Skip to content
USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)
C++ Shell M4 Makefile C Perl
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
doc/man Extend the functionality of allow/block/reject commands to work with … Aug 6, 2019
m4 Replace boost dependency with a smaller alternative to stdio_filebuf.h. Jul 11, 2018
scripts LDAP: Resync LDIF-format schemas with their originals Oct 24, 2018
src Fix return check of ldap tests. Aug 8, 2019
.gitattributes [linguist] Mark src/ThirdParty/ as vendored Mar 30, 2016
.gitignore Update .gitignore Jun 28, 2019
.gitmodules Logging code refactoring Sep 7, 2016
.lgtm.yml Hidden lgtm.yml file to enable C/C++ analysis of USBGuard on lgtm.com ( Mar 28, 2018
.travis.yml Extend the functionality of allow/block/reject commands to work with … Aug 6, 2019
CHANGELOG.md Updated CHANGELOG.md Jul 12, 2018
LICENSE Initial commit Mar 18, 2015
Makefile.am Remove PoC Qt applet Jun 20, 2019
README.adoc Fix travis-ci readme Aug 8, 2019
VERSION Bump version Jun 14, 2019
autogen.sh Add copyright to files where it was missing May 30, 2016
configure.ac Re-enable Automake silent rules Jun 24, 2019
libusbguard.pc.in Update repository URL Nov 30, 2017
usbguard-daemon.conf.in
usbguard.service.in Harden systemd service Mar 20, 2019

README.adoc

USBGuard

Travis CI
Coverage
License

About

USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system). Simply put, it is a USB device whitelisting tool.

Warning
The 0.x releases are not production ready packages. They serve for tech-preview and user feedback purposes only. Please share your feedback or request a feature in the Github issue trackers for each project:

Compilation & Installation

To compile the sources from a release tarball, you’ll need the development files for:

Optionally, you may want to install:

  • libseccomp - used to implement a syscall whitelist

  • libcap-ng - used to drop process capabilities

And then do:

$ ./configure --with-crypto-library=sodium # or "gcrypt", based on your preference
$ make
$ sudo make install

After the sources are successfully built, you can run the test suite by executing:

$ make check

If you want to compile the sources in a cloned repository, you’ll have to run the ./autogen.sh script. It will fetch the sources (via git submodules) of PEGTL and Catch. The script will then initialize the autotools based build system.

License

Copyright © 2015-2019 Red Hat, Inc.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

You can’t perform that action at this time.