[arch-announce] Changes to module blacklisting

Arch Linux: Recent news updates: Tom Gundersen announce at archlinux.org
Wed Jun 8 12:01:15 EDT 2011 

Tom Gundersen wrote:

Since the dawn of time we have shipped our homegrown system for blacklisting
kernel modules (in various incarnations). This has served us well, but we (or
rather our various upstreams) have now reached a point where it is no longer
necessary.

We have therefore decided to remove all our module blacklisting logic, and rely
entirely on the blacklisting provided by `modprobe`. This means a change in
syntax, and a minor change in functionality. We hope that the short-term
inconvenience will be justified by the long-term gain.

Due to an unrelated change in our udev package, we no longer load as many
modules as we used to by default, so some problematic modules (such as `pcspkr`
and `snd-seq-oss`) might no longer need to be blacklisted.

## The different notions of blacklisting

The notion of module blacklisting that we have used is (sadly) slightly
different from what is used by modprobe.

  * our blacklisting: a blacklisted module, or any module that depends on it,
will never be loaded automatically by udev, but may be loaded manually.

  * modprobe's blacklisting: a blacklisted module will not be loaded
automatically, but may be loaded if another non-blacklisted module depends on
it, or if it is loaded manually.

  * disabling a module: one can get similar behavior to what we used to provide
by forcing a module to always fail loading, it will not be possible to load it
manually.

## Boot time blacklisting or disabling

Modules can be blacklisted at boot time by appending
`modprobe.blacklist=mod1,mod2,mod3` to the kernel command line (in grub, lilo or
syslinux). Alternatively, the modules can be disabled altogether by appending
`mod1.disable=1 mod2.disable=1 mod3.disable=1` instead. This is useful in an
emergency where a broken module makes it impossible to boot your system.

## Persistent blacklisting or disabling

Rather than blacklisting modules in `rc.conf`, use modprobe's native
configuration files. These can be found in /etc/modprobe.d/, and are documented
in `man modprobe.d`.

The replacement of `rc.d`'s `MODULES=(!mod1 !mod2 !mod3)` is to add a `.conf`
file to `/etc/modprobe.d/` with the contents:


    blacklist mod1

    blacklist mod2

    blacklist mod3


Alternatively, to ensure that the modules are never inserted, even if they are
needed by other modules you load:


    install mod1 /bin/false

    install mod2 /bin/false

    install mod3 /bin/false

URL: http://www.archlinux.org/news/changes-to-module-blacklisting/

More information about the arch-announce mailing list