Created
June 30, 2025 09:43
-
-
Save anir0y/60611a7797973651d735e25698c99540 to your computer and use it in GitHub Desktop.
USB detection and blocker script for Linux Systems
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # ============================================================================== | |
| # Revert Ubuntu USB Security Policy | |
| # ============================================================================== | |
| # | |
| # DESCRIPTION: | |
| # This script reverts the changes made by the "Ubuntu USB Security Policy Script". | |
| # It re-enables all USB devices and the Bluetooth service. | |
| # | |
| # FEATURES: | |
| # 1. UDEV Rule Removal: Deletes the custom udev rule file. | |
| # 2. Re-authorization: Explicitly re-authorizes all currently connected USB | |
| # devices, allowing them to work immediately. | |
| # 3. Bluetooth Re-enable: Unmasks, enables, and starts the system Bluetooth | |
| # service. | |
| # | |
| # USAGE: | |
| # 1. Stop the original security script if it is running (Ctrl+C). | |
| # 2. Run this revert script with root privileges: | |
| # chmod +x revert_usb_security.sh | |
| # sudo ./revert_usb_security.sh | |
| # | |
| # ============================================================================== | |
| # --- Configuration --- | |
| UDEV_RULE_FILE="/etc/udev/rules.d/80-usb-security.rules" | |
| # --- Main Revert Logic --- | |
| # Ensure the script is run as root | |
| if [ "$(id -u)" -ne 0 ]; then | |
| echo "This script must be run as root. Please use sudo." | |
| exit 1 | |
| fi | |
| echo "--- Reverting USB Security Policy ---" | |
| # 1. Re-enable Bluetooth Service | |
| echo "[*] Re-enabling Bluetooth service..." | |
| systemctl unmask bluetooth.service >/dev/null 2>&1 | |
| systemctl enable bluetooth.service >/dev/null 2>&1 | |
| systemctl start bluetooth.service >/dev/null 2>&1 | |
| echo "[+] Bluetooth service has been enabled and started." | |
| # 2. Remove the UDEV rule file | |
| if [ -f "$UDEV_RULE_FILE" ]; then | |
| echo "[*] Removing udev security rule file..." | |
| rm -f "$UDEV_RULE_FILE" | |
| echo "[+] Udev rule file deleted." | |
| else | |
| echo "[!] Udev rule file not found. Skipping." | |
| fi | |
| # 3. Reload udev rules to remove the policy from memory | |
| echo "[*] Reloading udev rules..." | |
| udevadm control --reload-rules | |
| echo "[+] Udev rules reloaded." | |
| # 4. Re-authorize all currently connected USB devices | |
| echo "[*] Re-authorizing all connected USB devices..." | |
| for dir in /sys/bus/usb/devices/*; do | |
| if [ -f "$dir/authorized" ]; then | |
| # Writing 1 to 'authorized' re-enables the device | |
| echo 1 > "$dir/authorized" | |
| fi | |
| done | |
| echo "[+] All USB devices have been re-authorized." | |
| # 5. Trigger udev to re-probe devices if necessary | |
| udevadm trigger | |
| echo -e "\n--- System Security Policy Reverted ---" | |
| echo "Policy: All USB devices are now allowed." | |
| echo "Bluetooth: Enabled and running." | |
| echo "The system is back to its default USB device handling." | |
| echo "----------------------------------------------------" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment