Sunday, April 29, 2012

Linux Disable Mounting of Uncommon Filesystem

How do I disable mounting of uncommon file systems such as hfs, udf, cramfs etc under Fedora or CentOS / RHEL / Redhat Enterprise Linux?

You need to edit /etc/modprobe.conf file to disable uncommon file system which can be loaded using Linux kernel driver. The syntax is:
install driverName /bin/true
In this example, disable loading hfs driver
install hfs /bin/true
Type the following command to list all file system drivers:
ls -l /lib/modules/$(uname -r)/kernel/fs
Sample outputs:
total 120
drwxr-xr-x 2 root root 4096 Sep 30 18:28 autofs4
drwxr-xr-x 2 root root 4096 Sep 30 18:28 cachefiles
drwxr-xr-x 2 root root 4096 Sep 30 18:28 cifs
drwxr-xr-x 2 root root 4096 Sep 30 18:28 configfs
drwxr-xr-x 2 root root 4096 Sep 30 18:28 cramfs
drwxr-xr-x 2 root root 4096 Sep 30 18:28 dlm
drwxr-xr-x 2 root root 4096 Sep 30 18:28 ecryptfs
drwxr-xr-x 2 root root 4096 Sep 30 18:28 exportfs
drwxr-xr-x 2 root root 4096 Sep 30 18:28 ext3
drwxr-xr-x 2 root root 4096 Sep 30 18:28 ext4
drwxr-xr-x 2 root root 4096 Sep 30 18:28 fat
drwxr-xr-x 2 root root 4096 Sep 30 18:28 freevxfs
drwxr-xr-x 2 root root 4096 Sep 30 18:28 fscache
drwxr-xr-x 2 root root 4096 Sep 30 18:28 fuse
drwxr-xr-x 3 root root 4096 Sep 30 18:28 gfs2
drwxr-xr-x 2 root root 4096 Sep 30 18:28 hfs
drwxr-xr-x 2 root root 4096 Sep 30 18:28 hfsplus
drwxr-xr-x 2 root root 4096 Sep 30 18:28 jbd
drwxr-xr-x 2 root root 4096 Sep 30 18:28 jbd2
drwxr-xr-x 2 root root 4096 Sep 30 18:28 jffs2
drwxr-xr-x 2 root root 4096 Sep 30 18:28 lockd
drwxr-xr-x 2 root root 4096 Sep 30 18:28 msdos
drwxr-xr-x 2 root root 4096 Sep 30 18:28 nfs
drwxr-xr-x 2 root root 4096 Sep 30 18:28 nfs_common
drwxr-xr-x 2 root root 4096 Sep 30 18:28 nfsd
drwxr-xr-x 2 root root 4096 Sep 30 18:28 nls
drwxr-xr-x 2 root root 4096 Sep 30 18:28 squashfs
drwxr-xr-x 2 root root 4096 Sep 30 18:28 udf
drwxr-xr-x 2 root root 4096 Sep 30 18:28 vfat
drwxr-xr-x 2 root root 4096 Sep 30 18:28 xfs
Uncommon file systems can be blocked as follows:
install cramfs /bin/true
install hfs /bin/true
install hfsplus /bin/true
install squashfs /bin/true
install udf /bin/true

/etc/modprobe.d/blacklist File

You can also add them to /etc/modprobe.d/blacklist. Listing a module here prevents the hotplug scripts from loading it. The syntax is as follows:
blacklist driverName
I recommend using /etc/modprobe.conf to block unwanted drivers.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)