Chapter 7. GUI System

Table of Contents

7.1. GUI desktop environment
7.2. GUI communication protocol
7.3. GUI infrastructure
7.4. GUI applications
7.5. User directories
7.6. Fonts
7.6.1. Basic fonts
7.6.2. Font rasterization
7.7. Sandbox
7.8. Remote desktop
7.9. X server connection
7.9.1. X server local connection
7.9.2. X server remote connection
7.9.3. X server chroot connection
7.10. Clipboard

There are several choices for the full featured GUI desktop environment on the Debian system.


[Tip] Tip

Dependency packages selected by a task metapackage may be out of sync with the latest package transition state under the Debian unstable/testing environment. For task-gnome-desktop, you may need to adjust package selections as follows:

  • Start aptitude(8) as sudo aptitude -u.

  • Move cursor to "Tasks" and press "Enter".

  • Move cursor to "End-user" press "Enter".

  • Move cursor to "GNOME" press "Enter".

  • Move cursor to task-gnome-desktop and press "Enter".

  • Move cursor to "Depends" and press "m" (manually selected).

  • Move cursor to "Recommends" and press "m" (manually selected).

  • Move cursor to "task-gnome-desktop and press "-". (drop)

  • Adjust selected packages while dropping problematic ones causing package conflicts.

  • Press "g" to start install.

This chapter will focus mostly on the default desktop environment of Debian: task-gnome-desktop offering GNOME on wayland.

GUI communication protocol used on the GNOME desktop can be:

Please check freedesktop.org site for how Wayland architecture is different from X Window architecture.

From user's perspective, differences can be colloquially summarized as:

  • Wayland is a same-host GUI communication protocol: new, simpler, faster, no setuid root binary

  • X Window is a network-capable GUI communication protocol: traditional, complex, slower, setuid root binary

For applications using Wayland protocol, the access to their display contents from a remote host is supported by the VNC or RDP. See Section 7.8, “Remote desktop”

Modern X servers have the MIT Shared Memory Extension and communicate with their local X clients using the local shared memory. This bypasses the network transparent Xlib interprocess communication channel and gains performance. This situation was the background of creating Wayland as a local-only GUI communication protocol.

Using the xeyes program started from the GNOME terminal, you can check GUI communication protocol used by each GUI application.

 $ xeyes
  • If the mouse cursor is on an application such as "GNOME terminal" which uses Wayland display server protocol, eyes don't move with the mouse cursor.

  • If the mouse cursor is on an application such as "xterm" which uses X Window System core protocol, eyes move with the mouse cursor exposing not-so-isolated nature of X Window architecture.

As of April 2021, many popular GUI applications such as GNOME and LibreOffice (LO) applications have been migrated to the Wayland display server protocol. I see xterm, gitk, chromium, firefox, gimp, dia, and KDE applications still use X Window System core protocol.

[Note] Note

For both the xwayland on Wayland or the native X Window System, the old X server configuration file "/etc/X11/xorg.conf" shouldn't exist on the system. The graphics and input devices are now configured by the kernel with DRM, KMS, and udev. The native X server has been rewritten to use them. See "modedb default video mode support" in the Linux kernel documentation.

Here are notable GUI infrastructure packages for the GNOME on Wayland environment.


Here, "[auto]" means that these packages are automatically installed when task-gnome-desktop is installed.

[Tip] Tip

gnome-tweaks is the indispensable configuration utility. For example:

  • You can force "Over-Amplification" of sound volume from "General".

  • You can force "Caps" to become "Esc" from "Keyboard & Mouse" -> "Keyboard" -> "Additional Layout Option".

[Tip] Tip

Detail features of GNOME desktop environment can be configured with utilities started by typing "settings", "tweaks", or "extensions" after pressing Super-key.

Many useful GUI applications are available on Debian now. Installing software packages such as scribus (KDE) on GNOME desktop environment are quite acceptable since corresponding functionality is not available under GNOME desktop environment. But installing too many packages with duplicated functionalities may clutter your system.

Here is a list of GUI applications which caught my eyes.

Table 7.3. List of notable GUI applications

package popcon package size type description
evolution V:30, I:239 486 GNOME Personal information Management (groupware and email)
thunderbird V:48, I:119 224760 GTK Email client (Mozilla Thunderbird)
kontact V:1, I:12 2208 KDE Personal information Management (groupware and email)
libreoffice-writer V:117, I:435 31474 LO word processor
abiword V:1, I:8 3542 GNOME word processor
calligrawords V:0, I:7 6097 KDE word processor
scribus V:1, I:16 31345 KDE desktop publishing editor to edit PDF files
glabels V:0, I:3 1338 GNOME label editor
libreoffice-calc V:111, I:432 26009 LO spreadsheet
gnumeric V:4, I:14 9910 GNOME spreadsheet
calligrasheets V:0, I:5 11396 KDE spreadsheet
libreoffice-impress V:69, I:429 2646 LO presentation
calligrastage V:0, I:5 5339 KDE presentation
libreoffice-base V:26, I:121 5003 LO database management
kexi V:0, I:1 7118 KDE database management
libreoffice-draw V:72, I:430 10312 LO vector graphics editor (draw)
inkscape V:15, I:112 99800 GNOME vector graphics editor (draw)
karbon V:0, I:6 3610 KDE vector graphics editor (draw)
dia V:2, I:22 3741 GTK flowchart and diagram editor
gimp V:50, I:252 19304 GTK bitmap graphics editor (paint)
shotwell V:17, I:255 6263 GTK digital photo organizer
digikam V:1, I:9 293 KDE digital photo organizer
darktable V:4, I:13 30554 GTK lighttable and darkroom for photographers
planner V:0, I:4 1394 GNOME project management
calligraplan V:0, I:2 19013 KDE project management
gnucash V:2, I:8 28928 GNOME personal accounting
homebank V:0, I:2 1218 GTK personal accounting
lilypond V:0, I:7 16092 - music typesetter
kmymoney V:0, I:2 13937 KDE personal accounting
librecad V:1, I:15 8963 Qt-app computer-aided design (CAD) system (2D)
freecad I:18 36 Qt-app computer-aided design (CAD) system (3D)
kicad V:3, I:14 236461 GTK electronic schematic and PCB design software
xsane V:12, I:144 2339 GTK scanner frontend
libreoffice-math V:51, I:432 1898 LO mathematical equation/formula editor
calibre V:6, I:28 63385 KDE e-book converter and library management
fbreader V:1, I:9 3783 GTK e-book reader
evince V:92, I:314 941 GNOME document(pdf) viewer
okular V:40, I:123 17728 KDE document(pdf) viewer
x11-apps V:31, I:463 2460 pure X-app xeyes(1), etc.
x11-utils V:192, I:566 651 pure X-app xev(1), xwininfo(1), etc.

