cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
tigaa
Cadet
Cadet
7 hours ago
  • 29 Views

usbguard and iDRAC keyboard

Hello,
I have a Dell in my home lab with RHEL 8.9 on board.
I installed usbguard and allowed only usb keyboard and mouse.
I struggle with keyboard from iDRAC.
When I open DRAC console the keyboard is automatically attached to the server, but a rule at first place blocks the device with message: "Device is not authorized for usage" and then almost in no time an allow rule allows the keyboard.
Keyboard on DRAC console works normally, but I want ot get rid of this "Device is not authorized for usage" message in journalctl/dmesg.
Is this a normal behavior of usbguard (first block then imediatelly allow)?
Have you observe the same and somehow fixed it?

My rules are:
usbguard list-rules
1: allow with-interface one-of { 03:*:* 09:*:* }
2: allow with-interface 08:06:50
3: allow id 413c:0006 serial "DELL413C-1" name "DRAC 5 Virtual Keyboard and Mouse"
4: allow id 1d6b:0002 serial "0000:03:00.3" name "xHCI Host Controller" with-interface 09:00:00 with-connect-type ""
5: allow id 1d6b:0003 serial "0000:03:00.3" name "xHCI Host Controller" with-interface 09:00:00 with-connect-type ""
6: allow id 1d6b:0002 serial "0000:22:00.3" name "xHCI Host Controller" with-interface 09:00:00 with-connect-type ""
7: allow id 1d6b:0003 serial "0000:22:00.3" name "xHCI Host Controller" with-interface 09:00:00 with-connect-type ""
8: allow id 1604:10c0 serial "" name "" via-port "3-1" with-interface 09:00:00 with-connect-type "hardwired"
9: allow id 0424:2514 serial "" name "" via-port "3-2" with-interface { 09:00:01 09:00:02 } with-connect-type "hardwired"
10: allow id 1604:10c0 serial "" name "" via-port "3-1.1" with-interface 09:00:00 with-connect-type "hardwired"
11: allow id 1604:10c0 serial "" name "" via-port "3-1.4" with-interface 09:00:00 with-connect-type "hardwired"
12: block

The log message is:
journalctl -f |grep usb
Feb 27 08:26:30 osl5235 kernel: usb 3-1.2: USB disconnect, device number 32
Feb 27 08:26:30 osl5235 usbguard-daemon[25895]: uid=0 pid=25893 device.rule='allow id 413c:0006 serial "DELL413C-1" name "DRAC 5 Virtual Keyboard and Mouse" hash "IRRELEVANT" parent-hash "IRRELEVANT" via-port "3-1.2" with-interface { 03:01:02 03:01:01 } with-connect-type "hardwired"' type='Device.Remove' result='SUCCESS' device.system_name='/devices/pci0000:20/0000:20:08.1/0000:22:00.3/usb3/3-1/3-1.2'
Feb 27 08:26:31 osl5235 kernel: usb 3-1.2: new high-speed USB device number 33 using xhci_hcd
Feb 27 08:26:31 osl5235 usbguard-daemon[25895]: uid=0 pid=25893 device.rule='block id 413c:0006 serial "DELL413C-1" name "DRAC 5 Virtual Keyboard and Mouse" hash "IRRELEVANT" parent-hash "IRRELEVANT" via-port "3-1.2" with-interface { 03:01:02 03:01:01 } with-connect-type "hardwired"' type='Device.Insert' result='SUCCESS' device.system_name='/devices/pci0000:20/0000:20:08.1/0000:22:00.3/usb3/3-1/3-1.2'
Feb 27 08:26:31 osl5235 kernel: usb 3-1.2: New USB device found, idVendor=413c, idProduct=0006, bcdDevice= 0.00
Feb 27 08:26:31 osl5235 kernel: usb 3-1.2: New USB device strings: Mfr=1, Product=2, SerialNumber=3
Feb 27 08:26:31 osl5235 kernel: usb 3-1.2: Product: DRAC 5 Virtual Keyboard and Mouse
Feb 27 08:26:31 osl5235 kernel: usb 3-1.2: Manufacturer: DELL
Feb 27 08:26:31 osl5235 kernel: usb 3-1.2: SerialNumber: DELL413C-1
Feb 27 08:26:31 osl5235 kernel: usb 3-1.2: Device is not authorized for usage
Feb 27 08:26:31 osl5235 kernel: input: DELL DRAC 5 Virtual Keyboard and Mouse as /devices/pci0000:20/0000:20:08.1/0000:22:00.3/usb3/3-1/3-1.2/3-1.2:1.0/0003:413C:0006.0011/input/input18
Feb 27 08:26:31 osl5235 kernel: hid-generic 0003:413C:0006.0011: input,hidraw0: USB HID v1.01 Mouse [DELL DRAC 5 Virtual Keyboard and Mouse] on usb-0000:22:00.3-1.2/input0
Feb 27 08:26:31 osl5235 kernel: input: DELL DRAC 5 Virtual Keyboard and Mouse as /devices/pci0000:20/0000:20:08.1/0000:22:00.3/usb3/3-1/3-1.2/3-1.2:1.1/0003:413C:0006.0012/input/input19
Feb 27 08:26:31 osl5235 usbguard-daemon[25895]: uid=0 pid=25893 result='SUCCESS' device.system_name='/devices/pci0000:20/0000:20:08.1/0000:22:00.3/usb3/3-1/3-1.2' target.new='allow' type='Policy.Device.Update' device.rule='block id 413c:0006 serial "DELL413C-1" name "DRAC 5 Virtual Keyboard and Mouse" hash "IRRELEVANT" parent-hash "IRRELEVANT" via-port "3-1.2" with-interface { 03:01:02 03:01:01 } with-connect-type "hardwired"' target.old='block'
Feb 27 08:26:31 osl5235 kernel: hid-generic 0003:413C:0006.0012: input,hidraw1: USB HID v1.01 Keyboard [DELL DRAC 5 Virtual Keyboard and Mouse] on usb-0000:22:00.3-1.2/input1
Feb 27 08:26:31 osl5235 kernel: usb 3-1.2: authorized to connect


Labels (2)
Labels
Tags (2)
0 Kudos
Join the discussion
1 Reply
SimonTek1
Cadet
Cadet
38m ago
  • 4 Views

allow with-interface one-of { 03:00:01 03:01:01 03:00:02 03:01:02 }

allow with-interface equals { 09:*:* }

allow with-interface one-of { 03:00:01 03:01:01 } if !allowed-matches(with-interface one-of { 03:00:01 03:01:01 })

 

Try this to see if it works. It should let any keyboard, mouse and monitor work. Also if you are having issues and getting locked out, remember the RHEL ISO has a live boot option and you can then chroot the drive to fix the issue. 

0 Kudos
Join the discussion
You must log in to join this conversation.
Red Hat Learning Community

Red Hat

Learning Community

A collaborative learning environment, enabling open source skill development.

Red Hat Inc. Copyright ?2025 Red Hat, Inc. Privacy policy Terms of use