Anonymous namespace

I want to connect GUI application in container to xorg-server on host. Linux kernel have features “UNIX Domain sockets” and “anonymous namespace”. How “anonymous socket” path (i.e. “@/tmp/.X11-unix/X0” which differs from “/tmp/.X11-unix/X0” in starting “@” symbol) corresponds in container and host OS? What I need to write in configuration file of container to link sockets in host and in container? Or is it the same object, which is not processed by container?

Abstract unix sockets are tied to their network namespace, they’re not files and so can’t be mounted. With LXD you could use a proxy device to forward one into a container but that’s effectively done by running a separate relay daemon that forwards every packet between the container and host.

1 Like