From 46b100ee0cda684d34aef076f1a65a4e0ce3c05f Mon Sep 17 00:00:00 2001
From: Ryan Kuba <ryan.kuba@kasmweb.com>
Date: Thu, 15 Jun 2023 13:52:33 +0000
Subject: [PATCH] Resolve KASM-4421 "Feature/ new images"

---
 .gitlab-ci.yml                                | 240 +++++++++++++++++-
 dockerfile-kasm-core-suse                     |   2 +-
 docs/core-alpine-318/README.md                |   7 +
 docs/core-alpine-318/demo.txt                 |   9 +
 docs/core-alpine-318/description.txt          |   1 +
 docs/core-debian-bookworm/README.md           |   7 +
 docs/core-debian-bookworm/demo.txt            |   9 +
 docs/core-debian-bookworm/description.txt     |   1 +
 docs/core-fedora-38/README.md                 |   7 +
 docs/core-fedora-38/demo.txt                  |   9 +
 docs/core-fedora-38/description.txt           |   1 +
 src/common/startup_scripts/trustdesktop.sh    |   6 +
 .../xfce-perchannel-xml/xfce4-desktop.xml     |  42 +++
 .../xfce-perchannel-xml/xfce4-panel.xml       |  37 +++
 .../xfconf/xfce-perchannel-xml/xfwm4.xml      |  91 +++++++
 .../xfconf/xfce-perchannel-xml/xsettings.xml  |  10 +
 src/ubuntu/install/audio/install_audio.sh     |   4 +
 src/ubuntu/install/cleanup/cleanup.sh         |   7 +-
 .../install/fonts/install_custom_fonts.sh     |   2 +-
 .../install/kasm_vnc/install_kasm_vnc.sh      |  43 +++-
 .../install/package_rules/package_rules.sh    |   2 +-
 .../install/squid/install/install_squid.sh    |  14 +-
 src/ubuntu/install/sysbox/install_systemd.sh  |   2 +-
 src/ubuntu/install/tools/install_tools.sh     |   2 +-
 src/ubuntu/install/xfce/install_xfce_ui.sh    |  15 +-
 25 files changed, 541 insertions(+), 29 deletions(-)
 create mode 100644 docs/core-alpine-318/README.md
 create mode 100644 docs/core-alpine-318/demo.txt
 create mode 100644 docs/core-alpine-318/description.txt
 create mode 100644 docs/core-debian-bookworm/README.md
 create mode 100644 docs/core-debian-bookworm/demo.txt
 create mode 100644 docs/core-debian-bookworm/description.txt
 create mode 100644 docs/core-fedora-38/README.md
 create mode 100644 docs/core-fedora-38/demo.txt
 create mode 100644 docs/core-fedora-38/description.txt
 create mode 100755 src/common/startup_scripts/trustdesktop.sh
 create mode 100644 src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml
 create mode 100644 src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml
 create mode 100644 src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml
 create mode 100644 src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index d9b44f7..4a4672d 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -99,6 +99,26 @@ build_debian_bullseye:
   tags:
     - aws-autoscale
 
+build_debian_bookworm:
+  stage: build
+  image: ${ORG_NAME}/docker-buildx-private:develop
+  variables:
+    BUILD_PLATFORMS: "linux/amd64,linux/arm64"
+  script:
+    # get qemu ready
+    - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+    # prep the buildx env
+    - docker buildx create --use
+    # build for multiple architectures
+    - docker buildx build --push --platform $BUILD_PLATFORMS -t ${ORG_NAME}/core-debian-bookworm-private:$SANITIZED_BRANCH -t  ${ORG_NAME}/core-debian-bookworm-private:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/core-debian-bookworm:$SANITIZED_BRANCH -t ${ORG_NAME}/core-debian-bookworm:$SANITIZED_ROLLING_BRANCH --build-arg START_PULSEAUDIO=1 --build-arg BASE_IMAGE="debian:bookworm-slim" --build-arg DISTRO="debian" --build-arg START_XFCE4=1 --build-arg BG_IMG=bg_debian.svg -f dockerfile-kasm-core .
+  only:
+    - develop
+    - /^release\/.*$/
+  except:
+    - schedules
+  tags:
+    - aws-autoscale
+
 build_cuda_focal:
   stage: build
   script:
@@ -313,7 +333,7 @@ build_opensuse_15:
     # prep the buildx env
     - docker buildx create --use
     # build for multiple architectures
-    - docker buildx build --push --platform $BUILD_PLATFORMS -t ${ORG_NAME}/core-opensuse-15-private:$SANITIZED_BRANCH -t  ${ORG_NAME}/core-opensuse-15-private:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/core-opensuse-15:$SANITIZED_BRANCH -t ${ORG_NAME}/core-opensuse-15:$SANITIZED_ROLLING_BRANCH --build-arg START_PULSEAUDIO=1 --build-arg START_XFCE4=1 --build-arg BASE_IMAGE="opensuse/leap:15.3" --build-arg DISTRO="opensuse" -f dockerfile-kasm-core-suse .
+    - docker buildx build --push --platform $BUILD_PLATFORMS -t ${ORG_NAME}/core-opensuse-15-private:$SANITIZED_BRANCH -t  ${ORG_NAME}/core-opensuse-15-private:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/core-opensuse-15:$SANITIZED_BRANCH -t ${ORG_NAME}/core-opensuse-15:$SANITIZED_ROLLING_BRANCH --build-arg START_PULSEAUDIO=1 --build-arg START_XFCE4=1 --build-arg BASE_IMAGE="opensuse/leap:15.5" --build-arg DISTRO="opensuse" -f dockerfile-kasm-core-suse .
   only:
     - develop
     - /^release\/.*$/
@@ -364,6 +384,48 @@ manifest_fedora_37:
   tags:
     - aws-autoscale
 
+build_fedora_38:
+  stage: build
+  script:
+    - >
+        docker build
+        -t ${ORG_NAME}/core-fedora-38:$(arch)-$SANITIZED_BRANCH
+        --build-arg START_PULSEAUDIO=1
+        --build-arg START_XFCE4=1
+        --build-arg BASE_IMAGE="fedora:38"
+        --build-arg DISTRO="fedora38"
+        -f dockerfile-kasm-core-fedora .
+    - docker push ${ORG_NAME}/core-fedora-38:$(arch)-$SANITIZED_BRANCH
+  only:
+    - develop
+    - /^release\/.*$/ 
+  except:
+    - schedules
+  tags:
+    - ${TAG} 
+  parallel:
+    matrix:
+      - TAG: [ aws-autoscale, aws-autoscale-arm64 ]
+
+manifest_fedora_38:
+  stage: manifest
+  script:
+    - docker pull ${ORG_NAME}/core-fedora-38:x86_64-$SANITIZED_BRANCH
+    - docker pull ${ORG_NAME}/core-fedora-38:aarch64-$SANITIZED_BRANCH
+    - "docker manifest push --purge ${ORG_NAME}/core-fedora-38:$SANITIZED_BRANCH || :"
+    - docker manifest create ${ORG_NAME}/core-fedora-38:$SANITIZED_BRANCH ${ORG_NAME}/core-fedora-38:x86_64-$SANITIZED_BRANCH ${ORG_NAME}/core-fedora-38:aarch64-$SANITIZED_BRANCH
+    - docker manifest annotate ${ORG_NAME}/core-fedora-38:$SANITIZED_BRANCH ${ORG_NAME}/core-fedora-38:aarch64-$SANITIZED_BRANCH --os linux --arch arm64 --variant v8
+    - docker manifest push --purge ${ORG_NAME}/core-fedora-38:$SANITIZED_BRANCH
+  needs:
+    - build_fedora_38
+  only:
+    - develop
+    - /^release\/.*$/
+  except:
+    - schedules
+  tags:
+    - aws-autoscale
+
 build_parrotos_5:
   stage: build
   image: ${ORG_NAME}/docker-buildx-private:develop
@@ -404,6 +466,26 @@ build_alpine_317:
   tags:
     - aws-autoscale
 
