From: David Mulder Date: Tue, 6 Dec 2022 18:12:34 +0000 (-0700) Subject: gp: Modify Chromium CSE to use new files applier X-Git-Tag: talloc-2.4.0~181 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5037d402a54a0010382cc7825e6fba4322ba18b4;p=thirdparty%2Fsamba.git gp: Modify Chromium CSE to use new files applier Signed-off-by: David Mulder Reviewed-by: Jeremy Allison --- diff --git a/python/samba/gp/gp_chromium_ext.py b/python/samba/gp/gp_chromium_ext.py index ae4bc8a7a80..c575ce0efac 100644 --- a/python/samba/gp/gp_chromium_ext.py +++ b/python/samba/gp/gp_chromium_ext.py @@ -16,10 +16,11 @@ import os import json -from samba.gp.gpclass import gp_pol_ext +from samba.gp.gpclass import gp_pol_ext, gp_file_applier from samba.dcerpc import misc from samba.common import get_string from samba.gp.util.logging import log +from tempfile import NamedTemporaryFile def parse_entry_data(name, e): dict_entries = ['VirtualKeyboardFeatures', @@ -365,7 +366,9 @@ def assign_entry(policies, e): name = e.valuename policies[name] = parse_entry_data(name, e) -def convert_pol_to_json(managed, recommended, section, entries): +def convert_pol_to_json(section, entries): + managed = {} + recommended = {} recommended_section = '\\'.join([section, 'Recommended']) for e in entries: if '**delvals.' in e.valuename: @@ -376,98 +379,77 @@ def convert_pol_to_json(managed, recommended, section, entries): assign_entry(managed, e) return managed, recommended -class gp_chromium_ext(gp_pol_ext): +class gp_chromium_ext(gp_pol_ext, gp_file_applier): __managed_policies_path = '/etc/chromium/policies/managed' __recommended_policies_path = '/etc/chromium/policies/recommended' def __str__(self): return 'Google/Chromium' - def set_managed_machine_policy(self, managed): - try: - managed_policies = os.path.join(self.__managed_policies_path, - 'policies.json') - os.makedirs(self.__managed_policies_path, exist_ok=True) - with open(managed_policies, 'w') as f: - json.dump(managed, f) - log.debug('Wrote Chromium preferences', managed_policies) - except PermissionError: - log.debug('Failed to write Chromium preferences', - managed_policies) - - - def set_recommended_machine_policy(self, recommended): - try: - recommended_policies = os.path.join(self.__recommended_policies_path, - 'policies.json') - os.makedirs(self.__recommended_policies_path, exist_ok=True) - with open(recommended_policies, 'w') as f: - json.dump(recommended, f) - log.debug('Wrote Chromium preferences', recommended_policies) - except PermissionError: - log.debug('Failed to write Chromium preferences', - recommended_policies) - - def get_managed_machine_policy(self): - managed_policies = os.path.join(self.__managed_policies_path, - 'policies.json') - if os.path.exists(managed_policies): - with open(managed_policies, 'r') as r: - managed = json.load(r) - log.debug('Read Chromium preferences', managed_policies) - else: - managed = {} - return managed - - def get_recommended_machine_policy(self): - recommended_policies = os.path.join(self.__recommended_policies_path, - 'policies.json') - if os.path.exists(recommended_policies): - with open(recommended_policies, 'r') as r: - recommended = json.load(r) - log.debug('Read Chromium preferences', recommended_policies) - else: - recommended = {} - return recommended - def process_group_policy(self, deleted_gpo_list, changed_gpo_list, policy_dir=None): if policy_dir is not None: self.__recommended_policies_path = os.path.join(policy_dir, 'recommended') self.__managed_policies_path = os.path.join(policy_dir, 'managed') + # Create the policy directories if necessary + if not os.path.exists(self.__recommended_policies_path): + os.makedirs(self.__recommended_policies_path, mode=0o755, + exist_ok=True) + if not os.path.exists(self.__managed_policies_path): + os.makedirs(self.__managed_policies_path, mode=0o755, + exist_ok=True) for guid, settings in deleted_gpo_list: - self.gp_db.set_guid(guid) if str(self) in settings: for attribute, policies in settings[str(self)].items(): - if attribute == 'managed': - self.set_managed_machine_policy(json.loads(policies)) - elif attribute == 'recommended': - self.set_recommended_machine_policy(json.loads(policies)) - self.gp_db.delete(str(self), attribute) - self.gp_db.commit() + try: + json.loads(policies) + except json.decoder.JSONDecodeError: + self.unapply(guid, attribute, policies) + else: + # Policies were previously stored all in one file, but + # the Chromium documentation says this is not + # necessary. Unapply the old policy file if json was + # stored in the cache (now we store a hash and file + # names instead). + if attribute == 'recommended': + fname = os.path.join(self.__recommended_policies_path, + 'policies.json') + elif attribute == 'managed': + fname = os.path.join(self.__managed_policies_path, + 'policies.json') + self.unapply(guid, attribute, fname) for gpo in changed_gpo_list: if gpo.file_sys_path: section = 'Software\\Policies\\Google\\Chrome' - self.gp_db.set_guid(gpo.name) pol_file = 'MACHINE/Registry.pol' path = os.path.join(gpo.file_sys_path, pol_file) pol_conf = self.parse(path) if not pol_conf: continue - managed = self.get_managed_machine_policy() - recommended = self.get_recommended_machine_policy() - self.gp_db.store(str(self), 'managed', json.dumps(managed)) - self.gp_db.store(str(self), 'recommended', - json.dumps(recommended)) - managed, recommended = convert_pol_to_json(managed, - recommended, section, - pol_conf.entries) - self.set_managed_machine_policy(managed) - self.set_recommended_machine_policy(recommended) - self.gp_db.commit() + managed, recommended = convert_pol_to_json(section, + pol_conf.entries) + def applier_func(policies, location): + try: + with NamedTemporaryFile(mode='w+', prefix='gp_', + delete=False, + dir=location, + suffix='.json') as f: + json.dump(policies, f) + os.chmod(f.name, 0o644) + log.debug('Wrote Chromium preferences', policies) + return [f.name] + except PermissionError: + log.debug('Failed to write Chromium preferences', + policies) + value_hash = self.generate_value_hash(json.dumps(managed)) + self.apply(gpo.name, 'managed', value_hash, applier_func, + managed, self.