W: security-misc: obsolete-command-in-modprobe.d-file etc/modprobe.d/30_security-misc.conf install
N:
W: obsolete-command-in-modprobe.d-file
N:
N: Use of 'install' and 'remove' commands in module files in
N: /etc/modprobe.d and /etc/modules-load.d is deprecated and should be
N: replaced with 'softdep' commands.
N:
N: Severity: warning
N:
N: Check: modprobe
N:
I prefer module load failures to produce error messages that can be investigated over silent breakage that is hard to track down what is causing it.
Could you please revert that specific commit?
Instead of /bin/false perhaps the following would be even easier to investigate?
/bin/disabled-by-security-misc
#!/bin/bash
echo "$0: ERROR: This kernel module is disabled by package security-misc by default. Most likely by configuration file /etc/modprobe.d/30_security-misc.conf | args: $@" >&2
exit 1
I am not sure blacklisting CD-ROM is a good idea yet. Therefore commented out for now.
There will be a Kicksecure ISO live / installer at some point as well as the same for Whonix-Host. As implemented now, that ISO might be broken by default when booting from DVD.
poll:
There might be be a way to un-blacklist CD-ROM / DVD for ISO only.
Added more kernel modules to the blacklist. Currently they are all prevented from automatically loading rather than being permanently disabled. We can then potentially begin the process of disabling them once compatibility is understood.
Perhaps simply blocking them from automatically loading for the time being would be an acceptable middle-ground until this can be investigated further?