What is fwupd.conf on Ubuntu?
What is fwupd.conf?
fwupdis a daemon / service used to manage firmware updates on Linux systems.- The file
/etc/fwupd/fwupd.confis its main configuration file. (manpages.ubuntu.com) - It’s structured in an INI-style format: sections in
[brackets], and lines likekey = value. (manpages.ubuntu.com) - Lines starting with
#are comments. (manpages.ubuntu.com)
Key Configuration Options
Some of the important parameters you can set in fwupd.conf (under the [fwupd] section) include:
- DisabledDevices: specify device GUIDs (semicolon-separated) which should be blocked from update. (manpages.ubuntu.com)
- DisabledPlugins: block specific plugins by name. (manpages.ubuntu.com)
- ArchiveSizeMax: max size (in MB) of firmware archive to load. (manpages.ubuntu.com)
- IdleTimeout: time (in seconds) to shut down the daemon when idle;
0means “never”. (manpages.ubuntu.com) - UriSchemes: which URI schemes are allowed for firmware downloads (e.g.
file,https,http,ipfs). (manpages.ubuntu.com) - OnlyTrusted: when
true, only firmware signed by a trusted key is allowed. (manpages.ubuntu.com) - TrustedUids: allows you to define which user-IDs are trusted to call the D-Bus interface. (manpages.ubuntu.com)
- ReleasePriority: preference for where to install from when the same version is available locally vs remotely. (manpages.ubuntu.com)
Why It Matters
- By configuring
fwupd.conf, you can control which devices get firmware updates, and howfwupdbehaves. - You can prevent firmware updates on devices you don’t trust (using GUIDs), or block plugins that you don’t want.
- You can tune resource usage (like archive sizes, idle shutdown) to suit your system.
- You can enforce security: for example, only allowing signed/trusted firmware installs.