Merge remote-tracking branch 'qubesos/pr/81' into release3.2

* qubesos/pr/81: Fix macros for Thunar to be compatible with qubes-core-agent in R4.0 debian: change qubes-core-agent as a subpackage Fix UCA mistake and qvm-actions script Fix ShellCheck comments Add debian package support Disable Thunar thumbnails Add support for Thunar Qubes VM tools
2018-02-10 22:36:10 +01:00 · 2018-02-10 22:36:10 +01:00 · 0bfe66695b
commit 0bfe66695b
parent 112d81825a 483652108b
11 changed files with 487 additions and 1 deletions
--- a/4
+++ b/4
@ -239,6 +239,10 @@ install-common:
 	install qubes-rpc/qvm-copy-to-vm.gnome $(DESTDIR)$(LIBDIR)/qubes
 	install qubes-rpc/qvm-move-to-vm.kde $(DESTDIR)$(LIBDIR)/qubes
 	install qubes-rpc/qvm-move-to-vm.gnome $(DESTDIR)$(LIBDIR)/qubes
+	install qubes-rpc/qvm-actions.sh $(DESTDIR)$(LIBDIR)/qubes
+	install -m 0644 misc/uca_qubes.xml $(DESTDIR)$(LIBDIR)/qubes
+	mkdir -p $(DESTDIR)/etc/xdg/xfce4/xfconf/xfce-perchannel-xml
+	install -m 0644 misc/thunar.xml $(DESTDIR)/etc/xdg/xfce4/xfconf/xfce-perchannel-xml
 	install qubes-rpc/xdg-icon $(DESTDIR)$(LIBDIR)/qubes
 	install qubes-rpc/{vm-file-editor,qfile-agent,qopen-in-vm} $(DESTDIR)$(LIBDIR)/qubes
 	install qubes-rpc/qubes-open $(DESTDIR)/usr/bin
--- a/debian/control
+++ b/debian/control
@ -78,3 +78,11 @@ Conflicts: ${diverted-files}, qubes-core-agent-linux, firewalld, qubes-core-vm-s
 Description: Qubes core agent
 This package includes various daemons necessary for qubes domU support,
 such as qrexec.
+
+Package: qubes-core-agent-thunar
+Architecture: any
+Depends:
+    thunar,
+    qubes-core-agent-qrexec,
+Description: Qubes integration for Thunar
+ Thunar addons for inter-VM file copy/move/open.
--- a/debian/qubes-core-agent-thunar.install
+++ b/debian/qubes-core-agent-thunar.install
@ -0,0 +1,3 @@
+usr/lib/qubes/qvm-actions.sh
+usr/lib/qubes/uca_qubes.xml
+etc/xdg/xfce4/xfconf/xfce-perchannel-xml/thunar.xml
--- a/debian/qubes-core-agent-thunar.postinst
+++ b/debian/qubes-core-agent-thunar.postinst
@ -0,0 +1,58 @@
+#!/bin/bash
+# postinst script for core-agent-linux
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# The postinst script may be called in the following ways:
+#   * <postinst> 'configure' <most-recently-configured-version>
+#   * <old-postinst> 'abort-upgrade' <new version>
+#   * <conflictor's-postinst> 'abort-remove' 'in-favour' <package>
+#     <new-version>
+#   * <postinst> 'abort-remove'
+#   * <deconfigured's-postinst> 'abort-deconfigure' 'in-favour'
+#     <failed-install-package> <version> 'removing'
+#     <conflicting-package> <version>
+#
+#    For details, see http://www.debian.org/doc/debian-policy/ or
+# https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html or
+# the debian-policy package
+
+
+case "${1}" in
+    configure)
+        # There is no system-wide Thunar custom actions. There is only a default
+        # file and a user file created from the default one. Qubes actions need
+        # to be placed after all already defined actions and before </actions>
+        # the end of file.
+        if [ -f /etc/xdg/Thunar/uca.xml ] ; then
+          cp -p /etc/xdg/Thunar/uca.xml /etc/xdg/Thunar/uca.xml.bak
+          #shellcheck disable=SC2016
+          sed -i '$e cat /usr/lib/qubes/uca_qubes.xml' /etc/xdg/Thunar/uca.xml
+        fi
+        if [ -f /home/user/.config/Thunar/uca.xml ] ; then
+          cp -p /home/user/.config/Thunar/uca.xml /home/user/.config/Thunar/uca.xml.bak
+          #shellcheck disable=SC2016
+          sed -i '$e cat /usr/lib/qubes/uca_qubes.xml' /home/user/.config/Thunar/uca.xml
+        fi
+        ;;
+
+    abort-upgrade|abort-remove|abort-deconfigure)
+        exit 0
+        ;;
+
+    *)
+        echo "postinst called with unknown argument \`${1}'" >&2
+        exit 1
+        ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
+
+# vim: set ts=4 sw=4 sts=4 et :
--- a/debian/qubes-core-agent-thunar.postrm
+++ b/debian/qubes-core-agent-thunar.postrm
@ -0,0 +1,57 @@
+#!/bin/sh
+# postrm script for core-agent-linux
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# The prerm script may be called in the following ways:
+#   * <postrm> 'remove'
+#   * <postrm> 'purge'
+#   * <old-postrm> 'upgrade' <new-version>
+#   * <disappearer's-postrm> 'disappear' <overwriter> <overwriter-version>
+#
+#     The postrm script is called after the package's files have been removed
+# or replaced. The package whose postrm is being called may have previously been
+# deconfigured and only be "Unpacked", at which point subsequent package changes
+# do not consider its dependencies. Therefore, all postrm actions may only rely
+# on essential packages and must gracefully skip any actions that require the
+# package's dependencies if those dependencies are unavailable.[48]
+#
+#   * <new-postrm> 'failed-upgrade' <old-version>
+#
+#     Called when the old postrm upgrade action fails. The new package will be
+# unpacked, but only essential packages and pre-dependencies can be relied on.
+# Pre-dependencies will either be configured or will be "Unpacked" or
+# "Half-Configured" but previously had been configured and was never removed.
+#
+#   * <new-postrm> 'abort-install'
+#   * <new-postrm> 'abort-install' <old-version>
+#   * <new-postrm> 'abort-upgrade' <old-version>
+#
+#     Called before unpacking the new package as part of the error handling of
+# preinst failures. May assume the same state as preinst can assume.
+#
+#    For details, see http://www.debian.org/doc/debian-policy/ or
+# https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html or
+# the debian-policy package
+
+if [ "${1}" = "remove" ] ; then
+  if [ -f /etc/xdg/Thunar/uca.xml ] ; then
+    mv /etc/xdg/Thunar/uca.xml /etc/xdg/Thunar/uca.xml.uninstall
+    mv /etc/xdg/Thunar/uca.xml.bak /etc/xdg/Thunar/uca.xml
+  fi
+  if [ -f /home/user/.config/Thunar/uca.xml ] ; then
+    mv /home/user/.config/Thunar/uca.xml /home/user/.config/Thunar/uca.xml.uninstall
+    mv /home/user/.config/Thunar/uca.xml.bak /home/user/.config/Thunar/uca.xml
+  fi
+fi
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
+
+# vim: set ts=4 sw=4 sts=4 et :
--- a/debian/qubes-core-agent.install
+++ b/debian/qubes-core-agent.install
@ -0,0 +1,187 @@
+etc/xen/scripts/vif-route-qubes
+etc/udev/rules.d/99-qubes-network.rules
+etc/udev/rules.d/50-qubes-misc.rules
+etc/X11/xorg-preload-apps.conf
+etc/sudoers.d/qt_x11_no_mitshm
+etc/sudoers.d/umask
+etc/sudoers.d/qubes
