usbguard icon indicating copy to clipboard operation
usbguard copied to clipboard

Published 20 hours ago verified publisher icon USBGuard

usbguard fails to start if rule line in rules.conf ends with space character.

Open jk-10 opened this issue 3 years ago • 1 comments

It seems that usbguard fails to start if rule line in rules.conf ends with space character. (Problem may also occur with other lines, i did not check that.)

I added a new rule and tried to stop and start usbguard again:

jk@ktt:~$ sudo service usbguard start
jk@ktt:~$ service usbguard status
● usbguard.service - USBGuard daemon
     Loaded: loaded (/lib/systemd/system/usbguard.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Thu 2022-12-01 15:27:44 EET; 4s ago
       Docs: man:usbguard-daemon(8)
    Process: 859369 ExecStart=/usr/sbin/usbguard-daemon -k -c /etc/usbguard/usbguard-daemon.conf (code=exited, status=1/FAILURE)
   Main PID: 859369 (code=exited, status=1/FAILURE)

joulu 01 15:27:44 ktt systemd[1]: usbguard.service: Scheduled restart job, restart counter is at 5.
joulu 01 15:27:44 ktt systemd[1]: Stopped USBGuard daemon.
joulu 01 15:27:44 ktt systemd[1]: usbguard.service: Start request repeated too quickly.
joulu 01 15:27:44 ktt systemd[1]: usbguard.service: Failed with result 'exit-code'.
joulu 01 15:27:44 ktt systemd[1]: Failed to start USBGuard daemon.

Then I removed the space at the end of the newly added rule line and tried again:

jk@ktt:~$ sudo service usbguard start
jk@ktt:~$ service usbguard status
● usbguard.service - USBGuard daemon
     Loaded: loaded (/lib/systemd/system/usbguard.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2022-12-01 15:28:21 EET; 6s ago
       Docs: man:usbguard-daemon(8)
   Main PID: 859471 (usbguard-daemon)
      Tasks: 3 (limit: 9274)
     Memory: 1.4M
     CGroup: /system.slice/usbguard.service
             └─859471 /usr/sbin/usbguard-daemon -k -c /etc/usbguard/usbguard-daemon.conf

Please add support for having spaces or make usbguard to remove them automatically when reading the conf file.

I don't know the usbguard version, but it is the default version coming with the Ubuntu 22.04 which is my OS.

jk-10 avatar Dec 01 '22 13:12 jk-10

Hi @jk-10,

I confirm that single trailing spaces in rules.conf. Here is how to reproduce it easily and the precise error output I get:

# sudo /etc/init.d/usbguard stop  # or a systemd equivalent
# cd "$(mktemp -d)"
# sudo usbguard generate-policy > rules.conf
# echo "RuleFile=${PWD}/rules.conf" > usbguard-daemon.conf
# sed 's,$, ,' -i rules.conf  # inserts trailing whitespace
# sudo usbguard-daemon -d -k -P -c ./usbguard-daemon.conf -l ./usbguard-daemon.log
[..]
[1669913599.512] (E) Rules: SourceLOCAL::/tmp/tmp.B7cpfOgomY/rules.conf: :1:225: parse error matching sor<usbguard::RuleParser::comment, usbguard::RuleParser::rule>

This is with USBGuard version 1.1.2. I'm assuming you are running 1.1.1+ds-3 because of your mention of Ubuntu 22.04 (codenamed "jammy").

hartwork avatar Dec 01 '22 17:12 hartwork