- Addressed several cases where either RuleFile or RuleFolder was not set.
- Resolved a race condition during fork where the parent process did not wait until everything was initialized in the child process.
- Included missing documentation in the tarball.
- Fixed compatibility issues with GCC 13+.
- Implemented detection of integer overflow for device IDs to ensure that each device can be uniquely identified by a single ID.
- Enhanced the service file to disable the Linux kernel's Out-Of-Memory (OOM) killing of processes for this unit.
- D-bus: check if the client requested interactive authentication, as some clients do not prompt for passwords.
- Made minor adjustments to the documentation.
- RuleFolder is enabled by default. At startup, the path to folder must exist and be accessible by the daemon.
- Polkit: Always allow getParameter/listDevices/listRules in active sessions
- D-Bus: Send reply on auth failure
- Polkit: Unreference PolkitAuthorizationResult and PolkitAuthority structs if needed
- Restore support for access control filenames without a group
- Started building with C++17
- Tree-like list-devices output
- Added CAP_AUDIT_WRITE capability to service file
- Added support for lower OpenSSL versions prior to 1.1.0
- Added a new signal: DevicePolicyApplied
- Moved PIDFile from /var/run to /run
- Fixed linker isssues with disable-static
- Enhanced bash-completion script
- Make username/group checking consistent with useradd manual page definition (with addition of capital letters)
- Fixed multiple IPC related bugs
- Fixed race condition when accessing port/connect_type for USB devices
- Using bundled catch v2.13.8
- Using bundled PEGTL v3.2.5
- Fixed usbguard-rule-parser file opening
- Fix unauthorized access via D-Bus [CVE-2019-25058]
- Added openssl support
- Starting with libtool versioning
- Added interface for IPC permission query
- Introduced partial rule concept fo CLI
- Added WithConnectType for ldap rule
- Daemon does not apply the policy when "change" action event appears anymore
- IPCClientPrivate@disconnect is thread safe
- Enforced loading of files from .d/ directory in alphabetical order
- Improved CLI behaviour to be consistent
- Clarified rule's label documentation
- Fixed segfaults with rules.d feature
- Added readwritepath to service file
- Added match-all keyword to rules language
- Added rules.d feature
- daemon can load multiple rule files from rules.d/
- Included with-connect-type in dbus signal
- Fixed sigwaitinfo handling
- Fixed possible data corruption on stack with appendRule via dbus
- Fixed ENOBUFS errno handling on netlink socket
- daemon can survive and wait until socket is readable again
- Dropped unused PIDFile from service file
- Dropped deprecated dbus-glib dependency
- Added missing options in manpage usbguard-daemon(8)
- Extended the functionality of allow/block/reject commands
- the command can handle rule as a param and not only its ID
- e.g. in case of allow, command will allow each device that matches provided rule
- Added debug info for malformed descriptors
- Changed default backend to uevent
- Fixed handling of add uevents during scanning
- now we are sure that the enumeration is completed before processing any uevent
- we are trying to avoid a race where the kernel is still enumerating the devices
- and send the uevent while the parent is being authorised
- Silenced 'bind' and 'unbind' uevents
- Added daemon configuration option HidePII
- Added check to avoid conflict between ASAN and TSAN
- Added daemon configuration option for authorized_default
- Added devpath option to generate-policy
- Added # line comments to the rule grammar
- Added ImplicitPolicyTarget to get/set parameter methods
- Added option to filter rules by label when listing
- Added the label attribute to rule
- Added PropertyParameterChanged signal
- Added support for portX/connect_type attribute
- Added temporary option to append-rule
- Added versioning to DBus service
- Added optional LDAP support
- Fixed invalid return value in Rule::Attribute::setSolveEqualsOrdered
- Fixed KeyValueParser to validate keys only when known names are set
- Fixed uninitialized variables found by coverity
- Fixes and cleanups based on LGTM.com report
- Hardened systemd service
- Rename ListRules parameter 'query' to 'label'
- Skip empty lines in usbguard-rule-parser
- The proof-of-concept Qt applet was removed. It is going to be maintained in a simplified form as a separate project.
