mirror of
https://github.com/Kicksecure/security-misc.git
synced 2024-12-25 17:59:24 -05:00
Merge remote-tracking branch 'raja/kernel_modules'
This commit is contained in:
commit
41f0b53dd6
@ -150,8 +150,8 @@ disabling should first be blacklisted for a suitable amount of time.
|
|||||||
|
|
||||||
- FireWire (IEEE 1394): Disabled as they are often vulnerable to DMA attacks.
|
- FireWire (IEEE 1394): Disabled as they are often vulnerable to DMA attacks.
|
||||||
|
|
||||||
- GPS: Disables GPS-related modules responsible systems such as for Global
|
- GPS: Disable GPS-related modules such as those required for Global Navigation
|
||||||
Navigation Satellite System (GNSS).
|
Satellite Systems (GNSS).
|
||||||
|
|
||||||
- Intel Management Engine (ME): Provides some disabling of the interface between the
|
- Intel Management Engine (ME): Provides some disabling of the interface between the
|
||||||
Intel ME and the OS.
|
Intel ME and the OS.
|
||||||
@ -160,7 +160,8 @@ disabling should first be blacklisted for a suitable amount of time.
|
|||||||
|
|
||||||
- Network Protocols: Wide array of uncommon and legacy network protocols are disabled.
|
- Network Protocols: Wide array of uncommon and legacy network protocols are disabled.
|
||||||
|
|
||||||
- Miscellaneous: Disable an assortment other modules such as vivid.
|
- Miscellaneous: Disable an assortment other modules such as those required
|
||||||
|
for amateur radio, floppy disks, and vivid.
|
||||||
|
|
||||||
- Thunderbolt: Disabled as they are often vulnerable to DMA attacks.
|
- Thunderbolt: Disabled as they are often vulnerable to DMA attacks.
|
||||||
|
|
||||||
|
4
debian/security-misc.maintscript
vendored
4
debian/security-misc.maintscript
vendored
@ -31,6 +31,7 @@ rm_conffile /etc/modprobe.d/vivid.conf
|
|||||||
rm_conffile /etc/modprobe.d/blacklist-dma.conf
|
rm_conffile /etc/modprobe.d/blacklist-dma.conf
|
||||||
rm_conffile /etc/modprobe.d/msr.conf
|
rm_conffile /etc/modprobe.d/msr.conf
|
||||||
rm_conffile /etc/modprobe.d/30_nf_conntrack_helper_disable.conf
|
rm_conffile /etc/modprobe.d/30_nf_conntrack_helper_disable.conf
|
||||||
|
rm_conffile /etc/modprobe.d/30_security-misc.conf
|
||||||
|
|
||||||
## renamed to /etc/security/limits.d/30_security-misc.conf
|
## renamed to /etc/security/limits.d/30_security-misc.conf
|
||||||
rm_conffile /etc/security/limits.d/disable-coredumps.conf
|
rm_conffile /etc/security/limits.d/disable-coredumps.conf
|
||||||
@ -66,3 +67,6 @@ rm_conffile /etc/permission-hardening.d/25_default_whitelist_sudo.conf
