Linux: Systemwide configuration file including flags and arguments

I am pretty certain this has not been answered fully yet, only snippets here and there.

Use case

I want to create an Operating System / preset files on deployed Linux PCs that have a systemwide Brave configuration file, e.g. somewhere in /etc/

This file should include things like:

  • disable VPN
  • disable Tor
  • disable Javascript JIT
  • set a custom home page
  • preset a Search engine

So I assume there are different components, but mainly I think this is not well documented at all.


The Case in Chromium: /usr/etc/chromium/chromium.conf :

CHROMIUM_FLAGS=""
CHROMIUM_FLAGS+=" --ozone-platform=wayland"
CHROMIUM_FLAGS+=" --js-flags=--jitless"

now I wonder what run flags could be added here. Are those the same as brave:flags ?

In this issue someone reported this:

  • If there’s an /etc/brave/policies/managed/00_gssapi.json present at startup, Brave will load that policy.
  • If there’s no /etc/brave present at startup, Brave will load policy from /etc/chromium instead.
  • It never acts on files in /etc/opt/chrome.
  • It remembers the policy directory which was preset at startup and watches it for changes, so restarting the browser is necessary to test this.

This would mean it should already use such a config file. Is /usr/etc/ the same as /etc/ but not writable for example on OSTree filesystems?


I know of CHEFKOCH’s hardening setup but it seems to be just a research list of Flags.

Is there no way to load these settings globally?

There are Windows Group Policies, and that is very good so institutions can preinstall Brave while keeping many things like Tor deactivated (one slow step at a time).


I would be very happy about details on this topic, as there are many different things out there.

  • ~/.config/BraveSoftware/Brave-Browser/
  • /usr/etc/brave/
  • /etc/brave/
  • /etc/brave-browser/

How are those files written, what is compatible with Chromium and what not?

Btw Leo gave me some probably made up answers to place a file like this

/etc/brave/brave.config
[vpn]
flag = disabled

Or similar. I could nowhere find a mention of that.

Then ChatGPT told me to put everything in the launch parameter like this:

brave-browser --disable-features=ExtensionsToolbarMenu,BraveVPN,Binance,Doodles,BinanceStaking,VpnServices,BraveTalk,Flock,SocialMediaEngagement,BinanceWidget,PeerConnectionKeying,WebXRPublisher,DirectSockets,DownstreamWithoutOrigin,PaymentService,WebXRGamepadModule,WebXRHitTest

1 Like

Update on this:

Chromium has very well documented policies

So at least there are launch parameters and policies possible. Which directories does Brave use?

Update 2: Chromium has full support for Policies which are incredibly useful. You can preinstall Addons, allowlist and blocklist addons etc. Just see the brace Policies above.

Please add documentation for this.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.