From 2246cedb4db2b3b250f4032f4a209c9d4c97ca67 Mon Sep 17 00:00:00 2001
From: Tommy <contact@tommytran.io>
Date: Tue, 24 May 2022 08:24:34 -0400
Subject: [PATCH] Update dom0.sh

---
 dom0.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/dom0.sh b/dom0.sh
index f601dfd..6cd5e8d 100644
--- a/dom0.sh
+++ b/dom0.sh
@@ -12,6 +12,6 @@ qvm-service --enable work qubes-u2f-proxy
 
 echo "export export QT_QPA_PLATFORMTHEME=gtk2" | sudo tee /etc/environment
 
-#I am using the sys-usb VM for GPG here because I am using a PGP smartcard. You probably shouldn't do this if you store your GPG private key on disk. It **might** be safer to still have a dedicated gpg-backend VM for this, but then you will have to reassign the smartcard to the VM after every boot, which could be annoying.
-echo "emails  sys-usb allow" | sudo tee /etc/qubes-rpc/policy/qubes.Gpg
-echo "@anyvm  @anyvm  ask,default_target=sys-usb" | sudo tee -a /etc/qubes-rpc/policy/qubes.Gpg
+#Obviously replace vault-gpg with the actual GPG backend that you are using https://www.qubes-os.org/doc/split-gpg/
+echo "emails  vault-gpg allow" | sudo tee /etc/qubes-rpc/policy/qubes.Gpg
+echo "@anyvm  @anyvm  ask,default_target=vault-gpg" | sudo tee -a /etc/qubes-rpc/policy/qubes.Gpg