I want to disable usb based on vendor id in linux environment. i want to allow only specific usb's only based on vendor id.
Asked
Active
Viewed 2,463 times
1 Answers
1
This should be possible using udev rules, but is probably not easy and will require some experimentation. It is possible to accidentally do bad things like blocking your mouse and keyboard from working requiring restore with a live USB stick. I haven't tested these commands, caveat emptor.
Create a new file with a low priority number, eg /lib/udev/rules.d/20-block-usb.rules with contents:
BUS=="usb", PROGRAM="/bin/filter_usb.sh %s{idVendor} %s{idProduct}", RESULT!="allow", OPTIONS+="ignore_device"
When a USB device is inserted, /bin/filter_usb.sh should be called with the vendor and product IDs of the device as arguments, and unless it echoes allow then the device should be ignored, eg:
#!/bin/sh
vendor=$1
product=$2
if [ "$vendor" = "0123" ]; then
if [ "$product" = "4567" ]; then
echo allow
fi
fi
You will probably want to look into udevtest for experimenting with rules, and as noted, you need to make sure your mouse, keyboard etc are whitelisted. You may want to restrict the blocking rule only to USB block devices by adding SUBSYSTEM=="block", before PROGRAM in the original rule.
chronitis
- 12,647