We should make all .desktop files executable

[fishy]

Describe the bug
Without making .desktop files executable, KDE/Plasma blocks the running of them for security reasons.

I'm using nixpkgs with Debian+KDE, I used nixpkgs to install 3 packages with .desktop files:

$ ll ~/.nix-profile/share/applications/
total 12K
lrwxrwxrwx 1 fishy fishy  96 Dec 31  1969 darktable.desktop -> /nix/store/qcxc00pmfr0qrn9mgml8b48jsbkkjvf4-darktable-3.4.0/share/applications/darktable.desktop
lrwxrwxrwx 1 fishy fishy  97 Dec 31  1969 firefox.desktop -> /nix/store/mfwp4l6gdg783l65nv90yn595wixi8di-firefox-bin-84.0.1/share/applications/firefox.desktop
lrwxrwxrwx 1 fishy fishy 105 Dec 31  1969 thunderbird.desktop -> /nix/store/nw2c4pqn2vkv7dhs4vy0c9611p339agq-thunderbird-bin-78.6.0/share/applications/thunderbird.desktop

Among them, only the firefox one is executable:

$ ll /nix/store/mfwp4l6gdg783l65nv90yn595wixi8di-firefox-bin-84.0.1/share/applications/firefox.desktop
-r-xr-xr-x 1 fishy fishy 302 Dec 31  1969 /nix/store/mfwp4l6gdg783l65nv90yn595wixi8di-firefox-bin-84.0.1/share/applications/firefox.desktop

The other 2 are not:

$ ll /nix/store/qcxc00pmfr0qrn9mgml8b48jsbkkjvf4-darktable-3.4.0/share/applications/darktable.desktop
-r--r--r-- 1 fishy fishy 3.2K Dec 31  1969 /nix/store/qcxc00pmfr0qrn9mgml8b48jsbkkjvf4-darktable-3.4.0/share/applications/darktable.desktop
$ ll /nix/store/nw2c4pqn2vkv7dhs4vy0c9611p339agq-thunderbird-bin-78.6.0/share/applications/thunderbird.desktop
-r--r--r-- 1 fishy fishy 333 Dec 31  1969 /nix/store/nw2c4pqn2vkv7dhs4vy0c9611p339agq-thunderbird-bin-78.6.0/share/applications/thunderbird.desktop

I have no problem running firefox from KDE's launcher feature (I think that's called KRun), but when I try to run the other 2 KDE would complain (the screenshots are taking darktable as an example):

Searching the error message in KDE code, I found 2 occurrences of them:

https://github.com/KDE/kio/blob/6d98246cb1bdfdb5b39388c069ded589fa2db0b1/src/gui/applicationlauncherjob.cpp#L138-L155

https://github.com/KDE/kdelibs/blob/1c5b25966136b6099665477616fb4d38a98fd7ef/kio/kio/krun.cpp#L963-L978

Looking at the code, my understanding is that because the Exec line inside the .desktop files are on absolute path:

$ grep Exec /nix/store/qcxc00pmfr0qrn9mgml8b48jsbkkjvf4-darktable-3.4.0/share/applications/darktable.desktop
Exec=/nix/store/qcxc00pmfr0qrn9mgml8b48jsbkkjvf4-darktable-3.4.0/bin/darktable %U
TryExec=/nix/store/qcxc00pmfr0qrn9mgml8b48jsbkkjvf4-darktable-3.4.0/bin/darktable

KDE's security policy dictates that the .desktop file must also be executable or it refuses to run it.

As a result, I think we should make all .desktop files executable to improve KDE compatibility.

To Reproduce
Steps to reproduce the behavior:

1. ...
2. ...
3. ...

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots
If applicable, add screenshots to help explain your problem.

Additional context
Add any other context about the problem here.

Notify maintainers

Metadata
Please run nix-shell -p nix-info --run "nix-info -m" and paste the result.

