RPC policies for keyboard and mouse

Could you please explain why ask works and allow does not? What’s wrong?

dom0: /etc/qubes/policy.d/10-user-config-input.policy

qubes.InputMouse    * sys-usb dom0 ask default_target=dom0
qubes.InputKeyboard * sys-usb dom0 ask

vs.

qubes.InputMouse    * sys-usb dom0 allow default_target=dom0
qubes.InputKeyboard * sys-usb dom0 allow

When I disconnect and reconnect my USB keyboard / mouse ask works as expected: pop-up window … However, the allow variant does nothing.

There is no policy file before 10-* and the default 50-config-input.policy afterwards.

The allow action doesn’t have a default_target parameter. It should be either target=qube or no parameter. Check your dom0 logs for lines from qrexec-policy-daemon. It should explain what is going on.