Permission of a .desktop file
Solution 1
This is from Ubuntu's security policy:
Execute-Permission Bit Required
Applications, including desktops and shells, must not run executable code from files when they are both:
- lacking the executable bit
- located in a user's home directory or temporary directory.
This includes *.desktop, *.jar, and *.exe files.
Nothing may provide a workaround to run them anyway automatically ...
So yes, according to this policy, it should be possible to run a .desktop file without the executable bit set. According to this policy you would only have to move that file out from the /home/
and /tmp/
directories and then you can launch it without the executable bit set. This is in theory/according to the policy.
In practice nautilus will allow you to launch .desktop files without the executable bit set from the XDG_DATA_DIR directories and from the ~/.gnome2/
directory. You can check the XDG_DATA_DIRS with the echo $XDG_DATA_DIRS
command. So if you put your .desktop file in in an XDG_DATA_DIR or in ~/.gnome2/
you will be able to launch it from nautilus without the executable bit set. At least on 12.04 it works like that. How is this in line with the aforementioned policy I do not know.
For the examples.desktop
mentioned in the question: That .desktop file is a different kind of .desktop file. It is a "Link", it doesn't want to execute anything, it basically works as a symlink. These kinds of .desktop files work everywhere.
Solution 2
You can create and place the .desktop
file in ~/.local/share/applications
- then it will appear in the dash/menu/whatever.
It will need to look something like this:
[Desktop Entry]
Name=Files
Comment=Launch Nemo File manager
Keywords=folder;manager;explore;disk;filesystem;
Exec=nemo %U
Icon=system-file-manager
Terminal=false
Type=Application
StartupNotify=true
OnlyShowIn=GNOME;Unity;
Categories=GNOME;GTK;Utility;Core;
NoDisplay=false
This is because the files in ~/.local/share/applications
work the same as the files in /usr/share/applications
- both of which on most systems work fine without executable permissions, also when owned by a user other than root. This however does not always seem to be the case.
To actually get the file to be clicked on and then open, it will need executable permissions.
Related videos on Youtube
sourav c.
I have been with ubuntu since Lucid (Ubuntu 9.04), part-time system administrator and web developer. I like python, C, and shell scripts. Alumni of Department of Physics, IIT Guwahati.
Updated on September 18, 2022Comments
-
sourav c. over 1 year
Need some clarification about the permissions of
.desktop
files. I can see all the.desktop
files in/usr/share/applications/
owned by root have permission,-rw-r--r--
also
examples.desktop
at$HOME
owned by user has the same permission. All of those run properly.But when I am going to create a custom
.desktop
file having the same permission it is throwing the following error message,Untrusted application launcher
The application launcher "myapp.desktop" has not been marked as trusted. If you do not know the source of this file, launching it may be unsafe.But adding the execution permission is allowing it to run without any issue.
Q: Why custom
.desktop
files need to have+x
permissions to run or how some.desktop
files can run without execution permission? Is it possible to run a custom.desktop
file without execution permission?-
Olli about 10 yearsRelated, but does not answer the question.
-
-
sourav c. about 10 yearsThanks for your answer. It covers almost all I wanted to know. Just two more things. [i] I am also using 12.04, but a
.desktop
file outside/home
without executable bit did not work for me. [ii] Can I add any folder in$XDG_DATA_DIRS
?, I triedexport XDG_DATA_DIRS=$XDG_DATA_DIRS:~/.local/share/applications/
with no success. -
sourav c. about 10 years@ downvoter plz leave a comment for constructive criticism. @wilf I think your answer is not exactly answering my question. I could not run a
.desktop
file from~/.local/share/applications
unless it has the execution permission. -
falconer about 10 years@souravc [i] As I said, that is according to the policy that it should work outside of the
/home/
directory. As I wrote, in practice nautilus behaves differently and even runs some .desktop from a home directory (~/.gnome2/
) but doesn't run from every dir outside of /home, only from the XDG_DATA_DIRS. So I think nautilus' behaviour is not perfectly in line with the policy. [ii] On how to add a directory check out this blog post. -
Wilf about 10 yearsI know this ain't an answer as such. I have never had the problem, I just created text files in Gedit with similar contents to the above, logout and login, and it works fine.... I have done this fine on Ubuntu 10, 12.04, 13.04, 13.10, and any version of Fedora since around Fedora 12. Some on Debian as well. Checking shows that they mostly have the permissions
-rw-r--r--
....