|
|||||||
rm_conffile /etc/permission-hardening.d/25_default_whitelist_unix_chkpwd.conf
|
rm_conffile /etc/permission-hardening.d/25_default_whitelist_unix_chkpwd.conf
|
||||||
rm_conffile /etc/permission-hardening.d/25_default_whitelist_virtualbox.conf
|
rm_conffile /etc/permission-hardening.d/25_default_whitelist_virtualbox.conf
|
||||||
rm_conffile /etc/permission-hardening.d/30_default.conf
|
rm_conffile /etc/permission-hardening.d/30_default.conf
|
||||||
|
|
||||||
|
## repalced with /usr/bin/disabled-miscellaneous-by-security-misc
|
||||||
|
rm_conffile /usr/bin/disabled-vivid-by-security-misc
|
@ -63,11 +63,8 @@ blacklist ath_pci
|
|||||||
blacklist amd76x_edac
|
blacklist amd76x_edac
|
||||||
blacklist asus_acpi
|
blacklist asus_acpi
|
||||||
blacklist bcm43xx
|
blacklist bcm43xx
|
||||||
blacklist eepro100
|
|
||||||
blacklist eth1394
|
|
||||||
blacklist evbug
|
blacklist evbug
|
||||||
blacklist de4x5
|
blacklist de4x5
|
||||||
blacklist garmin_gps
|
|
||||||
blacklist pcspkr
|
blacklist pcspkr
|
||||||
blacklist prism54
|
blacklist prism54
|
||||||
blacklist snd_aw2
|
blacklist snd_aw2
|
||||||
|
@ -16,7 +16,22 @@
|
|||||||
## Now replaced by a privacy and security preserving default Bluetooth configuration for better usability.
|
## Now replaced by a privacy and security preserving default Bluetooth configuration for better usability.
|
||||||
##
|
##
|
||||||
#install bluetooth /usr/bin/disabled-bluetooth-by-security-misc
|
#install bluetooth /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install bluetooth_6lowpan /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install bt3c_cs /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install btbcm /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install btintel /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install btmrvl /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install btmrvl_sdio /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install btmtk /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install btmtksdio /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install btmtkuart /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install btnxpuart /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install btqca /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install btrsi /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install btrtl /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install btsdio /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
