-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Thu, Nov 10, 2016 at 01:59:20AM -0500, Jean-Philippe Ouellet wrote:
> On Wed, Nov 9, 2016 at 6:44 PM, Marek Marczykowski-Górecki
> <
marm...@invisiblethingslab.com> wrote:
> > /tmp/qubes-session-env isn't sourced second time, at least in theory
> > (QUBES_ENV_SOURCED=1). How could it work? In older version (Qubes 3.0?)
> > it was indeed sourced at each shell startup.
>
> Ah, you are correct.
>
> I had further modified my
> gui-agent-linux/appvm-scripts/usrbin/qubes-session in ways which are
> not suitable for upstream. My changes introduced an obvious race
> condition in which it is possible for the qubes session env to be
> "made ready" (mv /tmp/qubes-session-env.tmp ...env) before things
> started from xdg wrote to the env.tmp, potentially leading to vars
> from xdg failing to propagate. It always worked in practice, but that
> does not make it ok.
I'm not sure how exactly it is done on non-Qubes systems, but looking at
org.gnome.Session dbus API, it looks like the same race is there -
registering env variables is allowed only during startup phase and I see
no way to make some action to be done specifically during that phase
(other than being fast enough).
> One thing to clarify is what env var propagation dependency relations
> we should allow:
> - Should xdg-autostart be able to somehow propagate vars to other
> xdg-autostart entries? (allowing gnome-keychain -> nm-applet case)
> - only xdg-autostart -> qrexec-fork-server?
> - something else?
Given the above, and lack of generic standard (am I missing anything?),
I see two options:
1. Implement subset of org.gnome.Session dbus API somewhere, to
allow env variables being registered and propagated to
qrexec-fork-server.
2. Ignore the problem and say: if you want to set env variable globally,
do it in /etc/X11/xinit/xinitrc.d or ~/.profile.
I tend to go with the second option.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJYKNmfAAoJENuP0xzK19csmwUH/3quEI7ouhYc0OLQokm3Kz5u
zO/pmD92Qz5CsVV5nkwsNL1GUaXVw+5tqdvMoExvT5aELbKBd0pB9KiOj4tpwER1
PxwMxGG5e4CShLIDho/8Kb4rx5QRf2GMawLeK2fyRQwYGYPy0xPY7w+x20dEn+Fm
vbV705ognrdl4R1h/89pYPuI2ySQYeKPwhmf/zu3rqf29vLuQhecSXENaEwJKWgl
KpgpKeiOHePZ+4+C8Pe2bSZZiNtaBYSwgdZyKRZ4bs9LhFBdQj7XQYPrYPPeMHxD
Wx14T1snBs6s1HZyyDLsPLmz+EZrgI8t4Nmj6Y1ez5c5Psmbr3FPpGk4z90Svpg=
=NF5z
-----END PGP SIGNATURE-----