Dom0 fails to be source of interactive policy prompt

[ben-grande]

How to file a helpful issue

Qubes OS release

R4.1 but possibly affects R4.2

Brief summary

Related to Qrexec.

Discussed on the devel mailing list.

Dom0 can't call a policy for itself and the resolution be "ask" because it fails without "GuiVM" property.

Steps to reproduce

$ qrexec-policy 0 dom0 @default qusal.GitInit+qusal 1
WARNING:root:warning: !compat-4.0 directive in file 
/etc/qubes/policy.d/35-compat.policy line 16 is transitional and will be 
deprecated
ERROR:policy:qusal.GitInit not allowed from dom0: the resolution was "ask", 
but source domain has no GuiVM
INFO:policy:qrexec: qusal.GitInit+qusal: dom0 -> @default: denied: denied by 
the user /etc/qubes/policy.d/80-sys-git.policy:12

If we don't assume yes for ask, it fails on the following rule:

qusal.GitInit  * @anyvm @default ask target=sys-git default_target=sys-git

because "source domain has no GuiVM", but Dom0 has a GUI.

@marmarek

Indeed this case needs fixing (class AdminVM doesn't have "guivm"
property), as dom0 wasn't source of interactive prompt before (until
this very thread).

Expected behavior

If Dom0 policy for service is to ask, don't fail of missing GuiVM.

Actual behavior

Fails to call qrexec-client from Dom0 if it is the source and the policy resolution is to ask.

[ben-grande]

Affects R4.2 also.

Example from Marek in the mailing list:

    [user@dom0 ~]$ qrexec-policy dom0 @default qubes.ClipboardPaste
    WARNING:root:warning: !compat-4.0 directive in file 
/etc/qubes/policy.d/35-compat.policy line 16 is transitional and will be 
deprecated
    ERROR:policy:qubes.ClipboardPaste not allowed from dom0: the resolution was 
"ask", but source domain has no GuiVM
    INFO:policy:qrexec: qubes.ClipboardPaste: dom0 -> @default: denied: denied 
by the user /etc/qubes/policy.d/90-default-gui-daemon.policy:10
    result=deny