Document toolboxDocument toolbox

(12.2.1-en) USB Access Control

Owned by Emese Pogany
Aug 01, 2023
1 min read

This article shows how to control USB access to the endpoint device in IGEL OS. You can allow or prohibit the use of USB devices on your endpoint. Specific rules for individual devices or device classes are possible.

Menu path: Devices > USB Access Control





Enable

 USB access control is enabled and the following settings can be configured.

 USB access control is inactive. (Default)



Default rule

Specifies whether the use of USB devices is allowed or prohibited.

  • Allow (Default)

  • Deny



Default permission

Default access rights for USB devices.

  • Read Only

  • Read/Write (Default)

Class Rules

Class rules apply to USB device classes. To manage the list of class rules:



  • Rule

Specifies whether the use of the device class defined here is allowed or prohibited.

  •  

    • Allow 

    • Deny (Default)

  • Class ID

Device class for which the rule should apply. (Examples: Audio, Printers, Mass Storage).

  • Name

Name of the rule

Device Rules

Device rules apply to specific USB devices. To manage the list of device rules:



  • Rule

Specifies whether the use of the device defined here is allowed or prohibited.

  •  

    • Allow 

    • Deny (Default)

  • Vendor ID

Hexadecimal ID of the device manufacturer

  • Product ID

Hexadecimal ID of the device

  • Device UUID

Universal Unique Identifier (UUID) of the device

  • Permission

Authorizations for access to the device
Possible values: 

  •  

    • Global setting: The default setting for hotplug storage devices is used; see the Default permission parameter under Devices > Storage Devices > Storage Hotplug. For more information, see (12.2.1-en) Storage Hotplug.

    • Read only

    • Read/Write

  • Name

Name of the rule