Support `allow-device --permanent` without upsert, forcing append

[devurandom]

trafficstars

I have a Dell Thunderbolt Dock WD22TB4 which has 2 USB-A ports and 2 Thunderbolt USB-C ports. Devices plugged into the USB-A ports change their "parent" on (almost?) every boot, alternating between 2 hashes. The port stays the same.

I run usbguard allow-device -p ... to connect them again. On the next boot I will have to do the same again, because usbguard allow-device --permanent always upserts, changing the existing line instead of adding a new one for the 2nd parent hash.

It would be nice if there was a --append option that would disable upsert and force append of the allow line, so that the device would be recognized and allowed under both parent hashes by usbguard.

Related:

• https://github.com/USBGuard/usbguard/issues/503
  • I am OK with usbguard verifying the path to the device; completely omitting it seems wrong.
• https://github.com/USBGuard/usbguard/issues/588
  • If I manually add additional allow lines to the config, update the dock's firmware (which changes the hashes), and try to allow it again, I run into this error. So to solve my issue, #588 would most likely also have to be solved.
• https://github.com/USBGuard/usbguard/issues/589
  • My problem is not the port changing (the port stays the same) but only with the parent hash.