Default names for user directories such as "~/Desktop", "~/Documents", ..., used by the Desktop environment depend on the locale used for the system installation. You can reset them to the English ones by:

 $ LANGUAGE=C xdg-user-dirs-update --force 

Then you manually move all the data to the newer directories. See xdg-user-dirs-update(1).

You can also set them to any names by editing "~/.config/user-dirs.dirs". See user-dirs.dirs(5).

Many useful scalable fonts are available for users on Debian. User's concern is how to avoid redundancy and how to configure parts of installed fonts to be disabled. Otherwise, useless font choices may clutter your GUI application menus.

Debian system uses FreeType 2.0 library to rasterise many scalable font formats for screen and print:

The following table is compiled in the hope to help users to chose appropriate scalable fonts with clear understanding of the metric compatibility and the glyph coverage. Most fonts cover all Latin, Greek, and Cyril characters. The final choice of activated fonts can also be affected by your aesthetics. These fonts can be used for the screen display or for the paper printing.


Here:

  • "MCM" stands for "metric compatible with fonts provided by Microsoft"

  • "MCMATC" stands for "metric compatible with fonts provided by Microsoft: Arial, Times New Roman, Courier New"

  • "MCAHTC" stands for "metric compatible with fonts provided by Adobe: Helvetica, Times, Courier"

  • Numbers in font type columns stands for the rough relative "M" width for the same point size font.

  • "P" in mono font type columns stands for its usability for programming having clearly distinguishable "0"/"O" and "1"/"I"/"l".

  • The ttf-mscorefonts-installer package downloads Microsoft's "Core fonts for the Web" and installs Arial, Times New Roman, Courier New, Verdana, ... . These installed font data are non-free data.

Many free Latin fonts have their lineage traced to URW Nimbus family or Bitstream Vera.

[Tip] Tip

If your locale needs fonts not covered well by the above fonts, please use aptitude to check under task packages listed under "Tasks" -> "Localization". The font packages listed as "Depends:" or "Recommends:" in the localization task packages are the primary candidates.

Many mostly GUI applications on Linux are available in binary formats from non-Debian sources.

[Warning] Warning

Binaries from these sites may include proprietary non-free software packages.

There is some raison d'être for these binary format distributions for Free Software aficionados using Debian since these can accommodate clean set of libraries used for each application by the respective upstream developer independent of the ones provided by Debian.

The inherent risk of running external binaries can be reduced by using the sandbox environment which leverages modern Linux security features (see Section 4.7.5, “Linux security features”).

  • For binaries from AppImage and some upstream sites, run them in firejail with manual configuration.

  • For binaries from FLATHUB, run them in Flatpak . (No manual configuration required.)

  • For binaries from snapcraft, run them in Snap . (No manual configuration required. Compatible with daemon programs.)

The xdg-desktop-portal package provides a standardized API to common desktop features. See xdg-desktop-portal (flatpak) and xdg-desktop-portal (snap) .


This sandbox environment technology is very much like apps on smart phone OS where apps are executed under controlled resource accesses.

Some large GUI applications such as web browsers on Debian also use sandbox environment technology internally to make them more secure.


There are several ways to connect from an application on a remote host to the X server including xwayland on the local host.


Access to the local X server by the local applications which use X core protocol can be locally connected through a local UNIX domain socket. This can be authorized by the authority file holding access cookie. The authority file location is identified by the "$XAUTHORITY" environment variable and X display is identified by the "$DISPLAY" environment variable. Since these are normally set automatically, no special action is needed, e.g. "gitk" as the following.

username $ gitk
[Note] Note

For xwayland, XAUTHORITY holds value like "/run/user/1000/.mutter-Xwaylandauth.YVSU30".

Access to the local X server display from the remote applications which use X core protocol is supported by using the X11 forwarding feature.

This method can display the output from a remote X client as if it were locally connected through a local UNIX domain socket.

See Section 6.3, “The remote access server and utilities (SSH)” for SSH/SSHD.

[Warning] Warning

A remote TCP/IP connection to the X server is disabled by default on the Debian system for security reasons. Don't enable them by simply setting "xhost +" nor by enabling XDMCP connection, if you can avoid it.

For clipping text to clipboard, see Section 1.4.4, “Mouse operations”.

For clipping graphics to clipboard, see Section 11.6, “Graphic data tools”.

Some CLI commands can manipulate character clipboard (PRIMARY and CLIPBOARD), too.