• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

CentOS / RHEL : How to Disable and Blacklist Linux Kernel Module to prevent it from loading automatically

by admin

To disallow the loading of malicious or unwanted modules, we can blacklist them. In order to prevent kernel modules loading during boot, the module name must be added into the blacklist file. Ensure the module is not configured to load either in /etc/modprobe.conf, /etc/modprobe.d/*, /etc/rc.modules, or /etc/sysconfig/modules/*. And then run the following commands:

1. Create a file in the /etc/modprobe.d directory and give it a related name (e.g. local-blacklist.conf). To prevent a module from being loaded directly you can add the following line to a configuration file specific to the system configuration for example /etc/modprobe.d/local-blacklist.conf:

# vi /etc/modprobe.d/local-blacklist.conf
blacklist [module name]

For Example to blacklist the kernel module be2iscsi, add below entry in the file /etc/modprobe.d/local-blacklist.conf.

# vi /etc/modprobe.d/local-blacklist.conf
blacklist be2iscsi

2. This will not prevent a module being loaded if it is a required or optional dependency of another module. Some kernel modules will attempt to load optional modules on demand.

This can be achieved by configuring the following setting in /etc/modprobe.d/local-blacklist.conf:

# vi /etc/modprobe.d/local-blacklist.conf
install [module name] /bin/false

The above install line simply causes /bin/false to be run instead of installing a module. Same can be achieved by using the /bin/true.

3. Reboot the server for the changes to take effect.

# shutdown -r now

4. If the kernel module is part of the initramfs (boot configuration), the initramfs should be regenerated. Boot the affected kernel and run the following command to regenerate the affected kernel initramfs.

# dracut -f
Note: There may be unexpected side affects if a module is blacklisted that is required for other specific hardware. So be sure what module you are disabling

Remove Module Temporarily

It is possible to remove any currently-loaded module by running:

# modprobe -r [module name]

If the module cannot be unloaded. A process or another module may still be using the module, terminate the process and unload the module using the module that is being removed.

Verify the Blacklisted module

To verify if the module is blacklisted run the command shown below.

# modprobe --showconfig | grep blacklist
blacklist [module]
Beginners guide to Kernel Module Configuration in Linux

Filed Under: CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. edquota: command not found
  2. pvcreate Fails With Error: “Device /dev/mapper/mpatha Not Found (or Ignored By Filtering).”
  3. Beginners guide to Apache HTTP Server – Installation and Configuration
  4. How to Disable IPv6 on Ubuntu 18.04 Bionic Beaver Linux
  5. lftp: command not found
  6. Troubleshooting kdump Issues in CentOS/RHEL
  7. procs Command Examples in Linux
  8. How to create partitions inside loopback device
  9. mkfs.fat: command not found
  10. checkupdates : Command Examples in Linux

You May Also Like

Primary Sidebar

Recent Posts

  • raw: command not found
  • raw Command Examples in Linux
  • rankmirrors Command Examples in Linux
  • radeontop: command not found

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright