From 3d06ce1ee906b17cb00d97c548017c845a84681c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
 <marmarek@invisiblethingslab.com>
Date: Thu, 27 Aug 2015 21:29:32 +0200
Subject: [PATCH] Implement dropins for /etc/xdg/autostart (#1151)

Usage of _static_ files (dropins) to override some of autostart entries
(enable/disable them in appropriate VM types) is much simpler and less
error prone than automatic generators.

Handling code is implemented in qubes-session-autostart, which is called
from qubes-session.

qubesos/qubes-issues#1151
---
 Makefile                                      |  2 +
 autostart-dropins/Makefile                    |  6 ++
 autostart-dropins/README.txt                  | 20 +++++
 autostart-dropins/deja-dup-monitor.desktop    |  2 +
 autostart-dropins/gcm-apply.desktop           |  2 +
 autostart-dropins/gnome-keyring-gpg.desktop   |  2 +
 .../gnome-keyring-pkcs11.desktop              |  2 +
 .../gnome-keyring-secrets.desktop             |  2 +
 autostart-dropins/gnome-keyring-ssh.desktop   |  2 +
 autostart-dropins/gnome-power-manager.desktop |  2 +
 autostart-dropins/gnome-screensaver.desktop   |  2 +
 .../gnome-settings-daemon.desktop             |  2 +
 autostart-dropins/gnome-sound-applet.desktop  |  2 +
 autostart-dropins/gpk-update-icon.desktop     |  2 +
 .../gsettings-data-convert.desktop            |  2 +
 autostart-dropins/imsettings-start.desktop    |  2 +
 autostart-dropins/krb5-auth-dialog.desktop    |  2 +
 autostart-dropins/nm-applet.desktop           |  2 +
 autostart-dropins/notify-osd.desktop          |  2 +
 autostart-dropins/orca-autostart.desktop      |  2 +
 autostart-dropins/pulseaudio.desktop          |  2 +
 autostart-dropins/restorecond.desktop         |  2 +
 autostart-dropins/sealertauto.desktop         |  2 +
 .../user-dirs-update-gtk.desktop              |  2 +
 misc/qubes-session-autostart                  | 84 +++++++++++++++++++
 rpm_spec/core-vm.spec                         |  4 +
 26 files changed, 158 insertions(+)
 create mode 100644 autostart-dropins/Makefile
 create mode 100644 autostart-dropins/README.txt
 create mode 100644 autostart-dropins/deja-dup-monitor.desktop
 create mode 100644 autostart-dropins/gcm-apply.desktop
 create mode 100644 autostart-dropins/gnome-keyring-gpg.desktop
 create mode 100644 autostart-dropins/gnome-keyring-pkcs11.desktop
 create mode 100644 autostart-dropins/gnome-keyring-secrets.desktop
 create mode 100644 autostart-dropins/gnome-keyring-ssh.desktop
 create mode 100644 autostart-dropins/gnome-power-manager.desktop
 create mode 100644 autostart-dropins/gnome-screensaver.desktop
 create mode 100644 autostart-dropins/gnome-settings-daemon.desktop
 create mode 100644 autostart-dropins/gnome-sound-applet.desktop
 create mode 100644 autostart-dropins/gpk-update-icon.desktop
 create mode 100644 autostart-dropins/gsettings-data-convert.desktop
 create mode 100644 autostart-dropins/imsettings-start.desktop
 create mode 100644 autostart-dropins/krb5-auth-dialog.desktop
 create mode 100644 autostart-dropins/nm-applet.desktop
 create mode 100644 autostart-dropins/notify-osd.desktop
 create mode 100644 autostart-dropins/orca-autostart.desktop
 create mode 100644 autostart-dropins/pulseaudio.desktop
 create mode 100644 autostart-dropins/restorecond.desktop
 create mode 100644 autostart-dropins/sealertauto.desktop
 create mode 100644 autostart-dropins/user-dirs-update-gtk.desktop
 create mode 100644 misc/qubes-session-autostart

diff --git a/Makefile b/Makefile
index 02be08f..f2b556c 100644
--- a/Makefile
+++ b/Makefile
@@ -121,6 +121,7 @@ install-rh: install-systemd install-systemd-dropins install-sysvinit
 	install -m 0400 -D network/ip6tables $(DESTDIR)/usr/lib/qubes/init/ip6tables
 
