firecfg: Remove DBusActivatable from .desktop files

[SkewedZeppelin]

Currently certain programs when launched do not spawn under Firejail and are unsandboxed. This can be simply fixed by removing DBusActivatable=true from their corresponding desktop file. firecfg already rewrites hardcoded paths in .desktop files so this should take too much to do.

This would allow the following applications to always launch sandboxed

• gedit
• totem
• pithos
• peek
• baobab
• nemo (not that its useful)
• nautilus (^)

and these programs if they ever got profiles

• gnome-screenshot
• gnome-disks
• cheese

and probably many more.

In the mean time, users can run the following command as a workaround

sudo sed -i "s|DBusActivatable=true|DBusActivatable=false|" /usr/share/applications/*.desktop

[netblue30]

We have a fix in. Before you try it, remove all the files from ~/.local/share/applications directory.

[SkewedZeppelin]

Thanks! It seems a bit broken however...

• It seems to have regressed in that there are a few programs with hardcoded paths that it didn't fix: remmina, xonotic*
• And it also doesn't seem to detect DBusActivatable in all of them and only fixed 3 out of 6 of them: missing totem, pithos, peek

[netblue30]

Print the exec and dbus lines creating problems here. I tried pithos on debian stable, it doesn't have the dbus line. What distro are you using?

[SkewedZeppelin]

Here are all the .desktops that are having issues
https://gist.github.com/SpotComms/e94c7c9275f7c30921c55f8cde9e9365

And Pithos only got DBusActivatable recently, pithos/pithos@abdadf9

[netblue30]

I think I got all of them, thanks for the files. Try again and we'll do another round of fixes if necessary.

[SkewedZeppelin]

It works!

[reagentoo]

$ grep -ri DBusActivatable /usr/share/applications/
/usr/share/applications/org.gnome.Terminal.Preferences.desktop:DBusActivatable=false
/usr/share/applications/org.gnome.Calendar.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.Boxes.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.Characters.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.DiskUtility.desktop:DBusActivatable=true
/usr/share/applications/ca.desrt.dconf-editor.desktop:DBusActivatable=true
/usr/share/applications/io.bassi.Amberol.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.TextEditor.desktop:DBusActivatable=false
/usr/share/applications/org.gnome.font-viewer.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.Screenshot.desktop:DBusActivatable=true
/usr/share/applications/de.haeckerfelix.Fragments.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.Ptyxis.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.Extensions.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.Maps.desktop:DBusActivatable=true
/usr/share/applications/io.github.celluloid_player.Celluloid.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.Shell.PortalHelper.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.Builder.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.Weather.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.clocks.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.Software.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.Nautilus.desktop:DBusActivatable=true
/usr/share/applications/org.gnome.Console.desktop:DBusActivatable=true

Any new workarounds in 2k24?

[rusty-snake]

• Your list contains a lot of programs w/o profile.
• This issue is closed.
• This issue is old.
• The open bug (firecfg does not detect all .desktop files for cleaning #2624) is about not detecting all .desktop files.

Any new workarounds in 2k24?

sed "s/DBusActivatable=true/DBusActivatable=false/g"