?

Log in

No account? Create an account

Previous Entry | Next Entry

running firefox in a container

I am standing here at the LinuxTag 2010 event, so if you are in Berlin this week come to our booth to say hello (and maybe recommend a local beer place to go).

One visitor asked me if it's possible to run Firefox inside a container (with the main purpose to browse insecure sites). Yes, it is possible, there are two ways -- using Xvnc and SSH's X forwarding. I just implemented it here (using the latter way), and want to share the experience, because there are a few rough edges here and there.

We start with the "vanilla" Fedora 12 template:
vzctl create 777 --ostemplate fedora-12-x86
vzctl start 777


Next thing to do is to make the container access the network. It can be done in different ways, here I used the NAT technique described in wiki, so I am skipping this part here. Just do not forget to set up the nameserver entry in container's /etc/resolv.conf.

At this point you already have an Internet available in container, let's check it:
vzctl exec 777 ping -c 1 openvz.org

OK, now it's time to install firefox and other needed stuff. Besides firefox itself and its dependcies, you need xauth (for ssh forwarding to work) and some fonts that firefox will use:
vzctl exec 777 yum install firefox xauth liberation\*fonts
This command will result in downloading and installing about 100 packages or so, thus it's a perfect time to enjoy some tea.

Next thing to do is to enable X forwarding inside the container:
vzctl exec 777 sed 's/^.*X11Forwarding .*$/X11Forwarding yes/'
vzctl exec 777 /etc/init.d/sshd restart


Now, set up a user account in CT to run firefox:
vzctl set 777 --userpasswd ffox:mysecpass

All right, time to actually run firefox. But first make sure you do not have it runnng locally, because if you do, remote firefox will just open up a new window of your already running firefox instance. So,
killall -TERM firefox
ssh -Y x.x.x.x dbus-launch firefox


Oh yes, we need dbus-launch here because otherwise firefox complains that it is not able to find machine uuid or something -- apparently nowdays Firefox can't be happy without dbus.

That's pretty much it. Enjoy.

Tags:

Comments

ext_128738
Aug. 2nd, 2010 08:14 am (UTC)
-no-remote / MOZ_NO_REMOTE
The option is "-no-remote" (single dash), and you can also use an environment setting (in the container, e.g. via /etc/environment) for this: MOZ_NO_REMOTE=1

Latest Month

July 2016
S M T W T F S
     12
3456789
10111213141516
17181920212223
24252627282930
31      
Powered by LiveJournal.com
Designed by Tiffany Chow