From 0f68306268773f0eaa4327e1f6fdcb39442e4a34 Mon Sep 17 00:00:00 2001 From: Rostislav Svoboda Date: Tue, 2 Apr 2024 18:54:06 +0200 Subject: doc: Correct the "guix shell --container" example. * doc/guix.texi (Invoking @command{guix shell}): Add missing parameters to preserve and expose $XAUTHORITY. Adjust corresponding textual description. Change-Id: Ib99c81c107ff9784708ae807ec9b3ab93ad75603 Signed-off-by: Liliana Marie Prikler --- doc/guix.texi | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 59da6528cc..65af136e61 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -5983,12 +5983,18 @@ such as @file{/usr/bin} on foreign distros. This @option{--container} option can also prove useful if you wish to run a security-sensitive application, such as a web browser, in an isolated environment. For example, the command below launches -Ungoogled-Chromium in an isolated environment, this time sharing network -access with the host and preserving its @code{DISPLAY} environment -variable, but without even sharing the current directory: +Ungoogled-Chromium in an isolated environment, which: +@itemize +@item shares network access with the host +@item inherits host's environment variables @code{DISPLAY} and @code{XAUTHORITY} +@item has access to host's authentication records from the @code{XAUTHORITY} +file +@item has no information about host's current directory +@end itemize @example guix shell --container --network --no-cwd ungoogled-chromium \ + --preserve='^XAUTHORITY$' --expose="$@{XAUTHORITY@}" \ --preserve='^DISPLAY$' -- chromium @end example -- cgit v1.2.3