How to Blacklist Kernel
One of the most important ways to secure your Linux server is to keep its kernel up to date. The problem is, sometimes it’s not easy to find out which updates are available or how to install them. This guide will show you how to blacklist specific kernels so that your package manager will ignore them.
- Download the blacklist kernel module from your distribution’s repository
- Install the module using your package manager
- Load the module into the kernel with the command: “modprobe blacklist”
- Add any modules you wish to blacklist to the /etc/modprobe
- d/blacklist file, one per line
- Reboot your system for the changes to take effect
Blacklisting a kernel module
Modprobe.Blacklist Kernel Parameter
The Linux kernel has a built-in mechanism for handling module dependencies which is called modprobe. When a module is loaded, modprobe will automatically load any modules that it depends on. Modules can also be blacklisted so that they are never loaded.
The blacklist is specified using a kernel parameter called “modprobe.blacklist”.
The blacklist can be used to prevent specific modules from being loaded. This can be useful if there is a problem with a particular module or if you want to disable support for a certain device.
The blacklist is also used to temporarily disable modules when troubleshooting problems.
To specify the blacklist, use a comma-separated list of module names. For example, to prevent the e1000e and snd_hda_intel modules from being loaded, you would use the following kernel parameter:
modprobe.blacklist=e1000e,snd_hda_intel
This would need to be added to your kernel command line (usually in /boot/grub/menu.lst or /etc/default/grub). Once you have rebooted with the new kernel parameters, the specified modules should no longer be loaded.
Credit: beebom.com
How Do I Blacklist a Kernel Module to Prevent It from Loading Automatically?
It’s actually quite simple to blacklist a kernel module so that it doesn’t load automatically. All you have to do is add the module’s name to a file called /etc/modprobe.d/blacklist.conf (if it doesn’t exist, you can create it). For example, let’s say you want to blacklist the nouveau kernel module.
You would simply add this line to /etc/modprobe.d/blacklist.conf:
blacklist nouveau
Now when your system boots up, the nouveau kernel module will not be loaded automatically.
If you need to load the module manually for some reason, you can use the modprobe command:
What is Blacklist in Linux?
A blacklist is a list of items that are blocked or prohibited. In the context of Linux, a blacklist is typically a list of IP addresses or domains that are not allowed to access a server. Blacklists can be used for security purposes, to block spam, or for other reasons.
When configuring a blacklist, you will need to specify the type of blacklist (IP address, domain, etc.), as well as the specific addresses or domains to be blacklisted. Blacklists can be implemented in hardware, software, or both.
Hardware-based blacklists are usually found in routers and firewalls.
These devices can be configured to block traffic from specific IP addresses or ranges of addresses. Software-based blacklists are typically used on web servers and mail servers. For example, Apache httpd has mod_authz_host which allows administrators to configure allow and deny lists for specific hosts and hostnames.
Blacklists are not foolproof and can sometimes block legitimate traffic. For this reason, it is important to monitor your server’s logs to make sure that the blacklist is working as intended.
What is Blacklist Command?
Assuming you are referring to the Linux command:
The blacklist command is a utility for maintaining the kernel’s list of modules that should not be loaded. This can be useful for temporarily disabling a driver or module, or permanently blacklisting it.
When a module is blacklisted, the kernel will not load it even if it is present in the system.
To blacklist a module, use the following command:
What Does Modprobe Blacklist Do?
When you install a new kernel, chances are that it will come with a set of modules which may or may not be required for your system. In such cases, it is often desirable to blacklist certain modules so that they are not loaded automatically. Blacklisting a module means telling the kernel not to load the module even if it is present in the module directory.
The modprobe command has a -r or –remove option which can be used to remove a module from the kernel. This is equivalent to unloading the module and then removing it from the kernel image.
Similarly, the modprobe command has a -b or –blacklist option which can be used to blacklist a module.
This tells the kernel not to load the specified module even if it is present in the modules directory. The following example blacklists the snd_hda_intel sound driver:
Conclusion
When you blacklisted the kernel, it means that you are telling your Linux operating system to ignore any updates for that particular item. The reason why you would want to do this is because sometimes a new kernel update can cause compatibility issues with your system, or simply because you don’t want to deal with the hassle of updating everything. Whatever the reason, blacklisting the kernel is relatively simple.
First, you need to find out what the latest kernel version is. You can do this by going to www.kernel.org and looking under the “Download” section. Once you know what the latest version is, open up a terminal window and type in “uname -r”.
This will tell you what kernel version you are currently running.
Next, open up /etc/modprobe.d/blacklist.conf in a text editor (gksudo gedit /etc/modprobe.d/blacklist.conf). Add a line at the bottom that says “blacklist
For example, if I wanted to blacklist tp_smapi, I would add “blacklist tp_smapi” (without quotes) at the bottom of blacklist.conf . Save your changes and close blacklist . conf .
Finally , run sudo update-initramfs -u -k all . This will regenerate your initrd image and exclude any modules that you blacklisted . Reboot your machine for changes to take effect .
