How to detect if USB device is bootable in udev

bootudevusb

I'm trying to write a udev rule to not mount USB devices plugged into my system if they're bootable, but I don't know how to specify in udev if a device is bootable in a rule. Is that possible? If so, what needs to go into my rule?

To be clear, by bootable, I mean the device has an OS that I can boot into at start up.

Best Answer

udev adds some environment variables to the partition node (leaf node) including partition entry flags for MBR table. Bootable partition should have ID_PART_ENTRY_FLAGS=0x80.

Try this rule and you gonna see all environment variables (source: Pass ATTR{idVendor} as argument in udev script):

KERNEL="sd[a-z][1-9]", RUN+="/bin/sh -c 'echo == >> /home/username/Desktop/usb-storage.txt; env >> /home/username/Desktop/usb-storage.txt'"

A rule that works for me in Ubuntu 14.04:

ACTION=="add", KERNEL=="sd[a-z][1-9]", ENV{ID_PART_ENTRY_FLAGS}=="0x80", RUN+="/bin/sh -c 'echo 0 > /sys%p/../../../../../../../authorized'"

Related Solutions

Udev rule for usb attach/detach not triggering

Your rule must give an absolute path for executable:

ACTION=="add", SUBSYSTEMS=="usb", RUN+="/usr/bin/touch /tmp/test"

Edit:

And if you want to execute a script, you must tell what shell will execute it:

ACTION=="add", SUBSYSTEMS=="usb", RUN+="/bin/sh /path/to/your/script"

Linux – Ignoring other USB devices in a udev rule

By the time udev is running to handle creating the device, it's too late—the kernel has already attached the HID driver to the mouse/keyboard/etc.

Instead, you should be able to use the USB authorization framework (I've personally never used this, so I can't vouch it works). Basically, you tell Linux not to authorize new USB devices. Then you individually authorize each one by doing echo 1 > /sys/bus/usb/devices/DEVICE/authorized as root.

You can set the default to not authorized via the usbcore authorized_default=0 module parameter or the usbcore.authorized_default=0 kernel parameter (if USB isn't compiled as a module). Alternatively, you can do it on a per-bus basis, after boot, with echo 0 > /sys/bus/usb/devices/usbX/authorized_default.

Best Answer

Related Solutions

Udev rule for usb attach/detach not triggering

Linux – Ignoring other USB devices in a udev rule

Related Question