From c492c01c82a8e4c93616ee56b7e5d882d28f56c2 Mon Sep 17 00:00:00 2001
From: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
Date: Mon, 28 Nov 2016 13:28:39 -0800
Subject: [PATCH] Disable kernel modules for cloud editions from moby by
 checking in a modified sysctl init with a cloud config

Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
---
 alpine/etc/init.d/sysctl                | 41 +++++++++++++++++++++++++
 alpine/etc/sysctl.d/cloud/security.conf |  1 +
 2 files changed, 42 insertions(+)
 create mode 100755 alpine/etc/init.d/sysctl
 create mode 100644 alpine/etc/sysctl.d/cloud/security.conf

diff --git a/alpine/etc/init.d/sysctl b/alpine/etc/init.d/sysctl
new file mode 100755
index 000000000..421dd8e3d
--- /dev/null
+++ b/alpine/etc/init.d/sysctl
@@ -0,0 +1,41 @@
+#!/sbin/openrc-run
+# Copyright (c) 2007-2015 The OpenRC Authors.
+# See the Authors file at the top-level directory of this distribution and
+# https://github.com/OpenRC/openrc/blob/master/AUTHORS
+#
+# This file is part of OpenRC. It is subject to the license terms in
+# the LICENSE file found in the top-level directory of this
+# distribution and at https://github.com/OpenRC/openrc/blob/master/LICENSE
+# This file may not be copied, modified, propagated, or distributed
+# except according to the terms contained in the LICENSE file.
+
+depend()
+{
+	before bootmisc logger
+	keyword -prefix -systemd-nspawn -vserver
+}
+
+start()
+{
+	local quiet rc=0
+	yesno $rc_verbose || quiet=-q
+
+	ebegin "Configuring kernel parameters"
+	set --
+	# Do additional sysctl configuration for cloud editions
+	[ "$(mobyplatform)" != "mac" ] && [ "$(mobyplatform)" != "windows" ] && CLOUD=/etc/sysctl.d/cloud/*.conf
+	for i in /run/sysctl.d/*.conf \
+			/etc/sysctl.d/*.conf \
+			/usr/local/lib/sysctl.d/*.conf \
+			/usr/lib/sysctl.d/*.conf \
+			/lib/sysctl.d/*.conf \
+			/etc/sysctl.conf \
+			$CLOUD; do
+		if [ -e "$i" ]; then
+			sysctl ${quiet} -p "$i"
+			rc=$(( $rc + $? ))
+		fi
+	done
+
+	eend $rc "Unable to configure some kernel parameters"
+}
\ No newline at end of file
diff --git a/alpine/etc/sysctl.d/cloud/security.conf b/alpine/etc/sysctl.d/cloud/security.conf
new file mode 100644
index 000000000..6c3a406bf
--- /dev/null
+++ b/alpine/etc/sysctl.d/cloud/security.conf
@@ -0,0 +1 @@
+kernel.modules_disabled=1
\ No newline at end of file