+build_alpine_318:
+  stage: build
+  image: ${ORG_NAME}/docker-buildx-private:develop
+  variables:
+    BUILD_PLATFORMS: "linux/amd64,linux/arm64"
+  script:
+    # get qemu ready
+    - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+    # prep the buildx env
+    - docker buildx create --use
+    # build for multiple architectures
+    - docker buildx build --push --platform $BUILD_PLATFORMS -t ${ORG_NAME}/core-alpine-318-private:$SANITIZED_BRANCH -t  ${ORG_NAME}/core-alpine-318-private:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/core-alpine-318:$SANITIZED_BRANCH -t ${ORG_NAME}/core-alpine-318:$SANITIZED_ROLLING_BRANCH --build-arg START_PULSEAUDIO=1 --build-arg START_XFCE4=1 --build-arg BG_IMG=bg_alpine.png --build-arg BASE_IMAGE="alpine:3.18" --build-arg DISTRO="alpine" -f dockerfile-kasm-core-alpine .
+  only:
+    - develop
+    - /^release\/.*$/
+  except:
+    - schedules
+  tags:
+    - aws-autoscale
+
 # These jobs should run on the feature/bugfix branches - anything that is not the develop or release branches. It should only push images to the private repos
 build_ubuntu_bionic_dev:
   stage: build
@@ -490,6 +572,28 @@ build_debian_bullseye_dev:
     matrix:
       - TAG: [ aws-autoscale, aws-autoscale-arm64 ]
 
+build_debian_bookworm_dev:
+  stage: build
+  script:
+    - >
+        docker build 
+        -t ${ORG_NAME}/core-debian-bookworm-private:$(arch)-$SANITIZED_BRANCH
+        --build-arg START_PULSEAUDIO=1
+        --build-arg BASE_IMAGE="debian:bookworm-slim"
+        --build-arg DISTRO="debian"
+        --build-arg START_XFCE4=1
+        --build-arg BG_IMG=bg_debian.svg
+        -f dockerfile-kasm-core .
+    - docker push ${ORG_NAME}/core-debian-bookworm-private:$(arch)-$SANITIZED_BRANCH
+  except:
+    - develop
+    - /^release\/.*$/
+  tags:
+    - ${TAG}
+  parallel:
+    matrix:
+      - TAG: [ aws-autoscale, aws-autoscale-arm64 ]
+
 build_cuda_focal_dev:
   stage: build
   script:
@@ -731,7 +835,7 @@ build_opensuse_15_dev:
         -t ${ORG_NAME}/core-opensuse-15-private:$(arch)-$SANITIZED_BRANCH
         --build-arg START_PULSEAUDIO=1
         --build-arg START_XFCE4=1
-        --build-arg BASE_IMAGE="opensuse/leap:15.3"
+        --build-arg BASE_IMAGE="opensuse/leap:15.5"
         --build-arg DISTRO="opensuse"
         -f dockerfile-kasm-core-suse .
     - docker push ${ORG_NAME}/core-opensuse-15-private:$(arch)-$SANITIZED_BRANCH
@@ -765,6 +869,27 @@ build_fedora_37_dev:
     matrix:
       - TAG: [ aws-autoscale, aws-autoscale-arm64 ]
 
+build_fedora_38_dev:
+  stage: build
+  script:
+    - >
+        docker build
+        -t ${ORG_NAME}/core-fedora-38-private:$(arch)-$SANITIZED_BRANCH
+        --build-arg START_PULSEAUDIO=1
+        --build-arg START_XFCE4=1
+        --build-arg BASE_IMAGE="fedora:38"
+        --build-arg DISTRO="fedora38"
+        -f dockerfile-kasm-core-fedora .
+    - docker push ${ORG_NAME}/core-fedora-38-private:$(arch)-$SANITIZED_BRANCH
+  except:
+    - develop
+    - /^release\/.*$/
+  tags:
+    - ${TAG}
+  parallel:
+    matrix:
+      - TAG: [ aws-autoscale, aws-autoscale-arm64 ]
+
 build_parrotos_5_dev:
   stage: build
   script:
@@ -809,6 +934,28 @@ build_alpine_317_dev:
     matrix:
       - TAG: [ aws-autoscale, aws-autoscale-arm64 ]
 
+build_alpine_318_dev:
+  stage: build
+  script:
+    - >
+        docker build
+        -t ${ORG_NAME}/core-alpine-318-private:$(arch)-$SANITIZED_BRANCH
+        --build-arg START_PULSEAUDIO=1
+        --build-arg START_XFCE4=1
+        --build-arg BG_IMG=bg_alpine.png
+        --build-arg BASE_IMAGE="alpine:3.18"
+        --build-arg DISTRO="alpine"
+        -f dockerfile-kasm-core-alpine .
+    - docker push ${ORG_NAME}/core-alpine-318-private:$(arch)-$SANITIZED_BRANCH
+  except:
+    - develop
+    - /^release\/.*$/
+  tags:
+    - ${TAG} 
+  parallel:
+    matrix:
+      - TAG: [ aws-autoscale, aws-autoscale-arm64 ]
+
 test_multi_arch_dev:
   stage: test
   script:
@@ -846,7 +993,9 @@ test_multi_arch_dev:
           - core-opensuse-15-private
           - core-ubuntu-jammy-private
           - core-fedora-37-private
+          - core-fedora-38-private
           - core-debian-bullseye-private
+          - core-debian-bookworm-private
           - core-oracle-9-private
           - core-rockylinux-9-private
           - core-rockylinux-8-private
@@ -855,6 +1004,7 @@ test_multi_arch_dev:
           - core-kali-rolling-private
           - core-parrotos-5-private
           - core-alpine-317-private
+          - core-alpine-318-private
 
