Date: Sun, 17 Dec 2000 16:04:26 -0800 From: Dima Dorfman <dima@unixfreak.org> To: Nuno Teixeira <nuno.teixeira@pt-quorum.com> Cc: freebsd-bugs@freebsd.org, stable@freebsd.org Subject: Re: chflags bug? Message-ID: <20001218000431.5860E3E09@bazooka.unixfreak.org> In-Reply-To: Message from Nuno Teixeira <nuno.teixeira@pt-quorum.com> of "Sun, 17 Dec 2000 23:45:42 GMT." <Pine.BSF.4.21.0012172336010.794-100000@gateway.bogus>
next in thread | previous in thread | raw e-mail | index | archive | help
> The problem is: if I set on the 'schg' flag to a file, then I cannot > remove it with the 'noschg' option. That's the idea! If the system is in securelevel >= 1, the system immutable flag can't be unset. The point is to protect vital system components from tampering, accidental and otherwise. Since you can't lower the securelevel (unless you want to use ddb, but that's a story for another thread), you have two choices, 1) boot into single user mode, unset the flag (or install the kernel), or 2) set kern_securelevel_enable to "NO" in rc.conf. In a lower securelevel, you'll be able to unset the schg flag. Hope this helps Dima Dorfman dima@unixfreak.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001218000431.5860E3E09>