__managed_policies_path) + value_hash = self.generate_value_hash(json.dumps(recommended)) + self.apply(gpo.name, 'recommended', value_hash, applier_func, + recommended, self.__recommended_policies_path) def rsop(self, gpo): output = {} diff --git a/python/samba/tests/gpo.py b/python/samba/tests/gpo.py index f6a8f409130..d0ee5518212 100644 --- a/python/samba/tests/gpo.py +++ b/python/samba/tests/gpo.py @@ -2095,2097 +2095,7 @@ firefox_json_expected = \ chromium_reg_pol = \ b""" - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AbusiveExperienceInterventionEnforce - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AccessibilityImageLabelsEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AdditionalDnsQueryTypesEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AdsSettingForIntrusiveAdsSites - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AdvancedProtectionAllowed - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AllowCrossOriginAuthPrompt - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AllowDeletingBrowserHistory - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AllowDinosaurEasterEgg - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AllowFileSelectionDialogs - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AllowSyncXHRInPageDismissal - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AllowedDomainsForApps - managedchrome.com,example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AlternateErrorPagesEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AlternativeBrowserPath - ${ie} - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AlwaysOpenPdfExternally - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AmbientAuthenticationInPrivateModesEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AppCacheForceEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ApplicationLocaleValue - en - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AudioCaptureAllowed - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AudioProcessHighPriorityEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AudioSandboxEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AuthNegotiateDelegateAllowlist - foobar.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AuthSchemes - basic,digest,ntlm,negotiate - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AuthServerAllowlist - *.example.com,example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AutoLaunchProtocolsFromOrigins - [{"allowed_origins": ["example.com", "http://www.example.com:8080"], "protocol": "spotify"}, {"allowed_origins": ["https://example.com", "https://.mail.example.com"], "protocol": "teams"}, {"allowed_origins": ["*"], "protocol": "outlook"}] - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AutofillAddressEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AutofillCreditCardEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - AutoplayAllowed - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BackgroundModeEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BasicAuthOverHttpEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BlockExternalExtensions - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BlockThirdPartyCookies - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BookmarkBarEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowserAddPersonEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowserGuestModeEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowserGuestModeEnforced - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowserLabsEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowserNetworkTimeQueriesEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowserSignin - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowserSwitcherChromePath - ${chrome} - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowserSwitcherDelay - 10000 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowserSwitcherEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowserSwitcherExternalGreylistUrl - http://example.com/greylist.xml - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowserSwitcherExternalSitelistUrl - http://example.com/sitelist.xml - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowserSwitcherKeepLastChromeTab - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowserSwitcherUseIeSitelist - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowserThemeColor - #FFFFFF - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BrowsingDataLifetime - [{"data_types": ["browsing_history"], "time_to_live_in_hours": 24}, {"data_types": ["password_signin", "autofill"], "time_to_live_in_hours": 12}] - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - BuiltInDnsClientEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - CECPQ2Enabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ChromeCleanupEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ChromeCleanupReportingEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ChromeVariations - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ClickToCallEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - CloudManagementEnrollmentMandatory - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - CloudManagementEnrollmentToken - 37185d02-e055-11e7-80c1-9a214cf093ae - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - CloudPolicyOverridesPlatformPolicy - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - CloudPrintProxyEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - CloudPrintSubmitEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - CloudUserPolicyMerge - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - CommandLineFlagSecurityWarningsEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ComponentUpdatesEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DNSInterceptionChecksEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultBrowserSettingEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultCookiesSetting - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultFileHandlingGuardSetting - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultFileSystemReadGuardSetting - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultFileSystemWriteGuardSetting - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultGeolocationSetting - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultImagesSetting - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultInsecureContentSetting - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultJavaScriptSetting - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultNotificationsSetting - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultPopupsSetting - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultPrinterSelection - { "kind": "cloud", "idPattern": ".