuntu 22.04 system, everything was working fine.

And also tried running on ubuntu 20.04 system, there you get black screen

[saw-jan]

These are my findings (may or may not be useful)

Container on 20.04 host (results black screen):
VNC log:
(looks like xfce4 was unable to start properly)

_XSERVTransmkdir: ERROR: euid != 0,directory /tmp/.X11-unix will not be created.

Xvnc TigerVNC 1.10.0 - built Dec 20 2019 07:12:07
Copyright (C) 1999-2019 TigerVNC Team and many others (see README.rst)
See https://www.tigervnc.org for information on TigerVNC.
Underlying X server release 12001000, The X.Org Foundation


Wed Aug  3 09:05:37 2022
 vncext:      VNC extension running!
 vncext:      Listening for VNC connections on all interface(s), port 5901
 vncext:      created VNC server for screen 0
/usr/bin/startxfce4: X server already running on display :1
_IceTransmkdir: ERROR: euid != 0,directory /tmp/.ICE-unix will not be created.

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.599: Failed to spawn ssh-agent: Failed to close file descriptor for child process (Operation not permitted)

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.600: failed to call dbus-update-activation-environment. Output was (null), error was Failed to close file descriptor for child process (Operation not permitted)

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.603: Unable to launch "xfwm4": Failed to close file descriptor for child process (Operation not permitted)

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.605: Unable to launch "xfsettingsd": Failed to close file descriptor for child process (Operation not permitted)

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.606: Unable to launch "xfce4-panel": Failed to close file descriptor for child process (Operation not permitted)

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.607: Unable to launch "Thunar": Failed to close file descriptor for child process (Operation not permitted)

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.608: Unable to launch "xfdesktop": Failed to close file descriptor for child process (Operation not permitted)

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.610: Unable to launch "xset s off" (specified by autostart/disable-screensaver.desktop): Failed to close file descriptor for child process (Operation not permitted)

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.612: Unable to launch "xdg-user-dirs-update" (specified by autostart/xdg-user-dirs.desktop): Failed to close file descriptor for child process (Operation not permitted)

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.613: Unable to launch "/usr/libexec/geoclue-2.0/demos/agent" (specified by autostart/geoclue-demo-agent.desktop): Failed to close file descriptor for child process (Operation not permitted)

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.615: Unable to launch "xfce4-screensaver" (specified by autostart/xfce4-screensaver.desktop): Failed to close file descriptor for child process (Operation not permitted)

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.616: Unable to launch "/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1" (specified by autostart/polkit-gnome-authentication-agent-1.desktop): Failed to close file descriptor for child process (Operation not permitted)

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.617: Unable to launch "xfsettingsd" (specified by autostart/xfsettingsd.desktop): Failed to close file descriptor for child process (Operation not permitted)

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.618: Unable to launch "/usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd" (specified by autostart/xfce4-notifyd.desktop): Failed to close file descriptor for child process (Operation not permitted)

(xfce4-session:132): xfce4-session-WARNING **: 09:05:40.619: Unable to launch "xiccd" (specified by autostart/xiccd.desktop): Failed to close file descriptor for child process (Operation not permitted)

Container on 22.04 host (xfce works)
VNC log:

_XSERVTransmkdir: ERROR: euid != 0,directory /tmp/.X11-unix will not be created.

Xvnc TigerVNC 1.10.0 - built Dec 20 2019 07:12:07
Copyright (C) 1999-2019 TigerVNC Team and many others (see README.rst)
See https://www.tigervnc.org for information on TigerVNC.
Underlying X server release 12001000, The X.Org Foundation


Wed Aug  3 10:10:46 2022
 vncext:      VNC extension running!
 vncext:      Listening for VNC connections on all interface(s), port 5901
 vncext:      created VNC server for screen 0
/usr/bin/startxfce4: X server already running on display :1
_IceTransmkdir: ERROR: euid != 0,directory /tmp/.ICE-unix will not be created.

