diff --git a/ubuntu/Dockerfile.20.04.xfce.amd64 b/ubuntu/Dockerfile.20.04.xfce.amd64
new file mode 100644
index 000000000..734c73904
--- /dev/null
+++ b/ubuntu/Dockerfile.20.04.xfce.amd64
@@ -0,0 +1,80 @@
+FROM ubuntu:focal as system
+
+ENV DISPLAY=:1 \
+ VNC_PORT=5901 \
+ NO_VNC_PORT=6901 \
+ VNC_COL_DEPTH=32 \
+ VNC_RESOLUTION=1024x768
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt update && \
+ apt install --no-install-recommends -y apt-utils ;\
+ apt install --no-install-recommends -y \
+ xvfb xauth dbus-x11 xfce4 xfce4-terminal \
+ wget sudo curl gpg git bzip2 vim-tiny procps python x11-xserver-utils \
+ libnss3 libnspr4 libasound2 libgbm1 ca-certificates ttf-ubuntu-font-family xdg-utils \
+ tigervnc-standalone-server tigervnc-common firefox firefox-locale-ko fonts-nanum \
+ libappindicator3-1 libindicator3-7 ncurses-term && \
+ apt upgrade -y ibus-hangul && \
+ rm -vf /opt/lib*.deb; \
+ apt-get clean; \
+ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+
+#ENV TERM xterm
+# Install NOVNC.
+RUN git clone --branch v1.2.0 --single-branch https://github.com/novnc/noVNC.git /opt/noVNC; \
+ git clone --branch v0.9.0 --single-branch https://github.com/novnc/websockify.git /opt/noVNC/utils/websockify; \
+ ln -s /opt/noVNC/vnc.html /opt/noVNC/index.html; \
+ ls -al /opt/noVNC/utils/
+
+# disable shared memory X11 affecting Chromium
+ENV QT_X11_NO_MITSHM=1 \
+ _X11_NO_MITSHM=1 \
+ _MITSHM=0
+
+# give every user read write access to the "/root" folder where the binary is cached
+RUN ls -la /root
+RUN chmod 777 /root && mkdir /src && mkdir /tmp/user_config && mkdir /usr/local/xfcedeskconfig
+COPY assets/config/ /tmp/user_config/
+RUN cd /tmp/user_config && tar czvf /usr/local/xfcedeskconfig/deskconfig.tar.gz * && rm -rf /tmp/user_config
+COPY scripts/entrypoint.sh /usr/local/bin/
+
+# this have to be moved to bootstrap code
+#COPY assets/config/ /home/dockeruser/.config
+
+# RUN chown -R dockeruser:dockeruser /home/dockeruser;\
+# chmod -R 777 /home/dockeruser ;\
+# adduser dockeruser sudo;\
+# echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
+
+#USER dockeruser
+
+#COPY scripts/entrypoint.sh /src
+
+#Expose port 5901 to view display using VNC Viewer (6901 --> noVNC)
+#EXPOSE 5901 6901
+#ENTRYPOINT ["/src/entrypoint.sh"]
+
+WORKDIR /home/work
+
+ENV USER work
+ENV PASSWORD work
+ENV USERID 1000
+ENV GROUPID 1000
+
+COPY assets/service-defs /etc/backend.ai/service-defs
+COPY assets/policy.yml /etc/backend.ai/jail/policy.yml
+
+LABEL ai.backend.kernelspec="1" \
+ ai.backend.envs.corecount="OPENBLAS_NUM_THREADS,OMP_NUM_THREADS,NPROC" \
+ ai.backend.features="batch query uid-match user-input" \
+ ai.backend.resource.min.cpu="1" \
+ ai.backend.resource.min.mem="256m" \
+ ai.backend.base-distro="ubuntu20.04" \
+ ai.backend.runtime-type="app" \
+ ai.backend.runtime-path="/usr/false" \
+ ai.backend.service-ports="novnc:http:5900"
+
+RUN ln -sf /usr/share/terminfo/x/xterm-color /usr/share/terminfo/x/xterm-256color
diff --git a/ubuntu/assets/config/xfce4/desktop/icons.screen0-1904x1064.rc b/ubuntu/assets/config/xfce4/desktop/icons.screen0-1904x1064.rc
new file mode 100644
index 000000000..13db187ef
--- /dev/null
+++ b/ubuntu/assets/config/xfce4/desktop/icons.screen0-1904x1064.rc
@@ -0,0 +1,11 @@
+[xfdesktop-version-4.10.3+-rcfile_format]
+4.10.3+=true
+
+[/]
+row=0
+col=0
+
+[/home/dockeruser]
+row=1
+col=0
+
diff --git a/ubuntu/assets/config/xfce4/desktop/icons.screen0-2544x1201.rc b/ubuntu/assets/config/xfce4/desktop/icons.screen0-2544x1201.rc
new file mode 100644
index 000000000..13db187ef
--- /dev/null
+++ b/ubuntu/assets/config/xfce4/desktop/icons.screen0-2544x1201.rc
@@ -0,0 +1,11 @@
+[xfdesktop-version-4.10.3+-rcfile_format]
+4.10.3+=true
+
+[/]
+row=0
+col=0
+
+[/home/dockeruser]
