├── .gitignore ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── CONTRIBUTORS.md ├── LICENSE ├── README.md ├── build_wine_container ├── extra_script_example.sh └── run_wine_container /.gitignore: -------------------------------------------------------------------------------- 1 | /.idea/ 2 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Contributor Covenant Code of Conduct 2 | 3 | ## Our Pledge 4 | 5 | We as members, contributors, and leaders pledge to make participation in our 6 | community a harassment-free experience for everyone, regardless of age, body 7 | size, visible or invisible disability, ethnicity, sex characteristics, gender 8 | identity and expression, level of experience, education, socio-economic status, 9 | nationality, personal appearance, race, religion, or sexual identity 10 | and orientation. 11 | 12 | We pledge to act and interact in ways that contribute to an open, welcoming, 13 | diverse, inclusive, and healthy community. 14 | 15 | ## Our Standards 16 | 17 | Examples of behavior that contributes to a positive environment for our 18 | community include: 19 | 20 | * Demonstrating empathy and kindness toward other people 21 | * Being respectful of differing opinions, viewpoints, and experiences 22 | * Giving and gracefully accepting constructive feedback 23 | * Accepting responsibility and apologizing to those affected by our mistakes, 24 | and learning from the experience 25 | * Focusing on what is best not just for us as individuals, but for the 26 | overall community 27 | 28 | Examples of unacceptable behavior include: 29 | 30 | * The use of sexualized language or imagery, and sexual attention or 31 | advances of any kind 32 | * Trolling, insulting or derogatory comments, and personal or political attacks 33 | * Public or private harassment 34 | * Publishing others' private information, such as a physical or email 35 | address, without their explicit permission 36 | * Other conduct which could reasonably be considered inappropriate in a 37 | professional setting 38 | 39 | ## Enforcement Responsibilities 40 | 41 | Community leaders are responsible for clarifying and enforcing our standards of 42 | acceptable behavior and will take appropriate and fair corrective action in 43 | response to any behavior that they deem inappropriate, threatening, offensive, 44 | or harmful. 45 | 46 | Community leaders have the right and responsibility to remove, edit, or reject 47 | comments, commits, code, wiki edits, issues, and other contributions that are 48 | not aligned to this Code of Conduct, and will communicate reasons for moderation 49 | decisions when appropriate. 50 | 51 | ## Scope 52 | 53 | This Code of Conduct applies within all community spaces, and also applies when 54 | an individual is officially representing the community in public spaces. 55 | Examples of representing our community include using an official e-mail address, 56 | posting via an official social media account, or acting as an appointed 57 | representative at an online or offline event. 58 | 59 | ## Enforcement 60 | 61 | Instances of abusive, harassing, or otherwise unacceptable behavior may be 62 | reported to the community leaders responsible for enforcement at 63 | tony.walker.iu@gmail.com. 64 | All complaints will be reviewed and investigated promptly and fairly. 65 | 66 | All community leaders are obligated to respect the privacy and security of the 67 | reporter of any incident. 68 | 69 | ## Enforcement Guidelines 70 | 71 | Community leaders will follow these Community Impact Guidelines in determining 72 | the consequences for any action they deem in violation of this Code of Conduct: 73 | 74 | ### 1. Correction 75 | 76 | **Community Impact**: Use of inappropriate language or other behavior deemed 77 | unprofessional or unwelcome in the community. 78 | 79 | **Consequence**: A private, written warning from community leaders, providing 80 | clarity around the nature of the violation and an explanation of why the 81 | behavior was inappropriate. A public apology may be requested. 