Blame SOURCES/mod-extra-blacklist.sh

c34d21
#!/bin/bash
c34d21
c34d21
list="$1"
c34d21
buildroot=${list%/*}
c34d21
c34d21
blacklist()
c34d21
{
c34d21
	cat > "$buildroot/etc/modprobe.d/$1-blacklist.conf" <<-__EOF__
c34d21
	# This kernel module can be automatically loaded by non-root users. To
c34d21
	# enhance system security, the module is blacklisted by default to ensure
c34d21
	# system administrators make the module available for use as needed.
c34d21
	# See https://access.redhat.com/articles/3760101 for more details.
c34d21
	#
c34d21
	# Remove the blacklist by adding a comment # at the start of the line.
c34d21
	blacklist $1
c34d21
__EOF__
c34d21
}
c34d21
c34d21
check_blacklist()
c34d21
{
c34d21
	if modinfo "$buildroot/$1" | grep -q '^alias:\s\+net-'; then
c34d21
		mod="${1##*/}"
c34d21
		mod="${mod%.ko*}"
c34d21
		echo "$mod has an alias that allows auto-loading. Blacklisting."
c34d21
		blacklist "$mod"
c34d21
	fi
c34d21
}
c34d21
c34d21
foreachp()
c34d21
{
c34d21
	P=$(nproc)
c34d21
	bgcount=0
c34d21
	while read mod; do
c34d21
		$1 "$mod" &
c34d21
c34d21
		bgcount=$((bgcount + 1))
c34d21
		if [ $bgcount -eq $P ]; then
c34d21
			wait -n
c34d21
			bgcount=$((bgcount - 1))
c34d21
		fi
c34d21
	done
c34d21
c34d21
	wait
c34d21
}
c34d21
c34d21
[ -d "$buildroot/etc/modprobe.d/" ] || mkdir -p "$buildroot/etc/modprobe.d/"
c34d21
c34d21
if [ -s $list ]; then
c34d21
	cat $list | foreachp check_blacklist
c34d21
	if ls $buildroot/etc/modprobe.d/* >& /dev/null ; then
c34d21
		echo "%defattr(-,root,root)" >> $list
c34d21
		echo "%config(noreplace) /etc/modprobe.d/*-blacklist.conf" >> $list
c34d21
	fi
c34d21
else
c34d21
	# If modules-extra.list is empty the %files section will throw an
c34d21
	# error.  Add a dummy entry to workaround the problem.
c34d21
	echo "%defattr(-,root,root)" >> $list
c34d21
fi