+row=1
+col=0
+
diff --git a/ubuntu/assets/config/xfce4/desktop/icons.screen0-2544x1281.rc b/ubuntu/assets/config/xfce4/desktop/icons.screen0-2544x1281.rc
new file mode 100644
index 000000000..13db187ef
--- /dev/null
+++ b/ubuntu/assets/config/xfce4/desktop/icons.screen0-2544x1281.rc
@@ -0,0 +1,11 @@
+[xfdesktop-version-4.10.3+-rcfile_format]
+4.10.3+=true
+
+[/]
+row=0
+col=0
+
+[/home/dockeruser]
+row=1
+col=0
+
diff --git a/ubuntu/assets/config/xfce4/panel/launcher-10/16161682692.desktop b/ubuntu/assets/config/xfce4/panel/launcher-10/16161682692.desktop
new file mode 100644
index 000000000..598b0c909
--- /dev/null
+++ b/ubuntu/assets/config/xfce4/panel/launcher-10/16161682692.desktop
@@ -0,0 +1,14 @@
+[Desktop Entry]
+Version=1.0
+Type=Application
+Exec=exo-open --launch FileManager %u
+Icon=system-file-manager
+StartupNotify=true
+Terminal=false
+Categories=Utility;X-XFCE;X-Xfce-Toplevel;
+OnlyShowIn=XFCE;
+X-XFCE-MimeType=inode/directory;x-scheme-handler/trash;
+X-AppStream-Ignore=True
+Name=File Manager
+Comment=Browse the file system
+X-XFCE-Source=file:///usr/share/applications/exo-file-manager.desktop
diff --git a/ubuntu/assets/config/xfce4/panel/launcher-11/16161682693.desktop b/ubuntu/assets/config/xfce4/panel/launcher-11/16161682693.desktop
new file mode 100644
index 000000000..a09169bec
--- /dev/null
+++ b/ubuntu/assets/config/xfce4/panel/launcher-11/16161682693.desktop
@@ -0,0 +1,15 @@
+[Desktop Entry]
+Version=1.0
+Type=Application
+Exec=/usr/lib/firefox-esr/firefox-esr %u
+Icon=firefox-esr
+StartupNotify=true
+Terminal=false
+Categories=Network;X-XFCE;X-Xfce-Toplevel;
+OnlyShowIn=XFCE;
+X-XFCE-MimeType=x-scheme-handler/http;x-scheme-handler/https;
+X-AppStream-Ignore=True
+Name=Firefox ESR
+Comment=Browse the World Wide Web
+X-XFCE-Source=file:///usr/share/applications/exo-web-browser.desktop
+Path=
diff --git a/ubuntu/assets/config/xfce4/panel/launcher-9/16161682691.desktop b/ubuntu/assets/config/xfce4/panel/launcher-9/16161682691.desktop
new file mode 100644
index 000000000..e51e56e8d
--- /dev/null
+++ b/ubuntu/assets/config/xfce4/panel/launcher-9/16161682691.desktop
@@ -0,0 +1,13 @@
+[Desktop Entry]
+Version=1.0
+Type=Application
+Exec=exo-open --launch TerminalEmulator
+Icon=utilities-terminal
+StartupNotify=true
+Terminal=false
+Categories=Utility;X-XFCE;X-Xfce-Toplevel;
+OnlyShowIn=XFCE;
+X-AppStream-Ignore=True
+Name=Terminal Emulator
+Comment=Use the command line
+X-XFCE-Source=file:///usr/share/applications/exo-terminal-emulator.desktop
diff --git a/ubuntu/assets/config/xfce4/terminal/terminalrc b/ubuntu/assets/config/xfce4/terminal/terminalrc
new file mode 100644
index 000000000..efd97ac28
--- /dev/null
+++ b/ubuntu/assets/config/xfce4/terminal/terminalrc
@@ -0,0 +1,34 @@
+[Configuration]
+BackgroundMode=TERMINAL_BACKGROUND_TRANSPARENT
+BackgroundDarkness=0.810000
+MiscAlwaysShowTabs=FALSE
+MiscBell=FALSE
+MiscBellUrgent=FALSE
+MiscBordersDefault=TRUE
+MiscCursorBlinks=FALSE
+MiscCursorShape=TERMINAL_CURSOR_SHAPE_BLOCK
+MiscDefaultGeometry=80x24
+MiscInheritGeometry=FALSE
+MiscMenubarDefault=TRUE
+MiscMouseAutohide=FALSE
+MiscMouseWheelZoom=TRUE
+MiscToolbarDefault=FALSE
+MiscConfirmClose=TRUE
+MiscCycleTabs=TRUE
+MiscTabCloseButtons=TRUE
+MiscTabCloseMiddleClick=TRUE
+MiscTabPosition=GTK_POS_TOP
+MiscHighlightUrls=TRUE
+MiscMiddleClickOpensUri=FALSE
+MiscCopyOnSelect=FALSE
+MiscShowRelaunchDialog=TRUE
+MiscRewrapOnResize=TRUE
+MiscUseShiftArrowsToScroll=FALSE
+MiscSlimTabs=FALSE
+MiscNewTabAdjacent=FALSE
+MiscSearchDialogOpacity=100
+MiscShowUnsafePasteDialog=TRUE
+ColorForeground=#dcdcdc
+ColorBackground=#2c2c2c
+ColorCursor=#dcdcdc
+ColorPalette=#3f3f3f;#705050;#60b48a;#dfaf8f;#9ab8d7;#dc8cc3;#8cd0d3;#dcdcdc;#709080;#dca3a3;#72d5a3;#f0dfaf;#94bff3;#ec93d3;#93e0e3;#ffffff
