Date: Thu, 15 Aug 2002 23:46:54 -0700 (PDT) From: Annelise Anderson <andrsn@andrsn.stanford.edu> To: Jim McAtee <jmcatee@mediaodyssey.com> Cc: freebsd-newbies@FreeBSD.ORG Subject: Re: Can't install custom kernel Message-ID: <Pine.BSF.4.10.10208152341450.71334-100000@andrsn.stanford.edu> In-Reply-To: <049301c244e7$9578c7d0$272fa8ce@jim>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 15 Aug 2002, Jim McAtee wrote: > ----- Original Message ----- > From: "Annelise Anderson" <andrsn@andrsn.stanford.edu> > To: "Jim McAtee" <jmcatee@mediaodyssey.com> > Cc: <freebsd-newbies@FreeBSD.ORG> > Sent: Thursday, August 15, 2002 11:19 PM > Subject: Re: Can't install custom kernel > > > > On Thu, 15 Aug 2002, Jim McAtee wrote: > > > > > When I attempt to do > > > > > > # make installkernel KERNCONF=MYKERN > > > > > > I run into errors renaming the kernel files because of the > kern_securelevel > > > I've set (which is 2). My understanding is that if I boot into single > user > > > mode, then I should be able to get around this. However, I get the same > > > error in single user mode. > > > > > > I believe I could just set the kern_securelevel to a lower level, reboot > and > > > install the new kernel, but first I'd like to understand what's wrong. > > > > > > > Actually nothing is wrong! Your securelevel is high enough that it does > > not allow you to change system files. Turn off setting a securelevel in > > /etc/rc.conf (after you boot into single user mode) and then reboot. > > That's what the securelevel is supposed to do--prevent a new kernel (or > > any other system files) being installed unless you're at the console and > > can reboot into single user mode and change the securelevel. > > > I think the reason for my confusion lies in the somewhat contradictory > information that I've read in different places regarding this issue. > > >From the FAQ: > ------------------------------------------------------------------- > > 10.26. I tried to install a new kernel, and the chflags failed. How do I get > around this? > > Short answer: You are probably at security level greater than 0. Reboot > directly to single user mode to install the kernel. > > Long answer: FreeBSD disallows changing system flags at security levels > greater than 0. You can check your security level with the command: > > # sysctl kern.securelevel > > > You cannot lower the security level; you have to boot to single mode to > install the kernel, or change the security level in /etc/rc.conf then > reboot. See the init(8) manual page for details on securelevel, and see > /etc/defaults/rc.conf and the rc.conf(5) manual page for more information on > rc.conf. > > ------------------------------------------------------------------- > > Boot to single mode _or_ change the security level. Either poorly worded or > just plain wrong. > > Jim > Sorry, I should have just suggested freebsd-questions. I don't know why it didn't work in single-user mode--with all discs mounted, it seems you should have been able to install the new kernel and then reboot, returning to whatever securelevel is in rc.conf. Annelise -- Annelise Anderson Author of: FreeBSD: An Open-Source Operating System for Your PC Available from: BSDmall.com and amazon.com Book Website: http://www.bittreepress.com/FreeBSD/introbook/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-newbies" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10208152341450.71334-100000>