[CentOS] modprobe blacklist
Markus Falb
markus.falb at fasel.atFri Apr 20 15:43:36 UTC 2012
- Previous message: [CentOS] modprobe blacklist
- Next message: [CentOS] defer (not skip) boot fsck?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 20.4.2012 16:06, m.roth at 5-cent.us wrote: > Markus Falb wrote: >> Hi, >> I am referring to the last kernel update for CentOS 5 >> http://lists.centos.org/pipermail/centos-announce/2012-April/018578.html >> >> Upstream details tell me that if I dont want to reboot into the new >> kernel I could blacklist the xfrm6_tunnel module. >> >> How do I test that the blacklist of a module works? > > Why not just edit the default in /boot/grub/grub.conf? When I reboot I want to boot the new kernel, but until I want to reboot I don't want the xfrm6_tunnel module to load. I gave the link to the CentOS announce and there you can find a reference to https://rhn.redhat.com/errata/RHSA-2012-0480.html and maybe it helps to read that to understand what I mean. Basically, when a security issue is fixed in a module you can either reboot the new kernel or you blacklist the module in modprobe's config (of course you can only do that if you dont use the module). My question is quite academic, though. I could trust that modprobe's blacklist mechanism is working, but as always, I'm curious. RedHat says I can put a 'blacklist xfrm6_tunnel' in modprobe's config but I dont know how to verify that this is working. Yes, I am of the suspicious kind. -- Kind Regards, Markus Falb -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 307 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20120420/994f72f6/attachment-0001.sig>
- Previous message: [CentOS] modprobe blacklist
- Next message: [CentOS] defer (not skip) boot fsck?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list