From mboxrd@z Thu Jan 1 00:00:00 1970 From: Greg KH Date: Thu, 24 Feb 2011 15:46:07 +0000 Subject: Re: How to use Udev to restrict USB access only to particular set of Message-Id: <20110224154607.GA5960@kroah.com> List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable To: linux-hotplug@vger.kernel.org On Thu, Feb 24, 2011 at 03:52:16PM +0200, Vilius Benetis wrote: > On Tue, Feb 22, 2011 at 4:38 PM, Greg KH wrote: > > Ok, what is the udev rule that you tried and did not work? >=20 > we tried to disable USB storage sticks with the following command: >=20 > SUBSYSTEMS=3D"usb" DRIVERS=3D"usb-storage" =A0OPTIONS:=3D"ignore_device" >=20 > but we failed to make it work. Ignoring the device still makes it "active" in the system, especially as you just tested that the usb-storage device was bound to your device (which wouldn't be true that early in the process, which is one reason why this failed). =20 you need to write a 0 to the "authorized" file in sysfs which will disable the whole USB device entirely if it meets your "list of devices to reject". You also need to test not for driver binding, which again will not have happened, and you don't want to have happen, but that it is a usb storage device type (by virtue of the correct class config options as shown by sysfs) and that it doesn't pass your list of valid serial numbers. Note, all of that might be easier to do in a script than in a udev rule alone, but it should be possible. Hope this helps, greg k-h