Sorry to bring up random unrelated heresay involving a different container technology, but I recall a couple of lengthy discussion on this list about how to run X windows clients installed in an LXD container. This is of particular interest to me, as we have a ton of old scientific software written for ancient version of qt or gtk or even Athena widgets that researchers still need to be able to run. So just saw this posted as an update on the Arch Wiki page for Systemd-nspawn:
I asked in the systemd IRC and user ‘grawity’ mentioned that the X server also listens on an abstract socket at @/tmp/.X11-unix/X0, which is available inside the container if you haven’t isolated its network, and thus can still be used inside the container. This means that if you don’t isolate the container’s network, you don’t even need to bind-mount /tmp/.X11-unix to get X applications running, and I guess you also get all the X security issues for free too, which might be worth mentioning in the article.
As a similar socket available in LXD so that I too can run X windows clients from an LXD container?