search

QubesOS / qubes-issues

The Qubes OS Project issue tracker
https://www.qubes-os.org/doc/issue-tracking/
539 stars 48 forks source link

`XDG_CURRENT_DESKTOP=X-QUBES` breaks Electron Safe Storage #9435

Open DemiMarie opened 2 months ago

DemiMarie commented 2 months ago

How to file a helpful issue

Qubes OS release

R4.2

Brief summary

Electron Safe Storage fails unless one of the following holds:

This breaks Element and Wire, causing data loss unless the user knows what they are doing.

Steps to reproduce

Not sure. Upgrading Electron may have been the cause,.

Expected behavior

Electron Safe Storage works.

Actual behavior

Electron Safe Storage fails.

marmarek commented 2 months ago

Can you provide more specific reproduction steps?

Anyway, this looks more like an Electron bug (if your diagnosis is actually correct), the X-QUBES value is perfectly valid one (it isn't directly specified, but Desktop Entry Specification links it with OnlyShowIn/NotShowIn and those are explained in more details in Desktop Menu Specification, including the "X-" one).

DemiMarie commented 1 month ago

Can you provide more specific reproduction steps?

The simplest way to reproduce this bug is to start the Wire flatpak (com.wire.WireDesktop) with a modified .desktop file. This works:

[Desktop Entry]
Name=Wire
# Wire Desktop works because Electron is told to ask GNOME Keyring for secrets
Exec=/usr/bin/flatpak run --branch=stable --arch=x86_64 --command=/app/bin/wire-desktop --file-forwarding com.wire.WireDesktop --password-store=gnome-libsecret @@u %U @@

As does this:

[Desktop Entry]
Name=Wire
# Wire Desktop works because Electron thinks it is running under GNOME and so asks
# GNOME Keyring for secrets.
Exec=/usr/bin/flatpak run --branch=stable --env=XDG_CURRENT_DESKTOP=GNOME --arch=x86_64 --command=/app/bin/wire-desktop --file-forwarding com.wire.WireDesktop @@u %U @@

But this does NOT work:

[Desktop Entry]
Name=Wire
# Wire Desktop started this way cannot find its secrets because it does not know
# which secret store to use and does not fall back to the portal.
Exec=/usr/bin/flatpak run --branch=stable --env=XDG_CURRENT_DESKTOP=X-QUBES --arch=x86_64 --command=/app/bin/wire-desktop --file-forwarding com.wire.WireDesktop @@u %U @@

Anyway, this looks more like an Electron bug (if your diagnosis is actually correct), the X-QUBES value is perfectly valid one (it isn't directly specified, but Desktop Entry Specification links it with OnlyShowIn/NotShowIn and those are explained in more details in Desktop Menu Specification, including the "X-" one).

The bug is that Electron does not fall back to the portal, which is what it should use.