Good evening, I'm trying to make usbgard work. I created the initial rules set with usbguard generate-policy > /etc/usbguard/rules.conf and started the usbguard.service. Now I testing it with a USB flash drive but am failing to make it work. The drive is plugged and usbguard list-devices gives the following output: 19: block id 058f:6387 serial "50624E36" name "Mass Storage" hash "icy/i6K1xnkICYPmiNNwJ18cmu5GqfsHSjCGuC5WIXg=" parent-hash "oDU77vx1EsfYlDoXkU7iWjsvmBNCDNTcCHp/V0hIFXc=" via-port "2-1.2" with-interface 08:06:50 with-connect-type "hotplug" However usbguard allow-device 058f:6387 throws the following error message: IPC ERROR: request id=1: Device lookup: device id: id doesn't exist lsbusb shows the device with the same id: Bus 002 Device 004: ID 058f:6387 Alcor Micro Corp. Flash Drive So what am I doing wrong here? Thanks Frank
Hi Frank, On Fri, May 15, 2020, 22:23 Frank <frank.zimmermann.berlin@freenet.de> wrote:
The drive is plugged and usbguard list-devices gives the following output: 19: block id 058f:6387 serial "50624E36" name "Mass Storage" hash "icy/i6K1xnkICYPmiNNwJ18cmu5GqfsHSjCGuC5WIXg=" parent-hash "oDU77vx1EsfYlDoXkU7iWjsvmBNCDNTcCHp/V0hIFXc=" via-port "2-1.2" with-interface 08:06:50 with-connect-type "hotplug"
However usbguard allow-device 058f:6387 throws the following error message: IPC ERROR: request id=1: Device lookup: device id: id doesn't exist
Try "usbguard allow 19" in this case. It wants the first number, the one before the :. Best Regards, Tobias
On Fri, May 15, 2020 at 10:20:15PM +0200, Frank wrote:
Good evening,
19: block id 058f:6387 serial "50624E36" name "Mass Storage" hash "icy/i6K1xnkICYPmiNNwJ18cmu5GqfsHSjCGuC5WIXg=" parent-hash "oDU77vx1EsfYlDoXkU7iWjsvmBNCDNTcCHp/V0hIFXc=" via-port "2-1.2" with-interface 08:06:50 with-connect-type "hotplug"
However usbguard allow-device 058f:6387 throws the following error message: IPC ERROR: request id=1: Device lookup: device id: id doesn't exist
lsbusb shows the device with the same id: Bus 002 Device 004: ID 058f:6387 Alcor Micro Corp. Flash Drive
Ok I found a tutorial on the RedHat site, I have to use the device ID provided by usbguard. I was following the instruction on the usbguard home page where its says to use the USB device ID: https://usbguard.github.io/documentation/rule-language.html So running usbguard allow-device -p 19 gives now the following error: IPC ERROR: request id=1: FileRuleSet saving: /etc/usbguard/rules.conf: Read-only file system ls -l /etc/usbguard/ drwxr-xr-x 2 root root 4096 15. Mai 22:16 IPCAccessControl.d -rw------- 1 root root 2449 10. Mai 17:43 rules.conf -rw------- 1 root root 5760 10. Mai 17:29 usbguard-daemon.conf So as far as I can see root should be able to write the rulse.conf file Anyway still not working.
Hi Frank Am Fri 15. May. 2020, hat Frank geschrieben:
So running usbguard allow-device -p 19 gives now the following error: IPC ERROR: request id=1: FileRuleSet saving: /etc/usbguard/rules.conf: Read-only file system
Adding -/etc/usbguard/rules.conf to the ReadWritePaths in /usr/lib/systemd/system/usbguard.service fixed this problem on my system. There is a discussion about this problem on https://github.com/USBGuard/usbguard/issues/284 HTH Jan
participants (3)
-
Frank
-
Jan Fader
-
Tobias Hunger