 install-common:
+	$(MAKE) -C autostart-dropins install
 	install -m 0644 -D misc/fstab $(DESTDIR)/etc/fstab
 
 	install -D -m 0440 misc/qubes.sudoers $(DESTDIR)/etc/sudoers.d/qubes
@@ -171,6 +172,7 @@ install-common:
 	install network/qubes-netwatcher $(DESTDIR)/$(SBINDIR)/
 
 	install -d $(DESTDIR)/usr/bin
+	install -m 0755 misc/qubes-session-autostart $(DESTDIR)/usr/bin/qubes-session-autostart
 	install -m 0755 misc/qubes-desktop-file-install $(DESTDIR)/usr/bin/qubes-desktop-file-install
 	install -m 0755 misc/qubes-trigger-desktop-file-install $(DESTDIR)$(LIBDIR)/qubes/qubes-trigger-desktop-file-install
 
diff --git a/autostart-dropins/Makefile b/autostart-dropins/Makefile
new file mode 100644
index 0000000..eee3d53
--- /dev/null
+++ b/autostart-dropins/Makefile
@@ -0,0 +1,6 @@
+
+DROPINS_DIR = /etc/qubes/autostart
+
+install:
+	for f in *.desktop; do install -m 0644 -D $$f $(DESTDIR)$(DROPINS_DIR)/$$f.d/30_qubes.conf; done
+	install -m 0644 README.txt $(DESTDIR)$(DROPINS_DIR)/
diff --git a/autostart-dropins/README.txt b/autostart-dropins/README.txt
new file mode 100644
index 0000000..c008f46
--- /dev/null
+++ b/autostart-dropins/README.txt
@@ -0,0 +1,20 @@
+This directory (/etc/qubes/autostart) is used to override parts of files in
+/etc/xdg/autostart. For each desktop file there, you can create directory named
+after the file plus ".d", then place files there. All such files will be read
+(in lexicographical order) and lines specified there will override respective
+entries in the original file. This can be used for example to enable or disable
+specific application in particular VM type.
+
+For example, you can extend `/etc/xdg/autostart/gnome-keyring-ssh.desktop` by
+creating `/etc/qubes/autostart/gnome-keyring-ssh.desktop.d/50_user.conf` with:
+```
+[Desktop Entry]
+OnlyShowIn=X-AppVM;
+```
+
+This would mean that `OnlyShowIn` key would be read as `X-AppVM;`, regardless
+of original entry in `/etc/xdg/autostart/gnome-keyring-ssh.desktop`.
+
+This mechanism overrides only content of /etc/xdg/autostart, files placed in
+~/.config/autostart are unaffected, so can be used to override settings per-VM
+basis.
diff --git a/autostart-dropins/deja-dup-monitor.desktop b/autostart-dropins/deja-dup-monitor.desktop
new file mode 100644
index 0000000..98a3ec9
--- /dev/null
+++ b/autostart-dropins/deja-dup-monitor.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+NotShowIn=X-QUBES;
diff --git a/autostart-dropins/gcm-apply.desktop b/autostart-dropins/gcm-apply.desktop
new file mode 100644
index 0000000..7f778a1
--- /dev/null
+++ b/autostart-dropins/gcm-apply.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+NotShowIn=X-DisposableVM;
diff --git a/autostart-dropins/gnome-keyring-gpg.desktop b/autostart-dropins/gnome-keyring-gpg.desktop
new file mode 100644
index 0000000..b60f8d9
--- /dev/null
+++ b/autostart-dropins/gnome-keyring-gpg.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+OnlyShowIn=GNOME;X-AppVM;
diff --git a/autostart-dropins/gnome-keyring-pkcs11.desktop b/autostart-dropins/gnome-keyring-pkcs11.desktop
new file mode 100644
index 0000000..b60f8d9
--- /dev/null
+++ b/autostart-dropins/gnome-keyring-pkcs11.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+OnlyShowIn=GNOME;X-AppVM;
diff --git a/autostart-dropins/gnome-keyring-secrets.desktop b/autostart-dropins/gnome-keyring-secrets.desktop
new file mode 100644
index 0000000..b60f8d9
--- /dev/null
+++ b/autostart-dropins/gnome-keyring-secrets.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+OnlyShowIn=GNOME;X-AppVM;
diff --git a/autostart-dropins/gnome-keyring-ssh.desktop b/autostart-dropins/gnome-keyring-ssh.desktop
new file mode 100644
index 0000000..b60f8d9
--- /dev/null
