How to prevent a Linux kernel module from auto loading

In some situation, you may want to avoid loading a Linux driver module automatically. For example:

ADVERTISEMENTS

  1. You would like to use proprietary device driver (I am against any proprietary drivers) and not the inbuilt (reverse engineered) kernel, driver.
  2. You might want to block it loading the driver for security reasons. If your server system connected without a diskette / floppy drive; kernel will try to load floppy driver – disable floppy driver or module. Or just disable USB driver loading on Linux.
  3. In some cases buggy driver causes kernel BUG on load so you just want to avoid the problem.

The Linux kernel get module information from /etc/modprobe.conf file and /etc/modprobe.d/* file(s).

If you are using CentOS/Redhat/RHEL/Fedora Linux…

Just open your /etc/modprobe.conf OR /etc/modprobe.d/blacklist.conf file and turn of auto loading using following syntax:
alias driver-name off

If you are using Debian / Ubuntu Linux…

open /etc/modprobe.d/blacklist.conf file and add drivername using following syntax:
blacklist driver-name

Reboot your Linux box and use lsmod command to show the status of modules in the Linux Kernel:
# reboot
# lsmod

Say hello to kernel.modules_disabled kernel variable

You can place restrictions on module loading. When the following set to 1, unprivileged users cannot trigger the automatic loading of modules for security reasons:
# sysctl -w kernel.modules_disabled=1
You can add above to /etc/sysctl.d/99-custom.conf:
# echo 'kernel.modules_disabled=1' >> /etc/sysctl.d/99-custom.conf

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source & DevOps topics via:
CategoryList of Unix and Linux commands
File Managementcat
FirewallCentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNCentOS 8 Debian 10 Firewall Ubuntu 20.04

ADVERTISEMENTS
12 comments… add one
  • Béranger Jun 14, 2007 @ 6:30

    Blacklisting in /etc/modprobe.d/blacklist works in F7 too, not only in Debian!

  • Erik Bussink Jun 14, 2007 @ 19:04

    On a similar path, how would you go about disabling USB without having to add nousb on the kernel settings line in GRUB ?

  • 🐧 nixCraft Jun 15, 2007 @ 10:34

    You need to add following drivers
    usbcore
    ehci_hcd
    uhci_hcd

    lsmod and modinfo command always gives information about loaded drivers.

  • Prakash Aug 31, 2007 @ 20:57

    the method is if nothing works in debian based distros to blacklist a certain module,try making a file /etc/modprobe.d/00local with content as
    install modulename /bin/true

  • MotoHoss Jul 15, 2008 @ 21:57

    The debian way? An update has been written and is available here : http://wiki.debian.org/KernelModuleBlacklisting

  • Ravi J Dec 29, 2009 @ 19:53

    I am unable to stop kvm, kvm_intel from getting loaded even after adding those to blacklist (Ubuntu 9.10).

  • Dhananjay Mar 1, 2011 @ 13:19

    Thanks a lot.

  • 0xA00A Jul 13, 2011 @ 9:35

    on fedora 15 you do:
    sudo gedit /etc/modprobe.d/blacklist.conf
    blacklist driver-name

  • Riccardo Sep 1, 2011 @ 19:22

    On Suse is like fedora 15:

    sudo gedit /etc/modprobe.d/blacklist.conf
    blacklist driver-name

  • Gary Oct 14, 2011 @ 20:46

    alias driver-name off does nto work on CentOS 5.5

  • nathan Apr 21, 2012 @ 20:55

    OpenSuse 11.4 can only mount one type of filesystem ‘ISO9660’ . What is my problem?
    Thank you
    Nathan

  • cristian Feb 4, 2013 @ 17:30

    How I can do to join the blacklist all except driver being used. thanks. cristian

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.