Implement disable for disabling kernel_modules

This allows inspec kernel_module be_disabled to work

Signed-off-by: Tom Doherty <tom.doherty@fixnetix.com>

1 files changed, 19 insertions, 1 deletions

diff --git a/lib/chef/resource/kernel_module.rb b/lib/chef/resource/kernel_module.rb
index 882f9de975..1176990071 100644
--- a/lib/chef/resource/kernel_module.rb
+++ b/lib/chef/resource/kernel_module.rb
@@ -13,7 +13,7 @@ class Chef
     class KernelModule < Chef::Resource
       resource_name :kernel_module
 
-      description "Use the kernel_module resource to manage kernel modules on Linux systems. This resource can load, unload, blacklist, install, and uninstall modules."
+      description "Use the kernel_module resource to manage kernel modules on Linux systems. This resource can load, unload, blacklist, disable, install, and uninstall modules."
       introduced "14.3"
 
       property :modname, String,
@@ -92,6 +92,24 @@ class Chef
         new_resource.run_action(:unload)
       end
 
+      action :disable do
+        description "Disable a kernel module."
+
+        file "#{new_resource.unload_dir}/disable_#{new_resource.modname}.conf" do
+          content "install #{new_resource.modname} /bin/false"
+          notifies :run, "execute[update initramfs]", :delayed
+        end
+
+        with_run_context :root do
+          find_resource(:execute, "update initramfs") do
+            command initramfs_command
+            action :nothing
+          end
+        end
+
+        new_resource.run_action(:unload)
+      end
+
       action :load do
         description "Load a kernel module."