Willkommen Gast. Bitte einloggen oder registrieren. Haben Sie Ihre Aktivierungs E-Mail übersehen?
19.01.2021, 06:29:55

.
Einloggen mit Benutzername, Passwort und Sitzungslänge

Mitglieder
Statistiken
  • Beiträge insgesamt: 709123
  • Themen insgesamt: 57334
  • Heute online: 496
  • Am meisten online: 2287
  • (22.01.2020, 19:20:24)
Benutzer Online
Mitglieder: 3
Gäste: 336
Gesamt: 339

Autor Thema:  [LM 18.3 Mate] USBGuard Grafische Oberfläche "IPC Connection lost"  (Gelesen 368 mal)

0 Mitglieder und 1 Gast betrachten dieses Thema.

Moin,
Ich hab mir vor ein paar Tagen unter Linux Mint 18.3 Mate über PPA den USBGuard installiert samt der grafischen Oberfläche. Eingerichtet hab ich es nach den angaben im Privacy Handbuchhttps://www.privacy-handbuch.de/handbuch_91a.htm.
Jetzt Zeigt mir die grafische Oberfläche für den USBGuard folgende Fehlermeldung an: "IPC Connection lost". Hab mir daraufhin noch mal die Dateien für den USBGuard angeschaut, konnte da aber nichts finden. Habt ihr vielleicht eine Idee, woran es liegen könnte?
Ich hänge noch mal die beiden Dateien hier an, vielleicht ists ja auch nur ein Fehler meinerseits den ich bis jetzt übersehen habe  ;D

rules.conf:
PresentDevicePolicy = apply-policy
PresentControllerPolicy = apply-policy
allow id 1d6b:0002 serial "0000:00:1a.0" name "EHCI Host Controller" hash "aB8+tKJ4kEesMHi0P+TC0skmcLp43/fv7FUWKMuppbk=" parent-hash "uvJm0y/N2iYeJgfKJsJqWKTJts/duhYZ7W2zzAYk7Y8=" with-interface 09:00:00
allow id 8087:0024 serial "" name "" hash "kv3v2+rnq9QvYI3/HbJ1EV9vdujZ0aVCQ/CGBYIkEB0=" parent-hash "aB8+tKJ4kEesMHi0P+TC0skmcLp43/fv7FUWKMuppbk=" via-port "1-1" with-interface 09:00:00
allow id 03f0:3a1d serial "BE8D35272EE2F5B0" name "HP hs2340 HSPA+ MobileBroadband" hash "zj5N55IwGJjZJNWRb/KY4C0GzQyThqTvsEP424It/Xk=" parent-hash "kv3v2+rnq9QvYI3/HbJ1EV9vdujZ0aVCQ/CGBYIkEB0=" with-interface { 02:08:00 02:02:01 0a:00:00 02:02:01 0a:00:00 02:09:01 02:0d:00 0a:00:00 0a:00:01 02:09:01 02:02:01 0a:00:00 02:08:00 02:02:01 0a:00:00 02:02:01 0a:00:00 02:09:01 02:0d:00 0a:00:00 0a:00:01 02:09:01 08:06:50 }
allow id 1050:0403 serial "" name "Yubikey 4 OTP+U2F" hash "oa2b4nfFCLk/iwTowdZhkZ7rELiZ551CRCp5exOzjxQ=" parent-hash "kv3v2+rnq9QvYI3/HbJ1EV9vdujZ0aVCQ/CGBYIkEB0=" via-port "1-1.3" with-interface { 03:01:01 03:00:00 }
allow id 0424:2514 serial "" name "" hash "npSDT1xuEIOSLNt2RT2EbFrE8XRZoV29t1n7kg6GxXg=" parent-hash "kv3v2+rnq9QvYI3/HbJ1EV9vdujZ0aVCQ/CGBYIkEB0=" via-port "1-1.4" with-interface { 09:00:01 09:00:02 }
allow id 046d:c069 serial "" name "USB Laser Mouse" hash "jsWZtKXHLV3Xw9xNfYYUIrld3Ixx0M47wz8YfqY7mZk=" parent-hash "npSDT1xuEIOSLNt2RT2EbFrE8XRZoV29t1n7kg6GxXg=" via-port "1-1.4.2" with-interface 03:01:02
allow id 06a3:8021 serial "" name "Saitek Eclipse II Keyboard" hash "jTmz3SaPTX6/YS5Z3IG+LRDqJY1zM38vX5+EF0HgpgQ=" parent-hash "npSDT1xuEIOSLNt2RT2EbFrE8XRZoV29t1n7kg6GxXg=" via-port "1-1.4.3" with-interface { 03:01:01 03:00:00 }
allow id 1d6b:0002 serial "0000:00:1d.0" name "EHCI Host Controller" hash "jW1zFpTAIZ/jTPqahqCD63fIfcajOs2KmEme/Hx6OK0=" parent-hash "FjkaT8Rp/Bh++KC4RQhk++hWack2wTDa1a1G5yXqYys=" with-interface 09:00:00
allow id 8087:0024 serial "" name "" hash "Zx7v0FMQEjScKSAFENAiobEs1OGPPB0YWR+yXDCVE04=" parent-hash "jW1zFpTAIZ/jTPqahqCD63fIfcajOs2KmEme/Hx6OK0=" via-port "2-1" with-interface 09:00:00
allow id 1f75:0611 serial "20180105" name "" hash "5I4UnTvrYYkWormisX27TdvBOXawGxQk+q3/7F4kCnY=" parent-hash "Zx7v0FMQEjScKSAFENAiobEs1OGPPB0YWR+yXDCVE04=" with-interface 08:06:50
allow id 046d:0825 serial "11671DA0" name "" hash "YWHqImUYVJbXGauRyN7Q3Jn0ucYWR+TfTU7b67mvamE=" parent-hash "Zx7v0FMQEjScKSAFENAiobEs1OGPPB0YWR+yXDCVE04=" with-interface { 0e:01:00 0e:02:00 0e:02:00 0e:02:00 0e:02:00 0e:02:00 0e:02:00 0e:02:00 0e:02:00 0e:02:00 0e:02:00 0e:02:00 0e:02:00 01:01:00 01:02:00 01:02:00 01:02:00 01:02:00 01:02:00 }

