Skip to content

Instantly share code, notes, and snippets.

@bannsec

bannsec/incus_x11.md

Last active February 2, 2025 19:47
Show Gist options
  • Save bannsec/04abf8e08053644a945d11684ce623fc to your computer and use it in GitHub Desktop.
Save bannsec/04abf8e08053644a945d11684ce623fc to your computer and use it in GitHub Desktop.
Download ZIP
how to forward x11 into incus containers
Raw
incus_x11.md

Overview

You can add x11 to your incus containers to allow you to run GUI apps inside them. Caveats here:

  • This is assuming you're using :0 (X0) as your display
  • You may need to adjust permissions if you use a different uid/gid in your container
  • You may need to use xauth or modify xhost ("xhost +" will work but not recommended for long term)
  • The X0 socket is being added as abstract, meaning you won't actually see it if you list files in /tmp/.X11-unix. This is expected, and X11 should still function.

How to

You can forward x11 into incus by creating a custom profile:

incus profile create x11-forward

Add the following config to it. Assumes you're using X0 display.

config:
  environment.DISPLAY: :0
description: Profile to forward host’s X11 socket
devices:
  X0:
    bind: container
    connect: unix:@/tmp/.X11-unix/X0
    listen: unix:@/tmp/.X11-unix/X0
    security.gid: "1000"
    security.uid: "1000"
    type: proxy
  gpu:
    type: gpu
    gid: "44"  # video group GID, typically 44 on Ubuntu
name: x11-forward
project: default

You can create new containers with:

incus launch images:ubuntu/22.04 mycontainer -p default -p x11-forward

Then add basic X11 stuff:

apt install -y x11-apps x11-utils libcanberra-gtk-module libcanberra-gtk3-module

Or assign it to existing containers

incus profile assign mycontainer default,x11-forward
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment