--snap: New option to enable Docker-in-snap support #375

CHANGELOG.md

@@ -7,6 +7,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 Project website: https://github.com/mviereck/x11docker
 
 ## [Unreleased]
+### Added
+ - `--snap`: New option to enable fallback mode to support Docker in snap.
+   [(#375)](https://github.com/mviereck/x11docker/issues/375)
 ### Changed
  - `--backend=nerdctl`: Disallow `--home` in rootless mode.
  - `--backend`: Allow `--share` in all rootless modes.

x11docker

@@ -11,7 +11,7 @@
 # Run 'x11docker --help' or scroll down to read usage information.
 # More documentation at:  https://github.com/mviereck/x11docker
 
-Version="6.9.1-beta-9"
+Version="6.9.1-beta-10"
 
 # --enforce-i: Enforce running in interactive mode to allow commands tty and weston-launch in special setups.
 grep -q -- "--enforce-i" <<< "$*" && case $- in
@@ -280,6 +280,7 @@ Container special configuration:
                          nvidia:       Runtime for nvidia/nvidia-docker images.
                          kata-runtime: Runtime using a QEMU VM.
      --shell=SHELL     Set preferred user shell. Example: --shell=/bin/zsh
+     --snap            Enable support for Docker in snap.
      --stdin           Forward stdin of x11docker to container command.
      --workdir=DIR     Set working directory DIR.
      
@@ -2048,7 +2049,7 @@ setup_sound_pulseaudio() {      # option --pulseaudio: set up pulseaudio connect
     Pulseaudiomode="socket" 
     [ "$Containeruser" = "$Hostuser" ]               || Pulseaudiomode="tcp"
     [ "$Runtime" = "kata-runtime" ]                  && Pulseaudiomode="tcp"
-    [ "$Runsinsnap" = "yes" ]                        && Pulseaudiomode="tcp"
+    [ "$Snapsupport" = "yes" ]                       && Pulseaudiomode="tcp"
     LC_ALL=C pactl info | grep -q "User Name: pulse" && Pulseaudiomode="tcp"
   }
   
@@ -2741,11 +2742,10 @@ check_xserver() {               # check chosen X server, auto-choose X server
   # X over TCP
   [ -z "$Xoverip" ] && {
     [ "$Runtime" = "kata-runtime" ] && Xoverip="yes"
-    [ "$Runsinsnap" = "yes" ]       && Xoverip="yes"
     case $Mobyvm in
       yes)                             Xoverip="yes" ;;
     esac
-    [ "$Xoverip" = "yes" ] && [ "$Autochooseserver" = "no" ] && note "Enabled X over TCP instead of sharing unix socket."
+    [ "$Xoverip" = "yes" ] && [ "$Autochooseserver" = "no" ] && debugnote "Enabled X over TCP instead of sharing unix socket."
   }
 
   [ "$Nvidiaversion" ] && [ "$Sharegpu" = "yes" ] && case $Xserver in
@@ -7590,7 +7590,7 @@ check_option_interferences() {  # check multiple option interferences, change se
   case $Sharecupsmode in
     auto)
       Sharecupsmode="socket"
-      [ "$Runsinsnap" = "yes" ]       && Sharecupsmode="tcp"
+      [ "$Snapsupport" = "yes" ]      && Sharecupsmode="tcp"
       [ "$Runtime" = "kata-runtime" ] && Sharecupsmode="tcp"
     ;;
     ""|socket|tcp) ;;
@@ -7695,16 +7695,6 @@ check_option_interferences() {  # check multiple option interferences, change se
   Known backends are docker, podman and nerdctl." ;;
   esac
   
-  # Docker installed in Ubuntu snap
-  [ "$Runsinsnap" = "yes" ] && {
-    note "Docker was installed with snap. That causes some restrictions.
-  Option --newprivileges=yes is enabled.
-  Option --hostdisplay is not available because X can only be accessed over TCP. 
-  Option --gpu only works with --xorg and --hostnet.
-  It is recommended to install Docker natively instead of running it in snap."
-    [ "$Allownewprivileges" = "auto" ] && Allownewprivileges="yes"
-  }
-  
   return 0
 }
 check_passwordfrontend() {      # check password prompt frontend (pkexec, su, sudo, ...) (also option --pw)
@@ -7800,7 +7790,6 @@ check_runmode() {               # check run/--exe/--xonly
       Codename="$Hostexe"
       command -v $Hostexe >/dev/null || error "Command '$Hostexe' not found."
       verbose "Host application to execute: $Hostexe"
-      Runsinsnap="no"
     ;;
     xonly)
       X11dockermode="exe"
@@ -7810,7 +7799,6 @@ check_runmode() {               # check run/--exe/--xonly
       Codename="xonly"
       Imagebasename="xonly"
       Showdisplayenvironment="yes"
-      Runsinsnap="no"
     ;;
   esac
   Codename="$(unspecialstring "$Codename" | cut -c1-40)"
@@ -8652,6 +8640,7 @@ declare_variables() {           # declare global variables
   Network=""                                      # --network
   Noentrypoint="no"                               # --no-entrypoint: Disable entrypoint in image yes/no
   Runtime=""                                      # Runtime to use. runc|nvidia|kata-runtime|crun
+  Snapsupport="yes"                               # --snap: Fallback mode to support docker in snap
   Sharehostipc="no"                               # --hostipc: Set --ipc=host.
   Stopsignal=""                                   # Signal to send on 'docker stop'
   Sudouser=""                                     # --sudouser: Create user with sudo permissions and root user with password 'x11docker'
@@ -8809,7 +8798,7 @@ parse_options() {               # parse cli options
   Longoptions="$Longoptions,cleanup,help,launcher,licence,license,version,wmlist"                                          # Special options without starting X or container
   Longoptions="$Longoptions,install,remove,update,update-master"                                                           # Installation
   #
-  Longoptions="$Longoptions,backend:,keepcache,no-setup,podman,xopt:,xorgconf:"                                            # Experimental
+  Longoptions="$Longoptions,backend:,keepcache,no-setup,podman,snap,xopt:,xorgconf:"                                            # Experimental
   Longoptions="$Longoptions,dbus-system,homedir:,hostnet,no-internet,no-xhost,sharedir:,sharessh,systemd"                  # Deprecated
   Longoptions="$Longoptions,cachedir:,no-init,nothing,no-xtest,openrc,ps,runit,silent,starter,stderr,stdout"               # Removed
   Longoptions="$Longoptions,sys-admin,sysvinit,tini,trusted,untrusted,vcxsrv"                                              # Removed
@@ -9006,6 +8995,7 @@ ${2:-}"                       ; shift ;;                             # Add custo
          --no-setup)          Containersetup="no" ;;                 # No setup of x11docker inside of container (noteable disables containerrootrc() )            
          --runtime)           Runtime="${2:-}" ; shift               # Runtime=runc|nvidia|kata-runtime|crun
                               [ "$Runtime" = "kata" ] && Runtime="kata-runtime" ;;
+         --snap)              Snapsupport="yes" ;;                   # snap fallback mode
          --stdin)             Forwardstdin="yes" ;;                  # Forward stdin to container command
          --workdir)           Workdir="${2:-}" ; shift ;;            # Set working directory
 
@@ -9039,7 +9029,7 @@ ${2:-}"                       ; shift ;;                             # Add custo
          --launcher)          Createlauncher="yes" ;;                # Create application launcher on desktop and exit
       
      #### Experimental options
-         --keepcache)         Preservecachefiles="yes" ;          note "Option --keepcache: experimental option." ;;            
+         --keepcache)         Preservecachefiles="yes" ;          note "Option --keepcache: experimental option." ;;    
          --xopt)              Xserveroptions="${2:-}" ;   shift ; note "Option --xopt: experimental option." ;;      # Custom X server options
          --xorgconf)          Xorgconf="${2:-}" ;         shift ; note "Option --xorgconf: experimental option." ;;  # Custom xorg.conf
       
@@ -9178,6 +9168,27 @@ Parsed options:    $Parsedoptions_global"
     yes|no) ;;
     *) error "Option --fallback: Unknown argument '$Fallback'" ;;
   esac
+  
+  # Docker installed in snap (noteable Ubuntu Server)
+  [ "$Runsinsnap" = "yes" ] && [ -z "$Snapsupport" ] && {
+    note "It seems docker runs in snap.
+  This limits possibilities to use docker and x11docker.
+  Fallback: Enabling option --snap"
+    Snapsupport="yes"
+    check_fallback
+  }
+  [ -d "/snap/docker" ] && [ "$Snapsupport" = "no" ] && note "Detected /snap/docker.
+  If you run Docker in snap, you might need option --snap to support this setup."
+  [ "$Snapsupport" = "yes" ] && {
+    note "Option --snap causes some restrictions.
+  Option --newprivileges=yes is enabled.
+  Option --hostdisplay is not available because X must be accessed over TCP. 
+  Option --gpu only works with --xorg and --network=host.
+  It is recommended to purge the Docker snap installation and to install Docker natively."
+    [ "$Allownewprivileges" = "auto" ] && Allownewprivileges="yes"
+    Xoverip="yes"
+  }
+  
   check_xserver                  # check chosen X server or auto-choose one
   check_option_interferences     # check options, change settings if needed
   option_messages                # some messages depending on options, but not changing anything