Closed ppasserini closed 2 years ago
@ppasserini please elaborate on the idea more and what use case that that would help.
@hartwork Thank you for your reply. I'd like to deny the use of USB thumbdrive to some users, for istance guests. So I wonder if it's possible to allow all my user to attach usb devices without restriction (very easy and already possible with usbguard) but to deny this chance if the logged inuser is a guest user. Thanks
@ppasserini thanks for elaborating.
From Linux point of view it is impossible to pair the usb device with user or with a session. It is connected to the system and not to the user session. When there are two users logged in the system, the first one is normal and the second one is guest. The usb drive has been connected to the system. How would you distinguish who is the owner?
You can only set who can allow the devices. If the default policy is set to block and all of your users are able to manage these devices(via USBGuard CLI) except for guests but the action(allow via CLI) is required.
I believe this is what you wanted to achieve.
@radosroka Thank you for your explaination. My plan was to allow all my users to connect USB devices and, by default, block all guest users. According to your tip the only way to achieve the result is to allow only some USB device (thumb drive) and block everything else.
I'll close the issue.
I wonder if could be possible to add an option to deny/allow USB devices according to the user.