From owner-freebsd-bugs  Sun Mar  2 23:30:06 1997
Return-Path: <owner-bugs>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id XAA07502
          for bugs-outgoing; Sun, 2 Mar 1997 23:30:06 -0800 (PST)
Received: (from gnats@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id XAA07491;
          Sun, 2 Mar 1997 23:30:03 -0800 (PST)
Date: Sun, 2 Mar 1997 23:30:03 -0800 (PST)
Message-Id: <199703030730.XAA07491@freefall.freebsd.org>
To: freebsd-bugs
Cc: 
From: Bruce Evans <bde@zeta.org.au>
Subject: Re: docs/2850: init(8) man page does not document securelevel properly
Reply-To: Bruce Evans <bde@zeta.org.au>
Sender: owner-bugs@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

The following reply was made to PR docs/2850; it has been noted by GNATS.

From: Bruce Evans <bde@zeta.org.au>
To: FreeBSD-gnats-submit@FreeBSD.org, mab@sjca.edu
Cc:  Subject: Re: docs/2850: init(8) man page does not document securelevel properly
Date: Mon, 3 Mar 1997 18:18:26 +1100

 >There are a couple problems with the documentation of kernel security levels:
 >
 >1) The init(8) manual page states that the kernel boots at securelevel
 >0.  This isn't true; by default it is set to -1.
 
 Fixed in -current.
 
 >2) The interface to changing the security level (editing
 >/usr/src/sys/kern/kern_sysctl.h or something like that) is not
 >documented.  Also, the interface stinks, but this is supposed to be a
 >doc bug. :-)
 
 That's not the interface.  The sysadmin interface is
 `sysctl -w kern.securelevel=whatever'.  This is sort of documented even
 in 2.1.7.  The bit about editing sys/param.c was misleading even before
 the default was changed -1.  E.g., there's not much point to setting
 the level to > 0 in the kernel, since init will reduce the level to 0
 if the system is shut down to single user mode.
 
 >3) The manual page ought to warn that configuring a kernel to boot at
 >securelevel 1 or 2 can cause autobooting to fail, because the kernel
 >will not be able to do fsck on dirty filesystems.  I speak from
 >experience on this one.
 
 Level 1 should work.  However, level 1 provides no security for disks
 under FreeBSD (although it is supposed to secure mounted partitions).
 
 >4) Saying that securelevel can be raised to 2 in /etc/rc is a little
 >vague.  It ought to state at exactly what point in booting securelevel
 >can be raised---like, say, right at the end.  If you did it before the
 >filesystem checks, things would be bad.  That would be clueless of
 >course, but... Really, there should be an /etc/sysconfig interface to
 >securelevel; this would un-obfuscate things considerably.
 >
 >>How-To-Repeat:
 >>Fix:
 >>Audit-Trail:
 >>Unformatted:
 >