system/usbguard: Added (protection against rogue USB devices).

Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>

1 files changed, 40 insertions, 0 deletions

diff --git a/system/usbguard/README b/system/usbguard/README
new file mode 100644
index 000000000000..543066146ecb
--- /dev/null
+++ b/system/usbguard/README
@@ -0,0 +1,40 @@
+The USBGuard software framework helps to protect your
+computer against unauthorized use of USB ports on
+a machine. To enforce the user-defined policy, it uses
+the USB device authorization feature implemented in the
+Linux kernel since 2007.
+
+USBGuard supports granular policy options as well as
+blacklisting and whitelisting capabilities for specifying
+how USB devices will interact with a particular host system.
+
+A device that is blocked will be listed by the operating
+system as being connected, but no communication is allowed
+for it. A device that is rejected will be completely ignored
+after it is inserted into the port.
+
+Optional dependencies:
+ - audit
+ - libseccomp
+
+To have the USBGuard daemon start and stop with your host,
+add to /etc/rc.d/rc.local:
+
+  if [ -x /etc/rc.d/rc.usbguard ]; then
+    /etc/rc.d/rc.usbguard start
+  fi
+
+and to /etc/rc.d/rc.local_shutdown (creating it if needed):
+
+  if [ -x /etc/rc.d/rc.usbguard]; then
+    /etc/rc.d/rc.usbguard stop
+  fi
+
+Warning: You must configure the daemon before you start it
+or all USB devices will immediately be blocked!
+
+In order to view the current policy execute the following
+command: sudo usbguard generate-policy 
+
+If you are satisfied with the output then copy it to the rules file.
+sudo usbguard generate-policy >> /etc/usbguard/rules.conf