 test_single_arch_dev:
   stage: test
@@ -916,7 +1066,9 @@ manifest_dev:
     - build_oracle_9_dev
     - build_opensuse_15_dev
     - build_fedora_37_dev
+    - build_fedora_38_dev
     - build_debian_bullseye_dev
+    - build_debian_bookworm_dev
     - build_rockylinux_9_dev
     - build_rockylinux_8_dev
     - build_almalinux_9_dev
@@ -924,6 +1076,7 @@ manifest_dev:
     - build_kali_rolling_dev
     - build_parrotos_5_dev
     - build_alpine_317_dev
+    - build_alpine_318_dev
   parallel:
     matrix:
       - KASM_IMAGE:
@@ -933,7 +1086,9 @@ manifest_dev:
           - core-opensuse-15-private
           - core-ubuntu-jammy-private
           - core-fedora-37-private
+          - core-fedora-38-private
           - core-debian-bullseye-private
+          - core-debian-bookworm-private
           - core-oracle-9-private
           - core-rockylinux-9-private
           - core-rockylinux-8-private
@@ -942,6 +1097,7 @@ manifest_dev:
           - core-kali-rolling-private
           - core-parrotos-5-private
           - core-alpine-317-private
+          - core-alpine-318-private
 
 link_tests_single_arch_dev:
   stage: linktests
@@ -988,7 +1144,9 @@ link_tests_multi_arch_dev:
           - core-opensuse-15-private
           - core-ubuntu-jammy-private
           - core-fedora-37-private
+          - core-fedora-38-private
           - core-debian-bullseye-private
+          - core-debian-bookworm-private
           - core-oracle-9-private
           - core-parrotos-5-private
           - core-rockylinux-9-private
@@ -996,6 +1154,7 @@ link_tests_multi_arch_dev:
           - core-almalinux-9-private
           - core-almalinux-8-private
           - core-alpine-317-private
+          - core-alpine-318-private
 
 # These jobs are for the "rolling" release of the images. They should only run for scheduled jobs and should only push the rolling tags
 build_ubuntu_bionic_scheduled:
@@ -1066,6 +1225,23 @@ build_debian_bullseye_scheduled:
   tags:
     - aws-autoscale
 
+build_debian_bookworm_scheduled:
+  stage: build
+  image: ${ORG_NAME}/docker-buildx-private:develop
+  variables:
+    BUILD_PLATFORMS: "linux/amd64,linux/arm64"
+  script:
+    # get qemu ready
+    - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+    # prep the buildx env
+    - docker buildx create --use
+    # build for multiple architectures
+    - docker buildx build --push --platform $BUILD_PLATFORMS -t ${ORG_NAME}/core-debian-bookworm-private:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/core-debian-bookworm:$SANITIZED_ROLLING_BRANCH --build-arg START_PULSEAUDIO=1 --build-arg BASE_IMAGE="debian:bookworm-slim" --build-arg START_XFCE4=1 --build-arg BG_IMG=bg_debian.svg --build-arg DISTRO="debian" -f dockerfile-kasm-core .
+  only:
+    - schedules
+  tags:
+    - aws-autoscale
+
 build_cuda_focal_schedules:
   stage: build
   script:
@@ -1236,7 +1412,7 @@ build_opensuse_15_scheduled:
     # prep the buildx env
     - docker buildx create --use
     # build for multiple architectures
-    - docker buildx build --push --platform $BUILD_PLATFORMS -t ${ORG_NAME}/core-opensuse-15-private:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/core-opensuse-15:$SANITIZED_ROLLING_BRANCH --build-arg START_PULSEAUDIO=1 --build-arg START_XFCE4=1 --build-arg BASE_IMAGE="opensuse/leap:15.3" --build-arg DISTRO="opensuse" -f dockerfile-kasm-core-suse .
+    - docker buildx build --push --platform $BUILD_PLATFORMS -t ${ORG_NAME}/core-opensuse-15-private:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/core-opensuse-15:$SANITIZED_ROLLING_BRANCH --build-arg START_PULSEAUDIO=1 --build-arg START_XFCE4=1 --build-arg BASE_IMAGE="opensuse/leap:15.5" --build-arg DISTRO="opensuse" -f dockerfile-kasm-core-suse .
   only:
     - schedules
   tags:
@@ -1278,6 +1454,42 @@ manifest_fedora_37_scheduled:
   tags:
     - aws-autoscale
 
+build_fedora_38_scheduled:
+  stage: build
+  script:
+    - >
+        docker build
+        -t ${ORG_NAME}/core-fedora-38:$(arch)-$SANITIZED_ROLLING_BRANCH
+        --build-arg START_PULSEAUDIO=1
+        --build-arg START_XFCE4=1
+        --build-arg BASE_IMAGE="fedora:38"
+        --build-arg DISTRO="fedora38"
+        -f dockerfile-kasm-core-fedora .
+    - docker push ${ORG_NAME}/core-fedora-38:$(arch)-$SANITIZED_ROLLING_BRANCH
+  only:
+    - schedules
+  tags:
+    - ${TAG} 
+  parallel:
+    matrix:
+      - TAG: [ aws-autoscale, aws-autoscale-arm64 ]
+    
+manifest_fedora_38_scheduled:
+  stage: manifest
+  script:
+    - docker pull ${ORG_NAME}/core-fedora-38:x86_64-$SANITIZED_ROLLING_BRANCH
+    - docker pull ${ORG_NAME}/core-fedora-38:aarch64-$SANITIZED_ROLLING_BRANCH
+    - "docker manifest push --purge ${ORG_NAME}/core-fedora-38:$SANITIZED_ROLLING_BRANCH || :"
+    - docker manifest create ${ORG_NAME}/core-fedora-38:$SANITIZED_ROLLING_BRANCH ${ORG_NAME}/core-fedora-38:x86_64-$SANITIZED_ROLLING_BRANCH ${ORG_NAME}/core-fedora-38:aarch64-$SANITIZED_ROLLING_BRANCH
+    - docker manifest annotate ${ORG_NAME}/core-fedora-38:$SANITIZED_ROLLING_BRANCH ${ORG_NAME}/core-fedora-38:aarch64-$SANITIZED_ROLLING_BRANCH --os linux --arch arm64 --variant v8
+    - docker manifest push --purge ${ORG_NAME}/core-fedora-38:$SANITIZED_ROLLING_BRANCH
+  needs:
+    - build_fedora_38_scheduled
+  only:
+    - schedules
+  tags:
+    - aws-autoscale
+
 build_parrotos_5_scheduled:
   stage: build
   image: ${ORG_NAME}/docker-buildx-private:develop
@@ -1295,7 +1507,7 @@ build_parrotos_5_scheduled:
   tags:
     - aws-autoscale
 
-build_parrotos_5_scheduled:
+build_alpine_317_scheduled:
   stage: build
   image: ${ORG_NAME}/docker-buildx-private:develop
   variables:
@@ -1312,6 +1524,23 @@ build_parrotos_5_scheduled:
   tags:
     - aws-autoscale
 
