Hi,
Posting this again as it has been drowned. can anybody assist?
------------------------------------------------------------------
Hi All,
I'm trying to disable USB storage devices in Centos7.1.1503.
I've setup udev rules to block all usb devices and then additional rules
to allow specific vendors / products to be used (mainly keyboards and
mice). This is all working perfectly.
cat /etc/udev/rules.d/01-usblockdown.rules
# Block all USB devices
ACTION=="add", SUBSYSTEMS=="usb", RUN+="/bin/sh -c
'for host in
/sys/bus/usb/devices/usb*; do echo 0 > $host/authorized_default;
done'"
# Allow devices
# Keyboards
ACTION=="add", ATTR{idVendor}=="04f3",
ATTR{idProduct}=="0103"
RUN+="/bin/sh -c 'echo 1 >/sys$DEVPATH/authorized'"
......
Now I'm testing against mobile devices and when I connect an Asus mobile
telephone it's mounting the camera using PTP even though the device is
not allowed in my udev rules.
I removed libgphoto2 which has now stopped the PTP from automounting.
My issue is that I require hplip on my systems for certain printer
drivers and this package was removed along with libgphoto2. I added an
'exclude=libgphoto2*' to my /etc/yum.repos.d/CentOS-Base.repo and
installing hplip now fails on dependencies.
Is there a method of disable libgphoto2 PTP without having to remove the
package? or can I create further udev rules to stop PTP mounts?
thanks in advance,
Michael
Am 10.12.2015 um 09:37 schrieb Michael H <michael at wemoto.com>:> > I'm trying to disable USB storage devices in Centos7.1.1503.on EL6 we use: # cat /etc/modprobe.d/usb-disabled.conf install usb-storage /bin/true # depmod -a -- LF
On 10/12/15 10:02, Leon Fauster wrote:> Am 10.12.2015 um 09:37 schrieb Michael H <michael at wemoto.com>: >> >> I'm trying to disable USB storage devices in Centos7.1.1503. > > on EL6 we use: > > # cat /etc/modprobe.d/usb-disabled.conf > install usb-storage /bin/true > > # depmod -aI've achieved disabling USB devices and then allowing specific vendors / products using UDEV rules. How can I disable PTP automounting without removing the libgphoto2 package? We are allowing a specific set of usb devices to be used in the company, one of the things we want to block is any kind of file transfer between mobile devices and our systems. Unfortunately it's not just a complete block on devices.> > -- > LF > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >
> On Dec 10, 2015, at 1:37 AM, Michael H <michael at wemoto.com> wrote: > > Hi, > Posting this again as it has been drowned. can anybody assist? > > > ------------------------------------------------------------------ > > Hi All, > > I'm trying to disable USB storage devices in Centos7.1.1503. ><snip> I did a google search on ?disable usb storage centos 7? and came up with this. Don?t know if it helps: https://unixserveradmin.wordpress.com/2012/12/08/how-to-stop-usb-mass-storage-device-in-rhelcentos/ <https://unixserveradmin.wordpress.com/2012/12/08/how-to-stop-usb-mass-storage-device-in-rhelcentos/> -wes
Please read my entire post! I need to allow specific devices, I am trying to combat PTP mounting. not completely disable all USB devices. On 10/12/15 15:17, Wes James wrote:> >> On Dec 10, 2015, at 1:37 AM, Michael H <michael at wemoto.com> wrote: >> >> Hi, >> Posting this again as it has been drowned. can anybody assist? >> >> >> ------------------------------------------------------------------ >> >> Hi All, >> >> I'm trying to disable USB storage devices in Centos7.1.1503. >> > > <snip> > > I did a google search on ?disable usb storage centos 7? and came up with this. Don?t know if it helps: > > https://unixserveradmin.wordpress.com/2012/12/08/how-to-stop-usb-mass-storage-device-in-rhelcentos/ <https://unixserveradmin.wordpress.com/2012/12/08/how-to-stop-usb-mass-storage-device-in-rhelcentos/> > > -wes > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >
On Dec 10, 2015, at 1:37 AM, Michael H <michael at wemoto.com> wrote:> > I've setup udev rules to block all usb devices and then additional rules > to allow specific vendors / products to be used (mainly keyboards and > mice).It sounds like you?re reinventing the wheel: https://github.com/dkopecek/usbguard Search for ?Linux USB whitelist? for additional existing solutions to the problem, if you don?t like USBGuard for some reason.