Linux – how to disable USB devices based on vendor id in Linux environment

This information appears in the kernel logs — typically in /var/log/kern.log, or /var/log/syslog, or some other file (it depends on your syslog configuration, different distributions have different defaults).

If you'd like something pre-filtered, you can add an udev rule. Create a file /etc/udev/rules.d/tkk-log-usb.rules containing something like:

SUBSYSTEM=="usb", RUN+="/usr/local/sbin/tkk-usb-event"

The environment of the program is populated with a lot of variables describing the device, including:

• ACTION (add or remove)
• DEVICE is a path to the device if you want to access it
• ID_MODEL_ID and ID_VENDOR_ID contain the model and vendor ID, and ID_MODEL and ID_VENDOR contain the corresponding text
• ID_SERIAL contains the serial number of the device (if available)

Add this line:

ACTION=="add", ATTR{idVendor}=="0d8c", ATTR{idProduct}=="000c", RUN+="/bin/sh -c 'echo 1 >/sys/\$devpath/authorized'"

to a new file (ex: my.rules) in /etc/udev/rules.d/