[OS-BUILD PATCHv2] mod-denylist.sh: Change to denylist
by Prarit Bhargava (via Email Bridge)
From: Prarit Bhargava <prarit(a)redhat.com>
mod-denylist.sh: Change to denylist
Change blacklist references to denylist.
v2: modprobe still uses blacklist
Suggested-by: Brian Masney <bmasney(a)redhat.com>
Signed-off-by: Prarit Bhargava <prarit(a)redhat.com>
diff --git a/redhat/mod-denylist.sh b/redhat/mod-denylist.sh
index blahblah..blahblah 100755
--- a/redhat/mod-denylist.sh
+++ b/redhat/mod-denylist.sh
@@ -10,28 +10,29 @@ Dir="$1/$2"
List=$3
Dest="$4"
-blacklist()
+denylist()
{
+ # modprobe still uses the phrase 'blacklist' instead of 'denylist'
cat > "$RpmDir/etc/modprobe.d/$1-blacklist.conf" <<-__EOF__
# This kernel module can be automatically loaded by non-root users. To
- # enhance system security, the module is blacklisted by default to ensure
+ # enhance system security, the module is denylisted by default to ensure
# system administrators make the module available for use as needed.
# See https://access.redhat.com/articles/3760101 for more details.
#
- # Remove the blacklist by adding a comment # at the start of the line.
+ # Remove the denylist by adding a comment # at the start of the line.
blacklist $1
__EOF__
}
-check_blacklist()
+check_denylist()
{
mod=$(find "$RpmDir/$ModDir" -name "$1")
[ ! "$mod" ] && return 0
if modinfo "$mod" | grep -q '^alias:\s\+net-'; then
mod="${1##*/}"
mod="${mod%.ko*}"
- echo "$mod has an alias that allows auto-loading. Blacklisting."
- blacklist "$mod"
+ echo "Blocking $mod from auto-loading."
+ denylist "$mod"
fi
}
@@ -142,7 +143,7 @@ if [ -z "$Dest" ]; then
sed -e "s|^.|${ModDir}|g" "$Dir"/dep2.list > "$RpmDir/$ListName"
echo "./$RpmDir/$ListName created."
[ -d "$RpmDir/etc/modprobe.d/" ] || mkdir -p "$RpmDir/etc/modprobe.d/"
- foreachp check_blacklist < "$List"
+ foreachp check_denylist < "$List"
fi
# Many BIOS-es export a PNP-id which causes the floppy driver to autoload
@@ -152,7 +153,7 @@ fi
floppylist=("$RpmDir"/"$ModDir"/kernel/drivers/block/floppy.ko*)
if [[ -n ${floppylist[0]} && -f ${floppylist[0]} ]]; then
- blacklist "floppy"
+ denylist "floppy"
fi
# avoid an empty kernel-extra package
--
https://gitlab.com/cki-project/kernel-ark/-/merge_requests/1185