Comment by yjftsjthsd-h
11 hours ago
It seems like a reasonable middle ground for most distros is to put things in kernel modules, but then package those modules into separate packages. If you don't need somedriver.ko, then you don't `apt install linux-driver-somedriver`; if you do need it, just install the package and it just works without needing to compile anything and you get automatic updates and everything.
For Gentoo, of course, "just recompile the kernel as desired" is more reasonable, though they have binary packages including for the kernel and I don't see why the same idea shouldn't work there.
>but then package those modules into separate packages. If you don't need somedriver.ko, then you don't `apt install linux-driver-somedriver
But I don't want to know what drivers I need and will need next. Tomorrow I could buy a different wifi module and then what? Spend 3 hours googling which rtl378326973268632aahaxhabt.ko to install? Thanks but no thanks.
So why can't someone (probably the distro) build a utility that detects the hardware and installs the required kernal module?
We can have security and convenience.
That existed for a very short period of time before it became simpler to just ship everything all the time. I remember at least one distro booting with a single processor kernel and detecting that it could use an SMP kernel and did I want to pull it down?
and how would it get that module without network access. I'd say for network drivers specifically, this is tough one.
It would work for various other drivers though.
1 reply →
On older versions of Windows you used to get popups saying new hardware is detected, would you like to install the driver now?
It was always fun to get those when the hardware hadn't changed.
That's in generally available distro a huge PITA.
You can do blacklists easy enough if you want to, just add few lines of text into /etc.
I'd also like option for whitelisting, like whitelisting every single NIC driver is harmless enough coz they just won't be loaded, but anything that can be loaded by non-root userspace action should have option to be only loaded if it is on whitelist.
Tho all that is easily doable by just changing userspace AFAIK