On 2019-01-31 12:57 p.m., Martin Wilck wrote:
I agree.
If anyone is interested, a prototype of the blacklisting logic can be found in my home project:
https://build.opensuse.org/project/show/home:mwilck:suse-module-tools https://download.opensuse.org/repositories/home:/mwilck:/suse-module-tools/o...
All the blacklisting-related logic is in the spec file. The default is to blacklist all previously mentioned modules. Separate blacklist files for each file system are placed in /etc/modprobe.d/60-blacklist_fs-$FS.conf.
Apologies for butting in, but I think this can be slightly simpler. If the blacklist entries are in /lib/modprobe.d instead, then the overrides can just be matching files in /etc/modprobe.d (symlink to /dev/null is fine). This way, the blacklists can be shipped as-is in the rpm, with the %post script dropping in new symlinks for things that are in use (if they don't already exist). Future updates will not need to worry about overwriting things (because we never care about modifications to files in /etc). If an admin wants to re-blacklist a module that was automatically un-blacklisted, they can copy the file from /lib to /etc (or symlink). This is basically the same mechanism that udev and systemd uses, according to what looks like the commit that added this functionality¹. (This seems to work in a Leap 15 VM) -- Mark Yen mark.yen@suse.com ¹: https://git.kernel.org/pub/scm/utils/kernel/module-init-tools/module-init-to...