The Chrome browser for the enterprise bundle includes a sample configuration file that you can customize to define policy settings for Linux devices. You can also use Chrome Enterprise Core to set up your browser policies in the cloud and see an overview of browser usage.
Before you begin
There are two sets of policies used to get a managed instance of Google Chrome up and running on Linux:
- A set in the managed folder that is required and is mandated by an admin. Make sure that these files are not writable and, therefore, cannot be overridden by non-admin users.
- A set in the recommended folder that is recommended for users, but not required. The settings that those policies apply to can be changed by the users.
Be careful not to set the same policy in more than one file. If you do, it’s unclear which of the values you specify will be applied.
Managed and recommended policies must have their respective folders in the file system. Create the following directories if they do not already exist:
>mkdir /etc/opt/chrome/policies
>mkdir /etc/opt/chrome/policies/managed
>mkdir /etc/opt/chrome/policies/recommended
Note: Some policies are recommended only. This means they will not work if they are placed in the /etc/opt/chrome/policies/managed folder.
If they are placed in this folder, you will see the error message: Policy level is not supported if the policies are exported from chrome://policy.
Example
"RegisteredProtocolHandlers": {
"error": "Policy level is not supported.",
"level": "mandatory",
"scope": "machine",
"source": "platform",
"value": [ {
"default": true,
"protocol": "mailto",
"url": "https://mail.google.com/mail/?extsrc=mailto&url=%s"
} ]
}
Create policy configuration files
- Create a copy of the managed_policies.json file.
- In your preferred JSON file editor, open the managed_policies.json file and set values for all policies that you want to enforce on your users' devices.
- Save the file in the /etc/opt/chrome/policies/managed folder.
- Create a copy of the recommended_policies.json file.
- In your preferred JSON file editor, open the recommended_policies.json file and set values for all policies that you recommend for your users.
- Save the file in the /etc/opt/chrome/policies/recommended folder.
These are the policies that your users can change if they want.
Verify the configuration
Users need to restart Chrome browser for policies to take effect. You can check users’ devices to make sure that policies are applied correctly.
- Open Chrome browser and go to chrome://policy.
- Click Reload policies.
- Check the Show policies with no value set box.
- For the policies that you set, make sure that Status is set to OK.
- For the policies that you set, make sure that the policy values match what you set in the policy.
Create configuration files for initial preferences
Initial preferences are optional and don't need to be set for a full deployment. For details, go to Use initial preferences for Chrome browser.
Advanced configuration—Multiple files
You can create a separate JSON file for each policy that you want to set. You then push all the files to policy folders on your users' devices. Chrome browser amalgamates all of the individual files in the policies folders and applies all the settings.
Note: If there are multiple files with conflicting values set for a specific policy, the behavior is undefined.