On Fri, Oct 21, 2022 at 03:11:27PM +0200, Marco d'Itri wrote:
Hi,
> > I thought --ignore-install was completely broken, but no, because without
> > it, the output contains *more* "install" lines:
> What you are actually seeing is that --ignore-install is applied only to
> the nfs module (the one which you have requested to load) but not to its
> own dependencies:
Yes, and this is in fact in agreement with the documentation:
-i, --ignore-install, --ignore-remove
This option causes modprobe to ignore install and remove commands in the
configuration file (if any) *for the module specified on the command line (any
dependent modules are still subject to commands set for them in the
configuration file)*.
This doesn't look like useful behaviour to me, but I don't pretend to be aware
of all use-cases (the only one I *am* aware of is the one in mkinitramfs, which
this behaviour breaks).
Unfortunately the current output can't, as I see it, be parsed to obtain a list
of dependencies, because the 'install' commands can be arbitrary command lines
with arbitrary side effects, any of which might be loading a module that isn't
even named in the command line.
> No matter what happens to --ignore-install I suggest that nfs-kernel-server
> will replace the modprobe configuration with some udev rules like this one
> (untested):
>
> ACTION=="add", SUBSYSTEM=="module", KERNEL=="sunrpc", RUN+="/sbin/sysctl -q
> --pattern sunrpc --system"
I see several ways forward:
1. packages that obfuscate module dependencies by supplying 'install' commands
for modules that other modules may depend on should be required to include
initramfs (and dracut?) hooks that install all dependencies in the initramfs if
a depending module is installed in it. This is arguably the correct solution;
in the case of nfs-kernel-server, for example, the 'install' command wants to
invoke sysctl --pattern, but the busybox sysctl installed in the initramfs by
default doesn't support --pattern. So the package would need to force initramfs
to include the /sbin/sysctl from procps, and maybe also any pertinent files
from /etc/sysctl.d.
2. in addition to looking at modprobe output, mkinitramfs should also look at
the depends: line in modinfo(8) output to find dependencies, and transitively
close the set of modules it includes. This seems like a relatively easy
workaround but it's not correct in that it won't cause /sbin/sysctl to be
included even if an 'install' command calls it (or whatever other binary and
configuration may be needed).
3. Debian could forbid including 'install' commands for modules that other
modules depend on and that may (frequently?) need to be included in an
initramfs (requiring, for example, the kind of udev rule Marco proposed).
AndrĂ¡s
--
The bride got a new name and a dress.