*public", "namePattern": ".*Color" } - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultSearchProviderContextMenuAccessAllowed - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultSearchProviderEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultSearchProviderIconURL - https://search.my.company/favicon.ico - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultSearchProviderImageURL - https://search.my.company/searchbyimage/upload - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultSearchProviderImageURLPostParams - content={imageThumbnail},url={imageURL},sbisrc={SearchSource} - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultSearchProviderKeyword - mis - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultSearchProviderName - My Intranet Search - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultSearchProviderNewTabURL - https://search.my.company/newtab - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultSearchProviderSearchURL - https://search.my.company/search?q={searchTerms} - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultSearchProviderSearchURLPostParams - q={searchTerms},ie=utf-8,oe=utf-8 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultSearchProviderSuggestURL - https://search.my.company/suggest?q={searchTerms} - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultSearchProviderSuggestURLPostParams - q={searchTerms},ie=utf-8,oe=utf-8 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultSensorsSetting - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultSerialGuardSetting - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultWebBluetoothGuardSetting - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DefaultWebUsbGuardSetting - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DeveloperToolsAvailability - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - Disable3DAPIs - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DisableAuthNegotiateCnameLookup - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DisablePrintPreview - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DisableSafeBrowsingProceedAnyway - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DisableScreenshots - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DiskCacheDir - ${user_home}/Chrome_cache - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DiskCacheSize - 104857600 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DnsOverHttpsMode - off - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DnsOverHttpsTemplates - https://dns.example.net/dns-query{?dns} - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DownloadDirectory - /home/${user_name}/Downloads - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - DownloadRestrictions - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - EditBookmarksEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - EnableAuthNegotiatePort - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - EnableDeprecatedPrivetPrinting - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - EnableMediaRouter - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - EnableOnlineRevocationChecks - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - EnterpriseHardwarePlatformAPIEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ExtensionSettings - {"*": {"allowed_types": ["hosted_app"], "blocked_install_message": "Custom error message.", "blocked_permissions": ["downloads", "bookmarks"], "install_sources": ["https://company-intranet/chromeapps"], "installation_mode": "blocked", "runtime_allowed_hosts": ["*://good.example.com"], "runtime_blocked_hosts": ["*://*.example.com"]}, "abcdefghijklmnopabcdefghijklmnop": {"blocked_permissions": ["history"], "installation_mode": "allowed", "minimum_version_required": "1.0.1", "toolbar_pin": "force_pinned"}, "bcdefghijklmnopabcdefghijklmnopa": {"allowed_permissions": ["downloads"], "installation_mode": "force_installed", "runtime_allowed_hosts": ["*://good.example.com"], "runtime_blocked_hosts": ["*://*.example.com"], "update_url": "https://example.com/update_url"}, "cdefghijklmnopabcdefghijklmnopab": {"blocked_install_message": "Custom error message.", "installation_mode": "blocked"}, "defghijklmnopabcdefghijklmnopabc,efghijklmnopabcdefghijklmnopabcd": {"blocked_install_message": "Custom error message.", "installation_mode": "blocked"}, "fghijklmnopabcdefghijklmnopabcde": {"blocked_install_message": "Custom removal message.", "installation_mode": "removed"}, "ghijklmnopabcdefghijklmnopabcdef": {"installation_mode": "force_installed", "override_update_url": true, "update_url": "https://example.com/update_url"}, "update_url:https://www.example.com/update.xml": {"allowed_permissions": ["downloads"], "blocked_permissions": ["wallpaper"], "installation_mode": "allowed"}} - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ExternalProtocolDialogShowAlwaysOpenCheckbox - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - FetchKeepaliveDurationSecondsOnShutdown - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ForceEphemeralProfiles - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ForceGoogleSafeSearch - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ForceYouTubeRestrict - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - FullscreenAllowed - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - GloballyScopeHTTPAuthCacheEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - HardwareAccelerationModeEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - HeadlessMode - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - HideWebStoreIcon - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - HomepageIsNewTabPage - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - HomepageLocation - https://www.chromium.org - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ImportAutofillFormData - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ImportBookmarks - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ImportHistory - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ImportHomepage - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ImportSavedPasswords - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ImportSearchEngine - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - IncognitoModeAvailability - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - InsecureFormsWarningsEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - InsecurePrivateNetworkRequestsAllowed - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - IntensiveWakeUpThrottlingEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - IntranetRedirectBehavior - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - IsolateOrigins - https://example.com/,https://othersite.org/ - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ManagedBookmarks - [{"toplevel_name": "My managed bookmarks folder"}, {"name": "Google", "url": "google.com"}, {"name": "Youtube", "url": "youtube.com"}, {"children": [{"name": "Chromium", "url": "chromium.org"}, {"name": "Chromium Developers", "url": "dev.chromium.org"}], "name": "Chrome links"}] - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ManagedConfigurationPerOrigin - [{"managed_configuration_hash": "asd891jedasd12ue9h", "managed_configuration_url": "https://gstatic.google.com/configuration.json", "origin": "https://www.google.com"}, {"managed_configuration_hash": "djio12easd89u12aws", "managed_configuration_url": "https://gstatic.google.com/configuration2.json", "origin": "https://www.example.com"}] - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - MaxConnectionsPerProxy - 32 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - MaxInvalidationFetchDelay - 10000 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - MediaRecommendationsEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - MediaRouterCastAllowAllIPs - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - MetricsReportingEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - NTPCardsVisible - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - NTPCustomBackgroundEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - NativeMessagingUserLevelHosts - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - NetworkPredictionOptions - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - NewTabPageLocation - https://www.chromium.org - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PasswordLeakDetectionEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PasswordManagerEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PasswordProtectionChangePasswordURL - https://mydomain.com/change_password.html - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PasswordProtectionWarningTrigger - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PaymentMethodQueryEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PolicyAtomicGroupsEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PolicyRefreshRate - 3600000 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PrintHeaderFooter - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PrintPreviewUseSystemDefaultPrinter - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PrintRasterizationMode - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PrintingAllowedBackgroundGraphicsModes - enabled - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PrintingBackgroundGraphicsDefault - enabled - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PrintingEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PrintingPaperSizeDefault - {"custom_size": {"height": 297000, "width": 210000}, "name": "custom"} - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ProfilePickerOnStartupAvailability - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PromotionalTabsEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - PromptForDownloadLocation - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ProxySettings - {"ProxyBypassList": "https://www.example1.com,https://www.example2.com,https://internalsite/", "ProxyMode": "direct", "ProxyPacUrl": "https://internal.site/example.pac", "ProxyServer": "123.123.123.123:8080", "ProxyServerMode": 2} - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - QuicAllowed - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RelaunchNotification - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RelaunchNotificationPeriod - 604800000 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RemoteAccessHostAllowClientPairing - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RemoteAccessHostAllowFileTransfer - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RemoteAccessHostAllowRelayedConnection - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RemoteAccessHostAllowRemoteAccessConnections - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RemoteAccessHostAllowUiAccessForRemoteAssistance - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RemoteAccessHostFirewallTraversal - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RemoteAccessHostMaximumSessionDurationMinutes - 1200 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RemoteAccessHostRequireCurtain - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RemoteAccessHostUdpPortRange - 12400-12409 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RendererCodeIntegrityEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RequireOnlineRevocationChecksForLocalAnchors - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RestoreOnStartup - 4 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RestrictSigninToPattern - .