Date: Mon, 12 Jul 2010 17:53:10 -0500 From: Bryan Drewery <bryan@xzibition.com> To: Fernan Aguero <fernan.aguero@gmail.com> Cc: freebsd-security@freebsd.org Subject: Re: disable (new)syslog rotation and raise securelevel ... possible? Message-ID: <4C3B9CD6.3010207@xzibition.com> In-Reply-To: <AANLkTim1YqSOu5i_5TPZ57OvNBLBYu8wc7adJBX1urTF@mail.gmail.com> References: <AANLkTim1YqSOu5i_5TPZ57OvNBLBYu8wc7adJBX1urTF@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Fernan, You can disable newsyslog by adding newsyslog_enable="NO" to your /etc/rc.conf or /etc/rc.conf.local Also be aware that you will need to reboot with kern_securelevel_enable="NO" in one of those files, to lower the securelevel. You should also consider a remote syslog host. Bryan Fernan Aguero wrote: > Hi, > > I'd like to harden my FreeBSD installation, and thus would like to, e.g. > > i) chflags sappnd /var/log/* > ii) raise the securelevel of the system > > Is this possible? I've read elsewhere that newsyslog would not work in > such a system ... what are the possible workarounds? > > I wouldn't bother taking the system down once a week or every other > week, and manually lowering the securelevel, running newsyslog, etc. > Is there a guide somewhere on how to go about this? > > Thanks! > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C3B9CD6.3010207>