Change default shell from bash to zsh by default?

Patrick · September 27, 2022, 3:59pm

Please feel free to proceed with integrating this by default in Kicksecure / Whonix.

Ideally using ZDOTDIR environment variable if possible. “Stealing” (overwriting) config files from Debian’s zsh (or any other) package using config-package-dev should be avoided if somehow possible.

Ok.

nyxnor:

zsh - Print exit status code after each command in terminal - Unix & Linux Stack Exchange

I found this but it only works to print on the line before and not on the prompt.

setopt PRINT_EXIT_VALUE seems to be the better to print the line before:
[workstation user ~/git/whonix-shell(main)]% zsh
[workstation user ~/git/whonix-shell(main)]% a
zsh: command not found: a
zsh: exit 127   a
[workstation user ~/git/whonix-shell(main)]%

Looks really nice.

Yeah, I guess so. No strong opinion here.

I am looking at this from a different perspective. More like: I always want to see some result even if it means “OK” because otherwise I question if the mechanism to show the error itself is broken. Maybe very likely unlikely here. These fail-safe considerations of mine are probably less important than the usability impact of only showing exit codes on failure.

Or to find out about unexpected exit codes. (Zero when it should be non-zero.)

If nobody else has an opinion here, probably best to only show the non-zero exit codes by default.

Looks really great.

nyxnor · September 27, 2022, 4:11pm

Where should ZDOTDIR be set? Which file will export that variable?

Change for that? Remove RPS1 in favor of the setopt PRINT_EXIT_VALUE?

Patrick · September 27, 2022, 5:28pm

Yes.

/etc/X11/Xsession.d + /etc/profile.d
Similar to other examples in Whonix source code.
…unless there are other solutions that I am not aware of. Distributions setting global environment variables is messy. There are probably no better solutions.

nyxnor · September 27, 2022, 5:39pm

Seems to be dependent on Xorg being installed

Zsh does not source that folder unless in compatibility mode, which is not what we want.

I am still searching for other directories…

Patrick · September 27, 2022, 7:38pm

Yes but it’s OK to drop config file snippets in that folder independent of Xorg being installed. So that doesn’t speak against using it. If a drop-in is there, then Xorg is supported.

So seems setting that environment variable in Xorg is easy and reliably possible thanks to /etc/X11/Xsession.d.

For Virtual Consoles I am not sure. I will probably open a separate forum thread because setting environment variables might need a re-design if possible.

Patrick · September 27, 2022, 8:05pm

Patrick · September 27, 2022, 8:12pm

https://manpages.debian.org/bullseye/zsh-common/zshall.1.en.html#STARTUP/SHUTDOWN_FILES

Patrick · September 27, 2022, 9:18pm

Maybe I found a solution…

No need to use /etc/X11/Xsession.d.
No need to use /etc/profile.d.
Only use /usr/lib/systemd/system.conf.d mechanism.

/usr/lib/systemd/system.conf.d/30_desktop-config-dist.conf

[Manager]
DefaultEnvironment=ZDOTDIR=/etc/zsh/dist

Reboot required.

dist stands for distribution. What distribution? Kicksecure and Whonix. I couldn’t come up with a better common name. That’s where the “dist” is coming from. Kept it open so potentially other distributions could fork it so neither Kicksecure nor Whonix are inside the package or folder name if not required.

Does this work? What do you think?

nyxnor · September 28, 2022, 9:45am

What is the reason it can’t be in Skel?

Systemd does not work on Qubes apparently per your mentioned post.

.zprofile symlink to .config/shell/profile

.config/shell/profile exports ZDOTDIR="${XDG_CONFIG_HOME:-$HOME/.config}/zsh"