#install btusb /usr/bin/disabled-bluetooth-by-security-misc
|
#install btusb /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
#install virtio_bt /usr/bin/disabled-bluetooth-by-security-misc
|
||||||
|
|
||||||
## CPU Model-Specific Registers (MSRs):
|
## CPU Model-Specific Registers (MSRs):
|
||||||
## Disable CPU MSRs as they can be abused to write to arbitrary memory.
|
## Disable CPU MSRs as they can be abused to write to arbitrary memory.
|
||||||
@ -24,17 +39,19 @@
|
|||||||
## https://security.stackexchange.com/questions/119712/methods-root-can-use-to-elevate-itself-to-kernel-mode
|
## https://security.stackexchange.com/questions/119712/methods-root-can-use-to-elevate-itself-to-kernel-mode
|
||||||
## https://github.com/Kicksecure/security-misc/issues/215
|
## https://github.com/Kicksecure/security-misc/issues/215
|
||||||
##
|
##
|
||||||
#install msr /usr/bin/disabled-msr-by-security-misc
|
#install msr /usr/bin/disabled-miscellaneous-by-security-misc
|
||||||
|
|
||||||
## File Systems:
|
## File Systems:
|
||||||
## Disable uncommon file systems to reduce attack surface.
|
## Disable uncommon file systems to reduce attack surface.
|
||||||
## HFS and HFS+ are legacy Apple filesystems that may be required depending on the EFI partition format.
|
## HFS and HFS+ are legacy Apple file systems that may be required depending on the EFI partition format.
|
||||||
##
|
##
|
||||||
install cramfs /usr/bin/disabled-filesys-by-security-misc
|
install cramfs /usr/bin/disabled-filesys-by-security-misc
|
||||||
install freevxfs /usr/bin/disabled-filesys-by-security-misc
|
install freevxfs /usr/bin/disabled-filesys-by-security-misc
|
||||||
install hfs /usr/bin/disabled-filesys-by-security-misc
|
install hfs /usr/bin/disabled-filesys-by-security-misc
|
||||||
install hfsplus /usr/bin/disabled-filesys-by-security-misc
|
install hfsplus /usr/bin/disabled-filesys-by-security-misc
|
||||||
install jffs2 /usr/bin/disabled-filesys-by-security-misc
|
install jffs2 /usr/bin/disabled-filesys-by-security-misc
|
||||||
|
install jfs /usr/bin/disabled-filesys-by-security-misc
|
||||||
|
install reiserfs /usr/bin/disabled-filesys-by-security-misc
|
||||||
install udf /usr/bin/disabled-filesys-by-security-misc
|
install udf /usr/bin/disabled-filesys-by-security-misc
|
||||||
|
|
||||||
## FireWire (IEEE 1394):
|
## FireWire (IEEE 1394):
|
||||||
@ -55,6 +72,7 @@ install video1394 /usr/bin/disabled-firewire-by-security-misc
|
|||||||
## Global Positioning Systems (GPS):
|
## Global Positioning Systems (GPS):
|
||||||
## Disable GPS-related modules like GNSS (Global Navigation Satellite System).
|
## Disable GPS-related modules like GNSS (Global Navigation Satellite System).
|
||||||
##
|
##
|
||||||
|
install garmin_gps /usr/bin/disabled-gps-by-security-misc
|
||||||
install gnss /usr/bin/disabled-gps-by-security-misc
|
install gnss /usr/bin/disabled-gps-by-security-misc
|
||||||
install gnss-mtk /usr/bin/disabled-gps-by-security-misc
|
install gnss-mtk /usr/bin/disabled-gps-by-security-misc
|
||||||
install gnss-serial /usr/bin/disabled-gps-by-security-misc
|
install gnss-serial /usr/bin/disabled-gps-by-security-misc
|
||||||
@ -73,10 +91,23 @@ install mei-me /usr/bin/disabled-intelme-by-security-misc
|
|||||||
## Network File Systems:
|
## Network File Systems:
|
||||||
## Disable uncommon network file systems to reduce attack surface.
|
## Disable uncommon network file systems to reduce attack surface.
|
||||||
##
|
##
|
||||||
install cifs /usr/bin/disabled-netfilesys-by-security-misc
|
|
||||||
install gfs2 /usr/bin/disabled-netfilesys-by-security-misc
|
install gfs2 /usr/bin/disabled-netfilesys-by-security-misc
|
||||||
install ksmbd /usr/bin/disabled-netfilesys-by-security-misc
|
install ksmbd /usr/bin/disabled-netfilesys-by-security-misc
|
||||||
|
##
|
||||||
|
## Common Internet File System (CIFS):
|
||||||
|
##
|
||||||
|
install cifs /usr/bin/disabled-netfilesys-by-security-misc
|
||||||
|
install cifs_arc4 /usr/bin/disabled-netfilesys-by-security-misc
|
||||||
|
install cifs_md4 /usr/bin/disabled-netfilesys-by-security-misc
|
||||||
|
##
|
||||||
|
## Network File System (NFS):
|
||||||
|
##
|
||||||
