|
Justin Vreeland |
794355 |
#! /bin/bash
|
|
Justin Vreeland |
794355 |
# shellcheck disable=SC2164
|
|
Justin Vreeland |
794355 |
|
|
|
8bd6ae |
rpm_buildroot="$1"
|
|
|
8bd6ae |
module_dir="$2"
|
|
|
8bd6ae |
module_list="$3"
|
|
|
8bd6ae |
|
|
|
8bd6ae |
blacklist_conf_files="$(mktemp)"
|
|
Justin Vreeland |
794355 |
|
|
Justin Vreeland |
794355 |
blacklist()
|
|
Justin Vreeland |
794355 |
{
|
|
|
8bd6ae |
mkdir -p "$rpm_buildroot/etc/modprobe.d/"
|
|
|
8bd6ae |
cat > "$rpm_buildroot/etc/modprobe.d/$1-blacklist.conf" <<-__EOF__
|
|
Justin Vreeland |
794355 |
# This kernel module can be automatically loaded by non-root users. To
|
|
Justin Vreeland |
794355 |
# enhance system security, the module is blacklisted by default to ensure
|
|
Justin Vreeland |
794355 |
# system administrators make the module available for use as needed.
|
|
Justin Vreeland |
794355 |
# See https://access.redhat.com/articles/3760101 for more details.
|
|
Justin Vreeland |
794355 |
#
|
|
Justin Vreeland |
794355 |
# Remove the blacklist by adding a comment # at the start of the line.
|
|
Justin Vreeland |
794355 |
blacklist $1
|
|
Justin Vreeland |
794355 |
__EOF__
|
|
|
8bd6ae |
echo "%config(noreplace) /etc/modprobe.d/$1-blacklist.conf" >> "$blacklist_conf_files"
|
|
Justin Vreeland |
794355 |
}
|
|
Justin Vreeland |
794355 |
|
|
Justin Vreeland |
794355 |
check_blacklist()
|
|
Justin Vreeland |
794355 |
{
|
|
|
8bd6ae |
mod="$rpm_buildroot/$1"
|
|
Justin Vreeland |
794355 |
[ ! "$mod" ] && return 0
|
|
Justin Vreeland |
794355 |
if modinfo "$mod" | grep -q '^alias:\s\+net-'; then
|
|
Justin Vreeland |
794355 |
mod="${1##*/}"
|
|
Justin Vreeland |
794355 |
mod="${mod%.ko*}"
|
|
Justin Vreeland |
794355 |
echo "$mod has an alias that allows auto-loading. Blacklisting."
|
|
Justin Vreeland |
794355 |
blacklist "$mod"
|
|
Justin Vreeland |
794355 |
fi
|
|
Justin Vreeland |
794355 |
}
|
|
Justin Vreeland |
794355 |
|
|
Justin Vreeland |
794355 |
foreachp()
|
|
Justin Vreeland |
794355 |
{
|
|
Justin Vreeland |
794355 |
P=$(nproc)
|
|
Justin Vreeland |
794355 |
bgcount=0
|
|
Justin Vreeland |
794355 |
while read -r mod; do
|
|
Justin Vreeland |
794355 |
$1 "$mod" &
|
|
Justin Vreeland |
794355 |
|
|
Justin Vreeland |
794355 |
bgcount=$((bgcount + 1))
|
|
Justin Vreeland |
794355 |
if [ $bgcount -eq "$P" ]; then
|
|
Justin Vreeland |
794355 |
wait -n
|
|
Justin Vreeland |
794355 |
bgcount=$((bgcount - 1))
|
|
Justin Vreeland |
794355 |
fi
|
|
Justin Vreeland |
794355 |
done
|
|
Justin Vreeland |
794355 |
|
|
Justin Vreeland |
794355 |
wait
|
|
Justin Vreeland |
794355 |
}
|
|
Justin Vreeland |
794355 |
|
|
Justin Vreeland |
794355 |
# Many BIOS-es export a PNP-id which causes the floppy driver to autoload
|
|
Justin Vreeland |
794355 |
# even though most modern systems don't have a 3.5" floppy driver anymore
|
|
Justin Vreeland |
794355 |
# this replaces the old die_floppy_die.patch which removed the PNP-id from
|
|
Justin Vreeland |
794355 |
# the module
|
|
Justin Vreeland |
794355 |
|
|
|
8bd6ae |
floppylist=("$rpm_buildroot"/"$module_dir"/kernel/drivers/block/floppy.ko*)
|
|
Justin Vreeland |
794355 |
if [[ -n ${floppylist[0]} && -f ${floppylist[0]} ]]; then
|
|
Justin Vreeland |
794355 |
blacklist "floppy"
|
|
Justin Vreeland |
794355 |
fi
|
|
Justin Vreeland |
794355 |
|
|
|
8bd6ae |
foreachp check_blacklist < "$module_list"
|
|
Justin Vreeland |
794355 |
|
|
|
8bd6ae |
cat "$blacklist_conf_files" >> "$module_list"
|
|
|
8bd6ae |
rm -f "$blacklist_conf_files"
|