Closed C4C-Web closed 1 month ago
Yes, it's true.
the way to sign desktop links is a bit confusing and different from differents desktops: plasma, gnome, xfce, etc.
So just sign them as executable - a was before - but don't use:
kwriteconfig5 --file "/path/to/shortcut.desktop" --group "Desktop Entry" --key "X-KDE-Trust" "true"
gio set /path/to/shortcut.desktop "metadata::trusted" true
All the links remain in the menu: penguins-eggs.desktop
and system-install.desktop
, probably I can delete system-install.desktop
once installed, don't see contraindications.
Ok, this are notes to implement trust desktop links in the next versions.
Using gio info Desktop/penguins-eggs.desktop
and comparing before enable the link and after, another field is involved:
metadata::xfce-exe-checksum: f3018e0f6a808af43d3c75c19a069945f80b74f4e4e3535497e3c98624bb2ab0
where xfce-checksum is the sha256sum
of the link.
Remain to look to gnome.
As I understood, on gnome and others derivatives use the command gio
, and gio use GVfs to store data and the store is under ~/.local/share/gvfs-metadata/
so became a caos manage all the cases: we don't export users!.
For KDE must to be more simple probably, I had not tested.
I need a more clear and simple solution to implement it.
Thanks so much for looking into this. I believe I found the file that creates these shortcuts on the live desktop and edited it to try to fix, but that file appears to be re-created every time so my edits didn't stick.
If you find the way you can share, perhaps help me to understand.
I noticed that if I take the link with "add to desktop" the xfce-checksum is created automatically, but I must to work with scripts no gui.
Il giorno ven 23 ago 2024 alle ore 21:02 Eric Bradshaw < @.***> ha scritto:
Thanks so much for looking into this. I believe I found the file that creates these shortcuts on the live desktop and edited it to try to fix, but that file appears to be re-created every time so my edits didn't stick.
— Reply to this email directly, view it on GitHub https://github.com/pieroproietti/penguins-eggs/issues/381#issuecomment-2307651758, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAHKBFKJYUOTYAAWWIPJEG3ZS6BMLAVCNFSM6AAAAABM7G4OWKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGMBXGY2TCNZVHA . You are receiving this because you commented.Message ID: @.***>
-- Piero Proietti Via Pio Joris 15, 00155 Roma *sito: h @.>ttp://penguins-eggs.net http://penguins-eggs.net Internet MAIL: @. @.**>
Found /usr/bin/penguins-links-add.sh which I believe tells the live system to copy install-system.desktop and penguins-eggs.desktop and paste them on the Desktop and then runs a command that makes them trusted - but that part of it is apparently not working.
#!/bin/sh
DESKTOP=$(xdg-user-dir DESKTOP)
while [ ! -d "$DESKTOP" ]; do
DESKTOP=$(xdg-user-dir DESKTOP)
sleep 1
done
cp /usr/share/applications/install-system.desktop "$DESKTOP"
cp /usr/share/applications/penguins-eggs.desktop "$DESKTOP"
chmod +x "$DESKTOP"/*.desktop
So, I removed cp /usr/share/applications/penguins-eggs.desktop "$DESKTOP" altogether and changed the command to be a+x, tried to specifically point to install-system.desktop, make it trusted and then try and force the Desktop to refresh (like pressing F5), create and then immediately remove a folder (I named c4c)
#!/bin/sh
DESKTOP=$(xdg-user-dir DESKTOP)
while [ ! -d "$DESKTOP" ]; do
DESKTOP=$(xdg-user-dir DESKTOP)
sleep 1
done
cp /usr/share/applications/install-system.desktop "$DESKTOP"
chmod a+x "$DESKTOP"/install-system.desktop
gioset "$DESKTOP"/install-system.desktop
metadata::trusted true
mkdir "$DESKTOP"/c4c && rm -rf "$DESKTOP"/c4c
That didn't work so I decided to try hard links instead. I deleted /usr/lib/penguins-eggs/assets/penguins-eggs.desktop and /usr/share/applications/penguins-eggs.desktop then changed /usr/bin/penguins-links-add.sh to see if I could add krill on the live desktop
#!/bin/sh
DESKTOP=$(xdg-user-dir DESKTOP)
while [ ! -d "$DESKTOP" ]; do
DESKTOP=$(xdg-user-dir DESKTOP)
sleep 1
done
ln /usr/share/applications/install-system.desktop "$DESKTOP"
ln /usr/share/applications/penguins-krill.desktop "$DESKTOP"
That half-way worked? Deleting both instances of penguins-eggs.desktop made that shortcut stop showing up on the live Desktop, but krill did not get added to the live desktop and install-system.desktop didn't change a bit - it's still an untrusted shortcut, not a hard link. Just dawned on me this may be how I ended up will krill in the menu after install.
penguins-links-add.sh always gets reset to it's original values. /usr/lib/penguins-eggs/assets/penguins-links-add.desktop seems to initialize it but I can't see where Penguins' eggs re-creates it.
This really looks like it could solve the issue: How to Mass-Trust .desktop Files Via Shell on XFCE Forums https://forum.xfce.org/viewtopic.php?pid=70143#p70143
FILE; gio set -t string $f metadata::xfce-exe-checksum "$(sha256sum $f | awk '{print $1}')"
Thanks for this solution.
Il gio 29 ago 2024, 22:27 Eric Bradshaw @.***> ha scritto:
This really looks like it could solve the issue: How to Mass-Trust .desktop Files Via Shell on XFCE Forums https://forum.xfce.org/viewtopic.php?pid=70143#p70143
— Reply to this email directly, view it on GitHub https://github.com/pieroproietti/penguins-eggs/issues/381#issuecomment-2318904671, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAHKBFIAX7H2UVGVYU4LWQ3ZT57ZTAVCNFSM6AAAAABM7G4OWKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGMJYHEYDINRXGE . You are receiving this because you commented.Message ID: @.***>
Ran penguins-eggs_10.0.33-1_amd64 and it's fixed! Penguins' eggs and Install System launchers on the Desktop both worked without issue.
Running my ISO live, both the penguins-eggs.desktop and install-system.desktop shortcuts on the Desktop are Untrusted application launchers. They work fine once [Launch Anyway] or [Mark Executible] are chosen, but it's disconcerting. These same launchers appear in the menu too and run without issue from there.
Also krill runs without issue from the live system (and only appears in the menu) but unlike the other two shortcuts - remains in the menu after installation and no longer functions.
Xubuntu 24.04, penguins-eggs/10.0.27 linux-x64 node-v18.19.1