From e25464cfce5139b2846bd5f66563dde790504813 Mon Sep 17 00:00:00 2001
From: Markus Gutschke <gutschke@users.noreply.github.com>
Date: Sun, 21 Jan 2024 11:23:54 -0800
Subject: [PATCH] Filter out X11 servers running inside containers. MeshAgent
 should only ever scan for X11 servers running on the host itself.
 Containerized servers (e.g. Xvfb inside of an LXC container) cannot be
 accessed by MeshAgent and would thus result in a "Desktop" tab that is
 non-functional. The control group for the candidate process should provide
 the necessary information to make this distinction. If the control group is
 either non-existent or if it is a user-session without any container
 namespace, then this is a process that belongs to the host. On the other
 hand, if the agent sees a namespace for a container (e.g. "0::/lxc/XXXX/ns"),
 it should ignore the process.

---
 modules/monitor-info.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/monitor-info.js b/modules/monitor-info.js
index ec4f65a..b9df9d0 100644
--- a/modules/monitor-info.js
+++ b/modules/monitor-info.js
@@ -390,7 +390,7 @@ function monitorinfo()
                 }
                 else
                 {
-                    ch.stdin.write('ps -e | grep X\nexit\n');
+                    ch.stdin.write("ps -e -o comm,cgroup|egrep '^X.*(-|::/user.slice.*)$'\nexit\n");
                 }
                 ch.waitExit();