Date: Sun, 1 Jun 2003 17:07:53 -0400 From: Rory Arms <rorya@TrueStep.com> To: freebsd-current@freebsd.org Subject: installing kernel with securelevel set to 2 Message-ID: <1BDD0F44-9475-11D7-B397-000502D78289@TrueStep.com>
next in thread | raw e-mail | index | archive | help
FreeBSD-current@ I just tried installing a kernel after compiling May 31st source and figured I would have to reboot to a lower securelevel, as I'm running with kern.securelevel set to 2. However, it slipped my mind and i've noticed it installed anyhow. Has this behavior changed? I thought that the kernel file (/boot/kernel/kernel) and its modules could not be replaced at that securelevel? Note: I'm currently running an April 6th -CURRENT. Also, all filesystems are UFS1, currently. As you can see, it installed kernel just fine for some reason. In the past, if the machine was running in secure mode it would stop at this point: [...] cd /usr/obj/usr/src/sys/TSERVER; MAKEOBJDIRPREFIX=/usr/obj MACHINE_ARCH=i386 MACHINE=i386 CPUTYPE=i686 GROFF_BIN_PATH=/usr/obj/usr/src/i386/legacy/usr/bin GROFF_FONT_PATH=/usr/obj/usr/src/i386/legacy/usr/share/groff_font GROFF_TMAC_PATH=/usr/obj/usr/src/i386/legacy/usr/share/tmac PATH=/usr/obj/usr/src/i386/legacy/usr/sbin:/usr/obj/usr/src/i386/ legacy/usr/bin:/usr/obj/usr/src/i386/legacy/usr/games:/usr/obj/usr/src/ i386/usr/sbin:/usr/obj/usr/src/i386/usr/bin:/usr/obj/usr/src/i386/usr/ games:/sbin:/bin:/usr/sbin:/usr/bin make KERNEL=kernel install thiskernel=`sysctl -n kern.bootfile` ; if [ "$thiskernel" = /boot/kernel.old/kernel ] ; then chflags -R noschg /boot/kernel ; rm -rf /boot/kernel ; else if [ -d /boot/kernel.old ] ; then chflags -R noschg /boot/kernel.old ; rm -rf /boot/kernel.old ; fi ; mv /boot/kernel /boot/kernel.old ; if [ "$thiskernel" = /boot/kernel/kernel ] ; then sysctl kern.bootfile=/boot/kernel.old/kernel ; fi; fi kern.bootfile: /boot/kernel/kernel -> /boot/kernel.old/kernel mkdir -p /boot/kernel install -p -m 555 -o root -g wheel kernel /boot/kernel cd /usr/src/sys/modules; MAKEOBJDIRPREFIX=/usr/obj/usr/src/sys/TSERVER/modules KMODDIR=/boot/kernel MACHINE=i386 make install [...] Looks like it was able to remove the immutable flag w/o a problem, which isn't supposed to be allowed at securelevel 1 or 2. From securelevel(8): 1 Secure mode - the system immutable and system append-only flags may not be turned off; disks for mounted file systems, /dev/mem, and /dev/kmem may not be opened for writing; kernel modules (see kld(4)) may not be loaded or unloaded. 2 Highly secure mode - same as secure mode, plus disks may not be opened for writing (except by mount(2)) whether mounted or not. This level precludes tampering with file systems by unmounting them, but also inhibits running newfs(8) while the system is multi- user. Here's how I checked the securelevel: # sysctl kern.securelevel kern.securelevel: 2 # Also, checking the flags on "/boot/kernel/kernel" after the "make -j2 kernelinstall" there appears to be no flags set on the kernel file or any of its modules: # ls -lo /boot/kernel/kernel -r-xr-xr-x 1 root wheel - 3553557 Jun 1 16:24 /boot/kernel/kernel # Odd, no? Is there a new sysctl(8) directive that I'm missing? Maybe its a bug that's been fixed since Apr. 6th. Thanks, -rory
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1BDD0F44-9475-11D7-B397-000502D78289>