\ No newline at end of file
diff --git a/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml b/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml
new file mode 100644
index 000000000..c3d5d2a09
--- /dev/null
+++ b/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml
@@ -0,0 +1,5 @@
+
+
+
+
+
diff --git a/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml b/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml
new file mode 100644
index 000000000..8dd67fea9
--- /dev/null
+++ b/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml
@@ -0,0 +1,30 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml b/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml
new file mode 100644
index 000000000..ab0d59768
--- /dev/null
+++ b/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml
@@ -0,0 +1,154 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml b/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml
new file mode 100644
index 000000000..027c09793
--- /dev/null
+++ b/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml
@@ -0,0 +1,66 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml b/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml
new file mode 100644
index 000000000..0074c3cfa
--- /dev/null
+++ b/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml
@@ -0,0 +1,87 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml b/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml
new file mode 100644
index 000000000..f43fbee03
--- /dev/null
+++ b/ubuntu/assets/config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml
@@ -0,0 +1,39 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/ubuntu/assets/policy.yml b/ubuntu/assets/policy.yml
new file mode 100644
index 000000000..e4c87777d
--- /dev/null
+++ b/ubuntu/assets/policy.yml
@@ -0,0 +1,23 @@
+whitelist_paths:
+ OP_OPEN: ["*"]
+ OP_ACCESS: ["*"]
+ OP_EXEC: ["*"]
+ OP_STAT: ["*"]
+ OP_CHMOD: ["/home/work/*", "/tmp/*"]
+exec_allowance: -1
+fork_allowance: -1
+max_child_procs: 32
+extra_envs: []
+preserved_env_keys: [
+ "HOME", "PATH", "LANG",
+ "USER", "SHELL", "TERM",
+ "LD_LIBRARY_PATH",
+ "LD_PRELOAD",
+]
+
+diff_to_default: true
+
+# Following syscalls are blindly allowed.
+# IMPORTANT: ptrace MUST NOT be included!
+allowed_syscalls:
+ - "umask"
diff --git a/ubuntu/assets/service-defs/novnc.json b/ubuntu/assets/service-defs/novnc.json
new file mode 100644
index 000000000..a0ae2d482
--- /dev/null
+++ b/ubuntu/assets/service-defs/novnc.json
@@ -0,0 +1,16 @@
+{
+ "prestart": [],
+ "command": [
+ "/bin/bash",
+ "/usr/local/bin/entrypoint.sh",
+ "{ports[0]}"
+ ],
+ "allowed_arguments": [
+ ],
+ "allowed_envs": [
+ "PASSWORD",
+ "RESOLUTION"
+ ],
+ "default_arguments": {
+ }
+}
diff --git a/ubuntu/scripts/entrypoint.sh b/ubuntu/scripts/entrypoint.sh
new file mode 100755
index 000000000..2dbf7cee8
--- /dev/null
+++ b/ubuntu/scripts/entrypoint.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+# set -e: exit asap if a command exits with a non-zero status
+set -e
+trap ctrl_c INT
+function ctrl_c() {
+ exit 0
+}
+
+[ ! -z "${RESOLUTION+x}" ] && export VNC_RESOLUTION="$RESOLUTION"
+[ ! -d "/home/work/.config" ] && mkdir /home/work/.config
+[ ! -d "/home/work/.config/xfce4" ] && tar xzvf /usr/local/xfcedeskconfig/deskconfig.tar.gz -C /home/work/.config/
+
+# entrypoint.sh file for starting the xvfb with better screen resolution, configuring and running the vnc server.
+rm /tmp/.X1-lock 2> /dev/null &
+/opt/noVNC/utils/launch.sh --vnc localhost:$VNC_PORT --listen $1 &
+# Insecure option is needed to accept connections from the docker host.
+vncserver $DISPLAY -depth $VNC_COL_DEPTH -geometry $VNC_RESOLUTION -SecurityTypes None -localhost no --I-KNOW-THIS-IS-INSECURE &
+wait
\ No newline at end of file