admin.vm.Console.policy 465 B

12345678910
  1. ## Note that policy parsing stops at the first match,
  2. ## so adding anything below "$anyvm $anyvm action" line will have no effect
  3. ## Please use a single # to start your custom comments
  4. # WARNING: The admin.vm.Console service is dangerous and allows any
  5. # qube to access any other qube console. It should be restricted
  6. # only to management/admin qubes. This is why the default policy is 'deny'
  7. # Example of policy: mgmtvm $tag:created-by-mgmtvm allow,target=dom0