configure Qubes-Whonix XFCE default start menu entries (whitelisted appmenus)
https://phabricator.whonix.org/T883
Let’s consider to no longer depend on meta package xfce4. Instead, we could just depend on the individual packages we care about. Some packages that xfce4 depends on that we may not need or don’t want:
- Debian -- Details of package gtk2-engines-xfce in buster needed?
- Debian -- Details of package libxfce4ui-utils in buster needed?
- Debian -- Details of package thunar in buster keep for sure
- Debian -- Details of package xfce4-appfinder in buster probably keep
- Debian -- Details of package xfce4-panel in buster keep for sure
- Debian -- Details of package xfce4-pulseaudio-plugin in buster keep for sure (but perhaps workstation only, not a big deal)
- Debian -- Details of package xfce4-session in buster maybe we can avoid this one?
- Debian -- Details of package xfce4-settings in buster keep for sure
- Debian -- Details of package xfconf in buster keep for sure (but might be a dependency anyhow, so we might not need to add it as a dependency in Whonix anon-meta-packages)
- Debian -- Details of package xfwm4 in buster required
- Debian -- Details of package desktop-base in buster good if we could avoid it (since it contains Debian’s logo) but also not a big deal if we set our own background anyhow
- Debian -- Details of package tango-icon-theme in buster probably keep
- Debian -- Details of package thunar-volman in buster probably keep
-
Debian -- Details of package xorg in buster we depend on
xserver-xorganyhow, not sure we need to explicitly depend onxorgtoo - Debian -- Details of package gtk3-engines-xfce in buster probably required
-
Debian -- Details of package xfce4-goodies in buster probably keep (has some things we like such as
xfce4-datetime-pluginbut also some things we don’t need such asxfce4-weather-plugin) - Debian -- Details of package xfce4-power-manager in buster avoidable?
2 Likes
What’s the reasoning behind this? Will it be easier to move to alternative DEs in the future? Seems like a lot of deps to add manually instead of xfce4
1 Like
Unrelated since this only affects package hardened-desktop-environment-essential-xfce.
(Since we nowadays have non-qubes-whonix-gateway-cli and non-qubes-whonix-workstation-cli it is nowadays a lot easier to add support for other desktop environments compares to times where Whonix KDE was the only thing that existed.)
See reason for each individual package above. Overall reasons:
- don’t install things which are a potential source of bugs (such as session management, remember this bug where KDE session saving caused this: kdesudo error popup window ( sdwdate-gui ))
- avoid unnecessary things (such as power savings inside VM)
- less potential privacy issues (sessions savings)
- lower attack surface
- save disk space
- not have some unnecessary, potentially harmful package included when upgrading to the next major Debian version
1 Like
Great!
Agreed with your assessment of each. Pull the trigger 
Rich source of XFCE settings manipulation:
https://www.linuxsecrets.com/archlinux-wiki/wiki.archlinux.org/index.php/Xfce.html
Anything useful for us there?
1 Like
It’s not clear to me yet how folder /etc/xdg/xfce4/xfconf/xfce-perchannel-xml (or more generally folder /etc/xdg/xfce4/) works. It may be a superior solution to folder /etc/skel/.config/xfce4/xfconf/xfce-perchannel-xml.
Progress on disable removable drives auto-mounting - XFCE only (⚓ T902 disable removable drives auto-mounting - XFCE only) was made.
1 Like
/etc/xdg/xfce4/xfconf/xfce-perchannel-xml looks better in any case. Going to port to it.
1 Like
Debian /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-session.xml
<?xml version="1.0" encoding="UTF-8"?>
<channel name="xfce4-session" version="1.0">
<property name="general" type="empty">
<property name="FailsafeSessionName" type="string" value="Failsafe"/>
</property>
<property name="sessions" type="empty">
<property name="Failsafe" type="empty">
<property name="IsFailsafe" type="bool" value="true"/>
<property name="Count" type="int" value="5"/>
<property name="Client0_Command" type="array">
<value type="string" value="xfwm4"/>
</property>
<property name="Client0_PerScreen" type="bool" value="false"/>
<property name="Client1_Command" type="array">
<value type="string" value="xfsettingsd"/>
</property>
<property name="Client1_PerScreen" type="bool" value="false"/>
<property name="Client2_Command" type="array">
<value type="string" value="xfce4-panel"/>
</property>
<property name="Client2_PerScreen" type="bool" value="false"/>
<property name="Client3_Command" type="array">
<value type="string" value="Thunar"/>
<value type="string" value="--daemon"/>
</property>
<property name="Client3_PerScreen" type="bool" value="false"/>
<property name="Client4_Command" type="array">
<value type="string" value="xfdesktop"/>
</property>
<property name="Client4_PerScreen" type="bool" value="false"/>
</property>
</property>
<property name="splash" type="empty">
<property name="Engine" type="string" value=""/>
</property>
</channel>
Whonix:
Preparing to unpack .../whonix-xfce-desktop-config_1.4-1_all.deb ...
Unpacking whonix-xfce-desktop-config (3:1.4-1) ...
dpkg: error processing archive /mnt/initialdeb/pool/main/w/whonix-xfce-desktop-config/whonix-xfce-desktop-config_1.4-1_all.deb (--unpack):
trying to overwrite '\''/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-session.xml'\'', which is also in package xfce4-session 4.12.1-6
Errors were encountered while processing:
/mnt/initialdeb/pool/main/w/whonix-xfce-desktop-config/whonix-xfce-desktop-config_1.4-1_all.deb
E: Sub-process /usr/bin/dpkg returned an error code (1) '
+ apt_get_exit_code=100After removing the xfce4 meta package:
The following packages were automatically installed and are no longer required:
gtk2-engines-xfce libkeybinder-3.0-0 libwnck-common libwnck22
libxfce4ui-utils xfce4-appfinder xfce4-panel xfce4-pulseaudio-plugin
xfce4-session xfce4-settings xfdesktop4 xfdesktop4-data xfwm4
The following packages were not installed by default anyhow:
- tango-icon-theme
- gtk3-engines-xfce
- xfce4-power-manager
- xfce4-goodies
System would work well without the following packages:
- gtk2-engines-xfce
List of packages we depend on from other packages anyhow:
- thunar
List of packages we would keep for sure (manually add Depends:):
- thunar-volman
- xfce4-appfinder
- xfce4-pulseaudio-plugin
- xfconf
- xfce4-settings
- xfconf
- xfce4-panel
- xfwm4
- xfdesktop4
- xfce4-session
In conclusion, dependencies by Debian -- Details of package xfce4 in buster by look very good. At most package Debian -- Details of package gtk2-engines-xfce in buster and Debian -- Details of package libxfce4ui-utils in buster would be avoidable. Really not worth the effort. Keeping meta package xfce4.
Any suggestions for the background image? Any background image available from any packages sourced from packages.debian.org?
The only two backgrounds images installed currently (non-removable [as long as we want to use XFCE] dependency package xfdesktop4-data)
- /usr/share/backgrounds/xfce/xfce-blue.jpg
- /usr/share/backgrounds/xfce/xfce-teal.jpg
Could be changed here:
xfce-desktop-config-dist/xfce4-desktop.xml at master · Kicksecure/xfce-desktop-config-dist · GitHub