GNU bug report logs - #70151
[PATCH] doc: Correct the "guix shell --container" example.

Previous Next

Full log

View this message in rfc822 format

From: Rostislav Svoboda <rostislav.svoboda <at> gmail.com>
To: 70151 <at> debbugs.gnu.org
Cc: Rostislav Svoboda <Rostislav.Svoboda <at> gmail.com>
Subject: [bug#70151] [PATCH] doc: Correct the "guix shell --container" example.
Date: Tue,  2 Apr 2024 19:53:16 +0200

* doc/guix.texi (Invoking @command{guix shell}): Add missing parameters
--preserve='^XAUTHORITY$' --expose=$XAUTHORITY and adjust corresponding
textual description

Change-Id: Ib99c81c107ff9784708ae807ec9b3ab93ad75603
---
 doc/guix.texi | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 69a904473c..14856027ca 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -6268,12 +6268,18 @@ Invoking guix shell
 This @option{--container} option can also prove useful if you wish to
 run a security-sensitive application, such as a web browser, in an
 isolated environment.  For example, the command below launches
-Ungoogled-Chromium in an isolated environment, this time sharing network
-access with the host and preserving its @code{DISPLAY} environment
-variable, but without even sharing the current directory:
+Ungoogled-Chromium in an isolated environment, which:
+@itemize
+@item shares network access with the host
+@item inherits host's environment variables @code{DISPLAY} and @code{XAUTHORITY}
+@item has access to host's authentication records from the @code{XAUTHORITY}
+file
+@item has no information about host's current directory
+@end itemize
 
 @example
 guix shell --container --network --no-cwd ungoogled-chromium \
+  --preserve='^XAUTHORITY$' --expose=$XAUTHORITY \
   --preserve='^DISPLAY$' -- chromium
 @end example
 

base-commit: 7af70efd7633b0d70091762cf43ce01a86176e8e
-- 
2.41.0

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.