*@example\\.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RoamingProfileLocation - ${roaming_app_data}\\chrome-profile - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - RoamingProfileSupportEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SSLErrorOverrideAllowed - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SSLVersionMin - tls1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SafeBrowsingExtendedReportingEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SafeBrowsingForTrustedSourcesEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SafeBrowsingProtectionLevel - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SafeSitesFilterBehavior - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SavingBrowserHistoryDisabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ScreenCaptureAllowed - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ScrollToTextFragmentEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SearchSuggestEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SharedArrayBufferUnrestrictedAccessAllowed - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SharedClipboardEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ShowAppsShortcutInBookmarkBar - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ShowCastIconInToolbar - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ShowFullUrlsInAddressBar - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ShowHomeButton - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SignedHTTPExchangeEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SigninInterceptionEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SitePerProcess - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SpellCheckServiceEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SpellcheckEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SuppressDifferentOriginSubframeDialogs - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SuppressUnsupportedOSWarning - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - SyncDisabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - TargetBlankImpliesNoOpener - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - TaskManagerEndProcessEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - ThirdPartyBlockingEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - TotalMemoryLimitMb - 2048 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - TranslateEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - TripleDESEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - UrlKeyedAnonymizedDataCollectionEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - UserAgentClientHintsEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - UserDataDir - ${users}/${user_name}/Chrome - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - UserDataSnapshotRetentionLimit - 3 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - UserFeedbackAllowed - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - VideoCaptureAllowed - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - WPADQuickCheckEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - WebAppInstallForceList - [{"create_desktop_shortcut": true, "default_launch_container": "window", "url": "https://www.google.com/maps"}, {"default_launch_container": "tab", "url": "https://docs.google.com"}, {"default_launch_container": "window", "fallback_app_name": "Editor", "url": "https://docs.google.com/editor"}] - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - WebRtcAllowLegacyTLSProtocols - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - WebRtcEventLogCollectionAllowed - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - WebRtcIPHandling - default - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - WebRtcUdpPortRange - 10000-11999 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - WebUsbAllowDevicesForUrls - [{"devices": [{"product_id": 5678, "vendor_id": 1234}], "urls": ["https://google.com"]}] - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome - WindowOcclusionEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AlternativeBrowserParameters - 1 - -foreground - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AlternativeBrowserParameters - 2 - -new-window - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AlternativeBrowserParameters - 3 - ${url} - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AlternativeBrowserParameters - 4 - -profile - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AlternativeBrowserParameters - 5 - %HOME%\\browser_profile - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AudioCaptureAllowedUrls - 1 - https://www.example.com/ - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AudioCaptureAllowedUrls - 2 - https://[*.]example.edu/ - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoOpenAllowedForURLs - 1 - example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoOpenAllowedForURLs - 2 - https://ssl.server.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoOpenAllowedForURLs - 3 - hosting.com/good_path - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoOpenAllowedForURLs - 4 - https://server:8080/path - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoOpenAllowedForURLs - 5 - .exact.hostname.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoOpenFileTypes - 1 - exe - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoOpenFileTypes - 2 - txt - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoSelectCertificateForUrls - 1 - {"pattern":"https://www.example.com","filter":{"ISSUER":{"CN":"certificate issuer name", "L": "certificate issuer location", "O": "certificate issuer org", "OU": "certificate issuer org unit"}, "SUBJECT":{"CN":"certificate subject name", "L": "certificate subject location", "O": "certificate subject org", "OU": "certificate subject org unit"}}} - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoplayAllowlist - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoplayAllowlist - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\BrowserSwitcherChromeParameters - 1 - --force-dark-mode - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\BrowserSwitcherUrlGreylist - 1 - ie.