+build_alpine_318_scheduled:
+  stage: build
+  image: ${ORG_NAME}/docker-buildx-private:develop
+  variables:
+    BUILD_PLATFORMS: "linux/amd64,linux/arm64"
+  script:
+    # get qemu ready
+    - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+    # prep the buildx env
+    - docker buildx create --use
+    # build for multiple architectures
+    - docker buildx build --push --platform $BUILD_PLATFORMS -t ${ORG_NAME}/core-alpine-318-private:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/core-alpine-318:$SANITIZED_ROLLING_BRANCH --build-arg START_PULSEAUDIO=1 --build-arg START_XFCE4=1 --build-arg BG_IMG=bg_alpine.png --build-arg BASE_IMAGE="alpine:3.18" --build-arg DISTRO="alpine" -f dockerfile-kasm-core-alpine .
+  only:
+    - schedules
+  tags:
+    - aws-autoscale
+
 update_readmes:
   stage: readme
   script:
@@ -1343,7 +1572,9 @@ update_readmes:
           - core-ubuntu-focal
           - core-ubuntu-jammy
           - core-fedora-37
+          - core-fedora-38
           - core-debian-bullseye
+          - core-debian-bookworm
           - core-oracle-9
           - core-parrotos-5
           - core-rockylinux-9
@@ -1351,3 +1582,4 @@ update_readmes:
           - core-almalinux-9
           - core-almalinux-8
           - core-alpine-317
+          - core-alpine-318
diff --git a/dockerfile-kasm-core-suse b/dockerfile-kasm-core-suse
index a0b1e7e..41ec318 100644
--- a/dockerfile-kasm-core-suse
+++ b/dockerfile-kasm-core-suse
@@ -1,5 +1,5 @@
 #### Build Stage ####
-ARG BASE_IMAGE="opensuse/leap:15.3"
+ARG BASE_IMAGE="opensuse/leap:15.5"
 
