Date: Thu, 15 Aug 2002 23:41:35 -0600 From: "Jim McAtee" <jmcatee@mediaodyssey.com> To: "Annelise Anderson" <andrsn@andrsn.stanford.edu> Cc: <freebsd-newbies@FreeBSD.ORG> Subject: Re: Can't install custom kernel Message-ID: <049301c244e7$9578c7d0$272fa8ce@jim> References: <Pine.BSF.4.10.10208152214380.71088-100000@andrsn.stanford.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "Annelise Anderson" <andrsn@andrsn.stanford.edu> To: "Jim McAtee" <jmcatee@mediaodyssey.com> Cc: <freebsd-newbies@FreeBSD.ORG> Sent: Thursday, August 15, 2002 11:19 PM Subject: Re: Can't install custom kernel > On Thu, 15 Aug 2002, Jim McAtee wrote: > > > When I attempt to do > > > > # make installkernel KERNCONF=MYKERN > > > > I run into errors renaming the kernel files because of the kern_securelevel > > I've set (which is 2). My understanding is that if I boot into single user > > mode, then I should be able to get around this. However, I get the same > > error in single user mode. > > > > I believe I could just set the kern_securelevel to a lower level, reboot and > > install the new kernel, but first I'd like to understand what's wrong. > > > > Actually nothing is wrong! Your securelevel is high enough that it does > not allow you to change system files. Turn off setting a securelevel in > /etc/rc.conf (after you boot into single user mode) and then reboot. > That's what the securelevel is supposed to do--prevent a new kernel (or > any other system files) being installed unless you're at the console and > can reboot into single user mode and change the securelevel. I think the reason for my confusion lies in the somewhat contradictory information that I've read in different places regarding this issue. From the FAQ: ------------------------------------------------------------------- 10.26. I tried to install a new kernel, and the chflags failed. How do I get around this? Short answer: You are probably at security level greater than 0. Reboot directly to single user mode to install the kernel. Long answer: FreeBSD disallows changing system flags at security levels greater than 0. You can check your security level with the command: # sysctl kern.securelevel You cannot lower the security level; you have to boot to single mode to install the kernel, or change the security level in /etc/rc.conf then reboot. See the init(8) manual page for details on securelevel, and see /etc/defaults/rc.conf and the rc.conf(5) manual page for more information on rc.conf. ------------------------------------------------------------------- Boot to single mode _or_ change the security level. Either poorly worded or just plain wrong. Jim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-newbies" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?049301c244e7$9578c7d0$272fa8ce>