tca-portal, tails-additional-software: don't run apps as amnesia under the scope of the (root) systemd service
For example, tails-additional-software-upgrade.service
does this:
launch_x_application("/usr/local/bin/tails-additional-software-config")
and:
launch_x_application("/usr/bin/gedit",
ASP_LOG_FILE)
This has 2 problems:
- The apps will be part of the scope of the systemd service that runs as root. I'm not sure this, by itself, is a problem beyond being inelegant.
- These calls have to be blocking:
tails-additional-software
(and thustails-additional-software-upgrade.service
) will keep running until the user closes respectivelytails-additional-software-config
or gedit, which uses RAM for no good reason. If we made these calls non-blocking in the most naive manner (e98fbb6d), then the systemd service would exit, killing the app we just tried to start, because it's part of the scope of the unit.
I think we should instead ask GNOME to start the apps under its own scope. Would gio launch
(new in Bookworm) do the job?
Similarly, tca-portal
starts apps under the scope of its own service. At least this yields confusing logs: Tor Browser stderr is classified as tca-portal
log messages in the Journal.