undefined | Better HN

0 pointsyjftsjthsd-h6d ago0 comments

It seems like a reasonable middle ground for most distros is to put things in kernel modules, but then package those modules into separate packages. If you don't need somedriver.ko, then you don't `apt install linux-driver-somedriver`; if you do need it, just install the package and it just works without needing to compile anything and you get automatic updates and everything.

For Gentoo, of course, "just recompile the kernel as desired" is more reasonable, though they have binary packages including for the kernel and I don't see why the same idea shouldn't work there.

0 comments

Muromec6d ago

>but then package those modules into separate packages. If you don't need somedriver.ko, then you don't `apt install linux-driver-somedriver

But I don't want to know what drivers I need and will need next. Tomorrow I could buy a different wifi module and then what? Spend 3 hours googling which rtl378326973268632aahaxhabt.ko to install? Thanks but no thanks.

patmorgan236d ago

So why can't someone (probably the distro) build a utility that detects the hardware and installs the required kernal module?

We can have security and convenience.

Muromec5d ago

I'm not sure what we get in terms of security then.

Now, when kernel finds a USB device with product vendor id 123:456 it asks userspace for a driver for this id. Every .ko file has this metadata saying which device ids it supports. Notice that important part of being able to trigger the device load event here is physical access to plug in the device.

If each module has to be installed, then what? We would have the index of all modules, but not the modules themselves, so each time a new usb device is plugged in, the thing will do apt-get install something something and wait for a minute or three. Where is the upside really?

Maybe what you want is being in the loop for what modules are loaded and approve them manually? That will suffer from the usual operator fatigue and requires understanding what each of 225 modules (I just checked lsmod | wc -l) is doing.

bombcar6d ago

That existed for a very short period of time before it became simpler to just ship everything all the time. I remember at least one distro booting with a single processor kernel and detecting that it could use an SMP kernel and did I want to pull it down?

johnny226d ago

and how would it get that module without network access. I'd say for network drivers specifically, this is tough one.

It would work for various other drivers though.

bombcar6d ago

The standard method is for the installer to have the needful and then it knows what packages to install to give you the network drivers you need going forward (shades of slipstreaming in all the network drivers I could find into W2K custom ISOs so I'd not need to find floppies).

tardedmeme6d ago

On older versions of Windows you used to get popups saying new hardware is detected, would you like to install the driver now?

SoftTalker6d ago

It was always fun to get those when the hardware hadn't changed.

PunchyHamster6d ago

That's in generally available distro a huge PITA.

You can do blacklists easy enough if you want to, just add few lines of text into /etc.

I'd also like option for whitelisting, like whitelisting every single NIC driver is harmless enough coz they just won't be loaded, but anything that can be loaded by non-root userspace action should have option to be only loaded if it is on whitelist.

Tho all that is easily doable by just changing userspace AFAIK

j / k navigate · click thread line to collapse

0 comments

Muromec6d ago

>but then package those modules into separate packages. If you don't need somedriver.ko, then you don't `apt install linux-driver-somedriver

patmorgan236d ago

So why can't someone (probably the distro) build a utility that detects the hardware and installs the required kernal module?

We can have security and convenience.

Muromec5d ago

I'm not sure what we get in terms of security then.

bombcar6d ago

johnny226d ago

and how would it get that module without network access. I'd say for network drivers specifically, this is tough one.

It would work for various other drivers though.

bombcar6d ago

tardedmeme6d ago

On older versions of Windows you used to get popups saying new hardware is detected, would you like to install the driver now?

SoftTalker6d ago

It was always fun to get those when the hardware hadn't changed.

PunchyHamster6d ago

That's in generally available distro a huge PITA.

You can do blacklists easy enough if you want to, just add few lines of text into /etc.

Tho all that is easily doable by just changing userspace AFAIK

j / k navigate · click thread line to collapse