Yes. Thats exactly what I mean (what mantas said)- ATTR{authorized}="0". I
would like to have a usb whitelist via udev and want it to be enforced on
devices which connected pre boot too.
authorized_default=0- it seems the same like
ATTR{authorized}="0", isnt it?
בתאריך יום א׳, 20 בדצמ׳ 2020, 15:59, מאת Mantas Mikulėnas <
graw...@gmail.com>:
> On Sun, Dec 20, 2020 at 3:49 PM Lennart Poettering <lenn...@poettering.net>
> wrote:
>
>> On Sa, 19.12.20 15:37, Adi Ml (maladi1...@gmail.com) wrote:
>>
>> > I see. so if I have a rule against a certain usb in udev, it should be
>> > blocked automatically during the boot.
>>
>> Hmm, "blocked"? What do you mean by that? I am not following...
>>
>
> I suspect they mean something like ATTR{authorized}="0", which tells the
> kernel to completely ignore that USB device.
>
> (Though it's more common to set authorized_default=0 on all hubs, then
> allow only trusted devices, like USBGuard does.)
>
> --
> Mantas Mikulėnas
>
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