+etc/qubes-suspend-module-blacklist
+etc/tinyproxy/updates-blacklist
+etc/tinyproxy/tinyproxy-updates.conf
+etc/NetworkManager/dispatcher.d/30-qubes-external-ip
+etc/NetworkManager/dispatcher.d/qubes-nmhook
+etc/xdg/autostart/00-qubes-show-hide-nm-applet.desktop
+etc/fstab
+etc/profile.d/qt_x11_no_mitshm.sh
+etc/qubes/ip6tables.rules
+etc/qubes/iptables.rules
+etc/qubes/suspend-pre.d/README
+etc/qubes/autostart/restorecond.desktop.d/30_qubes.conf
+etc/qubes/autostart/imsettings-start.desktop.d/30_qubes.conf
+etc/qubes/autostart/gcm-apply.desktop.d/30_qubes.conf
+etc/qubes/autostart/nm-applet.desktop.d/30_qubes.conf
+etc/qubes/autostart/notify-osd.desktop.d/30_qubes.conf
+etc/qubes/autostart/gnome-sound-applet.desktop.d/30_qubes.conf
+etc/qubes/autostart/pulseaudio.desktop.d/30_qubes.conf
+etc/qubes/autostart/gnome-settings-daemon.desktop.d/30_qubes.conf
+etc/qubes/autostart/sealertauto.desktop.d/30_qubes.conf
+etc/qubes/autostart/gnome-screensaver.desktop.d/30_qubes.conf
+etc/qubes/autostart/spice-vdagent.desktop.d/30_qubes.conf
+etc/qubes/autostart/gnome-power-manager.desktop.d/30_qubes.conf
+etc/qubes/autostart/orca-autostart.desktop.d/30_qubes.conf
+etc/qubes/autostart/gnome-keyring-secrets.desktop.d/30_qubes.conf
+etc/qubes/autostart/gpk-update-icon.desktop.d/30_qubes.conf
+etc/qubes/autostart/gsettings-data-convert.desktop.d/30_qubes.conf
+etc/qubes/autostart/gnome-keyring-pkcs11.desktop.d/30_qubes.conf
+etc/qubes/autostart/deja-dup-monitor.desktop.d/30_qubes.conf
+etc/qubes/autostart/gnome-keyring-ssh.desktop.d/30_qubes.conf
+etc/qubes/autostart/krb5-auth-dialog.desktop.d/30_qubes.conf
+etc/qubes/autostart/user-dirs-update-gtk.desktop.d/30_qubes.conf
+etc/qubes/autostart/README.txt
+etc/qubes/autostart/gnome-keyring-gpg.desktop.d/30_qubes.conf
+etc/qubes/autostart/pulseaudio-kde.desktop.d/30_qubes.conf
+etc/qubes/suspend-post.d/README
+etc/qubes-rpc/qubes.SuspendPreAll
+etc/qubes-rpc/qubes.SelectDirectory
+etc/qubes-rpc/qubes.SuspendPre
+etc/qubes-rpc/qubes.Filecopy
+etc/qubes-rpc/qubes.DetachPciDevice
+etc/qubes-rpc/qubes.GetAppmenus
+etc/qubes-rpc/qubes.SetDateTime
+etc/qubes-rpc/qubes.WaitForSession
+etc/qubes-rpc/qubes.SyncNtpClock
+etc/qubes-rpc/qubes.Restore
+etc/qubes-rpc/qubes.SuspendPost
+etc/qubes-rpc/qubes.Backup
+etc/qubes-rpc/qubes.InstallUpdatesGUI
+etc/qubes-rpc/qubes.OpenInVM
+etc/qubes-rpc/qubes.SelectFile
+etc/qubes-rpc/qubes.VMShell
+etc/qubes-rpc/qubes.OpenURL
+etc/qubes-rpc/qubes.SuspendPostAll
+etc/qubes-rpc/qubes.GetImageRGBA
+etc/polkit-1/rules.d/00-qubes-allow-all.rules
+etc/polkit-1/localauthority/50-local.d/qubes-allow-all.pkla
+etc/pam.d/su.qubes
+etc/apt/trusted.gpg.d/qubes-archive-keyring.gpg
+etc/apt/apt.conf.d/70no-unattended
+etc/apt/apt.conf.d/00notify-hook
+etc/apt/sources.list.d/qubes-r3.list
+etc/needrestart/conf.d/50_qubes.conf
+etc/sysctl.d/80-qubes.conf
+etc/sysctl.d/20_tcp_timestamps.conf
+usr/sbin/qubes-firewall
+usr/sbin/qubes-netwatcher
+usr/bin/qvm-run
+usr/bin/xenstore-watch-qubes
+usr/bin/qubes-open
+usr/bin/qubes-session-autostart
+usr/bin/qvm-mru-entry
+usr/bin/qvm-open-in-vm
+usr/bin/qubes-desktop-run
+usr/bin/qvm-copy-to-vm
+usr/bin/qrexec-fork-server
+usr/bin/qrexec-client-vm
+usr/bin/qvm-open-in-dvm
+usr/lib/python2.7/dist-packages/qubes/xdg.py
+usr/lib/systemd/user/pulseaudio.socket.d/30_qubes.conf
+usr/lib/systemd/user/pulseaudio.service.d/30_qubes.conf
+usr/lib/NetworkManager/conf.d/30-qubes.conf