- Fixed conditional manual page generation & installation
- Replaced Boost library based ext/stdio_filebuf.h implementation with a custom FDStreamBuf implementation
- usbguard-daemon will now exit with an error if it fails to open a logging file or audit event file.
- Updated PEGTL submodule and dropped support for older PEGTL API
- Modified the present device enumeration algorithm to be more reliable. Enumeration timeouts won't cause usbguard-daemon process to exit anymore.
- Manual pages are now generated using asciidoc (a2x) instead of asciidoctor.
- Generation and installation of manual pages is now optional.
- Fixed several bugs D-Bus interface XML specification
- umockdev based device manager capable of simulating devices based on umockdev-record files.
- Boost libraries can be used as ext/stdio_filebuf.h header file source.
- Removed DummyDevices.tar.xz tarball that was supposed to be used for testing.
- Fixed memory leaks in usbguard::Hash class.
- Fixed file descriptor leaks in usbguard::SysFSDevice class.
- Skip audit backend logging when no backend was set.
- Added zsh completion & other scripts to the distribution tarball.
- CLI: usbguard watch command now includes an -e option to run an executable for every received event. Event data are passed to the executable via environment variables.
- usbguard-daemon: added "-K" option which can disable logging to console.
- Added zsh autocompletion support.
- usbguard-daemon: added "-f" option which enabled double-fork daemonization procedure.
- Added AuditBackend usbguard-daemon configuration option for selecting audit log backend.
- Linux Audit support via new LinuxAudit backend.
- Added missing RuleCondition.hpp header file to the public API headers.
- Code Style specification via AStyle configuration file.
- Removed Utility.hpp header file from public API headers
- Reduced usage of raw C pointers throughout the code
- Qt Applet: disabled session management
- usbguard-daemon console logging output is enabled by default now. Previously, the -k option had to be passed to enable the output.
- Replaced --enable-maintainer-mode configure option with --enable-full-test-suite option. When the new option is not used during the configure phase, only a basic set of test is run during the make check phase.
- usbguard-daemon now opens configuration in read-only mode
- Fixed UEventDeviceManager to work with Linux Kernel >= 4.13
- Refactored audit logging to support different audit log backends
- Reformatted source code to conform to the code style.
- Made the configuration parser strict. Unknown directives and wrong syntax will cause an error.
- Reformatted documentation from markdown to asciidoc format.
- Added InsertedDevicePolicy configuration option to control the policy method for inserted devices.
- Added RestoreControllerDeviceState configuration option.
- Added DeviceManagerBackend configuration option. This option can be used to select from several device manager backend implementations.
- Implemented an uevent based device manager backend.
- Added setParameter, getParameter IPC (incl. D-Bus) methods.
- Added set-parameter, get-parameter CLI subcommands.
- Qt Applet: Added Spanish (es_AR) translation.
- Create empty rules.conf file at install time (make install).
- Support for numeric UID/GID values in IPCAllowedUsers and IPCAllowedGroups settings.
- If bash completion support is detected at configure time, install the bash completion script during make install.
- Added new configuration setting: IPCAccessControlFiles.
- IPC access is now configurable down to a section and privilege level per user and/or group.
- Added add-user, remove-user usbuard CLI subcommands for creating, removing IPC access control files.
- Added AuditFilePath configuration option for setting the location of the USBGuard audit events log file path. If set, the usbguard-daemon will log policy and device related actions and whether they succeeded or not.
- Removed UDev based device manager backend and UDev related dependencies.
- Removed UDev development files/API dependency
- Reset Linux root hub bcdDevice value before updating device hash. This is a backwards incompatible change because it changes how the device hash is computed for Linux root hub devices.
- Refactored low-level USB device handling into SysFSDevice class which represents a device in the /sys filesystem (sysfs).
- Removed usage of
readdir_r
because it's obsolete. Replaced with readdir with the assumption that its usage is thread-safe if the directory handle passed to it is not shared between threads. - Extended test suite with use case tests.
- Install the usbguard-daemon configuration and policy file with strict file permissions to prevent policy leaks.
- Fixed several memory leaks.
