I’m happy to announce that a new release of usbguard and usbguard-applet-qt is now available. There’s still a long way to go to a production-ready release, mainly because there aren’t any CLI tools available yet and also because the IPC authentication isn’t implemented, but at least it’s a bit closer now.
The rule language received a significant improvement and you can read the updated documentation here.
- Support for modifying permanent rules over the IPC interface.
- Reworked device hashing.
- Rule language changes
- set operators
- renamed “port” to “via-port”
- added “with-interface” matching attribute
- removed the “class” attribute
- The IPCClient, ConfigFile, Rule and RuleSet classes are now shipped in a shared library.
- Created abstract interface for OS specific USB device handling.
- Changed default daemon config path to /etc/usbguard/usbguard-daemon.conf.
- Implemented basic USB descriptor structure parsing and improved interface type handling
- The IPC API was changed:
- added new signal, DevicePresent, which signals that a device was already present at the start of the IPC session
- the DeviceInserted and DevicePresent signals pass interface types that the device supports
- the explicit string arguments of the signals are now passed as a map
- Resolved issues: #1 #2 #5 #6 #10 #11
Note that the rule language syntax changed. USBGuard no longer recognizes the “class” attribute, which was removed, and the “port” attribute, which was renamed to “via-port”.
If you are using the USBGuard Copr repository, run:
$ sudo yum update usbguard usbguard-applet-qt