Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

11.3. Locking Down Enabled Extensions

In GNOME Shell, you can prevent the user from enabling or disabling extensions by locking down the and keys.
Locking down the key ensures that the user cannot use GNOME Shell's integrated debugger and inspector tool (Looking Glass) to disable any mandatory extensions.

Procedure 11.3. Locking down enabled extensions

  1. Create a local database file for machine-wide settings in /etc/dconf/db/local.d/00-extensions:
    # List all extensions that you want to have enabled for all users
    enabled-extensions=['', '']
    # Disable access to Looking Glass
    The enabled-extensions key specifies the enabled extensions using the extensions' uuid ( and
    The development-tools key is set to false to disable access to Looking Glass.
  2. Override the user's setting and prevent the user from changing it in /etc/dconf/db/local.d/locks/extensions:
    # Lock the list of mandatory extensions and access to Looking Glass
  3. Update the system databases:
    # dconf update
  4. Users must log out and back in again before the system-wide settings take effect.
After locking down the and keys, any extensions installed in ~/.local/share/gnome-shell/extensions or /usr/share/gnome-shell/extensions that are not listed in the key will not be loaded by GNOME Shell, thus preventing the user from using them.