+++ b/autostart-dropins/gnome-keyring-ssh.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+OnlyShowIn=GNOME;X-AppVM;
diff --git a/autostart-dropins/gnome-power-manager.desktop b/autostart-dropins/gnome-power-manager.desktop
new file mode 100644
index 0000000..98a3ec9
--- /dev/null
+++ b/autostart-dropins/gnome-power-manager.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+NotShowIn=X-QUBES;
diff --git a/autostart-dropins/gnome-screensaver.desktop b/autostart-dropins/gnome-screensaver.desktop
new file mode 100644
index 0000000..98a3ec9
--- /dev/null
+++ b/autostart-dropins/gnome-screensaver.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+NotShowIn=X-QUBES;
diff --git a/autostart-dropins/gnome-settings-daemon.desktop b/autostart-dropins/gnome-settings-daemon.desktop
new file mode 100644
index 0000000..b60f8d9
--- /dev/null
+++ b/autostart-dropins/gnome-settings-daemon.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+OnlyShowIn=GNOME;X-AppVM;
diff --git a/autostart-dropins/gnome-sound-applet.desktop b/autostart-dropins/gnome-sound-applet.desktop
new file mode 100644
index 0000000..98a3ec9
--- /dev/null
+++ b/autostart-dropins/gnome-sound-applet.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+NotShowIn=X-QUBES;
diff --git a/autostart-dropins/gpk-update-icon.desktop b/autostart-dropins/gpk-update-icon.desktop
new file mode 100644
index 0000000..d7a864d
--- /dev/null
+++ b/autostart-dropins/gpk-update-icon.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+OnlyShowIn=GNOME;X-UpdateableVM;
diff --git a/autostart-dropins/gsettings-data-convert.desktop b/autostart-dropins/gsettings-data-convert.desktop
new file mode 100644
index 0000000..b60f8d9
--- /dev/null
+++ b/autostart-dropins/gsettings-data-convert.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+OnlyShowIn=GNOME;X-AppVM;
diff --git a/autostart-dropins/imsettings-start.desktop b/autostart-dropins/imsettings-start.desktop
new file mode 100644
index 0000000..98a3ec9
--- /dev/null
+++ b/autostart-dropins/imsettings-start.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+NotShowIn=X-QUBES;
diff --git a/autostart-dropins/krb5-auth-dialog.desktop b/autostart-dropins/krb5-auth-dialog.desktop
new file mode 100644
index 0000000..98a3ec9
--- /dev/null
+++ b/autostart-dropins/krb5-auth-dialog.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+NotShowIn=X-QUBES;
diff --git a/autostart-dropins/nm-applet.desktop b/autostart-dropins/nm-applet.desktop
new file mode 100644
index 0000000..f674213
--- /dev/null
+++ b/autostart-dropins/nm-applet.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+OnlyShowIn=GNOME;X-QUBES
diff --git a/autostart-dropins/notify-osd.desktop b/autostart-dropins/notify-osd.desktop
new file mode 100644
index 0000000..98a3ec9
--- /dev/null
+++ b/autostart-dropins/notify-osd.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+NotShowIn=X-QUBES;
diff --git a/autostart-dropins/orca-autostart.desktop b/autostart-dropins/orca-autostart.desktop
new file mode 100644
index 0000000..98a3ec9
--- /dev/null
+++ b/autostart-dropins/orca-autostart.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+NotShowIn=X-QUBES;
diff --git a/autostart-dropins/pulseaudio.desktop b/autostart-dropins/pulseaudio.desktop
new file mode 100644
index 0000000..98a3ec9
--- /dev/null
+++ b/autostart-dropins/pulseaudio.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+NotShowIn=X-QUBES;
diff --git a/autostart-dropins/restorecond.desktop b/autostart-dropins/restorecond.desktop
new file mode 100644
index 0000000..98a3ec9
--- /dev/null
+++ b/autostart-dropins/restorecond.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+NotShowIn=X-QUBES;
diff --git a/autostart-dropins/sealertauto.desktop b/autostart-dropins/sealertauto.desktop
new file mode 100644
index 0000000..98a3ec9
--- /dev/null
