/etc/xdg/autostart/ NotShowIn necessary?

phabricator-migrator · February 19, 2024, 5:51pm

Information

ID: 164
PHID: PHID-TASK-mgo4wqtlefhjkze3sesd
Author: Patrick
Status at Migration Time: invalid
Priority at Migration Time: Normal

Description

github.com

nrgaway/qubes-whonix/blob/51ec5194008e71bcfdd9b8e82aa9f76dc2077dc3/debian/qubes-whonix.postinst#L195


      
          # Disable unwanted applications
          update-rc.d network-manager disable || true
          update-rc.d spice-vdagent disable || true
          update-rc.d swap-file-creator disable || true
          update-rc.d whonix-initializer disable || true
          
          # Will not be restarted in chroot which is what is expected
          systemctl restart /usr/lib/qubes-whonix/init/init
          systemctl restart /usr/lib/qubes-whonix/init/qubes-whonix-firewall
          
          # Modify desktop files not to show in Qubes
          for item in = /etc/xdg/autostart/pulseaudio-kde.desktop \
                        /etc/xdg/autostart/gateway_first_run_notice.desktop \
                        /etc/xdg/autostart/spice-vdagent.desktop \
                        /etc/xdg/autostart/whonixsetup.desktop \
                        /etc/xdg/autostart/whonix-setup-wizard.desktop ; do
              showIn "${item}" 'NotShowIn=QUBES;'
          done
          
          # Set timezone to UTC and make files immutable
          timezone='UTC'

# Modify desktop files not to show in Qubes
for item in = /etc/xdg/autostart/pulseaudio-kde.desktop \
/etc/xdg/autostart/gateway_first_run_notice.desktop \
/etc/xdg/autostart/spice-vdagent.desktop \
/etc/xdg/autostart/whonixsetup.desktop \
/etc/xdg/autostart/whonix-setup-wizard.desktop ; do
showIn "${item}" 'NotShowIn=QUBES;'
done

What’s the good for? Does it actually make a difference? As far I know, elements in /etc/xdg/autostart are not shown in start menu anyhow. The NotShowIn would be without effect there.

I advice to not modify these files that way, otherwise users run into an interactive dpkg conflict resolution dialog on upgrade of the qubes-whonix package.

Comments

nrgaway

2015-02-15 10:55:47 UTC

Yes its required. It will prevent items from starting in Qubes that we do not want started. The may not show, but they will start if in the autostart directory. This is a Qubes function [[ https://github.com/nrgaway/gui-agent-linux/commit/3287ae87cf00b61d0e9ba8a8f5ca301f9123b3b7#diff-d8b9296a2c6a78a087ed04f21ceadf8aR61 | https://github.com/nrgaway/gui-agent-linux/commit/3287ae87cf00b61d0e9ba8a8f5ca301f9123b3b7#diff-d8b9296a2c6a78a087ed04f21ceadf8aR61 ]]

Configuration files should not create Debian conflicts and should prompt the user to use maintainers version or keep existing. Overdidden files are actually not touched; a copy of them is moved into the /usr/share/qubes/xdg/autostart which is given priority over /etc/xdg.

I use this to prevent whonix setup from starting, since I manually start it; otherwise it starts too early in Qubes and you get problems like errors popping up ot it can block for upto a minute.

Its also used for pulseaudio so system apps are not started and only qubes are.

Patrick

2015-02-15 11:10:58 UTC

nrgaway

2015-02-15 11:24:24 UTC

Patrick

2015-02-15 11:39:06 UTC

nrgaway

2015-02-16 05:40:31 UTC

I am not too sure. Currently all the startup logic is handled in [[ https://github.com/nrgaway/qubes-whonix/blob/9.6-1/usr/lib/qubes-whonix/qubes-whonixsetup | https://github.com/nrgaway/qubes-whonix/blob/9.6-1/usr/lib/qubes-whonix/qubes-whonixsetup ]].

It is separated into 3 sections, gateway, workstation and template. Currently as stated above I handle the starting of whonix-setup-wizard, tor and sdwdate due to some race conditions as described earlier which should be solved when systemd unit files are created.

I also execute whonix-setup-wizard as follows:
XDG_CURRENT_DESKTOP=gnome sudo /usr/bin/whonix-setup-wizard setup -style gtk+

Adding a gtk+ style so it does not look so ugly on bootup. A common issue among all distros is having styles set for root users. I would like this issue solved across the board so all the Whonix programs started as root are using a preferred style (maybe create another issue for this).

The other thing the qubes-whonixsetup script does is prevent setup from running in a template; since the template does not have complete Internet access (only for apt-get via proxy) AND replacing IP addresses would not work correctly. It also blocks all access, even to updates if the netvm is not set to a whonix-gateway proxy (therefore only allowing updates via tor).

Patrick

2015-02-16 21:49:01 UTC