diff options
| author | Richard Jones <rjones@trick.home.annexia.org> | 2009-06-15 14:45:05 +0100 |
|---|---|---|
| committer | Richard Jones <rjones@trick.home.annexia.org> | 2009-06-15 14:45:05 +0100 |
| commit | 161c7cd7f9c9d1099c35db20f78d7e5a20ea6517 (patch) | |
| tree | 3d85b586d1745cb472db886bb00b08bd20e3b154 /appliance | |
| parent | 67232e4a701f51ac770a085727a665277086a5ae (diff) | |
| download | libguestfs-161c7cd7f9c9d1099c35db20f78d7e5a20ea6517.tar.gz libguestfs-161c7cd7f9c9d1099c35db20f78d7e5a20ea6517.tar.xz libguestfs-161c7cd7f9c9d1099c35db20f78d7e5a20ea6517.zip | |
Move kernel module list to a separate whitelist file.
Diffstat (limited to 'appliance')
| -rw-r--r-- | appliance/Makefile.am | 2 | ||||
| -rw-r--r-- | appliance/kmod.whitelist | 38 | ||||
| -rwxr-xr-x | appliance/make.sh.in | 45 |
3 files changed, 55 insertions, 30 deletions
diff --git a/appliance/Makefile.am b/appliance/Makefile.am index 1886e3e1..5dd6521e 100644 --- a/appliance/Makefile.am +++ b/appliance/Makefile.am @@ -32,7 +32,7 @@ fs_DATA = $(INITRAMFSIMG) $(VMLINUZ) $(INITRAMFSIMG) $(VMLINUZ): $(top_builddir)/initramfs/fakeroot.log -$(top_builddir)/initramfs/fakeroot.log: make.sh +$(top_builddir)/initramfs/fakeroot.log: make.sh kmod.whitelist -mv $(INITRAMFSIMG) $(INITRAMFSIMG).bak -mv $(VMLINUZ) $(VMLINUZ).bak if ! bash make.sh; then rm -f $@; exit 1; fi diff --git a/appliance/kmod.whitelist b/appliance/kmod.whitelist new file mode 100644 index 00000000..4bf4cf81 --- /dev/null +++ b/appliance/kmod.whitelist @@ -0,0 +1,38 @@ +# List of kernel modules that we leave in the appliance. This has to +# include any dependencies needed by modules. + +# Any kernel module not listed here is deleted from the appliance. + +# Wildcards are permitted. + +virtio.ko +virtio_net.ko +virtio_pci.ko +virtio_ring.ko + +ext2.ko +ext3.ko +ext4*.ko + +crc16.ko +jbd.ko +jbd2.ko + +fuse.ko + +vfat.ko +fat.ko + +udf.ko +crc_itu_t.ko +nls_utf8.ko + +dm-*.ko + +cramfs.ko +squashfs.ko + +hfsplus.ko +ufs.ko +exportfs.ko +xfs.ko diff --git a/appliance/make.sh.in b/appliance/make.sh.in index 9c52830b..8f3b2127 100755 --- a/appliance/make.sh.in +++ b/appliance/make.sh.in @@ -80,35 +80,22 @@ rm -f $koutput # Don't need any keyboard maps. @FEBOOTSTRAP_RUN@ initramfs -- rm -rf /lib/kbd -# Modules take up nearly half of the image. It's a rough guess that -# we don't need many drivers (which take up most of the space). -(cd initramfs && find lib/modules/*/kernel \ - -name '*.ko' \ - -a ! -name 'virtio.ko' \ - -a ! -name 'virtio_net.ko' \ - -a ! -name 'virtio_pci.ko' \ - -a ! -name 'virtio_ring.ko' \ - -a ! -name 'ext2.ko' \ - -a ! -name 'ext3.ko' \ - -a ! -name 'ext4*.ko' \ - -a ! -name 'crc16.ko' \ - -a ! -name 'jbd.ko' \ - -a ! -name 'jbd2.ko' \ - -a ! -name 'fuse.ko' \ - -a ! -name 'vfat.ko' \ - -a ! -name 'fat.ko' \ - -a ! -name 'udf.ko' \ - -a ! -name 'crc_itu_t.ko' \ - -a ! -name 'nls_utf8.ko' \ - -a ! -name 'dm-*.ko' \ - -a ! -name 'cramfs.ko' \ - -a ! -name 'squashfs.ko' \ - -a ! -name 'hfsplus.ko' \ - -a ! -name 'ufs.ko' \ - -a ! -name 'exportfs.ko' \ - -a ! -name 'xfs.ko' \ - -a -print0 ) | - xargs -0 @FEBOOTSTRAP_RUN@ initramfs -- rm +# Kernel modules take up nearly half of the image. Only include ones +# which are on the whitelist. +grep -v '^[[:space:]]*$' < appliance/kmod.whitelist | + grep -v '^#' > kmod.whitelist.tmp +exec 5<kmod.whitelist.tmp +whitelist= +while read kmod 0<&5; do + whitelist="$whitelist -a -not -name $kmod" +done +exec 5<&- +rm kmod.whitelist.tmp +#echo whitelist=$whitelist + +(cd initramfs && \ + find lib/modules/*/kernel -name '*.ko' $whitelist -a -print0 ) | + xargs -0 febootstrap-run initramfs -- rm # Pull the kernel out into the current directory. We don't want it in # the initramfs image. |