+++ b/autostart-dropins/sealertauto.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+NotShowIn=X-QUBES;
diff --git a/autostart-dropins/user-dirs-update-gtk.desktop b/autostart-dropins/user-dirs-update-gtk.desktop
new file mode 100644
index 0000000..b60f8d9
--- /dev/null
+++ b/autostart-dropins/user-dirs-update-gtk.desktop
@@ -0,0 +1,2 @@
+[Desktop Entry]
+OnlyShowIn=GNOME;X-AppVM;
diff --git a/misc/qubes-session-autostart b/misc/qubes-session-autostart
new file mode 100644
index 0000000..12c9a05
--- /dev/null
+++ b/misc/qubes-session-autostart
@@ -0,0 +1,84 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#
+# The Qubes OS Project, http://www.qubes-os.org
+#
+# Copyright (C) 2015  Marek Marczykowski-Górecki
+#                                        <marmarek@invisiblethingslab.com>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+#
+#
+import subprocess
+import sys
+
+from xdg.DesktopEntry import DesktopEntry
+from qubes.xdg import launch
+import xdg.BaseDirectory
+import os
+
+QUBES_XDG_CONFIG_DROPINS = '/etc/qubes/autostart'
+
+def open_desktop_entry_and_dropins(filename):
+    desktop_entry = DesktopEntry(filename)
+    dropins_dir = os.path.join(QUBES_XDG_CONFIG_DROPINS,
+                               os.path.basename(filename) + '.d')
+    if os.path.isdir(dropins_dir):
+        for dropin in sorted(os.listdir(dropins_dir)):
+            dropin_content = DesktopEntry(os.path.join(dropins_dir, dropin))
+            desktop_entry.content.update(dropin_content.content)
+
+    return desktop_entry
+
+
+def entry_should_be_started(entry, environments):
+    """
+
+    :type entry: DesktopEntry
+    """
+    if entry.getHidden():
+        return False
+    if entry.getOnlyShowIn():
+        return bool(set(entry.getOnlyShowIn()).intersection(environments))
+    if entry.getNotShowIn():
+        return not bool(set(entry.getNotShowIn()).intersection(environments))
+    return True
+
+
+def process_autostart(environments):
+    # handle only "most important" entry
+    processed_entries = {}
+    for path in xdg.BaseDirectory.load_config_paths('autostart'):
+        for entry_name in os.listdir(path):
+            if entry_name in processed_entries:
+                continue
+
+            # make the entry as processed, even if not actually started
+            processed_entries[entry_name] = True
+
+            entry_path = os.path.join(path, entry_name)
+            # files in $HOME have higher priority than dropins
+            if not path.startswith(xdg.BaseDirectory.xdg_config_home):
+                entry = open_desktop_entry_and_dropins(entry_path)
+            else:
+                entry = DesktopEntry(entry_path)
+            if entry_should_be_started(entry, environments):
+                launch(entry_path)
+
+def main():
+    process_autostart(sys.argv[1:])
+
+if __name__ == '__main__':
+    main()
\ No newline at end of file
diff --git a/rpm_spec/core-vm.spec b/rpm_spec/core-vm.spec
index 8428ba5..9477f8d 100644
--- a/rpm_spec/core-vm.spec
+++ b/rpm_spec/core-vm.spec
@@ -356,6 +356,9 @@ rm -f %{name}-%{version}
 %config(noreplace) /etc/qubes-rpc/qubes.SelectDirectory
 %config(noreplace) /etc/qubes-rpc/qubes.GetImageRGBA
 %config(noreplace) /etc/qubes-rpc/qubes.SetDateTime
+%dir /etc/qubes/autostart
+/etc/qubes/autostart/README.txt
+%config /etc/qubes/autostart/*.desktop.d/30_qubes.conf
 %config(noreplace) /etc/sudoers.d/qubes
 %config(noreplace) /etc/sysconfig/iptables.qubes
 %config(noreplace) /etc/sysconfig/ip6tables.qubes
@@ -384,6 +387,7 @@ rm -f %{name}-%{version}
 /usr/bin/qubes-desktop-run
 /usr/bin/qrexec-fork-server
 /usr/bin/qrexec-client-vm
+/usr/bin/qubes-session-autostart
 /usr/bin/qubes-desktop-file-install
 %dir /usr/lib/qubes
 /usr/lib/qubes/vusb-ctl.py*