#13 Add liveuser Desktop path to XDG_DATA_DIRS environment variable
Closed a year ago by seaninspace. Opened a year ago by seaninspace.
Unknown source main  into  main

@@ -45,3 +45,8 @@

  

  # and mark it as executable (new Xfce security feature)

  chmod +x /home/liveuser/Desktop/liveinst.desktop

+ 

+ # liveuser desktop directory needs to be added to XDG_DATA_DIRS to be trusted (#2172854)

+ cat >> /etc/environment << FOE

+ XDG_DATA_DIRS="/usr/local/share/:/home/liveuser/Desktop/"

+ FOE

While the Anaconda Installer desktop icon is marked as an executable, XFCE still prompts the user with an "Untrusted Application Launcher" warning.

Adding the liveuser Desktop path to XDG_DATA_DIRS fixes this and Anaconda is able to start normally. Since XDG_DATA_DIRS is not set, it is automatically populated with /usr/local/share and /usr/share (per https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html). In my testing it continued to append /usr/share to what is in this commit.

Tested on Fedora-Xfce-Live-x86_64-38-20230331.n.0.iso.

I'm not entirely certain this is the best place for it (or if this is the best way to tackle this) so I'm happy to do this somewhere else, but it worked for me.

rebased onto 845414e

a year ago

Something about this doesn't seem right... @nonamedotc, @kevin: I'm hesitant to have things go into /etc/environment when this is something that should be controlled via an Xfce desktop setting of some kind. Is there something we can tweak for the liveuser Xfce session instead?

Looks like setting xfce-exe-checksum metadata also works:

$ gio set -t string /home/liveuser/Desktop/liveinst.desktop metadata::xfce-exe-checksum "$(sha256sum /home/liveuser/Desktop/liveinst.desktop | awk '{print $1}')"

Looks like setting xfce-exe-checksum metadata also works:

$ gio set -t string /home/liveuser/Desktop/liveinst.desktop metadata::xfce-exe-checksum "$(sha256sum /home/liveuser/Desktop/liveinst.desktop | awk '{print $1}')"

This is the correct solution for Xfce. This is very new [1].

Once the metadata is set, this should work fine.

[1] https://gitlab.xfce.org/xfce/thunar/-/commit/888ee36645fb489568496392ad57b8ad6ffc08fe

@nonamedotc ack, thank you for the confirmation! I'll close this PR and make a new one using that method.

Pull-Request has been closed by seaninspace

a year ago
Metadata