install nfs /usr/bin/disabled-netfilesys-by-security-misc
|
install nfs /usr/bin/disabled-netfilesys-by-security-misc
|
||||||
|
install nfs_acl /usr/bin/disabled-netfilesys-by-security-misc
|
||||||
|
install nfs_layout_nfsv41_files /usr/bin/disabled-netfilesys-by-security-misc
|
||||||
|
install nfs_layout_flexfiles /usr/bin/disabled-netfilesys-by-security-misc
|
||||||
|
install nfsd /usr/bin/disabled-netfilesys-by-security-misc
|
||||||
|
install nfsv2 /usr/bin/disabled-netfilesys-by-security-misc
|
||||||
install nfsv3 /usr/bin/disabled-netfilesys-by-security-misc
|
install nfsv3 /usr/bin/disabled-netfilesys-by-security-misc
|
||||||
install nfsv4 /usr/bin/disabled-netfilesys-by-security-misc
|
install nfsv4 /usr/bin/disabled-netfilesys-by-security-misc
|
||||||
|
|
||||||
@ -84,31 +115,84 @@ install nfsv4 /usr/bin/disabled-netfilesys-by-security-misc
|
|||||||
## Disables rare and unneeded network protocols that are a common source of unknown vulnerabilities.
|
## Disables rare and unneeded network protocols that are a common source of unknown vulnerabilities.
|
||||||
##
|
##
|
||||||
## https://tails.boum.org/blueprint/blacklist_modules/
|
## https://tails.boum.org/blueprint/blacklist_modules/
|
||||||
## https://fedoraproject.org/wiki/Security_Features_Matrix#Blacklist_Rare_Protocols)
|
## https://fedoraproject.org/wiki/Security_Features_Matrix#Blacklist_Rare_Protocols
|
||||||
## https://git.launchpad.net/ubuntu/+source/kmod/tree/debian/modprobe.d/blacklist-rare-network.conf?h=ubuntu/disco
|
## https://git.launchpad.net/ubuntu/+source/kmod/tree/debian/modprobe.d/blacklist-rare-network.conf?h=ubuntu/disco
|
||||||
##
|
##
|
||||||
install af_802154 /usr/bin/disabled-network-by-security-misc
|
install af_802154 /usr/bin/disabled-network-by-security-misc
|
||||||
install appletalk /usr/bin/disabled-network-by-security-misc
|
install appletalk /usr/bin/disabled-network-by-security-misc
|
||||||
install atm /usr/bin/disabled-network-by-security-misc
|
|
||||||
install ax25 /usr/bin/disabled-network-by-security-misc
|
install ax25 /usr/bin/disabled-network-by-security-misc
|
||||||
install can /usr/bin/disabled-network-by-security-misc
|
install brcm80211 /usr/bin/disabled-network-by-security-misc
|
||||||
install decnet /usr/bin/disabled-network-by-security-misc
|
install decnet /usr/bin/disabled-network-by-security-misc
|
||||||
install dccp /usr/bin/disabled-network-by-security-misc
|
install dccp /usr/bin/disabled-network-by-security-misc
|
||||||
install econet /usr/bin/disabled-network-by-security-misc
|
install econet /usr/bin/disabled-network-by-security-misc
|
||||||
|
install eepro100 /usr/bin/disabled-network-by-security-misc
|
||||||
|
install eth1394 /usr/bin/disabled-network-by-security-misc
|
||||||
install ipx /usr/bin/disabled-network-by-security-misc
|
install ipx /usr/bin/disabled-network-by-security-misc
|
||||||
install n-hdlc /usr/bin/disabled-network-by-security-misc
|
install n-hdlc /usr/bin/disabled-network-by-security-misc
|
||||||
install netrom /usr/bin/disabled-network-by-security-misc
|
install netrom /usr/bin/disabled-network-by-security-misc
|
||||||
install p8022 /usr/bin/disabled-network-by-security-misc
|
install p8022 /usr/bin/disabled-network-by-security-misc
|
||||||
install p8023 /usr/bin/disabled-network-by-security-misc
|
install p8023 /usr/bin/disabled-network-by-security-misc
|
||||||
install psnap /usr/bin/disabled-network-by-security-misc
|
install psnap /usr/bin/disabled-network-by-security-misc
|
||||||
install rds /usr/bin/disabled-network-by-security-misc
|
|
||||||
install rose /usr/bin/disabled-network-by-security-misc
|
install rose /usr/bin/disabled-network-by-security-misc
|
||||||
install sctp /usr/bin/disabled-network-by-security-misc
|
|
||||||
install tipc /usr/bin/disabled-network-by-security-misc
|
|
||||||
install x25 /usr/bin/disabled-network-by-security-misc
|
install x25 /usr/bin/disabled-network-by-security-misc
|
||||||
|
##
|
||||||
|
## Asynchronous Transfer Mode (ATM):
|
||||||
|
##
|
||||||
|
install atm /usr/bin/disabled-network-by-security-misc
|
||||||
|
install ueagle-atm /usr/bin/disabled-network-by-security-misc
|
||||||
|
install usbatm /usr/bin/disabled-network-by-security-misc
