Qubes Global Config: whonix UpdateVM can be set to "None" #10294
Description
Qubes OS release
Qubes OS 4.2
Brief summary
In the global config tool, Whonix can be set to None:
When this is set the policy in 50-config-updates then becomes broken because it gets target=None.
Steps to reproduce
- Open Qubes Global Config >> Updates (tab)
- Change Whonix updateVM to be None
- Apply
Expected behavior
It should get a deny policy (thus preventing updates in whonix-based templates) or the option to set it as None should be set as None. The later makes more sense for me, since the GUI tool is meant to help people with reasonably sane configuration. Fully disabling the UpdatesVM for Whonix feels like something nobody would normally want to achieve.
Actual behavior
Broken policy file in /etc/qubes/policy.d/50-config-updates.policy due to target=None:
# THIS IS AN AUTOMATICALLY GENERATED POLICY FILE.
# Any changes made manually may be overwritten by Qubes Configuration Tools.
qubes.UpdatesProxy * @tag:whonix-updatevm @default allow target=None
qubes.UpdatesProxy * @type:TemplateVM @default allow target=sys-firewall
Additional information
I believe the problematic code is this line, which enters python's None directly into the policy file.