Skip to main content

Linux-specific MDM policies available in Swif

Updated today

The table below completes the cross-platform glossary (Apple ▶ Windows ▶ Linux).
Find these under Device Management → Policies → New Policy → Linux.

Policy

What it controls

Min. OS / notes

Linux Application Block

Black-/allow-list desktop or CLI applications (by package name or path)

Any managed Linux distro

Linux Bluetooth

Enable/disable the Bluetooth radio, set discoverability, pairing rules

Any Linux

Escrow LUKS/dm-crypt recovery keys & push recovery unlock commands

Any Linux

Linux Firefox Extension

Force-install or block Firefox add-ons via policies.json

Any Linux

Deploy / block Chrome & Chromium extensions

Any Linux

Local account password length, complexity, expiry (PAM) (CLI tools only—KDE password UI not supported)

Any Linux

Linux Screen Saver

Idle lock, timeout, DPMS blanking (GNOME, XFCE, MATE, Cinnamon)

Any Linux

apt/dnf/zypper automatic security patching, deferrals, reboot window

Any Linux

Linux Tracking

Adjust distro telemetry, location services, advertising IDs

Any Linux

Linux USB

Allow / block removable storage, set read-only, match VID/PID

Any Linux

Linux Wi-Fi

WPA2/WPA3 Enterprise & PSK network profiles, auto-join priorities

Any Linux

Quick tips

  • Encryption Recovery Policy integrates with Swif’s key vault—no more manual LUKS key escrow.

  • The Application Block payload is package-manager-agnostic (works with apt, yum/dnf, pacman, etc.).

  • If you need cross-OS parity (e.g., kill USB storage on every endpoint), create identical policies in the macOS and Windows tabs and assign them to the same device group.

Check the Apple and Windows glossaries for their respective payloads, then use device groups to mix-and-match rules across your fleet.

Did this answer your question?