|
||||||
|
install xusbatm /usr/bin/disabled-network-by-security-misc
|
||||||
|
##
|
||||||
|
## Controller Area Network (CAN) Protocol:
|
||||||
|
##
|
||||||
|
install c_can /usr/bin/disabled-network-by-security-misc
|
||||||
|
install c_can_pci /usr/bin/disabled-network-by-security-misc
|
||||||
|
install c_can_platform /usr/bin/disabled-network-by-security-misc
|
||||||
|
install can /usr/bin/disabled-network-by-security-misc
|
||||||
|
install can-bcm /usr/bin/disabled-network-by-security-misc
|
||||||
|
install can-dev /usr/bin/disabled-network-by-security-misc
|
||||||
|
install can-gw /usr/bin/disabled-network-by-security-misc
|
||||||
|
install can-isotp /usr/bin/disabled-network-by-security-misc
|
||||||
|
install can-raw /usr/bin/disabled-network-by-security-misc
|
||||||
|
install can-j1939 /usr/bin/disabled-network-by-security-misc
|
||||||
|
install can327 /usr/bin/disabled-network-by-security-misc
|
||||||
|
install ifi_canfd /usr/bin/disabled-network-by-security-misc
|
||||||
|
install janz-ican3 /usr/bin/disabled-network-by-security-misc
|
||||||
|
install m_can /usr/bin/disabled-network-by-security-misc
|
||||||
|
install m_can_pci /usr/bin/disabled-network-by-security-misc
|
||||||
|
install m_can_platform /usr/bin/disabled-network-by-security-misc
|
||||||
|
install phy-can-transceiver /usr/bin/disabled-network-by-security-misc
|
||||||
|
install slcan /usr/bin/disabled-network-by-security-misc
|
||||||
|
install ucan /usr/bin/disabled-network-by-security-misc
|
||||||
|
install vxcan /usr/bin/disabled-network-by-security-misc
|
||||||
|
install vcan /usr/bin/disabled-network-by-security-misc
|
||||||
|
##
|
||||||
|
## Transparent Inter Process Communication (TIPC):
|
||||||
|
##
|
||||||
|
install tipc /usr/bin/disabled-network-by-security-misc
|
||||||
|
install tipc_diag /usr/bin/disabled-network-by-security-misc
|
||||||
|
##
|
||||||
|
## Reliable Datagram Sockets (RDS):
|
||||||
|
##
|
||||||
|
install rds /usr/bin/disabled-network-by-security-misc
|
||||||
|
install rds_rdma /usr/bin/disabled-network-by-security-misc
|
||||||
|
install rds_tcp /usr/bin/disabled-network-by-security-misc
|
||||||
|
##
|
||||||
|
## Stream Control Transmission Protocol (SCTP):
|
||||||
|
##
|
||||||
|
install sctp /usr/bin/disabled-network-by-security-misc
|
||||||
|
install sctp_diag /usr/bin/disabled-network-by-security-misc
|
||||||
|
|
||||||
## Miscellaneous:
|
## Miscellaneous:
|
||||||
##
|
##
|
||||||
|
## Amateur Radios:
|
||||||
|
##
|
||||||
|
install hamradio /usr/bin/disabled-miscellaneous-by-security-misc
|
||||||
|
##
|
||||||
|
## Floppy Disks:
|
||||||
|
##
|
||||||
|
install floppy /usr/bin/disabled-miscellaneous-by-security-misc
|
||||||
|
##
|
||||||
## Vivid:
|
## Vivid:
|
||||||
## Disables the vivid kernel module since it has been the cause of multiple vulnerabilities.
|
## Disables the vivid kernel module since it has been the cause of multiple vulnerabilities.
|
||||||
##
|
##
|
||||||
@ -116,11 +200,13 @@ install x25 /usr/bin/disabled-network-by-security-misc
|
|||||||
## https://www.openwall.com/lists/oss-security/2019/11/02/1
|
## https://www.openwall.com/lists/oss-security/2019/11/02/1
|
||||||
## https://github.com/a13xp0p0v/kconfig-hardened-check/commit/981bd163fa19fccbc5ce5d4182e639d67e484475
|
## https://github.com/a13xp0p0v/kconfig-hardened-check/commit/981bd163fa19fccbc5ce5d4182e639d67e484475
|
||||||
##
|
##
|
||||||
install vivid /usr/bin/disabled-vivid-by-security-misc
|
install vivid /usr/bin/disabled-miscellaneous-by-security-misc
|
||||||
|
|
||||||
## Thunderbolt:
|
## Thunderbolt:
|
||||||
## Disables Thunderbolt modules to prevent some DMA attacks.
|
## Disables Thunderbolt modules to prevent some DMA attacks.
|
||||||
##
|
##
|
||||||
## https://en.wikipedia.org/wiki/Thunderbolt_(interface)#Security_vulnerabilities
|
## https://en.wikipedia.org/wiki/Thunderbolt_(interface)#Security_vulnerabilities
|
||||||
##
|
##
|
||||||
|
install intel-wmi-thunderbolt /usr/bin/disabled-thunderbolt-by-security-misc
|
||||||
install thunderbolt /usr/bin/disabled-thunderbolt-by-security-misc
|
install thunderbolt /usr/bin/disabled-thunderbolt-by-security-misc
|
||||||
|
