search

USBGuard / usbguard

USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)
https://usbguard.github.io/
GNU General Public License v2.0
1.12k stars 138 forks source link

Monitoring copied file to a usb key #607

Closed p1r4t3-s4il0r closed 10 months ago

p1r4t3-s4il0r commented 11 months ago

Hello,

I'm using USB guard to prevent users from connecting an untrusted device to their machines (Unix).

Once the device is trust, I would like to keep logs of which file is copied to a USB key. I would like to have :

I didn't find any docs about this with USB guard, is it doable ? And, if not, what tool can I use to do so ?

Today, I have to go on each machine to authorize a device. I would like to "centralize" the authorizations. I would like to authorize devices regarding the connected user using his LDAP account. Is there any trick for this ? And should I open an other issue ?

Thanks.

radosroka commented 11 months ago

Perhaps (just a wild guess) https://github.com/linux-audit can do something like that.

p1r4t3-s4il0r commented 11 months ago

It seems a bit overkill But I'll give it a try and let you know

radosroka commented 10 months ago

If you don't mind I will close the issue. Feel free to reopen if needed.