usbguard icon indicating copy to clipboard operation
usbguard copied to clipboard

Published 20 hours ago verified publisher icon USBGuard

An option to `allow-device -p` regardless of the parent?

Open l29ah opened this issue 3 years ago • 3 comments

Usually when people want to allow a device connecting to the system, they would like to allow it connecting at whatever path (as they plug it in different ports or sometimes use hubs, docks, etc). Today they have to edit the rules file manually to remove the parent-hash after adding the device. It would be nice if there was a way to not include it in the rules file in the first place.

l29ah avatar Jan 21 '22 14:01 l29ah

Yeah, PRs are welcomed :)

radosroka avatar Jan 27 '22 09:01 radosroka

I'm wondering if it's this true that needs flipping to false: https://github.com/USBGuard/usbguard/blob/64f7169ed346ed61fa5f25dafd897db4fa746ea0/src/Daemon/Daemon.cpp#L854 Would need a closer look.

hartwork avatar Feb 02 '22 00:02 hartwork

IIRC generate-policy -X does something like that. We need to introduce similar flags for the command or invent some filter mechanism without changing the default behavior.

radosroka avatar Feb 02 '22 08:02 radosroka