26 lines
1.6 KiB
Nix
26 lines
1.6 KiB
Nix
{
|
|
services.usbguard = {
|
|
enable = true;
|
|
dbus.enable = true;
|
|
|
|
IPCAllowedGroups = ["wheel"];
|
|
|
|
rules = ''
|
|
# new-new-phoenix
|
|
allow id 1d6b:0002 serial "0000:00:14.0" name "xHCI Host Controller" hash "jEP/6WzviqdJ5VSeTUY8PatCNBKeaREvo2OqdplND/o=" parent-hash "rV9bfLq7c2eA4tYjVjwO4bxhm+y6GgZpl9J60L0fBkY=" with-interface 09:00:00 with-connect-type ""
|
|
allow id 1d6b:0003 serial "0000:00:14.0" name "xHCI Host Controller" hash "prM+Jby/bFHCn2lNjQdAMbgc6tse3xVx+hZwjOPHSdQ=" parent-hash "rV9bfLq7c2eA4tYjVjwO4bxhm+y6GgZpl9J60L0fBkY=" with-interface 09:00:00 with-connect-type ""
|
|
allow id 0bda:0129 serial "20100201396000000" name "USB2.0-CRW" hash "om34qyRbPxnt/bsdFrR3g2SWxDVsInxWWsiFkDIyEnY=" parent-hash "jEP/6WzviqdJ5VSeTUY8PatCNBKeaREvo2OqdplND/o=" with-interface ff:06:50 with-connect-type "hotplug"
|
|
allow id 048d:ce00 serial "" name "ITE Device(8291)" hash "snB5qcpdMc66wcxBmMAn+LStZHfOTO/c5RtrU9nzyHc=" parent-hash "jEP/6WzviqdJ5VSeTUY8PatCNBKeaREvo2OqdplND/o=" via-port "1-6" with-interface { 03:01:01 03:00:00 } with-connect-type "hardwired"
|
|
allow id 8087:0025 serial "" name "" hash "N/wLaNIwbl3mtRa9CDFbUH7EfSZDhv2X+d2xcrwsw8Q=" parent-hash "jEP/6WzviqdJ5VSeTUY8PatCNBKeaREvo2OqdplND/o=" via-port "1-14" with-interface { e0:01:01 e0:01:01 e0:01:01 e0:01:01 e0:01:01 e0:01:01 e0:01:01 e0:01:01 } with-connect-type "hardwired"
|
|
|
|
# USB Drives
|
|
|
|
## ISO USB
|
|
allow id 0951:1666 serial "D067E5161936F420A61181ED" name "DataTraveler 3.0"
|
|
|
|
## TAILS USB
|
|
allow id 346d:5678 serial "FC081FF86A47A" name "Disk 20"
|
|
'';
|
|
};
|
|
}
|