82 | 83 | ### 2. Warning 84 | 85 | **Community Impact**: A violation through a single incident or series 86 | of actions. 87 | 88 | **Consequence**: A warning with consequences for continued behavior. No 89 | interaction with the people involved, including unsolicited interaction with 90 | those enforcing the Code of Conduct, for a specified period of time. This 91 | includes avoiding interactions in community spaces as well as external channels 92 | like social media. Violating these terms may lead to a temporary or 93 | permanent ban. 94 | 95 | ### 3. Temporary Ban 96 | 97 | **Community Impact**: A serious violation of community standards, including 98 | sustained inappropriate behavior. 99 | 100 | **Consequence**: A temporary ban from any sort of interaction or public 101 | communication with the community for a specified period of time. No public or 102 | private interaction with the people involved, including unsolicited interaction 103 | with those enforcing the Code of Conduct, is allowed during this period. 104 | Violating these terms may lead to a permanent ban. 105 | 106 | ### 4. Permanent Ban 107 | 108 | **Community Impact**: Demonstrating a pattern of violation of community 109 | standards, including sustained inappropriate behavior, harassment of an 110 | individual, or aggression toward or disparagement of classes of individuals. 111 | 112 | **Consequence**: A permanent ban from any sort of public interaction within 113 | the community. 114 | 115 | ## Attribution 116 | 117 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], 118 | version 2.0, available at 119 | https://www.contributor-covenant.org/version/2/0/code_of_conduct.html. 120 | 121 | Community Impact Guidelines were inspired by [Mozilla's code of conduct 122 | enforcement ladder](https://github.com/mozilla/diversity). 123 | 124 | [homepage]: https://www.contributor-covenant.org 125 | 126 | For answers to common questions about this code of conduct, see the FAQ at 127 | https://www.contributor-covenant.org/faq. Translations are available at 128 | https://www.contributor-covenant.org/translations. 129 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tonywalker1/wine-container/0f01cdb69eb08e2c87ca526442cd2f6b1940b04a/CONTRIBUTING.md -------------------------------------------------------------------------------- /CONTRIBUTORS.md: -------------------------------------------------------------------------------- 1 | # Contributors 2 | 3 | **Tony Walker** https://github.com/tonywalker1 4 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2022 Tony Walker 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # wine-container 2 | 3 | OCI Container for Wine (or Codeweaver's Crossover) using Buildah and Podman. 4 | 5 | Many old but useful Windows apps are probably poorly maintained or patched. 6 | Others that, while newer, are potentially buggy or have security issues. One 7 | solution is to run those apps in a container. That is the point of this project. 8 | 9 | # Goals 10 | 11 | * Use Podman (rootless) to limit breakout attacks. 12 | * All data is written to a volume and, except the sockets for X11 and 13 | PulseAudio, the containers has no access to the underlying filesystem. 14 | * Allow Windows apps to be orchestrated as a part of a collection of containers. 15 | * Support Codeweaver's Crossover in addition to Wine. 16 | 17 | # Documentation and Usage 18 | 19 | Building and running are facilitated by two scripts: *build_wine_container* 20 | and *run_wine_container*. Each script offers help in the usual way, for example: 21 | 22 | ```shell 23 | build_wine_container --help 24 | ``` 25 | 26 | Assuming you want to use this project to run CrappyWindowsApp, you could do the 27 | following: 28 | 29 | ```shell 30 | build_wine_container -d CrappyHomeVolume -f -n CrappyWindowsApp 31 | run_wine_container -d CrappyHomeVolume -n CrappyWindowsApp -r /crappyapp.exe 32 | ``` 33 | 34 | The first line above will create a volume named *CrappyHomeVolume* and an OCI 35 | container named *CrappyWindowsApp*. The second line will run the app in the new 36 | container. 