Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Desktop
User Name
Linux - Desktop This forum is for the discussion of all Linux Software used in a desktop context.


  Search this Thread
Old 12-24-2008, 08:42 PM   #1
Registered: Mar 2008
Posts: 147

Rep: Reputation: 15
how to disable USB port

I have some stand alone clients(for RHEL4AS SERVER) which are having USB ports. I want to disable these usb ports to stop data theft. How to disable this?
Old 12-24-2008, 08:44 PM   #2
Senior Member
Registered: Jul 2006
Location: Kolkata, India
Distribution: Debian 64-bit GNU/Linux, Kubuntu64, Fedora QA, Slackware,
Posts: 2,766

Rep: Reputation: Disabled
You restrict users...through groups ...not disable usb
Old 12-25-2008, 03:47 AM   #3
Registered: Mar 2008
Posts: 147

Original Poster
Rep: Reputation: 15
Ok! but how to restrict users in client pcs? I dont want users to read or write or copy data into the system thru usb(especially pendrive)

Last edited by visitnag; 12-25-2008 at 03:50 AM.
Old 12-25-2008, 05:42 AM   #4
Junior Hacker
Senior Member
Registered: Jan 2005
Location: North America
Distribution: Debian testing Mandriva Ubuntu
Posts: 2,687

Rep: Reputation: 60
You can more than likely disable USB controller in computer setup (bios) at start-up, then password protect the bios if the mother board supports it to avoid users re-enabling it.

Last edited by Junior Hacker; 12-25-2008 at 05:44 AM.
Old 12-25-2008, 06:27 AM   #5
Registered: Nov 2007
Location: Pakistan
Distribution: Redhat and Debian
Posts: 302
Blog Entries: 1

Rep: Reputation: 34
i havent tried this but you can remove usb_storage from the kernel.
Old 12-31-2008, 12:20 PM   #6
Registered: Mar 2008
Posts: 147

Original Poster
Rep: Reputation: 15
I wanted to disable...the device...not to permanently remove. Whenever i want i could enable the same...
Old 12-31-2008, 02:28 PM   #7
LQ Guru
Registered: Oct 2005
Location: Willoughby, Ohio
Distribution: linuxdebian
Posts: 7,232
Blog Entries: 5

Rep: Reputation: 190Reputation: 190
you could try removing users from the plugdev group..

although the quote I am posting is from a guy that said this had no effect for him.. so he went hardcore into HAL policies, to block access to USB storage and CDROM Drives...

Originally Posted by getut

What I found is HAL policies and I did tons of searching and could find no examples of people using the policies to block all removable drive access, but I did find snippets here and there all over the place good enough to put me on the right track.

Disclaimer, the way I will describe below does not seem to be the "recommended" way to use policies. The default policies in Ubuntu Gutsy have a 10osvendor folder and a 20thirdparty folder located in /usr/share/hal/fdi/policies. The 10osvendor folder contains policy files (.fdi) that control how devices are handled by the system... not just drives and media.. but pretty much all hardware such as keyboards and mice, scanners, etc. ObFrom the reading that I did, the 10osvendor polices are not really supposed to be changed, but instead there should be a 30user folder created and custom policies by the user should be put there. *** I could never get any policy in the 30user folder to take effect. *** I finally ended up editing 20-storage-methods.fdi policy file in the 10osvendor folder and the systems would honor the changes.

Basically I just added the following 6 lines anywhere ABOVE the <!-- udf --> section. Just in case the exact location is critical, I actually added the lines after the <!-- EFI firmware partitions --> section. Here are the 6 lines:
<match key="@block.storage_device:storage.removable" bool="true">
<merge key="volume.ignore" type="bool">true</merge>

<match key="storage.drive_type" string="cdrom">
<merge key="volume.ignore" type="bool">true</merge>
Obviously, the first 3 lines take care of USB drives, the second 3 takes care of optical devices. There is very likely a cleaner way to do this. If anyone knows please provide input to the thread, but otherwise, this worked for me and hopefully can help someone else.
too bad pessulus doesn't have an option for USB storage devices.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Dell Laptop Broken USB port. How to disable? newb sfumato Linux - Hardware 2 10-06-2005 04:49 PM
How to disable a port, such as 21? iclinux Linux - Networking 2 01-10-2005 05:48 AM
How do I disable a firewire port? rentz Linux - Hardware 0 12-22-2003 04:33 PM
How to disable application(s) using port 22 Johnnyboy Linux - Newbie 7 09-21-2003 11:18 AM
Disable Port 80 dvong3 Linux - Security 2 09-19-2003 09:32 AM

All times are GMT -5. The time now is 03:01 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration