Linux - DesktopThis forum is for the discussion of all Linux Software used in a desktop context.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
What I found is HAL policies and I did tons of searching and could find no examples of people using the policies to block all removable drive access, but I did find snippets here and there all over the place good enough to put me on the right track.
Disclaimer, the way I will describe below does not seem to be the "recommended" way to use policies. The default policies in Ubuntu Gutsy have a 10osvendor folder and a 20thirdparty folder located in /usr/share/hal/fdi/policies. The 10osvendor folder contains policy files (.fdi) that control how devices are handled by the system... not just drives and media.. but pretty much all hardware such as keyboards and mice, scanners, etc. ObFrom the reading that I did, the 10osvendor polices are not really supposed to be changed, but instead there should be a 30user folder created and custom policies by the user should be put there. *** I could never get any policy in the 30user folder to take effect. *** I finally ended up editing 20-storage-methods.fdi policy file in the 10osvendor folder and the systems would honor the changes.
Basically I just added the following 6 lines anywhere ABOVE the <!-- udf --> section. Just in case the exact location is critical, I actually added the lines after the <!-- EFI firmware partitions --> section. Here are the 6 lines:
Obviously, the first 3 lines take care of USB drives, the second 3 takes care of optical devices. There is very likely a cleaner way to do this. If anyone knows please provide input to the thread, but otherwise, this worked for me and hopefully can help someone else.
too bad pessulus doesn't have an option for USB storage devices.