- Description
- Setup - The basics of getting started with usbguard
- Usage - Configuration options and additional functionality
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
Install usbguard and configure the daemon and rules.
- the usbguard package
- the usbguard-daemon.conf file
- the rules file (by default
/etc/usbguard/rules-managed-by-puppet.conf)
Just include usbguard to start without any rule.
Install, configure some rules, and start the service:
include usbguard
$rule_content = @(CONTENT)
allow with-interface equals { 08:*:* }
reject with-interface all-of { 08:*:* 03:00:* }
reject with-interface all-of { 08:*:* 03:01:* }
reject with-interface all-of { 08:*:* e0:*:* }
reject with-interface all-of { 08:*:* 02:*:* }
| CONTENT
# DON'T DO THIS ON YOUR COMPUTER OR YOU MIGHT LOCK YOU OUT
# this is just an example. :-)
usbguard::rule { 'allow usb disks without keyboard interface':
rule => $rule_content,
}- The usbguard package for RHEL/CentOS is only available for 7.4 and later or you need to configure a external repo on your own.
See How to Contribute on voxpupuli.org.
