From 7c50bd51042406e2b9b2d659d0a4b23291832c9f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
 <marmarek@invisiblethingslab.com>
Date: Fri, 16 Feb 2018 04:30:32 +0100
Subject: [PATCH] qubespolicy: unify calling qrexec service

Rely on qrexec-client resolving QUBESRPC keyword, same as in case of VM
call. This will allow applying special treatment to such calls, like
calling qubes-rpc-multiplexer directly (avoiding shell), because we have
defined protocol what can be used here.
---
 qubespolicy/__init__.py | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/qubespolicy/__init__.py b/qubespolicy/__init__.py
index 72339548..666f0e43 100755
--- a/qubespolicy/__init__.py
+++ b/qubespolicy/__init__.py
@@ -29,7 +29,6 @@ import subprocess
 
 # don't import 'qubes.config' please, it takes 0.3s
 QREXEC_CLIENT = '/usr/lib/qubes/qrexec-client'
-QUBES_RPC_MULTIPLEXER_PATH = '/usr/lib/qubes/qubes-rpc-multiplexer'
 POLICY_DIR = '/etc/qubes-rpc/policy'
 QUBESD_INTERNAL_SOCK = '/var/run/qubesd.internal.sock'
 QUBESD_SOCK = '/var/run/qubesd.sock'
@@ -450,11 +449,11 @@ class PolicyAction(object):
         if self.target == '$adminvm':
             self.target = 'dom0'
         if self.target == 'dom0':
-            cmd = '{multiplexer} {service} {source} {original_target}'.format(
-                multiplexer=QUBES_RPC_MULTIPLEXER_PATH,
-                service=self.service,
-                source=self.source,
-                original_target=self.original_target)
+            cmd = \
+                'QUBESRPC {service} {source} {original_target}'.format(
+                    service=self.service,
+                    source=self.source,
+                    original_target=self.original_target)
         else:
             cmd = '{user}:QUBESRPC {service} {source}'.format(
                 user=(self.rule.override_user or 'DEFAULT'),