usbguard-daemnon.conf:
#
# Rule set file path.
#
# The USBGuard daemon will use this file to load the policy
# rule set from it and to write new rules received via the
# IPC interface.
#
# RuleFile=/path/to/rules.conf
#
RuleFile=/etc/usbguard/rules.conf

#
# Implicit policy target.
#
# How to treat devices that don't match any rule in the
# policy. One of:
#
# * allow  - authorize the device
# * block  - block the device
# * reject - remove the device
#
ImplicitPolicyTarget=block

#
# Present device policy.
#
# How to treat devices that are already connected when the
# daemon starts. One of:
#
# * allow        - authorize every present device
# * block        - deauthorize every present device
# * reject       - remove every present device
# * keep         - just sync the internal state and leave it
# * apply-policy - evaluate the ruleset for every present
#                  device
#
PresentDevicePolicy=keep

#
# Present controller policy.
#
# How to treat USB controllers that are already connected
# when the daemon starts. One of:
#
# * allow        - authorize every present device
# * block        - deauthorize every present device
# * reject       - remove every present device
# * keep         - just sync the internal state and leave it
# * apply-policy - evaluate the ruleset for every present
#                  device
#
PresentControllerPolicy=keep

#!!! WARNING: It's good practice to set at least one of the !!!
#!!!          two options bellow. If none of them are set,  !!!
#!!!          the daemon will accept IPC connections from   !!!
#!!!          anyone, thus allowing anyone to modify the    !!!
#!!!          rule set and (de)authorize USB devices.       !!!

#
# Users allowed to use the IPC interface.
#
# A space delimited list of usernames that the daemon will
# accept IPC connections from.
#
# IPCAllowedUsers=username1 username2 ...
#
IPCAllowedUsers=root felix

#
# Groups allowed to use the IPC interface.
#
# A space delimited list of groupnames that the daemon will
# accept IPC connections from.
#
# IPCAllowedGroups=groupname1 groupname2 ...
#
IPCAllowedGroups=root

#
# Generate device specific rules including the "via-port"
# attribute.
#
# This option modifies the behavior of the allowDevice
# action. When instructed to generate a permanent rule,
# the action can generate a port specific rule. Because
# some systems have unstable port numbering, the generated
# rule might not match the device after rebooting the system.
#
# If set to false, the generated rule will still contain
# the "parent-hash" attribute which also defines an association
# to the parent device. See usbguard-rules.conf(5) for more
# details.
#
DeviceRulesWithPort=false

Was mir auch noch aufgefallen ist, mit einem USB Stick der nicht in der Regelliste vom USBGuard steht, hab ich das ganze mit und ohne Grafischer Oberfläche einmal getestet. Ich konnte in beiden fällen auf den Stick zugreifen was ja eigentlich nicht mehr möglich sein sollte.

Gruß
Garstedter
« Letzte Änderung: 25.03.2018, 20:29:51 von Garstedter »