From b4afa5fe63a16131c0072de64aeafe168c173b19 Mon Sep 17 00:00:00 2001 From: Rafal Wojtczuk Date: Fri, 22 Jul 2011 16:07:06 +0200 Subject: [PATCH 1/2] qrexec: use $anyvm and $dispvm symbols --- appvm/qubes.Filecopy.policy | 2 +- appvm/qubes.OpenInVM.policy | 4 ++-- appvm/qvm-open-in-dvm2 | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/appvm/qubes.Filecopy.policy b/appvm/qubes.Filecopy.policy index 39296a1..6ecc534 100644 --- a/appvm/qubes.Filecopy.policy +++ b/appvm/qubes.Filecopy.policy @@ -1 +1 @@ -anyvm anyvm ask,user=root +$anyvm $anyvm ask,user=root diff --git a/appvm/qubes.OpenInVM.policy b/appvm/qubes.OpenInVM.policy index e103d39..7c9ccb4 100644 --- a/appvm/qubes.OpenInVM.policy +++ b/appvm/qubes.OpenInVM.policy @@ -1,2 +1,2 @@ -anyvm dispvm allow -anyvm anyvm ask +$anyvm $dispvm allow +$anyvm $anyvm ask diff --git a/appvm/qvm-open-in-dvm2 b/appvm/qvm-open-in-dvm2 index dcc7195..25e8904 100755 --- a/appvm/qvm-open-in-dvm2 +++ b/appvm/qvm-open-in-dvm2 @@ -25,4 +25,4 @@ if ! [ $# = 1 ] ; then exit 1 fi -exec /usr/lib/qubes/qrexec_client_vm dispvm qubes.OpenInVM "/usr/lib/qubes/qopen-in-vm" "$1" +exec /usr/lib/qubes/qrexec_client_vm '$dispvm' qubes.OpenInVM "/usr/lib/qubes/qopen-in-vm" "$1" From 4a5f42980bbb1a8ed373cee15a0afb4502af6471 Mon Sep 17 00:00:00 2001 From: Rafal Wojtczuk Date: Fri, 22 Jul 2011 16:11:03 +0200 Subject: [PATCH 2/2] Add comments to policy files. --- appvm/qubes.Filecopy.policy | 5 +++++ appvm/qubes.OpenInVM.policy | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/appvm/qubes.Filecopy.policy b/appvm/qubes.Filecopy.policy index 6ecc534..0a0d735 100644 --- a/appvm/qubes.Filecopy.policy +++ b/appvm/qubes.Filecopy.policy @@ -1 +1,6 @@ +## Note that policy parsing stops at the first match, +## so adding anything below "$anyvm $anyvm action" line will have no effect + +## Please use a single # to start your custom comments + $anyvm $anyvm ask,user=root diff --git a/appvm/qubes.OpenInVM.policy b/appvm/qubes.OpenInVM.policy index 7c9ccb4..4121733 100644 --- a/appvm/qubes.OpenInVM.policy +++ b/appvm/qubes.OpenInVM.policy @@ -1,2 +1,7 @@ +## Note that policy parsing stops at the first match, +## so adding anything below "$anyvm $anyvm action" line will have no effect + +## Please use a single # to start your custom comments + $anyvm $dispvm allow $anyvm $anyvm ask