I have try my luck with
qvm-run-vm email thunderbird but I got
If you run
qvm-run-vm --help it will tell you:
Executes a command in another VM using the qubes.VMShell RPC service.
That tells you that you need to edit the respective policy file to allow this. Think about it: you wouldn’t want any program to be able to run (and pass parameters) to any other program in another qube. That’s pretty much the opposite of compartmentalization. However in some cases – like yours – it might make sense to allow a specific interaction.
/etc/qubes-rpc/policy/qubes.VMShell in dom0.
Find the line above
$anyvm $dispvm allow and add the following above it:
$anyvm mail ask,default_target=mail
mail is the name of the qube that runs Thunderbird. This will allow any qube to try to execute a command in the
mail qube but you will see a dom0 prompt first. I highly recommend doing this, so you have to manually allow the action. The idea is that you know that you clicked your mail tray icon and expect this dialog. If you ever see it unexpected, then you should cancel it to protect yourself.
If you don’t want the additional dialog then replace
ask, default_target=mail with
allow. Also, if you want to only allow this from a specific qube you can replace the
$anyvm with the name of the qube that runs your birdtray instance.
The above is for R4.0. In R4.1 I hear all the policies moved into a single file, but I am sure once you locate and open it there will be instructions inside.