- Don't pre-resolve user and group names in IPCAllowedUsers and IPCAllowedGroups settings. Instead, resolve the name during the IPC authentication phase.
- Changed default values of PresentDevicePolicy (to apply-policy) and IPCAllowedGroups (removed wheel group entry) settings in the shipped usbguard-daemon.conf configuration file.
- Wait for disconnect in IPCClient dtor if needed
- Qt Applet: Fixed loading of decision method and default decision settings
- Refactored logging subsystem
- Fixed handling of IPC disconnect in the IPCClient class
- Qt Applet: Fixed handling of main window minimization and maximization
- Fixed building on architectures that don't provide required atomic operations. The libatomic emulation library will be used in such cases.
- Fixed several typos in the documentation
- Implemented a simple internal logger
- Access to the logger via public API
- Improved logging coverage. Logging output can be enabled either via
CLI options or by setting the
USBGUARD_DEBUG
environment variable to 1. - Qt Applet: UI translation support.
- Qt Applet: Czech (cs_CZ) translation
- Removed spdlog dependency
- Fixed the daemon to use the match target when matching device rules. This fixes matching devices against the rules in the policy.
- Switched to protobuf based IPC
- Simplified the IPC and D-Bus interfaces
- Refactored custom exceptions
- Added DevicePresenceChanged signal for notifying about device insertions, updates and removals
- Added DevicePolicyChanged signal for notifying about device policy changes.
- Added ExceptionMessage signal for sending asynchronous exceptions to the IPC/D-Bus clients.
- Extended the usbguard CLI watch subcommand with the ability to
wait for the IPC connection to become available. See the new
-w
and-o
options for details.
- Removed nlohmann/json submodule
- Removed allowDevice, blockDevice and rejectDevice methods from the IPC and D-Bus interface.
- Removed DeviceAllowed, DeviceBlocked and DeviceRejected signals from the IPC and D-Bus interface (replaced by single signal)
- Removed DeviceInserted, DevicePresent and DeviceRemoved signals from the IPC and D-Bus interface (replaced by single signal)
- Fixed unknown descriptor type handling
- refactored USB parser to support multiple handlers per USB descriptor type
- Qt Applet: device list should be always expanded
- added support for an audio device related endpoint descriptor
- Fixed a bug in matching USB interface types with wildcards
- usbguard-daemon will now abort at startup if the rule file contains syntax error instead of continuing with an empty rule set
- Maintainer script for spellchecking source archive files
- Rule::Attribute class for representing the rule attributes
- USBDeviceID class for representing the USB device ID
- configure script option to control the bundling of PEGTL source files
- id attribute to the rule language for specifying the USB device ID
- Added a parent device ID field (and methods) to the Device class which tracks the ID of the parent device
- Implemented "parent-hash" attribute for associating a device with its parent device.
- The QtSvg module/library is now needed to compile the Qt applet
- Qt Applet: Device Dialog settings work now
- Qt Applet: The settings state is now remembered (via Qt's QSettings class)
- Qt Applet: Implemented serial number masking
- Qt Applet: Initial implementation of DeviceDialog window position randomization
- Qt Applet: IPC exceptions are shown in the message log
- Qt Applet: added an initial implementation of the device list with the ability to change authorization target for each device
- Qt Applet: show a grey version of the USBGuard icon in IPC disconnected state
- usbguard-daemon.conf: added DeviceRulesWithPort setting (set to false by default)
- Added support for selecting crypto backend library at compile time using the --with-crypto-library configure script switch
- IMPORTANT: The device hash value computation was changed to include the USB descriptor data. Additionally, the algorithm was changed to SHA-256 and the hash value representation to base64. These changes are backwards incompatible and existing policies that use the hash attribute need to be updated.
- Reimplemented the rule parser using PEGTL
- Changed public API of the Rule and Device classes because of the new Rule::Attribute class rule attribute representation
- Extended the public IPCClient::IPCDisconnected method to include exception related information
- All rule attributes now support both the single and multivalued form
- A rule attribute can now be specified only once
- The default usbguard-daemon.conf and usbguard.service files now respect the paths set by the configure script
- New Qt applet icons with
- Fixed Qt applet so that it doesn't show an empty window when starting
- Qt Applet: Reject button is hidden by default.
