How to prevent a Linux kernel module from auto loading

last updated in Categories CentOS, Debian Linux, Howto, Linux, RedHat/Fedora Linux, Sys admin, Tip of the day, Troubleshooting

In some situation, you may want to avoid loading a Linux driver module automatically. For example:

  1. You would like to use proprietary device driver (I am against any proprietary drivers) and not the inbuilt (reverse engineered) kernel, driver.
  2. You might want to block it loading the driver for security reasons. If your server system connected without a diskette / floppy drive; kernel will try to load floppy driver – disable floppy driver or module. Or just disable USB driver loading on Linux.
  3. In some cases buggy driver causes kernel BUG on load so you just want to avoid the problem.

The Linux kernel get module information from /etc/modprobe.conf file and /etc/modprobe.d/* file(s).

If you are using CentOS/Redhat/RHEL/Fedora Linux…

Just open your /etc/modprobe.conf OR /etc/modprobe.d/blacklist.conf file and turn of auto loading using following syntax:
alias driver-name off

If you are using Debian / Ubuntu Linux…

open /etc/modprobe.d/blacklist.conf file and add drivername using following syntax:
blacklist driver-name

Reboot your Linux box and use lsmod command to show the status of modules in the Linux Kernel:
# reboot
# lsmod

Say hello to kernel.modules_disabled kernel variable

You can place restrictions on module loading. When the following set to 1, unprivileged users cannot trigger the automatic loading of modules for security reasons:
# sysctl -w kernel.modules_disabled=1
You can add above to /etc/sysctl.d/99-custom.conf:
# echo 'kernel.modules_disabled=1' >> /etc/sysctl.d/99-custom.conf

Get 15% off on Linux Foundation certified SysAdmin, Progamming, Kubernetes/Containers and Open Stack certification & course. Use "SPLASH15" coupon code. Offer expires on August 27, 2018
training.linuxfoundation.org

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

12 comment

  2. On a similar path, how would you go about disabling USB without having to add nousb on the kernel settings line in GRUB ?

  3. You need to add following drivers
    usbcore
    ehci_hcd
    uhci_hcd

    lsmod and modinfo command always gives information about loaded drivers.

  4. the method is if nothing works in debian based distros to blacklist a certain module,try making a file /etc/modprobe.d/00local with content as
    install modulename /bin/true

  11. OpenSuse 11.4 can only mount one type of filesystem ‘ISO9660’ . What is my problem?
    Thank you
    Nathan

    Have a question? Post it on our forum!