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\BrowserSwitcherUrlGreylist - 2 - !open-in-chrome.ie.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\BrowserSwitcherUrlGreylist - 3 - foobar.com/ie-only/ - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\BrowserSwitcherUrlList - 1 - ie.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\BrowserSwitcherUrlList - 2 - !open-in-chrome.ie.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\BrowserSwitcherUrlList - 3 - foobar.com/ie-only/ - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\CertificateTransparencyEnforcementDisabledForCas - 1 - sha256/AAAAAAAAAAAAAAAAAAAAAA== - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\CertificateTransparencyEnforcementDisabledForCas - 2 - sha256//////////////////////w== - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\CertificateTransparencyEnforcementDisabledForLegacyCas - 1 - sha256/AAAAAAAAAAAAAAAAAAAAAA== - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\CertificateTransparencyEnforcementDisabledForLegacyCas - 2 - sha256//////////////////////w== - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\CertificateTransparencyEnforcementDisabledForUrls - 1 - example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\CertificateTransparencyEnforcementDisabledForUrls - 2 - .example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ClearBrowsingDataOnExitList - 1 - browsing_history - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ClearBrowsingDataOnExitList - 2 - download_history - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ClearBrowsingDataOnExitList - 3 - cookies_and_other_site_data - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ClearBrowsingDataOnExitList - 4 - cached_images_and_files - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ClearBrowsingDataOnExitList - 5 - password_signin - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ClearBrowsingDataOnExitList - 6 - autofill - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ClearBrowsingDataOnExitList - 7 - site_settings - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ClearBrowsingDataOnExitList - 8 - hosted_app_data - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\CookiesAllowedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\CookiesAllowedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\CookiesBlockedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\CookiesBlockedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\CookiesSessionOnlyForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\CookiesSessionOnlyForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\DefaultSearchProviderAlternateURLs - 1 - https://search.my.company/suggest#q={searchTerms} - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\DefaultSearchProviderAlternateURLs - 2 - https://search.my.company/suggest/search#q={searchTerms} - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\DefaultSearchProviderEncodings - 1 - UTF-8 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\DefaultSearchProviderEncodings - 2 - UTF-16 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\DefaultSearchProviderEncodings - 3 - GB2312 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\DefaultSearchProviderEncodings - 4 - ISO-8859-1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\EnableExperimentalPolicies - 1 - ExtensionInstallAllowlist - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\EnableExperimentalPolicies - 2 - ExtensionInstallBlocklist - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExplicitlyAllowedNetworkPorts - 1 - 10080 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionAllowedTypes - 1 - hosted_app - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallAllowlist - 1 - extension_id1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallAllowlist - 2 - extension_id2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallBlocklist - 1 - extension_id1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallBlocklist - 2 - extension_id2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallForcelist - 1 - aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa;https://clients2.google.com/service/update2/crx - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallForcelist - 2 - abcdefghijklmnopabcdefghijklmnop - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallSources - 1 - https://corp.mycompany.com/* - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\FileHandlingAllowedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\FileHandlingAllowedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\FileHandlingBlockedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\FileHandlingBlockedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\FileSystemReadAskForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\FileSystemReadAskForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\FileSystemReadBlockedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\FileSystemReadBlockedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\FileSystemWriteAskForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\FileSystemWriteAskForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\FileSystemWriteBlockedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\FileSystemWriteBlockedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ForcedLanguages - 1 - en-US - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\HSTSPolicyBypassList - 1 - meet - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ImagesAllowedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ImagesAllowedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ImagesBlockedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ImagesBlockedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\InsecureContentAllowedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\InsecureContentAllowedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\InsecureContentBlockedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\InsecureContentBlockedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\InsecurePrivateNetworkRequestsAllowedForUrls - 1 - http://www.example.com:8080 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\InsecurePrivateNetworkRequestsAllowedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\JavaScriptAllowedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\JavaScriptAllowedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\JavaScriptBlockedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\JavaScriptBlockedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\LegacySameSiteCookieBehaviorEnabledForDomainList - 1 - www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\LegacySameSiteCookieBehaviorEnabledForDomainList - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\LookalikeWarningAllowlistDomains - 1 - foo.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\LookalikeWarningAllowlistDomains - 2 - example.org - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\NativeMessagingAllowlist - 1 - com.native.messaging.host.name1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\NativeMessagingAllowlist - 2 - com.native.messaging.host.name2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\NativeMessagingBlocklist - 1 - com.native.messaging.host.name1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\NativeMessagingBlocklist - 2 - com.native.messaging.host.name2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\NotificationsAllowedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\NotificationsAllowedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\NotificationsBlockedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\NotificationsBlockedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\OverrideSecurityRestrictionsOnInsecureOrigin - 1 - http://testserver.example.com/ - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\OverrideSecurityRestrictionsOnInsecureOrigin - 2 - *.example.org - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\PasswordProtectionLoginURLs - 1 - https://mydomain.com/login.html - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\PasswordProtectionLoginURLs - 2 - https://login.mydomain.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\PolicyDictionaryMultipleSourceMergeList - 1 - ExtensionSettings - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\PolicyListMultipleSourceMergeList - 1 - ExtensionInstallAllowlist - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\PolicyListMultipleSourceMergeList - 2 - ExtensionInstallBlocklist - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\PopupsAllowedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\PopupsAllowedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\PopupsBlockedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\PopupsBlockedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\PrinterTypeDenyList - 1 - cloud - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\PrinterTypeDenyList - 2 - privet - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\RemoteAccessHostClientDomainList - 1 - my-awesome-domain.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\RemoteAccessHostClientDomainList - 2 - my-auxiliary-domain.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\RemoteAccessHostDomainList - 1 - my-awesome-domain.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\RemoteAccessHostDomainList - 2 - my-auxiliary-domain.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\RestoreOnStartupURLs - 1 - https://example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\RestoreOnStartupURLs - 2 - https://www.chromium.org - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SSLErrorOverrideAllowedForOrigins - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SSLErrorOverrideAllowedForOrigins - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SafeBrowsingAllowlistDomains - 1 - mydomain.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SafeBrowsingAllowlistDomains - 2 - myuniversity.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SecurityKeyPermitAttestation - 1 - https://example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SensorsAllowedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SensorsAllowedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SensorsBlockedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SensorsBlockedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SerialAskForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SerialAskForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SerialBlockedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SerialBlockedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SpellcheckLanguage - 1 - fr - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SpellcheckLanguage - 2 - es - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SpellcheckLanguageBlocklist - 1 - fr - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SpellcheckLanguageBlocklist - 2 - es - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\SyncTypesListDisabled - 1 - bookmarks - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLAllowlist - 1 - example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLAllowlist - 2 - https://ssl.server.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLAllowlist - 3 - hosting.com/good_path - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLAllowlist - 4 - https://server:8080/path - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLAllowlist - 5 - .exact.hostname.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLBlocklist - 1 - example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLBlocklist - 2 - https://ssl.server.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLBlocklist - 3 - hosting.com/bad_path - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLBlocklist - 4 - https://server:8080/path - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLBlocklist - 5 - .exact.hostname.