 FROM $BASE_IMAGE AS install_tools
 ARG DISTRO=opensuse
diff --git a/docs/core-alpine-318/README.md b/docs/core-alpine-318/README.md
new file mode 100644
index 0000000..7cb47a0
--- /dev/null
+++ b/docs/core-alpine-318/README.md
@@ -0,0 +1,7 @@
+# About This Image
+
+This image contains a browser-accessible version of Alpine 3.18.
+
+![Screenshot][Image_Screenshot]
+
+[Image_Screenshot]: https://5856039.fs1.hubspotusercontent-na1.net/hubfs/5856039/dockerhub/image-screenshots/alpine-317-core.png "Image Screenshot"
diff --git a/docs/core-alpine-318/demo.txt b/docs/core-alpine-318/demo.txt
new file mode 100644
index 0000000..bbd1f8e
--- /dev/null
+++ b/docs/core-alpine-318/demo.txt
@@ -0,0 +1,9 @@
+# Live Demo
+
+**Launch a real-time demo in a new browser window:** <a href="https://app.kasmweb.com/#/cast/1481835260" target="_blank">Live Demo</a>.
+
+<a href="https://app.kasmweb.com/#/cast/1481835260" target="_blank"><img src="https://5856039.fs1.hubspotusercontent-na1.net/hub/5856039/hubfs/dockerhub/casting-buttons/CoreUbuntuJammy.png" width="300" height="104"></a>
+
+&lowast;*This demo links to a Jammy Desktop image to show the basic functionality of Kasm Workspaces.*
+
+&lowast;*Note: Demo is limited to 3 minutes and has upload/downloads restricted for security purposes.*
diff --git a/docs/core-alpine-318/description.txt b/docs/core-alpine-318/description.txt
new file mode 100644
index 0000000..7185724
--- /dev/null
+++ b/docs/core-alpine-318/description.txt
@@ -0,0 +1 @@
+Alpine 3.18 base image for Kasm Workspaces
diff --git a/docs/core-debian-bookworm/README.md b/docs/core-debian-bookworm/README.md
new file mode 100644
index 0000000..24e7e25
--- /dev/null
+++ b/docs/core-debian-bookworm/README.md
@@ -0,0 +1,7 @@
+# About This Image
+
+This image contains a browser-accessible version of Debian Bookworm.
+
+![Screenshot][Image_Screenshot]
+
+[Image_Screenshot]: https://5856039.fs1.hubspotusercontent-na1.net/hubfs/5856039/dockerhub/image-screenshots/debian-bullseye-core.png "Image Screenshot"
diff --git a/docs/core-debian-bookworm/demo.txt b/docs/core-debian-bookworm/demo.txt
new file mode 100644
index 0000000..bbd1f8e
--- /dev/null
+++ b/docs/core-debian-bookworm/demo.txt
@@ -0,0 +1,9 @@
+# Live Demo
+
+**Launch a real-time demo in a new browser window:** <a href="https://app.kasmweb.com/#/cast/1481835260" target="_blank">Live Demo</a>.
+
+<a href="https://app.kasmweb.com/#/cast/1481835260" target="_blank"><img src="https://5856039.fs1.hubspotusercontent-na1.net/hub/5856039/hubfs/dockerhub/casting-buttons/CoreUbuntuJammy.png" width="300" height="104"></a>
+
+&lowast;*This demo links to a Jammy Desktop image to show the basic functionality of Kasm Workspaces.*
+
+&lowast;*Note: Demo is limited to 3 minutes and has upload/downloads restricted for security purposes.*
diff --git a/docs/core-debian-bookworm/description.txt b/docs/core-debian-bookworm/description.txt
new file mode 100644
index 0000000..21b2159
--- /dev/null
+++ b/docs/core-debian-bookworm/description.txt
@@ -0,0 +1 @@
+Debian Bookworm base image for Kasm Workspaces
diff --git a/docs/core-fedora-38/README.md b/docs/core-fedora-38/README.md
new file mode 100644
index 0000000..3009d68
--- /dev/null
+++ b/docs/core-fedora-38/README.md
@@ -0,0 +1,7 @@
+# About This Image
+
+This image contains a browser-accessible version of Fedora 38.
+
+![Screenshot][Image_Screenshot]
+
+[Image_Screenshot]: https://info.kasmweb.com/hubfs/dockerhub/fedora-37-core.png "Image Screenshot"
diff --git a/docs/core-fedora-38/demo.txt b/docs/core-fedora-38/demo.txt
new file mode 100644
index 0000000..bbd1f8e
--- /dev/null
+++ b/docs/core-fedora-38/demo.txt
@@ -0,0 +1,9 @@
+# Live Demo
+
+**Launch a real-time demo in a new browser window:** <a href="https://app.kasmweb.com/#/cast/1481835260" target="_blank">Live Demo</a>.
+
+<a href="https://app.kasmweb.com/#/cast/1481835260" target="_blank"><img src="https://5856039.fs1.hubspotusercontent-na1.net/hub/5856039/hubfs/dockerhub/casting-buttons/CoreUbuntuJammy.png" width="300" height="104"></a>
+
+&lowast;*This demo links to a Jammy Desktop image to show the basic functionality of Kasm Workspaces.*
+
+&lowast;*Note: Demo is limited to 3 minutes and has upload/downloads restricted for security purposes.*
diff --git a/docs/core-fedora-38/description.txt b/docs/core-fedora-38/description.txt
new file mode 100644
index 0000000..eb5c0fa
--- /dev/null
+++ b/docs/core-fedora-38/description.txt
@@ -0,0 +1 @@
+Fedora 38 base image for Kasm Workspaces
diff --git a/src/common/startup_scripts/trustdesktop.sh b/src/common/startup_scripts/trustdesktop.sh
new file mode 100755
index 0000000..c7916f3
--- /dev/null
+++ b/src/common/startup_scripts/trustdesktop.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+if [ ! -f $HOME/.local/share/gvfs-metadata/home ]; then
+  for f in $HOME/Desktop/*.desktop; do 
+    gio set -t string "$f" metadata::xfce-exe-checksum "$(sha256sum "$f" | awk '{print $1}')" || :
+  done
+fi
diff --git a/src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml b/src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml
new file mode 100644
index 0000000..cb9a28e
--- /dev/null
+++ b/src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<channel name="xfce4-desktop" version="1.0">
+  <property name="backdrop" type="empty">
+    <property name="screen0" type="empty">
+      <property name="monitorVNC-0" type="empty">
+        <property name="workspace0" type="empty">
+          <property name="color-style" type="int" value="0"/>
+          <property name="image-style" type="int" value="5"/>
+          <property name="last-image" type="string" value="/usr/share/backgrounds/bg_default.png"/>
+        </property>
+        <property name="workspace1" type="empty">
+          <property name="color-style" type="int" value="0"/>
+          <property name="image-style" type="int" value="5"/>
+          <property name="last-image" type="string" value="/usr/share/backgrounds/bg_default.png"/>
+        </property>
+        <property name="workspace2" type="empty">
+          <property name="color-style" type="int" value="0"/>
+          <property name="image-style" type="int" value="5"/>
+          <property name="last-image" type="string" value="/usr/share/backgrounds/bg_default.png"/>
+        </property>
+        <property name="workspace3" type="empty">
+          <property name="color-style" type="int" value="0"/>
+          <property name="image-style" type="int" value="5"/>
+          <property name="last-image" type="string" value="/usr/share/backgrounds/bg_default.png"/>
+        </property>
+      </property>
+    </property>
+  </property>
+  <property name="desktop-icons" type="empty">
+    <property name="file-icons" type="empty">
+      <property name="show-home" type="bool" value="false"/>
+      <property name="show-filesystem" type="bool" value="false"/>
+      <property name="show-trash" type="bool" value="false"/>
+      <property name="show-removable" type="bool" value="false"/>
+    </property>
+  </property>
+  <property name="last" type="empty">
+    <property name="window-width" type="int" value="634"/>
+    <property name="window-height" type="int" value="566"/>
+  </property>
+</channel>
diff --git a/src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml b/src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml
new file mode 100644
index 0000000..690238f
--- /dev/null
+++ b/src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<channel name="xfce4-panel" version="1.0">
+  <property name="configver" type="int" value="2"/>
+  <property name="panels" type="array">
+    <value type="int" value="1"/>
+    <property name="dark-mode" type="bool" value="false"/>
+    <property name="panel-1" type="empty">
+      <property name="position" type="string" value="p=6;x=0;y=0"/>
+      <property name="length" type="uint" value="100"/>
+      <property name="position-locked" type="bool" value="true"/>
+      <property name="icon-size" type="uint" value="16"/>
+      <property name="size" type="uint" value="30"/>
+      <property name="plugin-ids" type="array">
+        <value type="int" value="1"/>
+        <value type="int" value="2"/>
+        <value type="int" value="3"/>
+        <value type="int" value="4"/>
+      </property>
+      <property name="mode" type="uint" value="0"/>
+    </property>
+  </property>
+  <property name="plugins" type="empty">
+    <property name="plugin-1" type="string" value="applicationsmenu"/>
+    <property name="plugin-2" type="string" value="tasklist">
+      <property name="grouping" type="uint" value="1"/>
+    </property>
+    <property name="plugin-3" type="string" value="separator">
+      <property name="expand" type="bool" value="true"/>
+      <property name="style" type="uint" value="0"/>
+    </property>
+    <property name="plugin-4" type="string" value="pager">
+      <property name="rows" type="uint" value="1"/>
+    </property>
+    <property name="plugin-9" type="string" value="power-manager-plugin"/>
+  </property>
+</channel>
diff --git a/src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml b/src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml
new file mode 100644
index 0000000..ba3c831
--- /dev/null
+++ b/src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml
@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<channel name="xfwm4" version="1.0">
+  <property name="general" type="empty">
+    <property name="activate_action" type="string" value="bring"/>
+    <property name="borderless_maximize" type="bool" value="true"/>
+    <property name="box_move" type="bool" value="false"/>
+    <property name="box_resize" type="bool" value="false"/>
+    <property name="button_layout" type="string" value="O|SHMC"/>
+    <property name="button_offset" type="int" value="0"/>
+    <property name="button_spacing" type="int" value="0"/>
+    <property name="click_to_focus" type="bool" value="true"/>
+    <property name="cycle_apps_only" type="bool" value="false"/>
+    <property name="cycle_draw_frame" type="bool" value="true"/>
+    <property name="cycle_raise" type="bool" value="false"/>
+    <property name="cycle_hidden" type="bool" value="true"/>
+    <property name="cycle_minimum" type="bool" value="true"/>
+    <property name="cycle_minimized" type="bool" value="false"/>
+    <property name="cycle_preview" type="bool" value="true"/>
+    <property name="cycle_tabwin_mode" type="int" value="0"/>
+    <property name="cycle_workspaces" type="bool" value="false"/>
+    <property name="double_click_action" type="string" value="maximize"/>
+    <property name="double_click_distance" type="int" value="5"/>
+    <property name="double_click_time" type="int" value="250"/>
+    <property name="easy_click" type="string" value="Alt"/>
+    <property name="focus_delay" type="int" value="250"/>
+    <property name="focus_hint" type="bool" value="true"/>
+    <property name="focus_new" type="bool" value="true"/>
+    <property name="frame_opacity" type="int" value="100"/>
+    <property name="frame_border_top" type="int" value="0"/>
+    <property name="full_width_title" type="bool" value="true"/>
+    <property name="horiz_scroll_opacity" type="bool" value="false"/>
+    <property name="inactive_opacity" type="int" value="100"/>
+    <property name="maximized_offset" type="int" value="0"/>
+    <property name="mousewheel_rollup" type="bool" value="true"/>
+    <property name="move_opacity" type="int" value="100"/>
+    <property name="placement_mode" type="string" value="center"/>
+    <property name="placement_ratio" type="int" value="20"/>
+    <property name="popup_opacity" type="int" value="100"/>
+    <property name="prevent_focus_stealing" type="bool" value="false"/>
+    <property name="raise_delay" type="int" value="250"/>
+    <property name="raise_on_click" type="bool" value="true"/>
+    <property name="raise_on_focus" type="bool" value="false"/>
+    <property name="raise_with_any_button" type="bool" value="true"/>
+    <property name="repeat_urgent_blink" type="bool" value="false"/>
+    <property name="resize_opacity" type="int" value="100"/>
+    <property name="scroll_workspaces" type="bool" value="true"/>
+    <property name="shadow_delta_height" type="int" value="0"/>
+    <property name="shadow_delta_width" type="int" value="0"/>
+    <property name="shadow_delta_x" type="int" value="0"/>
+    <property name="shadow_delta_y" type="int" value="-3"/>
+    <property name="shadow_opacity" type="int" value="50"/>
+    <property name="show_app_icon" type="bool" value="false"/>
+    <property name="show_dock_shadow" type="bool" value="true"/>
+    <property name="show_frame_shadow" type="bool" value="true"/>
+    <property name="show_popup_shadow" type="bool" value="false"/>
+    <property name="snap_resist" type="bool" value="false"/>
+    <property name="snap_to_border" type="bool" value="true"/>
+    <property name="snap_to_windows" type="bool" value="false"/>
+    <property name="snap_width" type="int" value="10"/>
+    <property name="vblank_mode" type="string" value="auto"/>
+    <property name="theme" type="string" value="Default"/>
+    <property name="tile_on_move" type="bool" value="true"/>
+    <property name="title_alignment" type="string" value="center"/>
+    <property name="title_font" type="string" value="Sans Bold 9"/>
+    <property name="title_horizontal_offset" type="int" value="0"/>
+    <property name="titleless_maximize" type="bool" value="false"/>
+    <property name="title_shadow_active" type="string" value="false"/>
+    <property name="title_shadow_inactive" type="string" value="false"/>
+    <property name="title_vertical_offset_active" type="int" value="0"/>
+    <property name="title_vertical_offset_inactive" type="int" value="0"/>
+    <property name="toggle_workspaces" type="bool" value="false"/>
+    <property name="unredirect_overlays" type="bool" value="true"/>
+    <property name="urgent_blink" type="bool" value="false"/>
+    <property name="use_compositing" type="bool" value="false"/>
+    <property name="workspace_count" type="int" value="4"/>
+    <property name="wrap_cycle" type="bool" value="true"/>
+    <property name="wrap_layout" type="bool" value="true"/>
+    <property name="wrap_resistance" type="int" value="10"/>
+    <property name="wrap_windows" type="bool" value="true"/>
+    <property name="wrap_workspaces" type="bool" value="false"/>
+    <property name="zoom_desktop" type="bool" value="true"/>
+    <property name="zoom_pointer" type="bool" value="true"/>
+    <property name="workspace_names" type="array">
+      <value type="string" value="Workspace 1"/>
+      <value type="string" value="Workspace 2"/>
+      <value type="string" value="Workspace 3"/>
+      <value type="string" value="Workspace 4"/>
+    </property>
+  </property>
+</channel>
diff --git a/src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml b/src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml
new file mode 100644
index 0000000..d60e3c4
--- /dev/null
+++ b/src/fedora38/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<channel name="xsettings" version="1.0">
+    <property name="Xft" type="empty">
+        <property name="DPI" type="int" value="96"/>
+        <property name="Antialias" type="int" value="1"/>
+        <property name="Hinting" type="int" value="1"/>
+        <property name="HintStyle" type="string" value="hintslight"/>
+        <property name="RGBA" type="string" value="rgb"/>
+    </property>
+</channel>
diff --git a/src/ubuntu/install/audio/install_audio.sh b/src/ubuntu/install/audio/install_audio.sh
index da8d7bb..d52dcd4 100644
--- a/src/ubuntu/install/audio/install_audio.sh
+++ b/src/ubuntu/install/audio/install_audio.sh
@@ -30,6 +30,10 @@ elif [ "${DISTRO}" == "fedora37" ]; then
   dnf install -y curl git
   dnf localinstall -y --nogpgcheck https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-37.noarch.rpm
   dnf install -y --allowerasing ffmpeg pulseaudio pulseaudio-utils
+elif [ "${DISTRO}" == "fedora38" ]; then
+  dnf install -y curl git
+  dnf localinstall -y --nogpgcheck https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-38.noarch.rpm
+  dnf install -y --allowerasing ffmpeg pulseaudio pulseaudio-utils
 elif [ "${DISTRO}" == "opensuse" ]; then
   zypper install -ny curl git
   zypper install -yn ffmpeg pulseaudio-utils
diff --git a/src/ubuntu/install/cleanup/cleanup.sh b/src/ubuntu/install/cleanup/cleanup.sh
index 9e02a16..0765e1b 100644
--- a/src/ubuntu/install/cleanup/cleanup.sh
+++ b/src/ubuntu/install/cleanup/cleanup.sh
@@ -4,7 +4,7 @@ set -ex
 # Distro package cleanup
 if [[ "${DISTRO}" == @(centos|oracle7) ]] ; then
   yum clean all
-elif [[ "${DISTRO}" == @(almalinux8|almalinux9|fedora37|oracle8|oracle9|rockylinux8|rockylinux9) ]]; then
+elif [[ "${DISTRO}" == @(almalinux8|almalinux9|fedora37|fedora38|oracle8|oracle9|rockylinux8|rockylinux9) ]]; then
   dnf clean all
 elif [ "${DISTRO}" == "opensuse" ]; then
   zypper clean --all
@@ -22,6 +22,11 @@ rm -Rf \
   /var/tmp/*
 mkdir -m 1777 /tmp
 