install thunderbolt_net /usr/bin/disabled-thunderbolt-by-security-misc
|
||||||
|
@ -5,6 +5,6 @@
|
|||||||
|
|
||||||
## Alerts the user that a kernel module failed to load due to it being blacklisted by default.
|
## Alerts the user that a kernel module failed to load due to it being blacklisted by default.
|
||||||
|
|
||||||
echo "$0: ERROR: This bluetooth kernel module is disabled by package security-misc by default. See the configuration file /etc/modprobe.d/30_security-misc_disable.conf | args: $@" >&2
|
echo "$0: ERROR: This Bluetooth kernel module is disabled by package security-misc by default. See the configuration file /etc/modprobe.d/30_security-misc_disable.conf | args: $@" >&2
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
|
@ -5,6 +5,6 @@
|
|||||||
|
|
||||||
## Alerts the user that a kernel module failed to load due to it being blacklisted by default.
|
## Alerts the user that a kernel module failed to load due to it being blacklisted by default.
|
||||||
|
|
||||||
echo "$0: ERROR: This CD-ROM kernel module is disabled by package security-misc by default. See the configuration file /etc/modprobe.d/30_security-misc_disable.conf | args: $@" >&2
|
echo "$0: ERROR: This CD-ROM/DVD kernel module is disabled by package security-misc by default. See the configuration file /etc/modprobe.d/30_security-misc_disable.conf | args: $@" >&2
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
|
@ -5,6 +5,6 @@
|
|||||||
|
|
||||||
## Alerts the user that a kernel module failed to load due to it being blacklisted by default.
|
## Alerts the user that a kernel module failed to load due to it being blacklisted by default.
|
||||||
|
|
||||||
echo "$0: ERROR: This firewire kernel module is disabled by package security-misc by default. See the configuration file /etc/modprobe.d/30_security-misc_disable.conf | args: $@" >&2
|
echo "$0: ERROR: This FireWire (IEEE 1394) kernel module is disabled by package security-misc by default. See the configuration file /etc/modprobe.d/30_security-misc_disable.conf | args: $@" >&2
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
|
@ -5,6 +5,6 @@
|
|||||||
|
|
||||||
## Alerts the user that a kernel module failed to load due to it being blacklisted by default.
|
## Alerts the user that a kernel module failed to load due to it being blacklisted by default.
|
||||||
|
|
||||||
echo "$0: ERROR: This GNSS (Global Navigation Satellite System) kernel module is disabled by package security-misc by default. See the configuration file /etc/modprobe.d/30_security-misc_disable.conf | args: $@" >&2
|
echo "$0: ERROR: This GPS (Global Positioning System) kernel module is disabled by package security-misc by default. See the configuration file /etc/modprobe.d/30_security-misc_disable.conf | args: $@" >&2
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
|
@ -5,6 +5,6 @@
|
|||||||
|
|
||||||
## Alerts the user that a kernel module failed to load due to it being blacklisted by default.
|
## Alerts the user that a kernel module failed to load due to it being blacklisted by default.
|
||||||
|
|
||||||
echo "$0: ERROR: This vivid kernel module is disabled by package security-misc by default. See the configuration file /etc/modprobe.d/30_security-misc_disable.conf | args: $@" >&2
|
echo "$0: ERROR: This kernel module is disabled by package security-misc by default. See the configuration file /etc/modprobe.d/30_security-misc_disable.conf | args: $@" >&2
|
||||||
|
|
||||||
exit 1
|
exit 1
|
@ -5,6 +5,6 @@
|
|||||||
|
|
||||||
## Alerts the user that a kernel module failed to load due to it being blacklisted by default.
|
## Alerts the user that a kernel module failed to load due to it being blacklisted by default.
|
||||||
|
|
||||||
echo "$0: ERROR: This thunderbolt kernel module is disabled by package security-misc by default. See the configuration file /etc/modprobe.d/30_security-misc_disable.conf | args: $@" >&2
|
echo "$0: ERROR: This Thunderbolt kernel module is disabled by package security-misc by default. See the configuration file /etc/modprobe.d/30_security-misc_disable.conf | args: $@" >&2
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
|
Loading…
Reference in New Issue
Block a user