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLBlocklist - 6 - file://* - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLBlocklist - 7 - custom_scheme:* - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLBlocklist - 8 - * - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\VideoCaptureAllowedUrls - 1 - https://www.example.com/ - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\VideoCaptureAllowedUrls - 2 - https://[*.]example.edu/ - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\WebRtcLocalIpsAllowedUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\WebRtcLocalIpsAllowedUrls - 2 - *example.com* - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\WebUsbAskForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\WebUsbAskForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\WebUsbBlockedForUrls - 1 - https://www.example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\WebUsbBlockedForUrls - 2 - [*.]example.edu - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - AlternateErrorPagesEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - ApplicationLocaleValue - en - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - AutofillAddressEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - AutofillCreditCardEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - BackgroundModeEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - BlockThirdPartyCookies - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - BookmarkBarEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - DefaultDownloadDirectory - /home/${user_name}/Downloads - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - DownloadDirectory - /home/${user_name}/Downloads - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - DownloadRestrictions - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - HomepageIsNewTabPage - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - HomepageLocation - https://www.chromium.org - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - ImportAutofillFormData - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - ImportBookmarks - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - ImportHistory - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - ImportSavedPasswords - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - ImportSearchEngine - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - MetricsReportingEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - NetworkPredictionOptions - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - PasswordLeakDetectionEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - PasswordManagerEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - PrintHeaderFooter - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - PrintPreviewUseSystemDefaultPrinter - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - RegisteredProtocolHandlers - [{"default": true, "protocol": "mailto", "url": "https://mail.google.com/mail/?extsrc=mailto&url=%s"}] - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - RestoreOnStartup - 4 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - SafeBrowsingForTrustedSourcesEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - SafeBrowsingProtectionLevel - 2 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - SearchSuggestEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - ShowFullUrlsInAddressBar - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - ShowHomeButton - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - SpellCheckServiceEnabled - 0 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended - TranslateEnabled - 1 - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended\RestoreOnStartupURLs - 1 - https://example.com - - - HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\Recommended\RestoreOnStartupURLs - 2 - https://www.chromium.org - + Software\Policies\Google\Chrome AbusiveExperienceInterventionEnforce @@ -9034,21 +6944,25 @@ class GPOTests(tests.TestCase): with TemporaryDirectory() as dname: ext.process_group_policy([], gpos, dname) - managed = os.path.join(dname, 'managed', 'policies.json') - self.assertTrue(os.path.exists(managed), - 'Chromium policies are missing') - with open(managed, 'r') as r: + managed = os.path.join(dname, 'managed') + managed_files = os.listdir(managed) + self.assertEquals(len(managed_files), 1, + 'Chromium policies are missing') + with open(os.path.join(managed, managed_files[0]), 'r') as r: managed_data = json.load(r) - recommended = os.path.join(dname, 'recommended', 'policies.json') - self.assertTrue(os.path.exists(recommended), - 'Chromium policies are missing') - with open(recommended, 'r') as r: + recommended = os.path.join(dname, 'recommended') + recommended_files = os.listdir(recommended) + self.assertEquals(len(recommended_files), 1, + 'Chromium policies are missing') + with open(os.path.join(recommended, recommended_files[0]), + 'r') as r: recommended_data = json.load(r) expected_managed_data = json.loads(chromium_json_expected_managed) expected_recommended_data = \ json.loads(chromium_json_expected_recommended) - self.assertEqual(expected_managed_data.keys(), - managed_data.keys(), + self.maxDiff = None + self.assertEqual(sorted(expected_managed_data.keys()), + sorted(managed_data.keys()), 'Chromium policies are missing') for name in expected_managed_data.keys(): self.assertEqual(expected_managed_data[name], @@ -9069,10 +6983,12 @@ class GPOTests(tests.TestCase): gp_db = store.get_gplog(machine_creds.get_username()) del_gpos = get_deleted_gpos_list(gp_db, []) ext.process_group_policy(del_gpos, [], dname) + managed = os.path.join(managed, managed_files[0]) if os.path.exists(managed): data = json.load(open(managed, 'r')) self.assertEqual(len(data.keys()), 0, 'The policy was not unapplied') + recommended = os.path.join(recommended, recommended_files[0]) if os.path.exists(recommended): data = json.load(open(recommended, 'r')) self.assertEqual(len(data.keys()), 0,