On Mon, 2019-02-11 at 16:13 -0800, L.A. Walsh wrote:
On 1/30/2019 8:41 AM, Martin Wilck wrote:
SUSE will blacklist a number of legacy and/or less frequently used file systems by default on SLES for security reasons.
Why blacklist?
Why just not "not build" them in suse distros?
If a user wants to build them they'll get past blacklisting too, but what's the point of building blacklisted drivers?
Good question. My personal answer is: It appears as too drastic a
change at this time. For SLE, it's being discussed as a possible future
step. For openSUSE, not yet.
Note that others on this thread warned about people being forced to
use self-compiled kernels for being able to use functionality that used
to be around for years. I also don't think that that's a good idea, at
least not on a short time frame. It has the potential to drive people
away from openSUSE.
What we might do is move these modules to separate packages, similar to
kernel module packages (KMPs), or to the kernel-default-extra package
that exists in SLED. The KMP approach would have the benefit that well-
known standard package management tools could be used to handle
searching for and enabling the functionality that would not (any more)
be available by default (e.g. "zypper search cramfs").
Note also that we've had a similar approach for drivers for many years
(/etc/modprobe.d/50-blacklist.conf).
Cheers,
Martin
--
Dr. Martin Wilck