github.com

LukeSmithxyz/voidrice/blob/master/.config/shell/profile#L29


      
          # ~/ Clean-up:
          export XDG_CONFIG_HOME="$HOME/.config"
          export XDG_DATA_HOME="$HOME/.local/share"
          export XDG_CACHE_HOME="$HOME/.cache"
          export XINITRC="$XDG_CONFIG_HOME/x11/xinitrc"
          #export XAUTHORITY="$XDG_RUNTIME_DIR/Xauthority" # This line will break some DMs.
          export NOTMUCH_CONFIG="$XDG_CONFIG_HOME/notmuch-config"
          export GTK2_RC_FILES="$XDG_CONFIG_HOME/gtk-2.0/gtkrc-2.0"
          export WGETRC="$XDG_CONFIG_HOME/wget/wgetrc"
          export INPUTRC="$XDG_CONFIG_HOME/shell/inputrc"
          export ZDOTDIR="$XDG_CONFIG_HOME/zsh"
          #export GNUPGHOME="$XDG_DATA_HOME/gnupg"
          export WINEPREFIX="$XDG_DATA_HOME/wineprefixes/default"
          export KODI_DATA="$XDG_DATA_HOME/kodi"
          export PASSWORD_STORE_DIR="$XDG_DATA_HOME/password-store"
          export TMUX_TMPDIR="$XDG_RUNTIME_DIR"
          export ANDROID_SDK_HOME="$XDG_CONFIG_HOME/android"
          export CARGO_HOME="$XDG_DATA_HOME/cargo"
          export GOPATH="$XDG_DATA_HOME/go"
          export ANSIBLE_CONFIG="$XDG_CONFIG_HOME/ansible/ansible.cfg"
          export UNISON="$XDG_DATA_HOME/unison"

ZDOTDIR contains the .zshrc

I think this is the cleanest way. The only thing is that skel needs to have some files. Is there a problem in that?

It does not depend on external program being installed and used.

Patrick · September 28, 2022, 10:17am

Oops. Forgot to write DefaultEnvironment=. Now fixed and edited in above post.

Could you try again please?

Patrick · September 28, 2022, 10:19am

I tested it with other variable names. Maybe it only works for other variable names and unfortunately there is some mechanism breaking it for ZDOTDIR.

Patrick · September 28, 2022, 10:20am

This one is 100% tested and functional.

/usr/lib/systemd/system.conf.d/30_kicksecure.conf

[Manager]
DefaultEnvironment=TESTVAR=1

Patrick · September 28, 2022, 10:25am

/usr/lib/systemd/system.conf.d/30_kicksecure.conf

[Manager]
DefaultEnvironment=TESTVAR=1

DefaultEnvironment=ZTESTDIR=/etc/zsh/dist

DefaultEnvironment=ZDOTDIR=/etc/zsh/dist

DefaultEnvironment=ZDOTDIRWHAT=/etc/zsh/dist

All functional.

env  | grep ZDOTDIR

ZDOTDIRWHAT=/etc/zsh/dist
ZDOTDIR=/etc/zsh/dist

(We’ll of course not ship the other variables which are just there for testing. Production version will of course only have ZDOTDIR.)

No such issue. All good.

Patrick · September 28, 2022, 11:07am

Last resort only. Reasons:

The systemd DefaultEnvironment approach seems much cleaner.

Patrick · September 28, 2022, 11:13am

nyxnor · September 28, 2022, 11:21am

OK, will accept this method.

Will test then.

To which repo this should be added together with the dotfiles?

Patrick · September 28, 2022, 11:33am

Good question. Looking through Kicksecure · GitHub I was wondering in which package it fits best without needing to invent yet another package. GitHub - Kicksecure/desktop-config-dist seems best. Since it’s kinda a “desktop” modification. Not desktop as in graphical desktop but desktop/notebook user interface related settings.

Currently description is Configuration for Derivative Xfce Desktop but Xfce can be removed from the description to make it more general. Changes by that package seem useful, some even have security impact but still optional and not of very critical importance.

nyxnor · September 29, 2022, 9:08pm

IJust to remeber to myself this doesn’t work on Qubes, prefix should be /usr/local/lib

nyxnor · September 29, 2022, 9:10pm

Nevermind, I should have done this on the template…

nyxnor · September 29, 2022, 9:40pm

github.com/Kicksecure/desktop-config-dist

add zsh files

Kicksecure:master ← nyxnor:master

opened 09:40PM - 29 Sep 22 UTC

nyxnor

+367 -0

Hope everyone likes it. Had just to update the paths to not be home, to be /e…tc/zsh/dist Removed the completion of hidden directories by default, still possible if the pattern starts with a dot, but I noticed that happened less often then expected. I made this decision because completing consecutive folders that were alone inside a folder was easy, instead of cylcying the curdirs. Hope everyone like it. Note templates have a longer prompt `[template workstation user ~]%`, I would make easier to debug if user posts the full prompt and we can see they are in the template.