I have noticed a change in the behavior of the quick widget in my Qubes Whonix workstation, instead of opening Thunar like it normally would in the open file manager drop down it now opens catfish is this a new behavior caused by a recent update?
Quick widget?
There was a change: Install Catfish file searching tool (Xfce DE) by default
This explains the new behavior change thanks, Just making sure. by quick widget I mean the Qubes Domains manager open file manager drop down
This is not an intended change. I.e. a bug.
For some reason catfish strangely seems to have a higher priority in /etc/alternatives (or so) than thunar.
1 Like
That’s strange, am I unique to this bug or have other users had this bug before, I haven’t messed with the templates besides updating them
I am not using the quick widget as you call it. Nobody else seems to have done so or not bothered to report this. Not only you. Probably all users affected.
This could be about how xdg-open picks its priorities.
xdg-open /
Opens catfish (unwanted) rather than thunar.
1 Like
I Appreciate the clarification, I created this post from worries of a compromise, any new behavior change in my workspace puts me on high alert but this one seems to be harmless so I will leave it as is thanks.
This is totally unnecessary and totally not how malware works. Elaborated here:
Valid Compromise Indicators versus Invalid Compromise Indicators
I agree it was unnecessary and foolish of me to be worried of a compromise by such a minuscule change and a adversary capable of breaking out of xen virtualization and infecting my template wouldn’t be foolish enough to leave traces unless they are performing a Zersetzung attack to mentally break me Which is likely not the case.
Just came across this post after I also noticed that catfish was used by default instead of thunar. I use veracrypt in an AppVM based on Whonix 17 and when I double click the opened disk it opens catfish and I can’t do anything with it. I opened thunar manually on the side but that seems like a usability annoyance.
If you don’t have use for catfish in your whonix workstation I recommend removing catfish in the template for now it fixed the issue and reverted the defaults to thunar for me.
Workaround:
Set thunar as default application to open folders. Inside Whonix-Workstation App Qube.
xdg-mime default thunar.desktop inode/directory
Developer information:
That results in modification of file: ~/.config/mimeapps.list
Based on linux - Determine what program is used by gio open? - Unix & Linux Stack Exchange
xdg-mime query filetype /tmp/a
inode/directory
xdg-mime query default inode/directory
org.xfce.Catfish.desktop
cat /usr/share/applications/org.xfce.Catfish.desktop | grep MimeType
MimeType=inode/directory;
cat /usr/share/applications/thunar.desktop | grep MimeType
MimeType=inode/directory;
2 Likes
Thank you for this, I have the same issue.
How can I do this but on a template instead so it reflects in all my current and future app qubes?
Unknown. Not trivial to research / change system-wide.
TODO:
- developers: research mechanism of
xdg-open/xdg-mime, how to change XDG mime preferences system-wide - users: reproduce this on Debian, report this issue to Debian
I’ve been able to solve it by moving the mimeapps.list from ~/.config/mimeapps.list to /etc/xdg/mimeapps.list
Can also be done by appending the following to /usr/share/applications/mimeapps.list:
inode/directory=thunar.desktop
Source:
https://wiki.archlinux.org/title/XDG_MIME_Applications#mimeapps.list
Would it be possible to have that by default in Kicksecure/Whonix?
catfish don’t seem to be a really good choice for a default file manager.
1 Like
We need to find the proper mechanism for Debian packaging for appending to /usr/share/applications/mimeapps.list.
It very most likely should not be done by directly writing to file. Instead, I can almost bet that Debian has a tool / packaging configuration file that should be used for this purpose.
Also, it would be best if this was reported to upstream, Debian so this can be fixed at the source of the issue.
I don’t think this is an issue with upstream, this is how it is supposed to work I guess.
Here is the default behavior that I get in a whonix app qube:
XDG_UTILS_DEBUG_LEVEL=3 xdg-mime query default inode/directory
Checking /home/user/.local/share/applications/defaults.list and /home/user/.local/share/applications/mimeinfo.cache
Checking /home/user/.local/share/applications/defaults.list and /home/user/.local/share/applications/mimeinfo.cache
Checking /home/user/.local/share/flatpak/exports/share/applications/defaults.list and /home/user/.local/share/flatpak/exports/share/applications/mimeinfo.cache
Checking /home/user/.local/share/flatpak/exports/share/applications/defaults.list and /home/user/.local/share/flatpak/exports/share/applications/mimeinfo.cache
Checking /var/lib/flatpak/exports/share/applications/defaults.list and /var/lib/flatpak/exports/share/applications/mimeinfo.cache
Checking /var/lib/flatpak/exports/share/applications/defaults.list and /var/lib/flatpak/exports/share/applications/mimeinfo.cache
Checking /usr/share/anon-apps-config/share//applications/defaults.list and /usr/share/anon-apps-config/share//applications/mimeinfo.cache
Checking /usr/share/anon-apps-config/share//applications/defaults.list and /usr/share/anon-apps-config/share//applications/mimeinfo.cache
Checking /usr/local/share//applications/defaults.list and /usr/local/share//applications/mimeinfo.cache
Checking /usr/local/share//applications/defaults.list and /usr/local/share//applications/mimeinfo.cache
Checking /usr/share//applications/defaults.list and /usr/share//applications/mimeinfo.cache
org.xfce.Catfish.desktop
It checks if any program is set to use inode/directory by default. If none are set, it reads /usr/share/applications and find the first program that can handle it, in this case catfish, because it looks alphabetically.
I see /usr/share/anon-apps-config/share/applications/ in there, maybe it could be used instead of the other ones since it is more related to this project?
If you don’t like the behavior of Debian → report to Debian.
It’s not as if this was already raised, discussed a lot and any further discussion banned under threat of permanent ban from Debian. The furthest away from this. Not to be found at all.
Debian has configured priorities, has configurable priorities elsewhere (/etc/alternatives), there’s a very high chance that this is within the scope of Debian.
Cannot just write to a file managed by another mechanism without understanding the mechanism. This can create more follow-up issues putting a static file there.
-
dpkg -S /usr/share/applications/defaults.list-
qubes-core-agent: /usr/share/applications/defaults.list
- So we cannot use that file. Because it is already owned by Qubes.
-
- In Open in DispVM doesn't work for PDF files · Issue #1621 · QubesOS/qubes-issues · GitHub @marmarek explains the mechanics of
mimeopen. - File
/usr/share//applications/mimeapps.list, while to owned by qubes, is written to by/usr/lib/qubes/set-default-text-editor. - Then there is also
/usr/share/qubes/xdg-override/mime/application/folder. -
dpkg -S mime | grep qubes qubes-rpc/qubes.StartApp-
os.environ['XDG_DATA_DIRS'] = '/usr/share/qubes/xdg-override'
-
In Whonix, we might need to expand XDG_DATA_DIRS to create our own xdg overrides file.