diff options
| author | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2018-07-18 18:02:33 -0700 |
|---|---|---|
| committer | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2018-07-18 18:02:33 -0700 |
| commit | 83fdfe03881b0fd0231c6b1f121562bfa46820c5 (patch) | |
| tree | ee33271d4bf41e1c2e171e87db684c2f589f7395 | |
| download | usbctl-83fdfe03881b0fd0231c6b1f121562bfa46820c5.tar.xz | |
Initial commit
| -rw-r--r-- | 10-usbctl.conf | 1 | ||||
| -rw-r--r-- | PKGBUILD | 29 | ||||
| -rw-r--r-- | usbctl.install | 14 |
3 files changed, 44 insertions, 0 deletions
diff --git a/10-usbctl.conf b/10-usbctl.conf new file mode 100644 index 0000000..af01395 --- /dev/null +++ b/10-usbctl.conf @@ -0,0 +1 @@ +kernel.deny_new_usb=1 diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 0000000..31d90b7 --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,29 @@ +# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org> +# Maintainer: kpcyrd <git@rxv.cc> + +pkgname=usbctl +pkgver=1.0 +pkgrel=1 +pkgdesc='Linux-hardened deny_new_usb control' +url='https://github.com/anthraxx/usbctl' +arch=('any') +license=('MIT') +install=${pkgname}.install +depends=('linux-libre-hardened-ck' 'bash' 'usbutils' 'coreutils' 'diffutils' 'procps-ng' 'grep' 'util-linux') +#optdepends=('zsh: zsh completion support') +source=(${pkgname}-${pkgver}.tar.gz::https://github.com/anthraxx/${pkgname}/archive/${pkgver}/${pkgver}.tar.gz + ${pkgname}-${pkgver}.tar.gz.sig::https://github.com/anthraxx/usbctl/releases/download/${pkgver}/${pkgver}.tar.gz.sig) +# 10-usbctl.conf) +sha512sums=('0f16297188439d10c1dcff6368ec830c4f665e05c01790383791cb207bda5667416c8f3b662173e6d7c5ffac2ef2b83593889b0e76a4a061129df5128bf2f4f6' + 'SKIP') +# 'e36a3d97daef70992c84efb633904055d94ac0bb74fc355c01defec74a63c27f097b66e19849c207b1428f353f530978e5d43c31c3d5b47bd976c2c868ac8245') +validpgpkeys=('E240B57E2C4630BA768E2F26FC1B547C8D8172C8') # Levente Polyak + +package() { + cd ${pkgname}-${pkgver} + install -Dm 755 usbctl -t "${pkgdir}/usr/bin" +# install -Dm 644 contrib/systemd/deny-new-usb.service -t "${pkgdir}/usr/lib/systemd/system" + install -Dm 644 contrib/completion/bash/usbctl -t "${pkgdir}/usr/share/bash-completion/completions" +# install -Dm 644 contrib/completion/zsh/_usbctl -t "${pkgdir}/usr/share/zsh/site-functions" + install -Dm 644 LICENSE -t "${pkgdir}/usr/share/licenses/${pkgname}" +} diff --git a/usbctl.install b/usbctl.install new file mode 100644 index 0000000..a84ac2b --- /dev/null +++ b/usbctl.install @@ -0,0 +1,14 @@ + +pre_install() { + cat <<EOM + == Important == + AFTER you configure valid devices -- + Add the sysctl intiation to a conjob by adding + @reboot root /usr/bin/sysctl -q kernel.deny_new_usb=1 + to your /etc/crontab +EOM +} + +pre_upgrade() { + pre_install +} |