+# Remove xfce4-screensaver bin if it exists
+if which xfce4-screensaver; then
+  rm -f $(which xfce4-screensaver)
+fi
+
 # Services we don't want to start disable in xfce init
 rm -f \
   /etc/xdg/autostart/blueman.desktop \
diff --git a/src/ubuntu/install/fonts/install_custom_fonts.sh b/src/ubuntu/install/fonts/install_custom_fonts.sh
index 0b84839..7578f3d 100644
--- a/src/ubuntu/install/fonts/install_custom_fonts.sh
+++ b/src/ubuntu/install/fonts/install_custom_fonts.sh
@@ -20,7 +20,7 @@ elif [[ "${DISTRO}" == "centos" ]]; then
     google-noto-emoji-fonts \
     google-noto-sans-cjk-fonts \
     google-noto-sans-fonts 
-elif [[ "${DISTRO}" == "fedora37" ]]; then
+elif [[ "${DISTRO}" == @(fedora37|fedora38) ]]; then
   dnf install -y \
     glibc-locale-source \
     google-noto-cjk-fonts \
diff --git a/src/ubuntu/install/kasm_vnc/install_kasm_vnc.sh b/src/ubuntu/install/kasm_vnc/install_kasm_vnc.sh
index 74b3684..8385d43 100644
--- a/src/ubuntu/install/kasm_vnc/install_kasm_vnc.sh
+++ b/src/ubuntu/install/kasm_vnc/install_kasm_vnc.sh
@@ -17,9 +17,9 @@ echo "Install KasmVNC server"
 cd /tmp
 BUILD_ARCH=$(uname -p)
 UBUNTU_CODENAME=""
-COMMIT_ID="56c840fc947d891f054bf251d2a02454d3e6f686"
-BRANCH="release" # just use 'release' for a release branch
-KASMVNC_VER="1.1.0"
+COMMIT_ID="9450157af1e16f9a27c12170ac0ebfd28ee50ebc"
+BRANCH="master" # just use 'release' for a release branch
+KASMVNC_VER="1.1.1"
 COMMIT_ID_SHORT=$(echo "${COMMIT_ID}" | cut -c1-6)
 
