Date: Thu, 21 Apr 2005 00:14:51 +0200 From: =?ISO-8859-1?Q?K=F6vesd=E1n_G=E1bor?= <gabor.kovesdan@t-hosting.hu> To: Ronald Klop <ronald-freebsd8@klop.yi.org> Cc: freebsd-stable@freebsd.org Subject: Re: securelevel and make installworld Message-ID: <4266D45B.9000401@t-hosting.hu> In-Reply-To: <opspjwj0x98527sy@smtp.local> References: <opspjrxucr8527sy@smtp.local> <4266C966.90701@alumni.rice.edu> <opspjwj0x98527sy@smtp.local>
next in thread | previous in thread | raw e-mail | index | archive | help
Ronald Klop wrote: > On Wed, 20 Apr 2005 16:28:06 -0500, Jon Noack > <noackjr@alumni.rice.edu> wrote: > >> On 04/20/05 15:16, Ronald Klop wrote: >> >>> Can make installworld complain on startup if I try to run it with >>> securelevel > 0. >>> It will fail half way through on some files with nochg flags or >>> something like that. >> >> >> Design feature: >> 'schg' is the system immutable flag. Some system files are >> installed with 'schg' for security reasons; installworld must remove >> this flag in order to install a new version of these files. >> However, when securelevel > 0 system immutable flags may not be >> turned off (see init(8)). An attempt to remove the system immutable >> flag (set 'noschg') will therefore fail. As a result, installworld >> fails. >> >> Canonical answer: >> Reboot into single user mode to perform the installworld as >> documented in UPDATING and section 19.4.1 of the handbook. > > > I understand the problem, otherwise I wouldn't have securelevel > 0. > Doing a remote install in single user mode isn't always possible. > And than it isn't very nice to break the installworld with an error. > Using the idea of 'fail early' it would be very nice too have a check > for securelevel in the installworld Makefile. > > Ronald. > Check in the Makefile? Why don't You check Your securelevel with "sysctl -a | grep kern.securelevel"? But how don't You remember which securelevel are You using? You probably have your own habits in system administration. As for me I always use 2, which is convenient for me, because I often have to modify ipf/ipfw rules. Anyway, make installworld is the most secure in single user mode. I had a critical failure by making installworld without booting single user mode and my system didn't boot any more. I had to reinstall everything.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4266D45B.9000401>