USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)
Recently, I came across an observation where it's not possible to specify the IPCAccessControlFiles using an UID instead of username/groupname. For example:
usbguard add-user 1000 --device list
Expected results: user with ID of 1000 can list devices
Actual results: ERROR: IPC access control: invalid name format: 1002
That is because the isValidName() function does not allow having 'digit-only' names. I haven't experimented with the patch, will leave it here for discussion.
This was working in the past. Not sure if anyone is using it like this, so another possibility could be to leave it as it is and modify the documentation.
Recently, I came across an observation where it's not possible to specify the IPCAccessControlFiles using an
UID
instead ofusername
/groupname
. For example:Expected results: user with ID of 1000 can list devices Actual results:
ERROR: IPC access control: invalid name format: 1002
That is because the
isValidName()
function does not allow having 'digit-only' names. I haven't experimented with the patch, will leave it here for discussion.This was working in the past. Not sure if anyone is using it like this, so another possibility could be to leave it as it is and modify the documentation.