.desktop files

From Gentoo Wiki
Jump to: navigation, search

Syntax validation for .desktop files

The official validation tool for .desktop files is distributed with the package dev-util/desktop-file-utils

user $desktop-file-validate yourfile.desktop

Executable bit in .desktop files

.desktop files in /usr/share/applications/ should have consistent executable bits.

As of 2017-06-16 many ebuilds (mostly KDE) create executable .desktop files (bug #621966).

Look for executable .desktop files on the system with:

user $find /usr/share/applications/ -executable -type f

Please report any violations upstream.

Executable bit on Ubuntu systems

The Ubuntu Security Policy makes use of executable bits:

CODE
Applications, including desktops and shells, must not run executable code from files when they are both:

    lacking the executable bit
    located in a user's home directory or temporary directory. 

The GNOME or KDE MIME type handlers must not circumvent this principle.

This includes *.desktop, *.jar, and *.exe files.

    Look for .desktop files with MimeType= and Exec= lines that do not use "cautious-launcher"

This does not apply to software which is installed via Gentoo ebuilds. Software should not ship a .desktop file with executable bit. The user can set the bit on demand where it is needed.

Ideas / Todo

Troubleshooting