 # Naming scheme is now different between an official release and feature branch
@@ -63,17 +63,39 @@ elif [[ "${DISTRO}" == "fedora37" ]] ; then
     else
         BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/kasmvncserver_fedora_thirtyseven_${KASM_VER_NAME_PART}_aarch64.rpm"
     fi
-elif [[ "${DISTRO}" = @(debian|parrotos5) ]] ; then
+elif [[ "${DISTRO}" == "fedora38" ]] ; then
     if [[ "$(arch)" =~ ^x86_64$ ]] ; then
-        BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/kasmvncserver_bullseye_${KASM_VER_NAME_PART}_amd64.deb"
+        BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/kasmvncserver_fedora_thirtyeight_${KASM_VER_NAME_PART}_x86_64.rpm"
     else
-        BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/kasmvncserver_bullseye_${KASM_VER_NAME_PART}_arm64.deb"
+        BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/kasmvncserver_fedora_thirtyeight_${KASM_VER_NAME_PART}_aarch64.rpm"
+    fi
+elif [[ "${DISTRO}" = @(debian|parrotos5) ]] ; then
+    if grep -q bookworm /etc/os-release; then
+        if [[ "$(arch)" =~ ^x86_64$ ]] ; then
+            BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/kasmvncserver_bookworm_${KASM_VER_NAME_PART}_amd64.deb"
+        else
+            BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/kasmvncserver_bookworm_${KASM_VER_NAME_PART}_arm64.deb"
+        fi
+    else
+        if [[ "$(arch)" =~ ^x86_64$ ]] ; then
+            BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/kasmvncserver_bullseye_${KASM_VER_NAME_PART}_amd64.deb"
+        else
+            BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/kasmvncserver_bullseye_${KASM_VER_NAME_PART}_arm64.deb"
+        fi
     fi
 elif [[ "${DISTRO}" == "alpine" ]] ; then
-    if [[ "$(arch)" =~ ^x86_64$ ]] ; then
-        BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/output/alpine_317/kasmvnc.alpine_317_x86_64.tgz"
+    if grep -q v3.18 /etc/os-release; then
+        if [[ "$(arch)" =~ ^x86_64$ ]] ; then
+            BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/output/alpine_318/kasmvnc.alpine_318_x86_64.tgz"
+        else
+            BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/output/alpine_318/kasmvnc.alpine_318_aarch64.tgz"
+        fi
     else
-        BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/output/alpine_317/kasmvnc.alpine_317_aarch64.tgz"
+        if [[ "$(arch)" =~ ^x86_64$ ]] ; then
+            BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/output/alpine_317/kasmvnc.alpine_317_x86_64.tgz"
+        else
+            BUILD_URL="https://kasmweb-build-artifacts.s3.amazonaws.com/kasmvnc/${COMMIT_ID}/output/alpine_317/kasmvnc.alpine_317_aarch64.tgz"
+        fi
     fi
 else
     UBUNTU_CODENAME=$(grep -Po -m 1 "(?<=_CODENAME=)\w+" /etc/os-release)
@@ -95,7 +117,7 @@ elif [[ "${DISTRO}" == @(oracle8|oracle9|rockylinux9|rockylinux8|almalinux8|alma
     dnf localinstall -y kasmvncserver.rpm
     dnf install -y mesa-dri-drivers
     rm kasmvncserver.rpm
-elif [[ "${DISTRO}" == "fedora37" ]] ; then
+elif [[ "${DISTRO}" == @(fedora37|fedora38) ]] ; then
     dnf install -y xorg-x11-drv-amdgpu xorg-x11-drv-ati
     if [ "${BUILD_ARCH}" == "x86_64" ]; then
         dnf install -y xorg-x11-drv-intel
@@ -150,7 +172,6 @@ elif [[ "${DISTRO}" == "alpine" ]] ; then
     ln -s /usr/local/lib/kasmvnc /usr/lib/kasmvncserver
 else
     wget "${BUILD_URL}" -O kasmvncserver.deb
-
     apt-get update
     apt-get install -y gettext ssl-cert libxfont2
     apt-get install -y /tmp/kasmvncserver.deb
diff --git a/src/ubuntu/install/package_rules/package_rules.sh b/src/ubuntu/install/package_rules/package_rules.sh
index 7962419..0a50182 100644
--- a/src/ubuntu/install/package_rules/package_rules.sh
+++ b/src/ubuntu/install/package_rules/package_rules.sh
@@ -9,7 +9,7 @@ elif [[ "${DISTRO}" == "debian" ]] ; then
   sed -i \
     '/locale/d' \
     /etc/dpkg/dpkg.cfg.d/docker
-elif [[ "${DISTRO}" == @(almalinux8|almalinux9|fedora37|oracle8|oracle9|rockylinux8|rockylinux9) ]]; then
+elif [[ "${DISTRO}" == @(almalinux8|almalinux9|fedora37|fedora38|oracle8|oracle9|rockylinux8|rockylinux9) ]]; then
   rm -f /etc/rpm/macros.image-language-conf
 elif [[ "${DISTRO}" == @(centos|oracle7) ]]; then
   sed -i \
diff --git a/src/ubuntu/install/squid/install/install_squid.sh b/src/ubuntu/install/squid/install/install_squid.sh
index 57808b7..dd0fdd3 100644
--- a/src/ubuntu/install/squid/install/install_squid.sh
+++ b/src/ubuntu/install/squid/install/install_squid.sh
@@ -12,12 +12,12 @@ if  $(grep -q Jammy /etc/os-release) || $(grep -q Kali /etc/os-release) ; then
   mkdir -p /usr/local/squid/var/logs/
   ln -s /usr/lib/squid/ /usr/local/squid/libexec
   ln -s /usr/sbin/squid /usr/local/squid/sbin/squid
-elif [[ "${DISTRO}" != @(centos|oracle7|oracle8|oracle9|opensuse|fedora37|rockylinux9|rockylinux8|almalinux9|almalinux8|alpine) ]] ; then
+elif [[ "${DISTRO}" != @(centos|oracle7|oracle8|oracle9|opensuse|fedora37|fedora38|rockylinux9|rockylinux8|almalinux9|almalinux8|alpine) ]] ; then
   wget -qO- https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/${SQUID_COMMIT}/output/kasm-squid-builder_${ARCH}.tar.gz | tar -xzf - -C /
 fi
 
 # update squid conf with user info
-if [[ "${DISTRO}" == @(centos|oracle7|oracle8|oracle9|fedora37|almalinux8|almalinux9|rockylinux8|rockylinux9|alpine) ]]; then
+if [[ "${DISTRO}" == @(centos|oracle7|oracle8|oracle9|fedora37|fedora38|almalinux8|almalinux9|rockylinux8|rockylinux9|alpine) ]]; then
   useradd --system --shell /usr/sbin/nologin --home-dir /bin proxy
 elif [ "${DISTRO}" == "opensuse" ]; then
   useradd --system --shell /usr/sbin/nologin --home-dir /bin proxy
@@ -30,7 +30,7 @@ chown proxy:proxy /usr/local/squid/etc/ssl_cert -R
 chmod 700 /usr/local/squid/etc/ssl_cert -R
 cd /usr/local/squid/etc/ssl_cert
 