+usr/lib/qubes/qubes-trigger-sync-appmenus.sh
+usr/lib/qubes/sync-ntp-clock
+usr/lib/qubes/qubes-setup-dnat-to-ns
+usr/lib/qubes/vusb-ctl.py
+usr/lib/qubes/xdg-icon
+usr/lib/qubes/tar2qfile
+usr/lib/qubes/upgrades-status-notify
+usr/lib/qubes/qubes-fix-nm-conf.sh
+usr/lib/qubes/prepare-suspend
+usr/lib/qubes/update-proxy-configs
+usr/lib/qubes/qfile-unpacker
+usr/lib/qubes/qfile-agent
+usr/lib/qubes/setup-ip
+usr/lib/qubes/upgrades-installed-check
+usr/lib/qubes/qopen-in-vm
+usr/lib/qubes/qvm-move-to-vm.gnome
+usr/lib/qubes/close-window
+usr/lib/qubes/qvm-move-to-vm.kde
+usr/lib/qubes/qvm-copy-to-vm.gnome
+usr/lib/qubes/qrexec-agent
+usr/lib/qubes/iptables-updates-proxy
+usr/lib/qubes/dispvm-prerun.sh
+usr/lib/qubes/init/misc-post.sh
+usr/lib/qubes/init/qubes-sysinit.sh
+usr/lib/qubes/init/mount-dirs.sh
+usr/lib/qubes/init/misc-post-stop.sh
+usr/lib/qubes/init/control-printer-icon.sh
+usr/lib/qubes/init/setup-dvm-home.sh
+usr/lib/qubes/init/qubes-random-seed.sh
+usr/lib/qubes/init/qubes-iptables
+usr/lib/qubes/init/setup-rwdev.sh
+usr/lib/qubes/init/functions
+usr/lib/qubes/init/network-proxy-setup.sh
+usr/lib/qubes/init/prepare-dvm.sh
+usr/lib/qubes/init/bind-dirs.sh
+usr/lib/qubes/init/qubes-early-vm-config.sh
+usr/lib/qubes/init/setup-rw.sh
+usr/lib/qubes/qubes-rpc-multiplexer
+usr/lib/qubes/network-manager-prepare-conf-dir
+usr/lib/qubes/qrun-in-vm
+usr/lib/qubes/vm-file-editor
+usr/lib/qubes/qvm-copy-to-vm.kde
+usr/lib/qubes/qubes-download-dom0-updates.sh
+usr/lib/qubes/show-hide-nm-applet.sh
+usr/lib/qubes-bind-dirs.d/30_cron.conf
+usr/lib/tmpfiles.d/qubes-core-agent-linux.conf
+usr/share/glib-2.0/schemas/org.gnome.nautilus.gschema.override
+usr/share/kde4/services/qvm-copy.desktop
+usr/share/kde4/services/qvm-move.desktop
+usr/share/kde4/services/qvm-dvm.desktop
+usr/share/qubes/mime-override/globs
+usr/share/qubes/qubes-master-key.asc
+usr/share/nautilus-python/extensions/qvm_copy_nautilus.py
+usr/share/nautilus-python/extensions/qvm_move_nautilus.py
+usr/share/nautilus-python/extensions/qvm_dvm_nautilus.py
+lib/systemd/system-preset/75-qubes-vm.preset
+lib/systemd/system/netfilter-persistent.service.d/30_qubes.conf
+lib/systemd/system/qubes-network.service
+lib/systemd/system/avahi-daemon.service.d/30_qubes.conf
+lib/systemd/system/qubes-firewall.service
+lib/systemd/system/qubes-qrexec-agent.service
+lib/systemd/system/NetworkManager.service.d/30_qubes.conf
+lib/systemd/system/tmp.mount.d/30_qubes.conf
+lib/systemd/system/qubes-sysinit.service
+lib/systemd/system/getty@tty.service.d/30_qubes.conf
+lib/systemd/system/cups.socket.d/30_qubes.conf
+lib/systemd/system/qubes-updates-proxy.service
+lib/systemd/system/qubes-dvm.service
+lib/systemd/system/org.cups.cupsd.socket.d/30_qubes.conf
+lib/systemd/system/cups.path.d/30_qubes.conf
+lib/systemd/system/anacron-resume.service.d/30_qubes.conf
+lib/systemd/system/qubes-update-check.timer
+lib/systemd/system/anacron.service.d/30_qubes.conf
+lib/systemd/system/chronyd.service.d/30_qubes.conf
+lib/systemd/system/tinyproxy.service.d/30_not_needed_in_qubes_by_default.conf
+lib/systemd/system/NetworkManager-wait-online.service.d/30_qubes.conf
+lib/systemd/system/qubes-early-vm-config.service
+lib/systemd/system/tor.service.d/30_qubes.conf
+lib/systemd/system/org.cups.cupsd.path.d/30_qubes.conf
+lib/systemd/system/qubes-misc-post.service
+lib/systemd/system/cups-browsed.service.d/30_qubes.conf