(xfwm4:176): GLib-CRITICAL **: 10:10:50.438: g_str_has_prefix: assertion 'prefix != NULL' failed

(xfwm4:176): xfwm4-WARNING **: 10:10:50.834: Another compositing manager is running on screen 0

(xfsettingsd:184): libupower-glib-WARNING **: 10:10:50.884: Couldn't connect to proxy: Could not connect: No such file or directory

(xfsettingsd:184): GLib-CRITICAL **: 10:10:50.910: g_str_has_prefix: assertion 'prefix != NULL' failed

(xfsettingsd:184): GLib-GObject-CRITICAL **: 10:10:50.912: g_value_get_string: assertion 'G_VALUE_HOLDS_STRING (value)' failed

(xfsettingsd:184): GLib-GObject-CRITICAL **: 10:10:50.914: g_value_get_string: assertion 'G_VALUE_HOLDS_STRING (value)' failed

(xfsettingsd:184): GLib-GObject-CRITICAL **: 10:10:50.933: g_value_get_string: assertion 'G_VALUE_HOLDS_STRING (value)' failed

(wrapper-2.0:200): libactions-WARNING **: 10:10:51.472: Calling CanShutdown failed GDBus.Error:org.xfce.SessionManager.Error.Failed: Could not connect: No such file or directory

(wrapper-2.0:200): libactions-WARNING **: 10:10:51.473: Calling CanRestart failed GDBus.Error:org.xfce.SessionManager.Error.Failed: Could not connect: No such file or directory

(xfce4-session:128): xfce4-session-WARNING **: 10:10:51.474: failed to run script: Failed to execute child process “/usr/bin/pm-is-supported” (No such file or directory)

(xfce4-session:128): xfce4-session-WARNING **: 10:10:51.484: failed to run script: Failed to execute child process “/usr/bin/pm-is-supported” (No such file or directory)

(xfce4-session:128): xfce4-session-WARNING **: 10:10:51.493: failed to run script: Failed to execute child process “/usr/bin/pm-is-supported” (No such file or directory)

(wrapper-2.0:200): Gtk-WARNING **: 10:10:51.511: Negative content width -1 (allocation 1, extents 1x1) while allocating gadget (node button, owner XfceArrowButton)

** (agent:224): CRITICAL **: 10:10:51.541: Failed to get connection to system bus: Could not connect: No such file or directory

** (xiccd:225): CRITICAL **: 10:10:51.562: Failed to connect to colord: Could not connect: No such file or directory

(polkit-gnome-authentication-agent-1:233): polkit-gnome-1-WARNING **: 10:10:51.617: Error getting authority: Error initializing authority: Could not connect: No such file or directory

** (xfce4-screensaver:230): WARNING **: 10:10:51.714: screensaver already running in this session

(xfdesktop:196): GVFS-RemoteVolumeMonitor-WARNING **: 10:10:51.937: remote volume monitor with dbus name org.gtk.vfs.UDisks2VolumeMonitor is not supported

** (xfdesktop:196): WARNING **: 10:10:51.976: Failed to get system bus: Could not connect: No such file or directory

[individual-it]

I think we should not have upgraded the ubuntu version in #33, let's revert that and then it should work again
I had also trouble to get it running with ubuntu 21.10 in #26
I think to upgrade ubuntu will be a whole own project

[saw-jan]

I think we should not have upgraded the ubuntu version in #33, let's revert that and then it should work again I had also trouble to get it running with ubuntu 21.10 in #26 I think to upgrade ubuntu will be a whole own project

#35 (comment)

[fmoc]

** (xfce4-screensaver:230): WARNING **: 10:10:51.714: screensaver already running in this session

This might be a hint that xfce4-screensaver is installed and may be responsible for the blank screen. The most obvious way to get rid of it would be to just uninstall the package after installing xubuntu-desktop, but this might install another one. Therefore, it's probably easier to just disable it. In case it's not the screensaver but DPMS, see below how to disable that.

