You are not logged in.
Pages: 1
Hi,
all my .desktop files are untrusted since 4.18. How can i mass-trust them via shell? I do not want to manually set it via appearing gui dialog or file/properties. Icons are not shown when untrusted.
Offline
Two things need to be done to a .desktop file to make it trusted:
it needs to be marked executable:
chmod +x FILE
it needs to have an xfce-exe-checksum metadata entry created for the file:
f=FILE; gio set -t string $f metadata::xfce-exe-checksum "$(sha256sum $f | awk '{print $1}')"
You can then script something to have that happen iteratively to a series of files.
Please remember to mark your thread [SOLVED] to make it easier for others to find
--- How To Ask For Help | FAQ | Developer Wiki | Community | Contribute ---
Offline
Thanks, works.
There seems to be a little bug though if the .desktop file is symlinked (to the desktop). Trying to set the symlink 'trusted' via gui or file/properties only sets the symlink (not the actual linked file as well) resulting in gui/thunar still throwing the 'untrusted' warning when invoking.
Offline
i have only ever done step 1 and never did step 2. it has always worked for me when i did just that much? what am i missing by not doing step 2?
Offline
i have only ever done step 1 and never did step 2. it has always worked for me when i did just that much? what am i missing by not doing step 2?
Checksum-based launcher trusts are new functionality added in Thunar 4.17.4 (also involving enhancements to exo and libxfce4util). In 4.18, you will need to do both.
Edit: From https://gitlab.xfce.org/xfce/thunar/-/c … ad6ffc08fe:
Only using the executable flag to 'trust' launchers is insecure, because the flag e.g. can be pre-set in archives.
'Trusting' a launcher now will generate a checksum of the launcher and store it via gvfs-metadata.
Last edited by ToZ (2022-12-19 11:37:01)
Please remember to mark your thread [SOLVED] to make it easier for others to find
--- How To Ask For Help | FAQ | Developer Wiki | Community | Contribute ---
Offline
f=FILE; gio set -t string $f metadata::xfce-exe-checksum "$(sha256sum $f | awk '{print $1}')"
Thanks for this solution.
If automating, it's worth quoting $f as it fails if it contains spaces or special characters...
f=FILE; gio set -t string "$f" metadata::xfce-exe-checksum "$(sha256sum "$f" | awk '{print $1}')"
Offline
Yes, you are right. Thanks for the catch.
Welcome to the forum.
Please remember to mark your thread [SOLVED] to make it easier for others to find
--- How To Ask For Help | FAQ | Developer Wiki | Community | Contribute ---
Offline
If automating, it's worth quoting $f as it fails if it contains spaces or special characters...
How do you automate this? I've tried to assemble a one-liner without success in bash with 'find [...] -exec bash -c' but it always fails as the original one-liner has single and double quotes and subshell.
Offline
Using for loop instead of find, this works for me:
for f in ~/Desktop/*.desktop; do chmod +x "$f"; gio set -t string "$f" metadata::xfce-exe-checksum "$(sha256sum "$f" | awk '{print $1}')"; done
Last edited by ToZ (2023-01-22 21:22:27)
Please remember to mark your thread [SOLVED] to make it easier for others to find
--- How To Ask For Help | FAQ | Developer Wiki | Community | Contribute ---
Offline
Thanks. I've previously tried something similar with 'for f in $(find ...); do ...' that unfortunately broke on whitespaces but globbing is safe indeed.
Offline
Pages: 1