37 | 38 | The volume is stored on the container host 39 | in ```~/.local/share/containers/storage/volumes/$HOME_VOLUME/_data```. The build 40 | script automatically makes this directory writable from the user that launched 41 | Podman so you can copy/rename/delete files from the host. 42 | 43 | # Platforms 44 | 45 | This project should work correctly on any recent Linux distribution. I currently 46 | use Fedora (F35 Silverblue and Kinoite) 47 | , so this platform is well tested by me. 48 | 49 | # Dependencies 50 | 51 | * [Buildah](https://buildah.io/) 52 | * [Podman](https://podman.io/) 53 | 54 | # Contributing 55 | 56 | I would love suggestions, fixes, documentation, examples, and other 57 | contributions. See [CONTRIBUTING](CONTRIBUTING.md) 58 | and [CODE_OF_CONDUCT](CODE_OF_CONDUCT.md) 59 | for details. 60 | 61 | See [CONTRIBUTORS](CONTRIBUTORS.md) for a list of contributors. 62 | -------------------------------------------------------------------------------- /build_wine_container: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # 3 | # MIT License 4 | # 5 | # Copyright (c) 2021 Tony Walker 6 | # 7 | # Permission is hereby granted, free of charge, to any person obtaining a copy 8 | # of this software and associated documentation files (the "Software"), to deal 9 | # in the Software without restriction, including without limitation the rights 10 | # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 | # copies of the Software, and to permit persons to whom the Software is 12 | # furnished to do so, subject to the following conditions: 13 | # 14 | # The above copyright notice and this permission notice shall be included in all 15 | # copies or substantial portions of the Software. 16 | # 17 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 20 | # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 | # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 23 | # SOFTWARE. 24 | # 25 | 26 | # 27 | # Environment 28 | # 29 | BASE_IMAGE="docker.io/library/debian:latest" 30 | IMAGE_NAME="wine_container" 31 | HOME_VOLUME="wine_volume" 32 | SAVE_WORKING=false 33 | KEEP_OLD=false 34 | WITH_FIREFOX=false 35 | CROSSOVER_PKG="" 36 | EXTRA_SCRIPT="" 37 | 38 | # 39 | # Helper functions 40 | # 41 | display_help() { 42 | echo "Build an OCI container for Wine or (optionally) Codeweavers' Crossover." 43 | echo "" 44 | echo "Usage: build_wine_container [options]" 45 | echo "" 46 | echo "Options:" 47 | echo " -b, --base Base image for the container . [default: debian]" 48 | echo " -c, --crossover Optional path to the Crossover DEB or RPM." 49 | echo " -d, --dir Volume to contain the home directory. [default: $HOME_VOLUME]" 50 | echo " -e, --extra Optional script for your customization." 51 | echo " -f, --firefox Install Firefox. [default: $WITH_FIREFOX]" 52 | echo " -h, --help Display this message." 53 | echo " -k, --keep Delete previous images before writing the new image. [default: $KEEP_OLD]" 54 | echo " -n, --name Image name. [default: $IMAGE_NAME]" 55 | echo " -p, --preserve Once the image is complete, preserve the working layers. [default: $SAVE_WORKING]" 56 | } 57 | 58 | # 59 | # Handle the command line 60 | # 61 | while [ $# -gt 0 ]; do 62 | case $1 in 63 | -b | --base) 64 | BASE_IMAGE="$2" 65 | shift 2 66 | ;; 67 | -c | --crossover) 68 | CROSSOVER_PKG="$2" 69 | shift 2 70 | ;; 71 | -d | --dir) 72 | HOME_VOLUME="$2" 73 | shift 2 74 | ;; 75 | -e | --extra) 76 | EXTRA_SCRIPT="$2" 77 | shift 2 78 | ;; 79 | -f | --firefox) 80 | WITH_FIREFOX=true 81 | shift 82 | ;; 83 | -h | --help) 84 | display_help 85 | exit 1 86 | ;; 87 | -k | --keep) 88 | KEEP_OLD=false 89 | shift 90 | ;; 91 | -n | --name) 92 | IMAGE_NAME="$2" 93 | shift 2 94 | ;; 95 | -p | --preserve) 96 | SAVE_WORKING=true 97 | shift 98 | ;; 99 | *) 100 | break 101 | ;; 102 | esac 103 | done 104 | 105 | # 106 | # Initialize the image 107 | # 108 | echo "Creating $IMAGE_NAME..." 109 | WORKING_NAME=$(buildah from "$BASE_IMAGE") 110 | 111 | # 112 | # Create the home volume 113 | # 114 | if ! podman volume exists "$HOME_VOLUME"; then 115 | echo "* Creating $HOME_VOLUME for /root" 116 | podman volume create "$HOME_VOLUME" || exit 1 117 | chmod u+rwx "$HOME/.local/share/containers/storage/volumes/$HOME_VOLUME/_data" 118 | fi 119 | 120 | # 121 | # Install software 122 | # 123 | if [[ "$BASE_IMAGE" =~ "debian" ]]; then 124 | echo "* Installing Wine..." 125 | buildah run "$WORKING_NAME" -- dpkg --add-architecture i386 || exit 1 126 | buildah run "$WORKING_NAME" -- apt update || exit 1 127 | buildah run "$WORKING_NAME" -- apt install -y wine || exit 1 128 | 129 | if [ "$CROSSOVER_PKG" ]; then 130 | echo "* Installing Crossover..." 131 | CROSSOVER_FILE=$(basename "$CROSSOVER_PKG") 132 | CROSSOVER_DIR=$(dirname "$CROSSOVER_PKG") 133 | 134 | buildah copy "$WORKING_NAME" "$CROSSOVER_PKG" /tmp/ || exit 1 135 | buildah run "$WORKING_NAME" -- apt install -y \ 136 | "/tmp/$CROSSOVER_FILE" || exit 1 137 | 138 | if [ -f "$CROSSOVER_DIR/license.txt" ]; then 139 | buildah copy "$WORKING_NAME" "$CROSSOVER_DIR/license.txt" /opt/cxoffice/etc/ 140 | fi 141 | if [ -f "$CROSSOVER_DIR/license.sig" ]; then 142 | buildah copy "$WORKING_NAME" "$CROSSOVER_DIR/license.sig" /opt/cxoffice/etc/ 143 | fi 144 | 145 | buildah run "$WORKING_NAME" -- rm -f "/tmp/$CROSSOVER_FILE" 146 | fi 147 | 148 | if [ "$WITH_FIREFOX" = true ]; then 149 | echo "* Installing Firefox..." 150 | buildah run "$WORKING_NAME" -- apt install -y firefox-esr || exit 1 151 | fi 152 | elif [[ "$BASE_IMAGE" =~ "fedora" ]]; then 153 | echo "* Installing Wine..." 154 | buildah run "$WORKING_NAME" -- dnf install -y wine || exit 1 155 | 156 | if [ "$CROSSOVER_PKG" ]; then 157 | echo "* Installing Crossover..." 158 | CROSSOVER_FILE=$(basename "$CROSSOVER_PKG") 159 | CROSSOVER_DIR=$(dirname "$CROSSOVER_PKG") 160 | 161 | buildah copy "$WORKING_NAME" "$CROSSOVER_PKG" /tmp/ || exit 1 162 | buildah run "$WORKING_NAME" -- dnf install -y \ 163 | gtk3 \ 164 | libxslt.i686 \ 165 | perl-File-Copy \ 166 | python3-dbus \ 167 | python3-gobject \ 168 | vte291 \ 169 | "/tmp/$CROSSOVER_FILE" || exit 1 170 | 171 | if [ -f "$CROSSOVER_DIR/license.txt" ]; then 172 | buildah copy "$WORKING_NAME" "$CROSSOVER_DIR/license.txt" /opt/cxoffice/etc/ 173 | fi 174 | if [ -f "$CROSSOVER_DIR/license.sig" ]; then 175 | buildah copy "$WORKING_NAME" "$CROSSOVER_DIR/license.sig" /opt/cxoffice/etc/ 176 | fi 177 | 178 | buildah run "$WORKING_NAME" -- rm -f "/tmp/$CROSSOVER_FILE" 179 | fi 180 | 181 | if [ "$WITH_FIREFOX" = true ]; then 182 | echo "* Installing Firefox..." 183 | buildah run "$WORKING_NAME" -- dnf install -y firefox || exit 1 184 | fi 185 | fi 186 | 187 | # 188 | # Custom configuration... 189 | # 190 | if [ "$EXTRA_SCRIPT" ]; then 191 | echo "*** Custom configuration: $EXTRA_SCRIPT..." 192 | $EXTRA_SCRIPT "$WORKING_NAME" 193 | fi 194 | 195 | # 196 | # Commit the image 197 | # 198 | if podman image exists "$IMAGE_NAME"; then 199 | if [ "$KEEP_OLD" = false ]; then 200 | echo "* Removing previous image..." 201 | podman rmi "$IMAGE_NAME" 202 | fi 203 | fi 204 | 205 | buildah commit "$WORKING_NAME" "$IMAGE_NAME" || exit 1 206 | 207 | if [ "$SAVE_WORKING" = false ]; then 208 | echo "* Removing working image..." 209 | buildah rm "$WORKING_NAME" 210 | fi 211 | 212 | exit 0 213 | -------------------------------------------------------------------------------- /extra_script_example.