Hi,
I want to disable the usb for linux operating system, can anyone help me to customize a fixlet for doing this?
I’ve manually disabled it from the root, but i need an action script to use the following command :
and disable the usb_storage
How can i do this via IEM.
Please help It’s really important
What needs to be added to blacklist.conf? Can you provide links to examples and the format of the file?
Also, it would be helpful if you posted what you have tried, including related relevance.
There are many different ways to do this through BigFix/IEM, and it depends on if you just want to replace that file completely or append to it.
This should be the correct answer:
In the blacklist i wrote the following statement
“blacklist usb_storage”
i’ve done this manually. Please help me to disable usb on linux via IEM. or help me to write an action script. I’ve successfully written an applicability relevance but struggling to write an action script.
And it’s an urgent requirement from client. PLEASE HELP
Thanks for your understanding and cooperation
Don’t be quite so demanding, I am not an IBM employee. If you have an immediate need than open a PMR or pay IBM for professional services.
How would you add text to a file using the command line in a non-interactive way? You just replicate that using wait in the actionscript.
wait <command>should i write this
wait blacklist usb_storage
in the action script??
wait is what you use in actionscript to execute commands. You have to figure out what the command is first, then use wait to execute it in actionscript.
How do you add text to any file on the command line in linux? that is what you are lacking.
Don’t try to do this through BigFix/IEM until you first figure out the command that you would enter in a single line non-interactively into the linux terminal. Once you figure that out, then just do that using actionscript, which involves putting wait before it and using absolute paths.
well i did this manually.
Is there any other way to disable the use of usb on linux using IEM??
Using VI is not doing it manually, it is doing it interactively. How do you add text to a file non-interactively? How would you do it in a bash script? Use the same approach in ActionScript.
Hint: use echo
http://www.heatware.net/linux-unix/how-to-append-stringdata-to-a-file-in-linux/
yes you’re right I’ve done it interactively but couldn’t do it non-interactively.
So what is the either way to do this from bigfix?
First google “add text to file linux” and figure out how to do it on the command line non-interactively, then test it out to get it to work by typing it into the terminal yourself using absolute paths. Make sure the command works, then put wait in front of it, put it in the actionscript, and then it will work.
This is the approach in broad terms for writing all actionscript.
Hey @jgstew
I’ve figured out the command which to do it non-interactively and command is working properly but when i put wait in front of it in the actionscript it didn’t work. can you please help?? following is the command
echo “blacklist usb_storage” >> /etc/modprobe.d/blacklist.conf
wait /bin/bash -c "echo blacklist usb_storage >> /etc/modeprobe.d/blacklist.conf"
hey @gearoid thanks for your response.
I’ve taken a custom action by using the given action script but the action status showing not reported.
What will be the possible reason for this?
Thanks for that @gearoid
I should point out that sometimes you can just put wait in front, but other times you have to specifically call the interpreter first. This usually isn’t required if you are calling a typical executable, so I usually try it without that first.
On windows:
waithidden cmd /C <command>
*This also often works in nix systems:
wait /bin/sh -c <command>
@baig “not reported” is what you should see in the console at first when you take any action. This just means the client hasn’t received it yet and reported its status. It should change to “Running” or “Not Relevant”, and then change to “Completed” or “Fixed” if it runs “successfully”. A point of confusion is that what constitutes “success” is different depending on the success criteria, and it does not actually mean that it actually succeeded unless the success criteria is correct.