+lib/systemd/system/exim4.service.d/30_qubes.conf
+lib/systemd/system/qubes-iptables.service
+lib/systemd/system/org.cups.cupsd.service.d/30_qubes.conf
+lib/systemd/system/qubes-update-check.service
+lib/systemd/system/qubes-mount-dirs.service
+lib/systemd/system/cups.service.d/30_qubes.conf
+lib/systemd/system/systemd-random-seed.service.d/30_qubes.conf
+lib/systemd/system/tor@default.service.d/30_qubes.conf
+lib/systemd/system/ModemManager.service.d/30_qubes.conf
+lib/systemd/system/cron.service.d/30_qubes.conf
+lib/systemd/system/qubes-netwatcher.service
+lib/modules-load.d/qubes-core.conf
+lib/modules-load.d/qubes-misc.conf
+etc/dhclient.d/qubes-setup-dnat-to-ns.sh
+usr/bin/qvm-move-to-vm
+usr/lib/qubes/qrexec-client-vm
+usr/lib/qubes/qrexec_client_vm
--- a/debian/rules
+++ b/debian/rules
@ -5,7 +5,7 @@
 #export DH_VERBOSE=1

 include /usr/share/dpkg/default.mk
-export DESTDIR=$(shell pwd)/debian/qubes-core-agent
+export DESTDIR=$(shell pwd)/debian/tmp

 %:
 	dh $@ --with systemd --with=config-package
--- a/misc/thunar.xml
+++ b/misc/thunar.xml
@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<channel name="thunar" version="1.0">
+  <property name="misc-thumbnail-mode" type="string" value="THUNAR_THUMBNAIL_MODE_NEVER"/>
+</channel>
--- a/misc/uca_qubes.xml
+++ b/misc/uca_qubes.xml
@ -0,0 +1,72 @@
+<action>
+	<icon>folder-copy</icon>
+	<name>Copy to VM</name>
+	<unique-id>1507455450991127-4</unique-id>
+	<command>/usr/lib/qubes/qvm-actions.sh copy %F</command>
+	<description></description>
+	<patterns>*</patterns>
+	<directories/>
+	<audio-files/>
+	<image-files/>
+	<other-files/>
+	<text-files/>
+	<video-files/>
+</action>
+<action>
+	<icon>folder-move</icon>
+	<name>Move to VM</name>
+	<unique-id>1507455437157027-3</unique-id>
+	<command>/usr/lib/qubes/qvm-actions.sh move %F</command>
+	<description></description>
+	<patterns>*</patterns>
+	<directories/>
+	<audio-files/>
+	<image-files/>
+	<other-files/>
+	<text-files/>
+	<video-files/>
+</action>
+<action>
+	<icon>document-open</icon>
+	<name>Open in VM</name>
+	<unique-id>1507455471075266-5</unique-id>
+	<command>/usr/lib/qubes/qvm-actions.sh openvm %F</command>
+	<description></description>
+	<patterns>*</patterns>
+	<audio-files/>
+	<image-files/>
+	<other-files/>
+	<text-files/>
+	<video-files/>
+</action>
+<action>
+	<icon>gtk-convert</icon>
+	<name>Convert in DisposableVM</name>
+	<unique-id>1507455488971315-6</unique-id>
+	<command>/usr/lib/qubes/qvm-actions.sh pdf %F</command>
+	<description></description>
+	<patterns>*.pdf</patterns>
+	<other-files/>
+</action>
+<action>
+	<icon>gtk-convert</icon>
+	<name>Convert in DisposableVM</name>
+	<unique-id>1507455503129941-7</unique-id>
+	<command>/usr/lib/qubes/qvm-actions.sh img %F</command>
+	<description></description>
+	<patterns>*</patterns>
+	<image-files/>
+</action>
+<action>
+	<icon>document-open</icon>
+	<name>Open in DisposableVM</name>
+	<unique-id>1507455559234996-8</unique-id>
+	<command>/usr/lib/qubes/qvm-actions.sh opendvm %F</command>
+	<description></description>
+	<patterns>*</patterns>
+	<audio-files/>
+	<image-files/>
+	<other-files/>
+	<text-files/>
+	<video-files/>
+</action>
--- a/qubes-rpc/qvm-actions.sh
+++ b/qubes-rpc/qvm-actions.sh
@ -0,0 +1,52 @@
+#!/bin/bash
+
+# Check if at least two arguments are provided: actions + file(s)
+if [ "$#" -le 1 ]; then
+    echo "Not enough arguments provided. Aborting..."
+fi
+
+# Action
+action="$1"
+
+shift
+
+# copy and move handle a list of files where other actions don't
+case "$action" in
+    copy)
+        #shellcheck disable=SC2016
+        qvm-copy-to-vm '$default' "$@" | zenity --notification --text="Copying files..." --timeout 3
+        ;;
+    move)
+        #shellcheck disable=SC2016
+        qvm-move-to-vm '$default' "$@" | zenity --notification --text="Moving files..." --timeout 3
+        ;;
+    img)
+        for file in "$@"
+        do
+            /usr/lib/qubes/qvm-convert-img.gnome "$file"
+        done
+        ;;
+    pdf)
+        for file in "$@"
+        do
+            /usr/lib/qubes/qvm-convert-pdf.gnome "$file"
+        done
+        ;;
+    openvm)
+        for file in "$@"
+        do
+            #shellcheck disable=SC2016
+            qvm-open-in-vm '$default' "$file" | zenity --notification --text "Opening $file in VM..." --timeout 3 &
+        done
+        ;;
+    opendvm)
+        for file in "$@"
+        do
+            qvm-open-in-dvm "$file" | zenity --notification --text "Opening $file in DisposableVM..." --timeout 3 &
+        done
+        ;;
+    *)
+        echo "Unknown action. Aborting..."
+        exit 1
+      ;;
+esac
--- a/rpm_spec/core-vm.spec
+++ b/rpm_spec/core-vm.spec
@ -198,6 +198,13 @@ DNF plugin for Qubes specific post-installation actions:
 * refresh applications shortcut list
 %endif

+%package -n qubes-core-agent-thunar
+Summary: Thunar support for Qubes VM tools
+Requires: Thunar
+
+%description -n qubes-core-agent-thunar
+Thunar support for Qubes VM tools
+
 %define _builddir %(pwd)

 %define kde_service_dir /usr/share/kde4/services
@ -384,6 +391,22 @@ mv /etc/selinux/config.processed /etc/selinux/config
 setenforce 0 2>/dev/null
 exit 0

+%post -n qubes-core-agent-thunar
+if [ "$1" = 1 ]; then
+  # There is no system-wide Thunar custom actions. There is only a default
+  # file and a user file created from the default one. Qubes actions need
+  # to be placed after all already defined actions and before </actions>
+  # the end of file.
+  if [ -f /etc/xdg/Thunar/uca.xml ] ; then
+    cp -p /etc/xdg/Thunar/uca.xml{,.bak}
+    sed -i '$e cat /usr/lib/qubes/uca_qubes.xml' /etc/xdg/Thunar/uca.xml
+  fi
+  if [ -f /home/user/.config/Thunar/uca.xml ] ; then
+    cp -p /home/user/.config/Thunar/uca.xml{,.bak}
+    sed -i '$e cat /usr/lib/qubes/uca_qubes.xml' /home/user/.config/Thunar/uca.xml
+  fi
+fi
+
 %preun
 if [ "$1" = 0 ] ; then
    # no more packages left
@ -396,6 +419,18 @@ if [ "$1" = 0 ] ; then
    fi
 fi

+%postun -n qubes-core-agent-thunar
+if [ "$1" = 0 ]; then
+  if [ -f /etc/xdg/Thunar/uca.xml ] ; then
+    mv /etc/xdg/Thunar/uca.xml{,.uninstall}
+    mv /etc/xdg/Thunar/uca.xml{.bak,}
+  fi
+  if [ -f /home/user/.config/Thunar/uca.xml ] ; then
+    mv /home/user/.config/Thunar/uca.xml{,.uninstall}
+    mv /home/user/.config/Thunar/uca.xml{.bak,}
+  fi
+fi
+
 %postun
 if [ $1 -eq 0 ] ; then
    /usr/bin/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
@ -566,6 +601,11 @@ rm -f %{name}-%{version}
 %{python3_sitelib}/dnf-plugins/*
 %endif

+%files -n qubes-core-agent-thunar
+/usr/lib/qubes/qvm-actions.sh
+/usr/lib/qubes/uca_qubes.xml
+/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/thunar.xml
+
 %package sysvinit
 Summary:        Qubes unit files for SysV init style or upstart
 License:        GPL v2 only