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env sh 2 | # 3 | # MIT License 4 | # 5 | # Copyright (c) 2021 Tony Walker 6 | # 7 | # Permission is hereby granted, free of charge, to any person obtaining a copy 8 | # of this software and associated documentation files (the "Software"), to deal 9 | # in the Software without restriction, including without limitation the rights 10 | # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 | # copies of the Software, and to permit persons to whom the Software is 12 | # furnished to do so, subject to the following conditions: 13 | # 14 | # The above copyright notice and this permission notice shall be included in all 15 | # copies or substantial portions of the Software. 16 | # 17 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 20 | # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 | # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 23 | # SOFTWARE. 24 | # 25 | 26 | # 27 | # The working container is passed as the first argument (i.e., $1) 28 | # 29 | WORKING_NAME="$1" 30 | 31 | 32 | echo "***" 33 | echo "*** Hello $WORKING_NAME!" 34 | echo "***" 35 | 36 | # some example commands... 37 | # buildah info 38 | # buildah run "$WORKING_NAME" -- dnf install -y ... 39 | 40 | echo "***" 41 | echo "*** Custom configuration done." 42 | echo "***" 43 | -------------------------------------------------------------------------------- /run_wine_container: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env sh 2 | # 3 | # MIT License 4 | # 5 | # Copyright (c) 2021 Tony Walker 6 | # 7 | # Permission is hereby granted, free of charge, to any person obtaining a copy 8 | # of this software and associated documentation files (the "Software"), to deal 9 | # in the Software without restriction, including without limitation the rights 10 | # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 | # copies of the Software, and to permit persons to whom the Software is 12 | # furnished to do so, subject to the following conditions: 13 | # 14 | # The above copyright notice and this permission notice shall be included in all 15 | # copies or substantial portions of the Software. 16 | # 17 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 20 | # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 | # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 23 | # SOFTWARE. 24 | # 25 | 26 | # 27 | # Environment 28 | # 29 | IMAGE_NAME="wine_container" 30 | HOME_VOLUME="wine_volume" 31 | COMMAND_LINE="/bin/bash" 32 | 33 | display_help() { 34 | echo "Run a Wine or Codeweaver Crossover OCI container." 35 | echo "" 36 | echo "Usage: run_wine_container [options]" 37 | echo "" 38 | echo "Options:" 39 | echo " -d, --dir Volume to contain the home directory. [default: $HOME_VOLUME]" 40 | echo " -h, --help Display this message." 41 | echo " -n, --name Image name. [default: $IMAGE_NAME]" 42 | echo " -r, --run Command to run [default: $COMMAND_LINE]" 43 | echo "" 44 | echo "See default.conf for a documented example config file." 45 | } 46 | 47 | # 48 | # Handle the command line 49 | # 50 | while [ $# -gt 0 ]; do 51 | case $1 in 52 | -d | --dir) 53 | HOME_VOLUME="$2" 54 | shift 2 55 | ;; 56 | -h | --help) 57 | display_help 58 | exit 1 59 | ;; 60 | -n | --name) 61 | IMAGE_NAME="$2" 62 | shift 2 63 | ;; 64 | -r | --run) 65 | COMMAND_LINE="$2" 66 | shift 2 67 | ;; 68 | *) 69 | break 70 | ;; 71 | esac 72 | done 73 | 74 | chmod u+rwx "$HOME/.local/share/containers/storage/volumes/$HOME_VOLUME/_data" 75 | 76 | LOCAL_UID=$(id -u) 77 | podman run \ 78 | --mount type=volume,source="$HOME_VOLUME",target="/root" \ 79 | --volume /etc/localtime:/etc/localtime:ro \ 80 | --volume /tmp/.X11-unix:/tmp/.X11-unix \ 81 | --volume /run/user/$LOCAL_UID/bus:/run/user/$LOCAL_UID/bus \ 82 | --volume /run/user/$LOCAL_UID/pipewire-0:/run/user/$LOCAL_UID/pipewire-0 \ 83 | --volume /run/user/$LOCAL_UID/pulse:/run/user/$LOCAL_UID/pulse \ 84 | --volume /run/user/$LOCAL_UID/wayland-0:/run/user/$LOCAL_UID/wayland-0 \ 85 | --env DISPLAY="$DISPLAY" \ 86 | --env WAYLAND_DISPLAY="$WAYLAND_DISPLAY" \ 87 | --env PULSE_SERVER=/run/user/$LOCAL_UID/pulse/native \ 88 | --security-opt label=type:container_runtime_t \ 89 | --rm \ 90 | -ti \ 91 | "$IMAGE_NAME" \ 92 | $COMMAND_LINE 93 | 94 | --------------------------------------------------------------------------------