37 lines
1.3 KiB
Diff
37 lines
1.3 KiB
Diff
From 7189a9f4aa319b823e241ca11a798762bd62515f Mon Sep 17 00:00:00 2001
|
|
From: Matej Tyc <matyc@redhat.com>
|
|
Date: Tue, 31 Aug 2021 13:58:00 +0200
|
|
Subject: [PATCH] Allow HID USB in the ISM profile
|
|
|
|
The usbguard is too strict without this rule,
|
|
and its default setting blocks keyboard and mouse.
|
|
---
|
|
products/rhel8/profiles/ism_o.profile | 1 +
|
|
products/rhel9/profiles/ism_o.profile | 1 +
|
|
2 files changed, 2 insertions(+)
|
|
|
|
diff --git a/products/rhel8/profiles/ism_o.profile b/products/rhel8/profiles/ism_o.profile
|
|
index 95cdfc4ede..2e78dc8776 100644
|
|
--- a/products/rhel8/profiles/ism_o.profile
|
|
+++ b/products/rhel8/profiles/ism_o.profile
|
|
@@ -52,6 +52,7 @@ selections:
|
|
## Identifiers 1418
|
|
- package_usbguard_installed
|
|
- service_usbguard_enabled
|
|
+ - usbguard_allow_hid_and_hub
|
|
|
|
## Authentication hardening
|
|
## Identifiers 1546 / 0974 / 1173 / 1504 / 1505 / 1401 / 1559 / 1560
|
|
diff --git a/products/rhel9/profiles/ism_o.profile b/products/rhel9/profiles/ism_o.profile
|
|
index 6fc919da12..b395b0e9cb 100644
|
|
--- a/products/rhel9/profiles/ism_o.profile
|
|
+++ b/products/rhel9/profiles/ism_o.profile
|
|
@@ -52,6 +52,7 @@ selections:
|
|
## Identifiers 1418
|
|
- package_usbguard_installed
|
|
- service_usbguard_enabled
|
|
+ - usbguard_allow_hid_and_hub
|
|
|
|
## Authentication hardening
|
|
## Identifiers 1546 / 0974 / 1173 / 1504 / 1505 / 1401 / 1559 / 1560
|