diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2022-01-15 11:12:03 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2022-01-15 11:12:03 -0300 |
| commit | 5b16f633b8a61f407fd041f5529c2ea071c1cc34 (patch) | |
| tree | b6af4f03877bfa540e1204ae05484f308ad02497 | |
| parent | baf006bc7234ef68479048798a72d02ca25abd32 (diff) | |
| download | puppet-nodo-5b16f633b8a61f407fd041f5529c2ea071c1cc34.tar.gz puppet-nodo-5b16f633b8a61f407fd041f5529c2ea071c1cc34.tar.bz2 | |
Feat: thunderbolt and additional firewire kernel blocks
| -rw-r--r-- | files/etc/modprobe.d/blacklist.conf | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/files/etc/modprobe.d/blacklist.conf b/files/etc/modprobe.d/blacklist.conf index 52ea5a4..d339c0d 100644 --- a/files/etc/modprobe.d/blacklist.conf +++ b/files/etc/modprobe.d/blacklist.conf @@ -77,6 +77,10 @@ install ohci1394 false # Iff we should ever load the ohci1394 module, force the use of the 'phys_dma=0' option. options ohci1394 phys_dma=0 +# See also https://github.com/lfit/itpol/blob/master/linux-workstation-security.md#blacklisting-modules +blacklist firewire-core +blacklist thunderbolt + # PC Speaker blacklist pcspkr |