Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add 'autostart=no' option to qrexec policy #5952

Closed
marmarek opened this issue Jul 14, 2020 · 0 comments
Closed

Add 'autostart=no' option to qrexec policy #5952

marmarek opened this issue Jul 14, 2020 · 0 comments
Assignees
@pwmarcz
Labels
C: core P: default Priority: default. Default priority for new issues, to be replaced given sufficient information.
Milestone
Release 4.1

Comments

@marmarek
Copy link
Member

The problem you're addressing (if any)
Some qrexec calls may cause surprise/unintended domain startup - for example #5930.

Describe the solution you'd like
Add an option to the policy to allow a call, but avoid starting the domain - effectively "allow if target is running".
I think it should be an argument autostart=no to the action. It makes sense for allow action for sure, but perhaps also ask (include the vm only if it's running)?

Related, non-duplicate issues
#4370
@marmarek marmarek added T: enhancement C: core P: default Priority: default. Default priority for new issues, to be replaced given sufficient information. labels Jul 14, 2020
@marmarek marmarek added this to the Release 4.1 milestone Jul 14, 2020
pwmarcz added a commit to pwmarcz/qubes-core-admin that referenced this issue Jul 23, 2020
@pwmarcz
Add power state to get_system_info
4acf69e 
For qrexec policy, to implement 'autostart'
(see QubesOS/qubes-issues#5952).
@pwmarcz pwmarcz mentioned this issue Jul 23, 2020
Merged
pwmarcz added a commit to pwmarcz/qubes-core-qrexec that referenced this issue Jul 23, 2020
@pwmarcz
Add 'autostart=no' option to policy
39f63f9 
Requires internal API modification
(PR: QubesOS/qubes-core-admin#361).

See QubesOS/qubes-issues#5952.
@pwmarcz pwmarcz mentioned this issue Jul 23, 2020
Merged
@qubesos-bot qubesos-bot mentioned this issue Aug 12, 2020
Closed
This was referenced Oct 10, 2020
Closed
Closed
@marmarek marmarek mentioned this issue Dec 31, 2021
Closed
@adrelanos adrelanos mentioned this issue Dec 31, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pwmarcz pwmarcz

Labels
C: core P: default Priority: default. Default priority for new issues, to be replaced given sufficient information.
Projects
None yet
Milestone
Release 4.1
Development

No branches or pull requests
2 participants
@pwmarcz @marmarek