-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Thu, Nov 10, 2016 at 01:59:20AM -0500, Jean-Philippe Ouellet wrote: > On Wed, Nov 9, 2016 at 6:44 PM, Marek Marczykowski-Górecki > <[email protected]> wrote: > > /tmp/qubes-session-env isn't sourced second time, at least in theory > > (QUBES_ENV_SOURCED=1). How could it work? In older version (Qubes 3.0?) > > it was indeed sourced at each shell startup. > > Ah, you are correct. > > I had further modified my > gui-agent-linux/appvm-scripts/usrbin/qubes-session in ways which are > not suitable for upstream. My changes introduced an obvious race > condition in which it is possible for the qubes session env to be > "made ready" (mv /tmp/qubes-session-env.tmp ...env) before things > started from xdg wrote to the env.tmp, potentially leading to vars > from xdg failing to propagate. It always worked in practice, but that > does not make it ok.
I'm not sure how exactly it is done on non-Qubes systems, but looking at org.gnome.Session dbus API, it looks like the same race is there - registering env variables is allowed only during startup phase and I see no way to make some action to be done specifically during that phase (other than being fast enough). > One thing to clarify is what env var propagation dependency relations > we should allow: > - Should xdg-autostart be able to somehow propagate vars to other > xdg-autostart entries? (allowing gnome-keychain -> nm-applet case) > - only xdg-autostart -> qrexec-fork-server? > - something else? Given the above, and lack of generic standard (am I missing anything?), I see two options: 1. Implement subset of org.gnome.Session dbus API somewhere, to allow env variables being registered and propagated to qrexec-fork-server. 2. Ignore the problem and say: if you want to set env variable globally, do it in /etc/X11/xinit/xinitrc.d or ~/.profile. I tend to go with the second option. - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJYKNmfAAoJENuP0xzK19csmwUH/3quEI7ouhYc0OLQokm3Kz5u zO/pmD92Qz5CsVV5nkwsNL1GUaXVw+5tqdvMoExvT5aELbKBd0pB9KiOj4tpwER1 PxwMxGG5e4CShLIDho/8Kb4rx5QRf2GMawLeK2fyRQwYGYPy0xPY7w+x20dEn+Fm vbV705ognrdl4R1h/89pYPuI2ySQYeKPwhmf/zu3rqf29vLuQhecSXENaEwJKWgl KpgpKeiOHePZ+4+C8Pe2bSZZiNtaBYSwgdZyKRZ4bs9LhFBdQj7XQYPrYPPeMHxD Wx14T1snBs6s1HZyyDLsPLmz+EZrgI8t4Nmj6Y1ez5c5Psmbr3FPpGk4z90Svpg= =NF5z -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20161113212239.GA1839%40mail-itl. For more options, visit https://groups.google.com/d/optout.
