From owner-freebsd-questions@FreeBSD.ORG Fri Jun 4 11:11:46 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 425BD16A4CE for ; Fri, 4 Jun 2004 11:11:46 -0700 (PDT) Received: from av7-2-sn2.hy.skanova.net (av7-2-sn2.hy.skanova.net [81.228.8.109]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0ACC843D1D for ; Fri, 4 Jun 2004 11:11:46 -0700 (PDT) (envelope-from ertr1013@student.uu.se) Received: by av7-2-sn2.hy.skanova.net (Postfix, from userid 502) id 089D037E46; Fri, 4 Jun 2004 20:11:42 +0200 (CEST) Received: from smtp2-2-sn2.hy.skanova.net (smtp2-2-sn2.hy.skanova.net [81.228.8.178]) by av7-2-sn2.hy.skanova.net (Postfix) with ESMTP id E7E6837E42 for ; Fri, 4 Jun 2004 20:11:41 +0200 (CEST) Received: from falcon.midgard.homeip.net (h201n1fls24o1048.bredband.comhem.se [212.181.162.201]) by smtp2-2-sn2.hy.skanova.net (Postfix) with SMTP id A024D37E42 for ; Fri, 4 Jun 2004 20:11:41 +0200 (CEST) Received: (qmail 66285 invoked by uid 1001); 4 Jun 2004 18:11:41 -0000 Date: Fri, 4 Jun 2004 20:11:41 +0200 From: Erik Trulsson To: Bill Moran Message-ID: <20040604181141.GA66269@falcon.midgard.homeip.net> Mail-Followup-To: Bill Moran , jbronson@wixb.com, freebsd-questions@freebsd.org References: <6.1.1.1.2.20040604123158.00ab97d0@localhost> <20040604175551.GA66111@falcon.midgard.homeip.net> <20040604140036.0a1ef5f0.wmoran@potentialtech.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040604140036.0a1ef5f0.wmoran@potentialtech.com> User-Agent: Mutt/1.5.6i cc: freebsd-questions@freebsd.org cc: jbronson@wixb.com Subject: Re: security level and fsck X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jun 2004 18:11:46 -0000 On Fri, Jun 04, 2004 at 02:00:36PM -0400, Bill Moran wrote: > Erik Trulsson wrote: > > > On Fri, Jun 04, 2004 at 12:32:51PM -0500, J.D. Bronson wrote: > > > is there any connection to fsck not be able to run when > > > I am at security level 3 under 5.2.1? > > > > > > That seems odd, but sure seems to be the case. > > > > That sounds very likely. I would imagine that fsck needs write access > > to the raw disks in order to do its job, but such access is not allowed > > under securelevel 2 and above. > > fsck is normally run very early in the boot-sequence - before the > > securelevel is raised - so in normal operation that would not be any > > major problem. > > What about 5's background fsck? Is that set up so it's able to run after > the securelevel has been raised? Background fsck seems to wait a minute or > so for the machine to boot before it starts. I don't run 5.x so I don't know for sure, but it certainly sounds like background fsck does not work well together with a securelevel 2 or above. So if you want to run at a high securelevel you can't use background fsck. -- Erik Trulsson ertr1013@student.uu.se