Using '$' is easy to misuse in shell scripts, shell commands etc. After
all this years, lets abandon this dangerous character and move to
something safer: '@'. The choice was made after reviewing specifications
of various shells on different operating systems and this is the
character that have no special meaning in none of them.
To preserve compatibility, automatically translate '$' to '@' when
loading policy files.
Provide original target as two arguments: type, value
This will ease handling special keywords without risking hitting shell
special characters or other problems.
All policy keywords needs to be expanded before sending it to
confirmation dialog. $dispvm was already handled, but $adminvm was
missing
FixesQubesOS/qubes-issues#3283
'dispvm_allowed' name was confusing, because it suggested being able to
spawn new DispVMs, not being a template for DispVM.
FixesQubesOS/qubes-issues#3047
Add public Admin API call to create Disposable VM that would be
automatically destroyed after shutdown. Do not keep this functionality
for qrexec-policy tool only.
Also, use admin.vm.Start there, instead of internal.vm.Start and
admin.vm.Kill instead of internal.vm.CleanupDispVM (this is enough,
because DispVM now have auto_cleanup property).
QubesOS/qubes-issues#2974
When rule does not specify forced target (`target=...`), generic
`$dispvm` wasn't resolved to specific Disposable VM (based on
`default_dispvm` property).