Commit e9fbfb6c authored by Sergey Gorbunov's avatar Sergey Gorbunov
Browse files


# prepare host files
touch ~/.Xauthority
[ ! -d ~/cbmdock ] && mkdir ~/cbmdock
# create a container named CBM-${USER} with sudo user cbmdock which has the same ID as the host user
# the user home directory is visible on the host as ~/cbmdock/.
export ContainerName=CBM-${USER}
docker run -td --privileged --security-opt seccomp=unconfined \
--net=host --device=/dev/kfd --device=/dev/dri --cap-add=SYS_PTRACE \
-v /tmp/.X11-unix:/tmp/.X11-unix:ro -v ${HOME}:/tmp/hostHome:ro -e XAUTHORITY=/tmp/hostHome/.Xauthority \
-e HOME=/home/cbmdock \
-v ~/cbmdock:/home/cbmdock \
--user $(id -u ${USER}):$(id -g ${USER}) \
-w /home/cbmdock \
--name ${ContainerName} debian:10
# login as root, install sudo
docker exec -t --user root ${ContainerName} bash -c "apt-get update && apt-get install -y sudo"
# login as root, create cbmdock user with a proper ID and no password
docker exec -t --user root ${ContainerName} bash -c "useradd cbmdock -u $(id -u ${USER}) -U -p '*' -s /bin/bash"
# set proper rights for the home directory
docker exec -t --user root ${ContainerName} bash -c " chown $(id -u ${USER}):$(id -g ${USER}) -R /home/cbmdock "
# set sudo rights
docker exec -t --user root ${ContainerName} bash -c "\
echo 'cbmdock ALL=(ALL:ALL) NOPASSWD: ALL' > /etc/sudoers.d/cbmdock && \
chmod 0440 /etc/sudoers.d/cbmdock "
# create cbmdock alias on the host. It runs a shell in the container with an actual DISPLAY value
source ~/.bashrc
if [[ `alias | grep cbmdock | wc -l` -eq 0 ]]
echo create cbmdock alias
echo "alias cbmdock='docker start "${ContainerName}"; docker exec -ti -e DISPLAY=\$DISPLAY "${ContainerName}" bash'" >> ~/.bashrc
echo cbmdock alias already exists
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment