Yes. Thats exactly what I mean (what mantas said)- ATTR{authorized}="0". I would like to have a usb whitelist via udev and want it to be enforced on devices which connected pre boot too.
authorized_default=0- it seems the same like
ATTR{authorized}="0", isnt it?
בתאריך יום א׳, 20 בדצמ׳ 2020, 15:59, מאת Mantas Mikulėnas <grawity@xxxxxxxxx>:
On Sun, Dec 20, 2020 at 3:49 PM Lennart Poettering <lennart@xxxxxxxxxxxxxx> wrote:--On Sa, 19.12.20 15:37, Adi Ml (maladi1747@xxxxxxxxx) wrote:
> I see. so if I have a rule against a certain usb in udev, it should be
> blocked automatically during the boot.
Hmm, "blocked"? What do you mean by that? I am not following...I suspect they mean something like ATTR{authorized}="0", which tells the kernel to completely ignore that USB device.(Though it's more common to set authorized_default=0 on all hubs, then allow only trusted devices, like USBGuard does.)Mantas Mikulėnas
_______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
