USBGuard / Usbguard
Projects that are alternatives of or similar to Usbguard
USBGuard
:toc:
[.clearfix]
https://travis-ci.com/USBGuard/usbguard.svg?branch=master[Travis CI, link=https://travis-ci.com/USBGuard/usbguard] [.left] image::https://coveralls.io/repos/github/USBGuard/usbguard/badge.svg[Coverage, link=https://coveralls.io/github/USBGuard/usbguard] [.left] image::https://img.shields.io/github/license/USBGuard/usbguard.svg[License, link=https://github.com/USBGuard/usbguard/#license]
[.left] image::== About
USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system). Simply put, it is a USB device allowlisting tool.
WARNING: The 0.x releases are not production ready packages. They serve for tech-preview and user feedback purposes only. Please share your feedback or request a feature in the Github issue trackers for each project:
- https://github.com/USBGuard/usbguard/issues/new[Report a bug or request a feature in usbguard]
== Documentation
- User Guide (TBA)
- Manual Pages ** <<doc/man/usbguard-daemon.8.adoc#name, usbguard-daemon(8)>> ** <<doc/man/usbguard-daemon.conf.5.adoc#name, usbguard-daemon.conf(5)>> ** <<doc/man/usbguard-rules.conf.5.adoc#name, usbguard-rules.conf(5)>> ** <<doc/man/usbguard.1.adoc#name, usbguard(1)>> ** <<doc/man/usbguard-dbus.8.adoc#name, usbguard-dbus(8)>>
== Compilation & Installation
To compile the source code, you will require at least C{plus}{plus}17. + If you are compiling sources from a release tarball, you'll need the development files for:
- https://github.com/ClusterLabs/libqb[libqb] - used for local UNIX socket based IPC
- https://github.com/google/protobuf[protobuf] - used for IPC message (de)serialization
- https://download.libsodium.org[libsodium] or https://www.gnupg.org/software/libgcrypt[libgcrypt] - used for hashing
- https://asciidoc.org[asciidoc (a2x)] - needed to generate documentation
Optionally, you may want to install:
- https://github.com/seccomp/libseccomp[libseccomp] - used to implement a syscall whitelist
- https://people.redhat.com/sgrubb/libcap-ng/[libcap-ng] - used to drop process capabilities
And then do:
$ ./configure --with-crypto-library=sodium # or "gcrypt", based on your preference
$ make
$ sudo make install
After the sources are successfully built, you can run the test suite by executing:
$ make check
If you want to compile the sources in a cloned repository, you'll have to run the ./autogen.sh
script.
It will fetch the sources (via git submodules) of https://github.com/taocpp/PEGTL/[PEGTL] and https://github.com/philsquared/Catch[Catch].
The script will then initialize the autotools based build system.
== License
Copyright (C) 2015-2019 Red Hat, Inc.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.