Relevant keys within the XFCE4 configuration (which you can fetch and set with xfconf-query):

# "display power management" within the power manager settings UI
# these should prevent the screen from going blank, which might or might not be what you see via VNC
# set to 0 to disable the settings one by one
xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/blank-on-ac
xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/blank-on-battery 
# set to false to disable display power management entirely
xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/dpms-enabled

# actual screensaver settings
# defines whether to lock the screen after wakeup
xfconf-query -c xfce4-screensaver -p /lock/enabled
# defines whether the screensaver as a whole will ever step in
xfconf-query -c xfce4-screensaver -p /saver/enabled
# when enabled this defines whether it will activate after some idle time
xfconf-query -c xfce4-screensaver -p /saver/idle-activation/enabled

To check whether any of these is set, you can also just dump the contents of the user's .config/xfce4/xfconf/xfce-perchannel-xml/xfce4-power-manager.xml (adjust the name of the XML file to the channel).

[saw-jan]

I do not see xfce4-power-manager.xml in .config/xfce4/... directory. Also, xfconf-query -c xfce4-power-manager and xfconf-query -c xfce4-screensaver commands say Property "xxxxxxxx" does not exist on channel "xfce4-xxxxxxxxxx". Maybe a respective xml file is required, I don't know.

I can confirm that xfce4-screensaver comes with xfce4 installation but I don't see xfce4-power-manager package.

[saw-jan]

Another thing that I found was while running a container without default seccomp profile:

    security_opt:
      - seccomp:unconfined

I was able to see xfce4 desktop UI. But this might not be a secure solution.

[saw-jan]

I will try to use other desktop environments and check if they work and also check if desktop-client and squish will work on them or not.

[saw-jan]

I tried with LXQT desktop environment on base 22.04 (image built on Ubuntu20.04 host), UI and some functionalities were working but still has Operation not permitted issue.

While running client GUI tests, they fail due to Operation not permitted:

[fmoc]

Now I see what you're working on... I think LXQt, like Xfce, uses the GNOME keyring. I think just adding a single cap to the execution should do. See jaraco/keyring#477. Add --cap-add ipc_lock (using the respective Drone configuration).

[saw-jan]

Unfortunately, that didn't work. something is blocking some commands when running ubuntu22 image on ubuntu20 host, thus causing "Operation not permitted" error.

The only way I could make it work is using --security_opt seccomp=unconfined

[fmoc]

I'm sure you just need a few capacities, removing confinement entirely is just a bad idea and the equivalent of hammering in a tiny nail with a 10 kg sledgehammer.

[saw-jan]

I'm sure you just need a few capacities, removing confinement entirely is just a bad idea and the equivalent of hammering in a tiny nail with a 10 kg sledgehammer.

Yeah, right!
I have no idea which capabilities it requires. But once, I also tried with

  cap_add: 
    - ALL

but didn't work (on my machine).
And I haven't tried whether the above config works on drone or not.

[fmoc]

You need to provide a detailed error description (just "does not work" is not enough), I'm just guessing around right now...

[saw-jan]

Oh, sorry.
what I meant to say is that whether adding cap_add or not, I get the same error on lxqt as reported earlier here #34 (comment) and also same error logs with xfce4 #34 (comment)

[individual-it]

I found this project https://github.com/mviereck/x11docker but I think it will suffer from the same issue, see: https://ubuntu-mate.community/t/running-ubuntu-mate-inside-docker-container-by-x11docker-with-gui/23342/6

[fmoc]

I can't currently reproduce this kind of issue. We'd have to put together a minimal example that produces this problem to be able to identify the cause.

[saw-jan]

Tests and xfce4 desktop are somewhat working on image built on base: Fedora36
owncloud/client#10046 (only one test case is failing)

[saw-jan]

I can't currently reproduce this kind of issue. We'd have to put together a minimal example that produces this problem to be able to identify the cause.

@fmoc, I am so sorry that the issue is not clear, and also I haven't put the steps to reproduce it.

For this to reproduce:

1. From Ubuntu 20.04 host, pull image owncloudci/squish:latest
2. Start the container
3. Try to login through VNC

[saw-jan]

All the tests can now pass on new image (fedora 36 base).
https://drone.owncloud.com/owncloud/client/12918

I will try to clean up and reduce the image size.
And hopefully, open PR here for the new image.

CC @individual-it @fmoc