- Updated usbguard-daemon manual page
- Permanent device specific rules managed by allowDevice, blockDevice and rejectDevice actions are now handled properly. Existing device rules are updated instead of just appending new rules to the policy.
- usbguard-daemon.conf: changed the default configuration value of PresentControllerPolicy to keep
- Changed the device hashing algorithm to SHA-256
- Switched hash value representation from hex to base64
- Removed Quex related files
- The "from Rule" Device class constructor was removed because it's use case is unclear and it wasn't used anywhere
- Changed versioning scheme to include a release number. Releases will be rolled out more often during a milestone (x.y -- currently 0.5) development.
- Enhancements of the usbguard command-line interface.
- Manual pages are now generated from their source (markdown) during the build process.
- A default usbguard-daemon configuration file is now installed.
- Merged usbguard-applet-qt (sub)project into usbguard.
- Added a D-Bus bridge component which exposes a D-Bus interface to usbguard.
- Fixed USB descriptor data parsing. Previously, many real-world cases of descriptors weren't parsed correctly because of a naive implementation of the parser.
- Fixed systemd integration.
- Fixed issues: #84, #83, #80, #79, #78, #77, #76, #75, #74, #73, #72, #71, #70, #69, #68, #56, #54, #53, #51, #50, #44.
- The daemon is now capable of dropping process capabilities and uses a seccomp based syscall allowlist. Options to enable these features were added to the usbguard-daemon command.
- Devices connected at the start of the daemon are now recognized and the DevicePresent signal is sent for each of them.
- The library API was extended with the Device and DeviceManager classes.
- Implemented the usbguard CLI, see usbguard(1) for available commands.
- Initial authorization policies can be now easily generated using the usbguard generate-policy command.
- Extended the rule language with rule conditions. See usbguard-rules.conf(5) for details.
- Moved logging code into the shared library. You can use static methods of the Logger class to configure logging behaviour.
- Removed the bundled libsodium and libqb libraries.
- New configuration options for setting the implicit policy target and how to handle the present devices are now available.
- String values read from the device are now properly escaped and length limits on these values are enforced.
- Fixed several bugs.
- Resolved issues: #46, #45, #41, #40, #37, #32, #31, #28, #25, #24, #21, #16, #13, #9, #4
- The device hashing procedure was altered and generates different hash values. If you are using the hash attribute in your rules, you'll have to update the values.
- The bundled libsodium and libqb were removed. You'll have to compile and install them separately if your distribution doesn't provide them as packages.
- use AC_CHECK_HEADER instead of a pkg-config based check for json and spdlog
- make check target available
- SHM permissions are set to uid of the client process and gid of the daemon with rw-rw---- mode (0660).
- added --with-bundled-json and --with-bundled-spdlog configure options to enable/disable the usage of the bundled libraries
- removed bundled cppformat copylib
- Implemented a DAC based IPC access control
- Ship man pages for usbguard-daemon, usbguard-daemon.conf and usbguard-rules.conf
- Ship the LICENSE file
- Fixed appending of permanent rules
- Fixed distribution RPM spec file. Thanks to Petr Lautrbach and Ralf Corsepius for review.
- Resolved issues: #18 #19 #13
- Reworked device hashing.
- Rule language changes
- set operators
- renamed "port" to "via-port"
- added "with-interface" matching attribute
- removed the "class" attribute
- The IPCClient, ConfigFile, Rule and RuleSet classes are now shipped in a shared library.
- Created abstract interface for OS specific USB device handling.
- Changed default daemon config path to /etc/usbguard/usbguard-daemon.conf.
- Implemented basic USB descriptor structure parsing and improved interface type handling
- The IPC API was changed:
- added new signal, DevicePresent, which signals that a device was already present at the start of the IPC session
- the DeviceInserted and DevicePresent signals pass interface types that the device supports
- the explicit string arguments of the signals are now passed as a map
- Support for modifying permanent rules over the IPC interface.
- Resolved issues: #1 #2 #5 #6 #10 #11