-if [[ "${DISTRO}" == "fedora37" ]]; then
+if [[ "${DISTRO}" == @(fedora37|fedora38) ]]; then
   dnf install -y openssl1.1 xkbcomp
   rm -f /etc/X11/xinit/xinitrc
 elif [[ "${DISTRO}" == @(rockylinux9|oracle9|almalinux9) ]]; then
@@ -40,6 +40,10 @@ elif [[ "${DISTRO}" == @(centos|oracle7) ]]; then
   yum install -y openssl11-libs
 elif [[ "${DISTRO}" == "alpine" ]]; then
   apk add --no-cache openssl1.1-compat
+elif grep -q bookworm /etc/os-release; then
+  wget https://kasm-ci.s3.amazonaws.com/libssl1.1.${ARCH}.deb
+  dpkg -i libssl1.1.${ARCH}.deb
+  rm -f libssl1.1.${ARCH}.deb
 fi
 
 /usr/local/squid/libexec/security_file_certgen -c -s /usr/local/squid/var/logs/ssl_db -M 4MB
@@ -58,7 +62,7 @@ chown -R proxy:proxy /etc/squid/blocked.acl
 
 if [[ "${DISTRO}" == @(centos|oracle7) ]]; then
   yum install -y memcached cyrus-sasl iproute
-elif [[ "${DISTRO}" == @(oracle8|fedora37|oracle9|rockylinux9|rockylinux8|almalinux9|almalinux8) ]]; then
+elif [[ "${DISTRO}" == @(oracle8|fedora37|fedora38|oracle9|rockylinux9|rockylinux8|almalinux9|almalinux8) ]]; then
   dnf install -y memcached cyrus-sasl iproute
 elif [ "${DISTRO}" == "opensuse" ]; then
   zypper install -yn memcached cyrus-sasl iproute2 libatomic1
@@ -88,7 +92,7 @@ chmod +x /etc/squid/kasm_squid_adapter
 # Install Cert utilities
 if [[ "${DISTRO}" == @(centos|oracle7) ]]; then
   yum install -y nss-tools
-elif [[ "${DISTRO}" == @(oracle8|fedora37|oracle9|rockylinux9|rockylinux8|almalinux9|almalinux8) ]]; then
+elif [[ "${DISTRO}" == @(oracle8|fedora37|fedora38|oracle9|rockylinux9|rockylinux8|almalinux9|almalinux8) ]]; then
   dnf install -y nss-tools
 elif [ "${DISTRO}" == "opensuse" ]; then
   zypper install -yn mozilla-nss-tools
diff --git a/src/ubuntu/install/sysbox/install_systemd.sh b/src/ubuntu/install/sysbox/install_systemd.sh
index c5e9809..25fbf35 100644
--- a/src/ubuntu/install/sysbox/install_systemd.sh
+++ b/src/ubuntu/install/sysbox/install_systemd.sh
@@ -15,7 +15,7 @@ if [[ "${DISTRO}" == @(ubuntu|debian|parrotos5|kali) ]] ; then
     systemd \
     systemd-sysv \
     udev
-elif [[ "${DISTRO}" == @(oracle8|oracle9|rockylinux9|rockylinux8|almalinux9|almalinux8|fedora37) ]]; then
+elif [[ "${DISTRO}" == @(oracle8|oracle9|rockylinux9|rockylinux8|almalinux9|almalinux8|fedora37|fedora38) ]]; then
   # Install deps
   dnf install -y \
     dbus \
diff --git a/src/ubuntu/install/tools/install_tools.sh b/src/ubuntu/install/tools/install_tools.sh
index 70fac5f..7ef19d4 100644
--- a/src/ubuntu/install/tools/install_tools.sh
+++ b/src/ubuntu/install/tools/install_tools.sh
@@ -4,7 +4,7 @@ set -e
 echo "Install some common tools for further installation"
 if [[ "${DISTRO}" == @(centos|oracle7) ]] ; then
   yum install -y vim wget net-tools bzip2 python3 ca-certificates
-elif [[ "${DISTRO}" == @(fedora37|oracle8|oracle9|rockylinux9|rockylinux8|almalinux8|almalinux9) ]]; then
+elif [[ "${DISTRO}" == @(fedora37|fedora38|oracle8|oracle9|rockylinux9|rockylinux8|almalinux8|almalinux9) ]]; then
   dnf install -y wget net-tools bzip2 python3 tar vim hostname procps-ng
 elif [ "${DISTRO}" == "opensuse" ]; then
   sed -i 's/download.opensuse.org/mirrorcache-us.opensuse.org/g' /etc/zypp/repos.d/*.repo
diff --git a/src/ubuntu/install/xfce/install_xfce_ui.sh b/src/ubuntu/install/xfce/install_xfce_ui.sh
index 368b04a..124ac87 100644
--- a/src/ubuntu/install/xfce/install_xfce_ui.sh
+++ b/src/ubuntu/install/xfce/install_xfce_ui.sh
@@ -30,7 +30,7 @@ EOL
 }
 
 echo "Install Xfce4 UI components"
-if [[ "${DISTRO}" != @(centos|oracle7|oracle8|opensuse|fedora37|oracle9|rockylinux9|rockylinux8|almalinux8|almalinux9|alpine) ]]; then
+if [[ "${DISTRO}" != @(centos|oracle7|oracle8|opensuse|fedora37|fedora38|oracle9|rockylinux9|rockylinux8|almalinux8|almalinux9|alpine) ]]; then
   apt-get update
 fi
 
@@ -145,7 +145,7 @@ elif [ "$DISTRO" = "opensuse" ]; then
     xfce4-notifyd \
     xfce4-terminal \
     xset
-elif [ "$DISTRO" = "fedora37" ]; then
+elif [[ "$DISTRO" = @(fedora37|fedora38) ]]; then
   dnf group install xfce -y
   dnf install -y \
     wmctrl \
@@ -168,7 +168,7 @@ elif [ "$DISTRO" = "alpine" ]; then
   rm -f /usr/share/xfce4/panel/plugins/power-manager-plugin.desktop
 fi
 
-if [[ "${DISTRO}" != @(centos|oracle7|oracle8|fedora37|oracle9|rockylinux9|rockylinux8|almalinux8|almalinux9|alpine) ]]; then
+if [[ "${DISTRO}" != @(centos|oracle7|oracle8|fedora37|fedora38|oracle9|rockylinux9|rockylinux8|almalinux8|almalinux9|alpine) ]]; then
   replace_default_xinit
   if [ "${START_XFCE4}" == "1" ] ; then
     replace_default_99x11_common_start
@@ -205,3 +205,12 @@ cat >>/etc/xdg/Thunar/accels.scm<<EOL
 (gtk_accel_path "<Actions>/ThunarLauncher/trash-delete-2" "")
 (gtk_accel_path "<Actions>/ThunarLauncher/trash-delete" "")
 EOL
+
+# Support desktop icon trust
+cat >>/etc/xdg/autostart/desktop-icons.desktop<<EOL
+[Desktop Entry]
+Type=Application
+Name=Desktop Icon Trust
+Exec=/dockerstartup/trustdesktop.sh
+EOL
+chmod +x /etc/xdg/autostart/desktop-icons.desktop