In Debian there is no such thing as stackable wrappers. Would be desirable to have.
A wrapper in this context is defined as a minimal script that automatically prepends something in front of a program that the user wants to run. Or appends something such as default command line parameters.
Here are some examples of commands to prepend:
* firejail firefox
* torsocks gpg
* LD_PRELOAD="$LD_PRELOAD":libeatmydata.so rsync
* bindp, timeprivacy and probably a lot more
* probably quite some dpkg diversions used for that purpose
Here are some examples of commands to append:
* for ZeroNet it would be useful to always automatically append for example --tor always
One can have one wrapper using dpkg-diversions / symlinks but it's getting harder to stack these wrappers. Specifically harder if these wrappers are supposed to be installed by different packages.
Ideally there was something like an /etc/wrapper.d folder, where packages and users can drop wrappers, that get stacked in lexical order. For example:
* The first script 30_usr.bin.gpg_torsocks.conf would prepend torsocks and the second script 40_usr.bin.gpg_firejail.conf would prepend firejail.
* How the wrappers would be specified in the config language is yet to be invented, which will be done if this implementation path looks favorable.
Our current (insufficient) options:
* dpkg diversions / symlinks:
** one can only have one dpkg diversion per command
** when using a dpkg-diversion for lets say curl to prepend torsocks then one can no longer use 'killall curl' but must use 'killall curl.dpkg-diversion-extension'
** these can break various things such as AppArmor profiles
** other weird things can happen, for example
*** '~/.local/share/Ricochet/ricochet/ricochet.json' becomes
* '.desktop' files
** '.desktop' files aren't a solution, since these do not work for applications started from a terminal emulator or virtual terminal.
** Not allowed for packages.
** Firejail currently uses /usr/local, but the user has to manually run firecfg, because automatically running it would be a Debian policy violation because writing to /usr/local is not allowed for packages.
* leaving it to the user
** Beginner users can't be expected to start a terminal every time they want to launch a program. This usability problem can be a hurdle for widespread adoption.
* amend PATH environment variable by user
** Not beginner friendly.
** Does not work for services started by init / systemd.
* amend PATH environment variable by package
** firejail wrappers will be installed to /usr/lib/firejail/ folder, i.e for example /usr/lib/firejail/firefox
** invent a drop-in folder to amend the path variable like /etc/path.d or so. For example:
*** would result in PATH being set to:
** by calling for example firefox, first the firejail wrapper /usr/lib/firejail/firefox would run, remove itself (/usr/lib/firejail/) from PATH, prepend firejail and run firefox, perhaps another user specific wrapper in /usr/local/bin/firefox could be run that finally runs the real firefox program in /usr/bin/firefox.
real world example:
* We at Whonix would like to prepend both, torssocks (for stream isolation) as well as firejail (as containment), in front of gpg
* firejail - Feature Request: Automatically starting programs under firejail - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822693
What do you think? How could this be implemented? What would be the best place to implement this?
* improve draft
* send to debian-devel mailing list
* discuss on debian-devel