How to access /dev and /tmp from container in snap?

[twang2218]

Hi, I'm using docker to run some GUI apps, such as Chrome or QQ (an IM app), for better isolation, my command is:

    docker run -d --name qq \
        --device /dev/snd \
        -v /tmp/.X11-unix:/tmp/.X11-unix \
        -v $HOME/TencentFiles:/TencentFiles \
        -e DISPLAY=unix$DISPLAY \
        -e XMODIFIERS=@im=$IM \
        -e QT_IM_MODULE=$IM \
        -e GTK_IM_MODULE=$IM \
        -e AUDIO_GID=`getent group audio | cut -d: -f3` \
        -e VIDEO_GID=`getent group video | cut -d: -f3` \
        -e GID=$GID \
        -e UID=$UID \
        bestwu/qq:office

I used this command on docker-ce installed from official apt source, and it works fine. However, when I tried the docker-snap, it's not working anymore. The container is running, however, the app doesn't show on the screen.

I guess the reason is because of the confinement of snap, right? so the /dev/ and /tmp is not accessible from the snap's container:

        --device /dev/snd \
        -v /tmp/.X11-unix:/tmp/.X11-unix \

Then, is there a way to I walkaround the limitation? Thanks

[twang2218]

And I saw the docker-privilege message from the snap info docker:

You may also use the 'docker-privilege' command to allow you to use 'docker
run --privileged'. Because docker is unencumbered on snappy, it is recommended
that you follow the Docker project's recommendations for using docker
securely.

And I tried docker-privilege command, it's not found:

$ docker-privilege                                                                                                        
zsh: command not found: docker-privilege

[hurrycaner]

Same problem here, had to uninstall snap version and use apt repository one...

[psftw]

Closing all issues and pull requests since this repo is getting archived (see notice at the top of README).