From 34cf913810ad060f948a66d8e13ffda1500be060 Mon Sep 17 00:00:00 2001 From: Tommy Date: Tue, 24 May 2022 07:10:30 -0400 Subject: [PATCH] Update dom0.sh --- dom0.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/dom0.sh b/dom0.sh index a514759..f09a952 100644 --- a/dom0.sh +++ b/dom0.sh @@ -11,3 +11,7 @@ qvm-service --enable personal qubes-u2f-proxy qvm-service --enable work qubes-u2f-proxy echo "export export QT_QPA_PLATFORMTHEME=gtk2" | sudo tee /etc/environment + +#I am using the sys-usb VM for GPG here because I am using a PGP smartcard. You probably shouldn't do this if you store your GPG private key on disk. It **might** be safer to still have a dedicated gpg-backend VM for this, but then you will have to reassign the smartcard to the VM after every boot, which could be annoying. +echo "emails sys-usb allow" >> /etc/qubes-rpc/policy/qubes.Gpg +echo "@anyvm @anyvm ask,default_target=work-gpg" >> /etc/qubes-rpc/policy/qubes.Gpg