Delete config files in /boot directory

Micik · 02-17-2019, 02:20 PM

Hello guys,

I'm wondering if I could delete file named config-2.6.2xxx in /boot folder?
I believe this config file is not needed in order computer to boot. The reason I'm considering this is to prevent anybody else from recompiling the kernel with settings of the current kernel.

So, is it safe to delete config-2.xxxx file in /boot directory?

Thank you.

wpeckham · 02-17-2019, 02:49 PM

Quote:

Originally Posted by Micik

Hello guys,

I'm wondering if I could delete file named config-2.6.2xxx in /boot folder?
I believe this config file is not needed in order computer to boot. The reason I'm considering this is to prevent anybody else from recompiling the kernel with settings of the current kernel.

So, is it safe to delete config-2.xxxx file in /boot directory?

Thank you.

In general that is not really smart. If you even get certain module updates, even for the same kernel, they need to be compiled against the current kernel config and a missing config would break the update. On my system that would be critical, on yours it may or may not depending upon your hardware.

How exactly would anyone get enough access onto your system to compile and install a kernel?

Micik · 02-20-2019, 01:49 AM

Hello wpeckham and thank you for the reply.
Of course no one would be able to gain access and recompile kernel on my system. I asked this question trying "to get into shoes" of a supplier that wants to supply system in which adding new HW and/or installing new devices are prohibited.
I just wondered if this config-2.xxxx file in /boot is really needed for everyday machine use and I guess it's not. It is needed only if one wants to add a new device and install new drivers for which it must recompile kernel.

joe_2000 · 02-20-2019, 02:41 AM

Quote:

Originally Posted by Micik

Hello wpeckham and thank you for the reply.
Of course no one would be able to gain access and recompile kernel on my system. I asked this question trying "to get into shoes" of a supplier that wants to supply system in which adding new HW and/or installing new devices are prohibited.
I just wondered if this config-2.xxxx file in /boot is really needed for everyday machine use and I guess it's not. It is needed only if one wants to add a new device and install new drivers for which it must recompile kernel.

This sounds wrong in many ways.
Deleting the config is not a very strong security "protection". Plus someone who builds products based on the (GPL-licensed) Linux kernel should empower their users to modify the product rather than trying to take this freedom away from them.

wpeckham · 02-20-2019, 05:25 AM

Quote:

Originally Posted by joe_2000

This sounds wrong in many ways.
Deleting the config is not a very strong security "protection". Plus someone who builds products based on the (GPL-licensed) Linux kernel should empower their users to modify the product rather than trying to take this freedom away from them.

I agree. If you really want a machine difficult to change, there are embedded hardware techniques that would serve far better.

hazel · 02-20-2019, 05:47 AM

Also there are software packages that expect certain kernel features. If you are having trouble with one of those and you ask for help, you are going to asked: "Do you have so-and-so activated in your kernel? And is it built-in or a module?" You'll look a bit silly if you can't answer because you threw away the configuration file.