Date: Tue, 24 Jun 1997 14:17:00 +0100 (BST) From: Stephen Roome <steve@visint.co.uk> To: freebsd-questions@freebsd.org Subject: sysctl, init and kern.securelevel Message-ID: <Pine.BSF.3.95.970624140501.2728B-100000@dylan.visint.co.uk>
next in thread | raw e-mail | index | archive | help
We're trying to write a safe shutdown routine that can be called remotely and can reply back to a remote user to say that it's now okay to turn off the power to the machine. The current approach is to kill off processes, sync the disks and remount everything read only and then reply back through a web server that pulling the plug is now okay. While this is a really horrible way to go, I can't think of any other way of shutting a machine down safely and being sure that it won't start up single user next time with fsck errors. (And fsck in /etc/rc... isn't going to change from being -p to -y as that's really rather sick). One approach seemed to be raising the securelevel (and then offing the power after a remount), but it's confusing me... As far as the man pages go (or perhaps my interpretation of them), raising kern.securelevel is fine, and lowering it isn't (except by init). [I think I'm doing okay so far.. ] Well, say I raise kern.securelevel to 2, what actaully happens. I can still remount devices and create files etc, this bit gets me, nothing appears to have changed much. So, two questions: 1) Is this a BAD way to shut a box down ? 2) Does securelevel have any effect on anything, and could there be securelevel 3 - a "can't do anything level". (That sounds useful, for me at least!) Confused, Steve Roome - Vision Interactive Ltd. Tel:+44(0)117 9730597 Home:+44(0)976 241342 WWW: http://dylan.visint.co.uk/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.970624140501.2728B-100000>