$ nix-shell -p nix-info --run "nix-info -m"
 - system: `"x86_64-linux"`
 - host os: `Linux 5.9.0-5-amd64, Debian GNU/Linux, noversion`
 - multi-user?: `no`
 - sandbox: `no`
 - version: `nix-env (Nix) 2.3.10`
 - channels(fishy): `"nixpkgs-21.03pre260073.ad13f0e569c"`
 - nixpkgs: `/home/fishy/.nix-defexpr/channels/nixpkgs`

Maintainer information:

# a list of nixpkgs attributes affected by the problem
attribute:
# a list of nixos modules affected by the problem
module:

[fishy]

I did already add the path to my $XDG_DATA_DIRS, FWIW:

$ env | grep XDG_DATA_DIRS
XDG_DATA_DIRS=/home/fishy/.nix-profile/share:/home/fishy/.local/share:/usr/local/share/:/usr/share/

[fishy]

hmm actually the problem seems to be more than "make them executable".

I noticed that firefox.desktop also don't use absolute path (btw I'm using firefox-bin and thunderbird-bin instead of firefox and thunderbird):

$ grep Exec /nix/store/mfwp4l6gdg783l65nv90yn595wixi8di-firefox-bin-84.0.1/share/applications/firefox.desktop
Exec=firefox %U

But I tried to patch thunderbird to be as close to that as possible and it still won't work 🤔 :

$ git diff
diff --git a/pkgs/applications/networking/mailreaders/thunderbird-bin/default.nix b/pkgs/applications/networking/mailreaders/thunderbird-bin/default.nix
index b1905359..3a52613e 100644
--- a/pkgs/applications/networking/mailreaders/thunderbird-bin/default.nix
+++ b/pkgs/applications/networking/mailreaders/thunderbird-bin/default.nix
@@ -147,12 +147,13 @@ stdenv.mkDerivation {
       cat > $out/share/applications/thunderbird.desktop <<EOF
       [Desktop Entry]
       Type=Application
-      Exec=$out/bin/thunderbird
+      Exec=thunderbird %U
       Icon=$out/usr/lib/thunderbird-bin-${version}/chrome/icons/default/default256.png
       Name=Thunderbird
       GenericName=Mail Reader
       Categories=Application;Network;
       EOF
+      chmod a+x $out/share/applications/thunderbird.desktop
 
       # SNAP_NAME: https://github.com/NixOS/nixpkgs/pull/61980
       # MOZ_LEGACY_PROFILES and MOZ_ALLOW_DOWNGRADE:

[flokli]

cc @ttuegel

[ttuegel]

I noticed that firefox.desktop also don't use absolute path (btw I'm using firefox-bin and thunderbird-bin instead of firefox and thunderbird):

FWIW, I think the note about absolute paths in the kio source code is referring to the absolute path of the .desktop file. I don't think it cares about the path on the Exec= line. (The link to the kdelibs source code is KDE 4.)

[eliasp]

If *.desktop files are executable, systemd-xdg-autostart-generator will complain about them like this in case they're copied/symlinked to $XDG_CONFIG_HOME/autostart or present in $XDG_CONFIG_DIRS/autostart:

Dec 25 21:26:53 moria systemd-xdg-autostart-generator[857]: Configuration file /home/eliasp/.config/autostart/org.kde.yakuake.desktop is marked executable. Please remove executable permission bits. Proceeding anyway.

[eliasp]

Regarding the absolute path in *.desktop files, see also:

FYI, the latest recommendation is to not use absolute paths in the Exec= directive. Rationale: .desktop files are often copied to $HOME/... for auto-starting, which means they bit-rot...

[flokli]

So we shouldn't make them executable, and also not absolute. Let's close this then, thanks for the pointers :-)

[eliasp]

For the sake of completeness, this StackeExchange post also makes a few good points regarding this topic, where I believe the most significant one is:

If a *.desktop file would be executable, it would have to be either a supported binary format like ELF or supply a shebang like #!/usr/bin/env xdg-open…

[nixos-discourse]

This issue has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/kde-desktop-files-on-ubuntu/7724/6